OpenSearch/x-pack/qa/oidc-op-tests/build.gradle

Project idpFixtureProject = xpackProject("test:idp-fixture")

apply plugin: 'elasticsearch.testclusters'
apply plugin: 'elasticsearch.standalone-rest-test'
apply plugin: 'elasticsearch.rest-test'
apply plugin: 'elasticsearch.test.fixtures'

dependencies {
    testCompile project(path: xpackModule('core'), configuration: 'default')
    testCompile project(path: xpackModule('core'), configuration: 'testArtifacts')
    testCompile project(path: xpackModule('security'), configuration: 'testArtifacts')
}
testFixtures.useFixture ":x-pack:test:idp-fixture"

String ephemeralPort;
task setupPorts {
    // Don't attempt to get ephemeral ports when Docker is not available
    onlyIf { idpFixtureProject.postProcessFixture.enabled }
    dependsOn idpFixtureProject.postProcessFixture
    doLast {
        ephemeralPort = idpFixtureProject.postProcessFixture.ext."test.fixtures.oidc-provider.tcp.8080"
    }
}

integTest.runner {
  dependsOn setupPorts
}

testClusters.integTest {
    distribution = 'DEFAULT'
    setting 'xpack.license.self_generated.type', 'trial'
    setting 'xpack.security.enabled', 'true'
    setting 'xpack.security.http.ssl.enabled', 'false'
    setting 'xpack.security.authc.token.enabled', 'true'
    setting 'xpack.security.authc.realms.file.file.order', '0'
    setting 'xpack.security.authc.realms.native.native.order', '1'
    // OpenID Connect Realm 1 configured for authorization grant flow
    setting 'xpack.security.authc.realms.oidc.c2id.order', '2'
    setting 'xpack.security.authc.realms.oidc.c2id.op.issuer', 'http://localhost:8080'
    setting 'xpack.security.authc.realms.oidc.c2id.op.authorization_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id-login" }
    setting 'xpack.security.authc.realms.oidc.c2id.op.token_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id/token" }
    setting 'xpack.security.authc.realms.oidc.c2id.op.userinfo_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id/userinfo" }
    setting 'xpack.security.authc.realms.oidc.c2id.op.jwkset_path', 'op-jwks.json'
    setting 'xpack.security.authc.realms.oidc.c2id.rp.redirect_uri', 'https://my.fantastic.rp/cb'
    setting 'xpack.security.authc.realms.oidc.c2id.rp.client_id', 'elasticsearch-rp'
    keystore 'xpack.security.authc.realms.oidc.c2id.rp.client_secret', 'b07efb7a1cf6ec9462afe7b6d3ab55c6c7880262aa61ac28dded292aca47c9a2'
    setting 'xpack.security.authc.realms.oidc.c2id.rp.response_type', 'code'
    setting 'xpack.security.authc.realms.oidc.c2id.claims.principal', 'sub'
    setting 'xpack.security.authc.realms.oidc.c2id.claims.name', 'name'
    setting 'xpack.security.authc.realms.oidc.c2id.claims.mail', 'email'
    setting 'xpack.security.authc.realms.oidc.c2id.claims.groups', 'groups'
    // OpenID Connect Realm 2 configured for implicit flow
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.order', '3'
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.op.issuer', 'http://localhost:8080'
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.op.authorization_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id-login" }
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.op.token_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id/token" }
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.op.userinfo_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id/userinfo" }
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.op.jwkset_path', 'op-jwks.json'
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.rp.redirect_uri', 'https://my.fantastic.rp/cb'
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.rp.client_id', 'elasticsearch-rp'
    keystore 'xpack.security.authc.realms.oidc.c2id-implicit.rp.client_secret', 'b07efb7a1cf6ec9462afe7b6d3ab55c6c7880262aa61ac28dded292aca47c9a2'
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.rp.response_type', 'id_token token'
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.claims.principal', 'sub'
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.claims.name', 'name'
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.claims.mail', 'email'
    setting 'xpack.security.authc.realms.oidc.c2id-implicit.claims.groups', 'groups'
    setting 'xpack.ml.enabled', 'false'
    
    extraConfigFile 'op-jwks.json', idpFixtureProject.file("oidc/op-jwks.json")

    user username: "test_admin", password: "x-pack-test-password"
}

thirdPartyAudit.enabled = false