From 3b89dc69da0f88cf8e2290523fa50656ac2ebb5d Mon Sep 17 00:00:00 2001
From: Yves Fischer <yvesf-git@xapek.org>
Date: Mon, 26 Nov 2018 01:35:11 +0100
Subject: Proof of concept with totp

---
 test/etc/nginx.conf      | 35 +++++++++++++++++++++++++++++
 test/nginx.sh            | 18 +++++++++++++++
 test/oathtool.sh         |  6 +++++
 test/www/index.html      | 58 ++++++++++++++++++++++++++++++++++++++++++++++++
 test/www/other_page.html | 57 +++++++++++++++++++++++++++++++++++++++++++++++
 5 files changed, 174 insertions(+)
 create mode 100644 test/etc/nginx.conf
 create mode 100755 test/nginx.sh
 create mode 100755 test/oathtool.sh
 create mode 100644 test/www/index.html
 create mode 100644 test/www/other_page.html

(limited to 'test')

diff --git a/test/etc/nginx.conf b/test/etc/nginx.conf
new file mode 100644
index 0000000..3477353
--- /dev/null
+++ b/test/etc/nginx.conf
@@ -0,0 +1,35 @@
+# nginx -p . -c nginx.conf
+
+pid /tmp/nginx.example.pid;
+
+daemon off;
+
+events {
+  worker_connections 5;
+}
+
+http {
+  access_log /dev/stdout;
+  error_log /dev/stderr;
+
+  server {
+    server_name localhost;
+
+    location /auth {
+        rewrite    /auth/(.+) /$1 break;
+        proxy_pass http://127.0.0.1:8080; # This is the TOTP Server
+        proxy_set_header X-Totp-Secret baadf00d;
+        proxy_set_header X-Totp-Secret deadc0de;
+    }
+
+    # This ensures that if the TOTP server returns 401 we redirect to login
+    error_page 401 = @error401;
+    location @error401 {
+      return 302 /auth/login$request_uri;
+    }
+
+    location / {
+      auth_request /auth/check;
+    }
+  }
+}
\ No newline at end of file
diff --git a/test/nginx.sh b/test/nginx.sh
new file mode 100755
index 0000000..d6926c0
--- /dev/null
+++ b/test/nginx.sh
@@ -0,0 +1,18 @@
+#!/bin/sh
+set -x
+
+bwrap \
+    --ro-bind /bin /bin \
+    --ro-bind /usr /usr \
+    --ro-bind /etc /etc \
+    --ro-bind /lib /lib \
+    --ro-bind /lib64 /lib64 \
+    --ro-bind /run /run \
+    --ro-bind etc /etc/nginx \
+    --ro-bind www /usr/share/nginx/html \
+    --dev /dev \
+    --proc /proc \
+    --dir /tmp \
+    --dir /var/log/nginx \
+    --dir /var/lib/nginx \
+    /usr/sbin/nginx
\ No newline at end of file
diff --git a/test/oathtool.sh b/test/oathtool.sh
new file mode 100755
index 0000000..d1d3441
--- /dev/null
+++ b/test/oathtool.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+for key in baadf00d deadc0de; do
+    echo -n "$key: "
+    oathtool --totp=sha512 $key
+done
\ No newline at end of file
diff --git a/test/www/index.html b/test/www/index.html
new file mode 100644
index 0000000..3ad444a
--- /dev/null
+++ b/test/www/index.html
@@ -0,0 +1,58 @@
+<!DOCTYPE html>
+<html><div id="saka-gui-root" style="position: absolute; left: 0px; top: 0px; width: 100%; height: 100%; z-index: 2147483647; opacity: 1; pointer-events: none;"><div><div><style>
+@font-face {
+  font-family: Roboto; -moz-osx-font-smoothing: grayscale; -webkit-font-smoothing: antialiased;
+  font-style: normal; font-weight: normal; src: url(moz-extension://727c00b7-4391-4fd7-82e7-3d51bb518a34/Roboto-Regular.tff) format('tff');
+}
+.saka-hint-body {
+  all: initial;
+position: absolute;
+z-index: 2147483647;
+opacity: 0.85;
+font-family: Roboto, sans-serif;
+font-weight: 900;
+padding: 0.15rem 0.25rem;
+border: 0px solid;
+text-align: center;
