[#IOPID-955, #IOPID-973] Upgrade Redis client and io-spid-common (#96)

* [#IOPID-955, #IOPID-973] Upgrade Redis client and io-spid-common

* Update src/server.ts

Co-authored-by: Gabriele Mendolia <arcogabbo@gmail.com>

* Update src/utils/redis.ts

Co-authored-by: Gabriele Mendolia <arcogabbo@gmail.com>

* Update src/utils/redis_storage.ts

Co-authored-by: Gabriele Mendolia <arcogabbo@gmail.com>

* [#IOPID-955] enhanced e2e tests

* [#IOPID-955] added new e2e test scenario

* [#IOPID-955] linter error fix

* [#IOPID-955] removed unnecessary volumes in compose file

* [#IOPID-955] removed password redis cluster in e2e tests

* [#IOPID-955] applied review suggestions

* [#IOPID-955] tentative: fix ports already binded

---------

Co-authored-by: Gabriele Mendolia <arcogabbo@gmail.com>

.gitignore

@@ -15,3 +15,5 @@ yarn-error.log
 # eslint section
 !.eslintrc.js
 .eslintcache
+# docker section
+docker-compose.override.yml

e2e/package.json

@@ -15,6 +15,7 @@
     "aws-sdk": "^2.1158.0",
     "jest": "27",
     "jest-puppeteer": "^6.1.0",
+    "node-fetch": "^2",
     "puppeteer": "^14.2.1",
     "ts-jest": "^28.0.4",
     "typescript": "4.9.5"

e2e/scenarios/basic/docker-compose.yml

@@ -37,7 +37,7 @@ services:
       - spid-net
 
   redis:
-    image: wodby/redis:3.2-2.1.5
+    image: wodby/redis:6
     environment:
       REDIS_TIMEOUT: 300
       REDIS_TCP_KEEPALIVE: 60

e2e/scenarios/basic/index.test.ts

@@ -4,9 +4,10 @@ import {
   littleTime,
   withBrowser,
   clickAnyway,
-  startupTime,
+  startupTime
 } from "../../utils/misc";
 import { host, showBrowser, testEntityID, testCredentials } from "./config";
+import fetch from "node-fetch";
 
 const puppeteer = require("puppeteer");
 
@@ -21,7 +22,7 @@ describe("Basic", () => {
     withBrowser(
       puppeteer,
       showBrowser
-    )(async (browser) => {
+    )(async browser => {
       const page = await browser.newPage();
 
       /* open login page */ {
@@ -56,4 +57,12 @@ describe("Basic", () => {
         expect(url).toEqual(expect.stringContaining("/success"));
       }
     }));
+  it("healthcheck should return a success", async () => {
+    const result = await fetch(`${host}/healthcheck`)
+      .then(res => res.json())
+      .catch(err => new Error(err));
+
+    expect(result).not.toBeInstanceOf(Error);
+    expect(result).toStrictEqual("OK");
+  });
 });

e2e/scenarios/with-aws-s3/docker-compose.yml

@@ -38,7 +38,7 @@ services:
       - spid-net
 
   redis:
-    image: wodby/redis:3.2-2.1.5
+    image: wodby/redis:6
     environment:
       REDIS_TIMEOUT: 300
       REDIS_TCP_KEEPALIVE: 60

e2e/scenarios/with-aws-s3/index.test.ts

@@ -21,6 +21,7 @@ import {
   testCredentials,
   spidLogStorage
 } from "./config";
+import fetch from "node-fetch";
 
 const puppeteer = require("puppeteer");
 
