Update matrix-authentication-service in Playwright tests (#28876)

* Update matrix-authentication-service in Playwright tests Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * delint Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * Iterate Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * Actually do the update Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> * Fix mas run Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> --------- Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2025-01-06 17:24:11 +00:00
parent 29624f7bcb
commit b16088d098
5 changed files with 15 additions and 116 deletions
--- a/playwright/plugins/homeserver/synapse/templates/mas-oidc/homeserver.yaml
+++ b/playwright/plugins/homeserver/synapse/templates/mas-oidc/homeserver.yaml
@@ -82,103 +82,8 @@ experimental_features:
    msc3861:
        enabled: true

-        issuer: http://localhost:%MAS_PORT%/
-        # We have to bake in the metadata here as we need to override `introspection_endpoint`
-        issuer_metadata: {
-                "issuer": "http://localhost:%MAS_PORT%/",
-                "authorization_endpoint": "http://localhost:%MAS_PORT%/authorize",
-                "token_endpoint": "http://localhost:%MAS_PORT%/oauth2/token",
-                "jwks_uri": "http://localhost:%MAS_PORT%/oauth2/keys.json",
-                "registration_endpoint": "http://localhost:%MAS_PORT%/oauth2/registration",
-                "scopes_supported": ["openid", "email"],
-                "response_types_supported": ["code", "id_token", "code id_token"],
-                "response_modes_supported": ["form_post", "query", "fragment"],
-                "grant_types_supported":
-                    [
-                        "authorization_code",
-                        "refresh_token",
-                        "client_credentials",
-                        "urn:ietf:params:oauth:grant-type:device_code",
-                    ],
-                "token_endpoint_auth_methods_supported":
-                    ["client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt", "none"],
-                "token_endpoint_auth_signing_alg_values_supported":
-                    [
-                        "HS256",
-                        "HS384",
-                        "HS512",
-                        "RS256",
-                        "RS384",
-                        "RS512",
-                        "PS256",
-                        "PS384",
-                        "PS512",
-                        "ES256",
-                        "ES384",
-                        "ES256K",
-                    ],
-                "revocation_endpoint": "http://localhost:%MAS_PORT%/oauth2/revoke",
-                "revocation_endpoint_auth_methods_supported":
-                    ["client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt", "none"],
-                "revocation_endpoint_auth_signing_alg_values_supported":
-                    [
-                        "HS256",
-                        "HS384",
-                        "HS512",
-                        "RS256",
-                        "RS384",
-                        "RS512",
-                        "PS256",
-                        "PS384",
-                        "PS512",
-                        "ES256",
-                        "ES384",
-                        "ES256K",
-                    ],
-                # This is the only changed value
-                "introspection_endpoint": "http://host.containers.internal:%MAS_PORT%/oauth2/introspect",
-                "introspection_endpoint_auth_methods_supported":
-                    ["client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt", "none"],
-                "introspection_endpoint_auth_signing_alg_values_supported":
-                    [
-                        "HS256",
-                        "HS384",
-                        "HS512",
-                        "RS256",
-                        "RS384",
-                        "RS512",
-                        "PS256",
-                        "PS384",
-                        "PS512",
-                        "ES256",
-                        "ES384",
-                        "ES256K",
-                    ],
-                "code_challenge_methods_supported": ["plain", "S256"],
-                "userinfo_endpoint": "http://localhost:%MAS_PORT%/oauth2/userinfo",
-                "subject_types_supported": ["public"],
-                "id_token_signing_alg_values_supported":
-                    ["RS256", "RS384", "RS512", "ES256", "ES384", "PS256", "PS384", "PS512", "ES256K"],
-                "userinfo_signing_alg_values_supported":
-                    ["RS256", "RS384", "RS512", "ES256", "ES384", "PS256", "PS384", "PS512", "ES256K"],
-                "display_values_supported": ["page"],
-                "claim_types_supported": ["normal"],
-                "claims_supported": ["iss", "sub", "aud", "iat", "exp", "nonce", "auth_time", "at_hash", "c_hash"],
-                "claims_parameter_supported": false,
-                "request_parameter_supported": false,
-                "request_uri_parameter_supported": false,
-                "prompt_values_supported": ["none", "login", "create"],
-                "device_authorization_endpoint": "http://localhost:%MAS_PORT%/oauth2/device",
-                "org.matrix.matrix-authentication-service.graphql_endpoint": "http://localhost:%MAS_PORT%/graphql",
-                "account_management_uri": "http://localhost:%MAS_PORT%/account/",
-                "account_management_actions_supported":
-                    [
-                        "org.matrix.profile",
-                        "org.matrix.sessions_list",
-                        "org.matrix.session_view",
-                        "org.matrix.session_end",
-                    ],
-            }
+        issuer: http://host.containers.internal:%MAS_PORT%/
+        introspection_endpoint: http://host.containers.internal:%MAS_PORT%/oauth2/introspect

        # Matches the `client_id` in the auth service config
        client_id: 0000000000000000000SYNAPSE
@@ -189,6 +94,3 @@ experimental_features:

        # Matches the `matrix.secret` in the auth service config
        admin_token: "AnotherRandomSecret"
-
-        # URL to advertise to clients where users can self-manage their account
-        account_management_url: "http://localhost:%MAS_PORT%/account"