+text-decoration: none;
+text-transform: uppercase;
+vertical-align: middle;
+font-size: 12px;
+color: #3ff5d5;
+background-color: #000000;
+border-color: #ff0000;
+box-shadow: 0 3px 1px -2px rgba(0,0,0,.2), 0 2px 2px 0 rgba(0,0,0,.14), 0 1px 5px 0 rgba(0,0,0,.12);
+border-radius: 4px;
+transform: translate3d(0%, -50%, 0)
+}
+.saka-hint-normal-char {
+  
+}
+.saka-hint-active-char {
+  opacity: 0.5
+}</style><div style="position: absolute; left: 0px; top: 0px;"></div></div></div></div><head>
+<meta http-equiv="content-type" content="text/html; charset=windows-1252">
+<title>Welcome to nginx!</title>
+<style>
+    body {
+        width: 35em;
+        margin: 0 auto;
+        font-family: Tahoma, Verdana, Arial, sans-serif;
+    }
+</style>
+</head>
+<body>
+<h1>Welcome to nginx!</h1>
+<p>If you see this page, the nginx web server is successfully installed and
+working. Further configuration is required.</p>
+
+<p>For online documentation and support please refer to
+<a href="http://nginx.org/">nginx.org</a>.<br>
+Commercial support is available at
+<a href="http://nginx.com/">nginx.com</a>.</p>
+
+<p><em>Thank you for using nginx.</em></p>
+
+<p><a href="other_page.html">look here other_page.html</a></p>
+
+</body></html>
\ No newline at end of file
diff --git a/test/www/other_page.html b/test/www/other_page.html
new file mode 100644
index 0000000..49656db
--- /dev/null
+++ b/test/www/other_page.html
@@ -0,0 +1,57 @@
+<!DOCTYPE html>
+<html><div id="saka-gui-root" style="position: absolute; left: 0px; top: 0px; width: 100%; height: 100%; z-index: 2147483647; opacity: 1; pointer-events: none;"><div><div><style>
+@font-face {
+  font-family: Roboto; -moz-osx-font-smoothing: grayscale; -webkit-font-smoothing: antialiased;
+  font-style: normal; font-weight: normal; src: url(moz-extension://727c00b7-4391-4fd7-82e7-3d51bb518a34/Roboto-Regular.tff) format('tff');
+}
+.saka-hint-body {
+  all: initial;
+position: absolute;
+z-index: 2147483647;
+opacity: 0.85;
+font-family: Roboto, sans-serif;
+font-weight: 900;
+padding: 0.15rem 0.25rem;
+border: 0px solid;
+text-align: center;
+text-decoration: none;
+text-transform: uppercase;
+vertical-align: middle;
+font-size: 12px;
+color: #3ff5d5;
+background-color: #000000;
+border-color: #ff0000;
+box-shadow: 0 3px 1px -2px rgba(0,0,0,.2), 0 2px 2px 0 rgba(0,0,0,.14), 0 1px 5px 0 rgba(0,0,0,.12);
+border-radius: 4px;
+transform: translate3d(0%, -50%, 0)
+}
+.saka-hint-normal-char {
+  
+}
+.saka-hint-active-char {
+  opacity: 0.5
+}</style><div style="position: absolute; left: 0px; top: 0px;"></div></div></div></div><head>
+<meta http-equiv="content-type" content="text/html; charset=windows-1252">
+<title>Welcome to nginx!</title>
+<style>
+    body {
+        width: 35em;
+        margin: 0 auto;
+        font-family: Tahoma, Verdana, Arial, sans-serif;
+    }
+</style>
+</head>
+<body>
+<h1>Welcome to nginx!</h1>
+<p>If you see this page, the nginx web server is successfully installed and
+working. Further configuration is required.</p>
+
+<p>For online documentation and support please refer to
+<a href="http://nginx.org/">nginx.org</a>.<br>
+Commercial support is available at
+<a href="http://nginx.com/">nginx.com</a>.</p>
+
+<p><em>Thank you for using nginx.</em></p>
+
+
+</body></html>
\ No newline at end of file
-- 
cgit v1.2.1