@@ -147,4 +148,12 @@ describe("With AWS S3", () => {
       })
     );
   });
+  it("healthcheck should return a success", async () => {
+    const result = await fetch(`${host}/healthcheck`)
+      .then(res => res.json())
+      .catch(err => new Error(err));
+
+    expect(result).not.toBeInstanceOf(Error);
+    expect(result).toStrictEqual("OK");
+  });
 });

e2e/scenarios/with-redis-cluster/config.ts

@@ -0,0 +1,7 @@
+import { envFlag } from "../../utils/misc";
+
+export const host = "http://localhost:9090";
+export const testEntityID = "xx_validator";
+export const showBrowser = envFlag(process.env.DEBUG);
+// see users.json in conf-testenv directory defined for the current spid-testenv instance
+export const testCredentials = ["ada", "password123"];

e2e/scenarios/with-redis-cluster/docker-compose.yml

@@ -0,0 +1,123 @@
+version: "2.2"
+
+services:
+  hub-spid-login:
+    build:
+      context: ../../../
+      dockerfile: Dockerfile
+    environment:
+      - NODE_TLS_REJECT_UNAUTHORIZED=0
+    env_file:
+      - env.scenario
+    depends_on:
+      - redis-cluster
+      - spid-saml-check
+    expose:
+      - ${SERVER_PORT}
+    ports:
+      - ${SERVER_PORT}:${SERVER_PORT}
+    command: ["yarn", "start"]
+    volumes:
+      - "./res/certs:/usr/src/app/certs:ro"
+      # - "../../../:/usr/src/app/"
+    networks:
+      - spid-net
+
+  spid-saml-check:
+    image: ghcr.io/pagopa/spid-saml-check:v.1.8.3-snapshot
+    restart: unless-stopped
+    environment:
+      - NODE_TLS_REJECT_UNAUTHORIZED=0
+    ports:
+      - ${SPID_DEMO_IDP_PORT}:${SPID_DEMO_IDP_PORT}
+    volumes:
+      - "./res/spidsamlcheck-conf:/spid-saml-check/spid-validator/config"
+      - "./res/hsl-conf:/data/bootstrap"
+    networks:
+      - spid-net
+
+  #
+  #                   __ __            __             __ 
+  #   .----.-----.--|  |__.-----.----|  .--.--.-----|  |_.-----.----.
+  #  |   _|  -__|  _  |  |__ --|  __|  |  |  |__ --|   _|  -__|   _|
+  # |__| |_____|_____|__|_____|____|__|_____|_____|____|_____|__|
+  #
+  #
+  redis-node-0:
+    image: docker.io/bitnami/redis-cluster:6.2
+    networks:
+      - spid-net
+    ports:
+      - 6380:6379
+    volumes:
+      - redis-node-0-data:/bitnami/redis/data
+    environment:
+      - 'REDIS_NODES=redis-cluster redis-node-0 redis-node-1 redis-node-2 redis-node-3'
+
+  redis-node-1:
+    image: docker.io/bitnami/redis-cluster:6.2
+    networks:
+      - spid-net
+    ports:
+      - 6381:6379
+    volumes:
+      - redis-node-1-data:/bitnami/redis/data
+    environment:
+      - 'REDIS_NODES=redis-cluster redis-node-0 redis-node-1 redis-node-2 redis-node-3'
+
+  redis-node-2:
+    image: docker.io/bitnami/redis-cluster:6.2
+    networks:
+      - spid-net
+    ports:
+      - 6382:6379
+    volumes:
+      - redis-node-2-data:/bitnami/redis/data
+    environment:
+      - 'REDIS_NODES=redis-cluster redis-node-0 redis-node-1 redis-node-2 redis-node-3'
+
+  redis-node-3:
+    image: docker.io/bitnami/redis-cluster:6.2
+    networks:
+      - spid-net
+    ports:
+      - 6383:6379
+    volumes:
+      - redis-node-3-data:/bitnami/redis/data
+    environment:
+      - 'REDIS_NODES=redis-cluster redis-node-0 redis-node-1 redis-node-2 redis-node-3'
+
+  redis-cluster:
+    image: docker.io/bitnami/redis-cluster:6.2
+    networks:
+      - spid-net
+    ports:
+      - 6379:6379
+    volumes:
+      - redis-cluster-data:/bitnami/redis/data
+    depends_on:
+      - redis-node-0
+      - redis-node-1
+      - redis-node-2
+      - redis-node-3
+    environment:
+      - 'ALLOW_EMPTY_PASSWORD=yes'
+      - 'REDIS_NODES=redis-cluster redis-node-0 redis-node-1 redis-node-2 redis-node-3'
+      - 'REDIS_CLUSTER_CREATOR=yes'
+  #
+  #
+  #
+  #
+
+networks:
+  spid-net:
+    driver: bridge
+    driver_opts:
+      com.docker.network.driver.mtu: 1450
+
+volumes:
+  redis-node-0-data:
+  redis-node-1-data:
+  redis-node-2-data:
+  redis-node-3-data:
+  redis-cluster-data:

e2e/scenarios/with-redis-cluster/env.scenario

@@ -0,0 +1,62 @@
+SERVER_PORT=9091
+SPID_DEMO_IDP_PORT=8089
+
+METADATA_PUBLIC_CERT="-----BEGIN CERTIFICATE-----\nMIIDZjCCAk4CCQCVQHwUYXmpaDANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJJ\nVDEOMAwGA1UECAwFU3RhdGUxDTALBgNVBAcMBENpdHkxEzARBgNVBAoMCkFjbWUg\nSW5jLiAxFjAUBgNVBAsMDUlUIERlcGFydG1lbnQxGjAYBgNVBAMMEWh1Yi1zcGlk\nLWxvZ2luLW1zMB4XDTIyMDUxMDEwMTk0M1oXDTIzMDUxMDEwMTk0M1owdTELMAkG\nA1UEBhMCSVQxDjAMBgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5MRMwEQYDVQQK\nDApBY21lIEluYy4gMRYwFAYDVQQLDA1JVCBEZXBhcnRtZW50MRowGAYDVQQDDBFo\ndWItc3BpZC1sb2dpbi1tczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nALNIjtmHt6QdXMSMR16OmOxPRIS/3NEohB18zCQGokNPgujNqhhn7+BderJ2o6zv\np89gLxUVi07wa9jFRyY3z5DpS66D9xsDLhH9MtEw5u+rz0dja9L38g4GMCiqtS55\nC9HaeqoTlup3oevSo4j8oJaTfkqndNVtogUvtxuXNNMY3Urg4+8YH2jY6XP47Tit\npRUcE/G7tud0phkzvbMHYdkd3s2bRYx/bS2PsHwA/9lb+UtQL/y0e/tnKOJLh8LW\nIGzNlWRTxOzCw6Pidi4gyHAR0JTdU7dIJmE5nczhVPm9reowwKKPrLwGzubNx5CW\nauSbg4C7Ne2Dlxliav1RgxkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAX+SpxZBn\nQB5yq2sOFBu0nzmymmhUvO8vKff7sSiHR0Ts3FtgR2kJtr1Aezh6CwaAJsSlkvxJ\ngIuC1A/y+rPrgn0szj4xHy7tsgO262NcMGIm6Me7WgNsUaJ8Df2wVqzbWLn3lFWn\nhEdw+/qcrzGh9CZl/nyhGikfAf9WgzhhKUrkL7yfozQfRNOgG5ygpVKUxx4kX+d9\nKN56ksZfqFXicqWB/c00Hvz/qiB0k+4C74cEViYUl0YTwDZ5+WTjYqILurIZ1ZJ3\nM07xFPVOGwL3yJzOq/NsYCknNWju6LrqDjwj8Y8TBxuTYlEaNH4Q82Z9PJX25ogk\nxFlTgqLozgQ8FA==\n-----END CERTIFICATE-----"
+METADATA_PRIVATE_CERT="-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzSI7Zh7ekHVzE\njEdejpjsT0SEv9zRKIQdfMwkBqJDT4LozaoYZ+/gXXqydqOs76fPYC8VFYtO8GvY\nxUcmN8+Q6Uuug/cbAy4R/TLRMObvq89HY2vS9/IOBjAoqrUueQvR2nqqE5bqd6Hr\n0qOI/KCWk35Kp3TVbaIFL7cblzTTGN1K4OPvGB9o2Olz+O04raUVHBPxu7bndKYZ\nM72zB2HZHd7Nm0WMf20tj7B8AP/ZW/lLUC/8tHv7ZyjiS4fC1iBszZVkU8TswsOj\n4nYuIMhwEdCU3VO3SCZhOZ3M4VT5va3qMMCij6y8Bs7mzceQlmrkm4OAuzXtg5cZ\nYmr9UYMZAgMBAAECggEAf1Qr6ECkY1FbPlhmo7hg0YwmnKVrHb1Jv2uPzJJNkcKZ\ntd/DS1weGForty3dZwg6RWUJa08GxoSoA6dwtarzpvaaApLE4BFtGeeavMmfal66\ncvggbxAbgGxSrb83uI7Nnzgs4DfTeiiG/mZ2MOdC4k5UZo7xwlb/t/FAeb71DGqu\ni6kL3d5koTdIFuc67rvBHAzpOnHZd4ao+C7aeULkXwkWb65FqPkRaGbdUCXKPQhl\nXsZTxdJY+PgxSK8Hag/WZm1C8iqwZiWDDnUvaYntEyAgifmDk9akvlZZRT1+eLgE\nfV4p4WegA3AMjUTmO9hN5G+AaWDOjfIP4XE3YOpm9QKBgQDivjG0EOZ/FpGOnzzE\n8+javS8ZZzflxKOBSv6a6+3rIFVW+LAMyMW7c0Qw583vpzdjoKNos0gPJS6P1HDF\np4O/SRVixDPSWxy1uWgObSH7B/Yid7I7OUZXl3kjYttKAJRHY6rXUlRFauU17clQ\nqANRE2e4qj6EC0OVgHnuSUZaDwKBgQDKaqyaxHf67nKfPsH8/pFYAQCzSTIi2SYH\nZF76BY5aWPE+sXpkSmazrBH9yd+5bZFHrMyyoLbXjXco2oxdjHp/8wpYManpzBkk\nUVxexhj2dtuwWK2623wZJ4hkCs1usY8wV6MVEZbSu40q659Q09jyjcIsThFsFBaP\nDOdcUBCYVwKBgH2idvXX+29luOc2sjxLDbXN54AC4kUMzLACNsrueRi0BLU4/ItI\n3876kkkq17+3fohUZNbJp97EcmU9h/Ls26Isw43DOxeOZn0Gq3J6474tbiMxAW+x\nT5mPE48Y4nrBkWdxASNnucvw6+oSxF5NifDteKYoppURjLQUyPrQXQvfAoGBAIEM\n58S4k+H42j0q7tTUnGemJAMqHHvZRAScem0e07ZIVG5rCqQcR0Qv5TyP00JOV7yB\nr/QGwOvGdn0mcS1HXeZrVmIKL9EuXa0o7iJCXDHub3wL3Z9vRbxn1u4pcPYs4CSr\nCv9oumbaSlNd67HFjuB9fpluoG7uk79aM7tIFHx7AoGALe854qT96joFa3hjhhc+\nsnVsrNM+H/9dHsY+4ROMYOwFOZDpLOAxcdibQsI8jXPNmP4Ez+2HAec5m5ytlfVu\nrxDfDdMOzj8w1P5Tsx2VuRGuB1LVODgLjGDDmm7USTgC7ufpaZa1bVIwnftaOXG3\n3a8ELMkh+Nb7StplokH2U8w=\n-----END PRIVATE KEY-----"
+
+
+ORG_ISSUER=https://spid.agid.gov.it/cd
+ORG_URL=https://pagopa.gov.it
+ACS_BASE_URL=http://localhost:${SERVER_PORT}
+ORG_DISPLAY_NAME=Organization display name
+ORG_NAME=Organization name
+
+AUTH_N_CONTEXT=https://www.spid.gov.it/SpidL2
+
+SPID_ATTRIBUTES=address,email,name,familyName,fiscalNumber,mobilePhone
+
+ENDPOINT_ACS=/acs
+ENDPOINT_ERROR=/error
+ENDPOINT_SUCCESS=/success
+ENDPOINT_LOGIN=/login
+ENDPOINT_METADATA=/metadata
+ENDPOINT_LOGOUT=/logout
+
+SPID_VALIDATOR_URL=http://spid-saml-check:${SPID_DEMO_IDP_PORT}/demo
+
+REDIS_URL=redis-cluster
+REDIS_TLS_ENABLED=false
+
+ENABLE_JWT=false
+ENABLE_USER_REGISTRY=false
+USER_REGISTRY_URL=https://localhost
+USER_REGISTRY_API_KEY=afakesecretapimkey
+INCLUDE_SPID_USER_ON_INTROSPECTION=true
+
+TOKEN_EXPIRATION=3600
+JWT_TOKEN_ISSUER=SPID
+JWT_TOKEN_AUDIENCE=https://localhost
+JWT_TOKEN_PRIVATE_KEY=""
+JWT_TOKEN_KID=key-id-for-your-jwt-key
+
+ENABLE_ADE_AA=false
+ADE_AA_API_ENDPOINT=http://ade-aa-ms-mock:3000
+ENDPOINT_L1_SUCCESS="/success/l1"
+L1_TOKEN_EXPIRATION=60
+L1_TOKEN_HEADER_NAME=x-token
+L2_TOKEN_EXPIRATION=3600
+APPINSIGHTS_INSTRUMENTATIONKEY=foo
+REQUIRED_ATTRIBUTES_SERVICE_NAME=Service Name
+
+ENABLE_FULL_OPERATOR_METADATA=true
+COMPANY_EMAIL=company@email.com
+COMPANY_FISCAL_CODE=12312312311
+COMPANY_IPA_CODE=IPA_CODE
+COMPANY_NAME=Company S.r.l
+COMPANY_VAT_NUMBER=12312312311
+
+
+ENABLE_SPID_ACCESS_LOGS=false
+CIE_URL=https://preproduzione.idserver.servizicie.interno.gov.it/idp/shibboleth?Metadata
+NODE_TLS_REJECT_UNAUTHORIZED=0
+NODE_ENV=prod

e2e/scenarios/with-redis-cluster/index.test.ts

@@ -0,0 +1,68 @@
+import {
+  delay,
+  bigTime,
+  littleTime,
+  withBrowser,
+  clickAnyway,
+  startupTime
+} from "../../utils/misc";
+import { host, showBrowser, testEntityID, testCredentials } from "./config";
+import fetch from "node-fetch";
+
+const puppeteer = require("puppeteer");
+
+jest.setTimeout(1e6);
+
+beforeAll(async () => {
+  // somehow we need to wait idp metadata are loaded
+  await delay(startupTime);
+});
+describe("Basic with redis cluster", () => {
+  it("should login with an existing user", () =>
+    withBrowser(
+      puppeteer,
+      showBrowser
+    )(async browser => {
+      const page = await browser.newPage();
+
+      /* open login page */ {
+        await page.goto(
+          `${host}/login?entityID=${testEntityID}&authLevel=SpidL2`
+        );
+        await delay(bigTime);
+      }
+
+      /* submit login form with test credentials */ {
+        await page.evaluate(([username, password]: typeof testCredentials) => {
+          // @ts-ignore
+          document.getElementById("username").value = username;
+          // @ts-ignore
+          document.getElementById("password").value = password;
+        }, testCredentials);
+
+        await clickAnyway(page)("form[name='formLogin'] [type='submit']");
+        await delay(littleTime);
+      }
+
+      /* confirm data access (SPID mandatory step) */ {
+        await clickAnyway(page)("form[name='formConfirm'] [type='submit']");
+        await delay(littleTime);
+      }
+
+      /* read landing url and return data to the test */ {
+        await delay(littleTime);
+        const url = await page.url();
+
+        // if login is ok, we landed into success page
+        expect(url).toEqual(expect.stringContaining("/success"));
+      }
+    }));
+  it("healthcheck should return a success", async () => {
+    const result = await fetch(`${host}/healthcheck`)
+      .then(res => res.json())
+      .catch(err => new Error(err));
+
+    expect(result).not.toBeInstanceOf(Error);
+    expect(result).toStrictEqual("OK");
+  });
+});