WIP Elminate defaults and take from config

Add javascript unit tests given that amount of
javascript code it is difficult to get good coverage
with just end-to-end tests
The tests are not running yet because i need to learn
how to use Babel to convert ES5 modules into NodeJs modules
otherwise it is not possible because all the source modules
use ES5 modules whereas tests run from node.js which requires
CommonJS

deps/rabbitmq_management/.gitignore

@@ -2,12 +2,5 @@
 
 test/config_schema_SUITE_data/schema/
 
-selenium/node_modules
+test/js/node_modules
-selenium/package-lock.json
+test/js/package-lock.json
-selenium/screens/*/*
-selenium/logs
-selenium/suites/logs/*
-selenium/suites/screens/*
-selenium/test/oauth/*/h2/*.trace.db
-selenium/test/oauth/*/h2/*.lock.db
-selenium/*/target/*

deps/rabbitmq_management/priv/www/js/oidc-oauth/helper.js

@@ -133,40 +133,41 @@ export function oauth_initiate(oauth) {
   }
   return oauth;
 }
-function oauth_initialize_user_manager(resource_server) {
+export function oidc_settings_from(resource_server) {
-    let oidcSettings = {
+  let oidcSettings = {
-        userStore: new oidc.WebStorageStateStore({ store: window.localStorage }),
+    userStore: new oidc.WebStorageStateStore({ store: window.localStorage }),
-        authority: resource_server.oauth_provider_url,
+    authority: resource_server.oauth_provider_url,
-        client_id: resource_server.oauth_client_id,
+    metadataUrl: resource_server.oauth_metadata_url,
-        response_type: resource_server.oauth_response_type,
+    client_id: resource_server.oauth_client_id,
-        scope: resource_server.oauth_scopes,
+    response_type: resource_server.oauth_response_type,
-//        resource: resource_server.id,
+    scope: resource_server.oauth_scopes,
-        redirect_uri: rabbit_base_uri() + "/js/oidc-oauth/login-callback.html",
+    redirect_uri: rabbit_base_uri() + "/js/oidc-oauth/login-callback.html",
-        post_logout_redirect_uri: rabbit_base_uri() + "/",
+    post_logout_redirect_uri: rabbit_base_uri() + "/",
-
+    automaticSilentRenew: true,
-        automaticSilentRenew: true,
+    revokeAccessTokenOnSignout: true   
-        revokeAccessTokenOnSignout: true,
+  }
-        extraQueryParams: {
+  if (resource_server.end_session_endpoint != "") {
-          audience: resource_server.id, // required by oauth0
+    oidcSettings.metadataSeed = {
-        },
+      end_session_endpoint: resource_server.end_session_endpoint
-    };
+    }
-    if (resource_server.end_session_endpoint != "") {
+  }
-      oidcSettings.metadataSeed = {
+  if (resource_server.oauth_client_secret != "") {
-        end_session_endpoint: resource_server.end_session_endpoint
+    oidcSettings.client_secret = resource_server.oauth_client_secret
-      }
+  }
-    }
+  if (resource_server.authorization_endpoint_params != "") {
-    if (resource_server.oauth_client_secret != "") {
+    oidcSettings.extraQueryParams = resource_server.authorization_endpoint_params
-      oidcSettings.client_secret = resource_server.oauth_client_secret;
+  }
-    }
+  if (resource_server.token_endpoint_params != "") {
-    if (resource_server.oauth_metadata_url != "") {
+    oidcSettings.extraTokenParams = resource_server.token_endpoint_params
-      oidcSettings.metadataUrl = resource_server.oauth_metadata_url;
+  }
-    }
+  return oidcSettings
+}
 
+function oauth_initialize_user_manager(resource_server) {  
     oidc.Log.setLevel(oidc.Log.DEBUG);
     oidc.Log.setLogger(console);
 
-    mgr = new oidc.UserManager(oidcSettings);
+    mgr = new oidc.UserManager(oidc_settings_from(resource_server))
-//    oauth.readiness_url = mgr.settings.metadataUrl;
 
     _management_logger = new oidc.Logger("Management");
 
@@ -212,20 +213,6 @@ export function oauth_initialize(authSettings) {
     return oauth;
 }
 
-function log() {
-    message = ""
-    Array.prototype.forEach.call(arguments, function(msg) {
-        if (msg instanceof Error) {
-            msg = "Error: " + msg.message;
-        }
-        else if (typeof msg !== "string") {
-            msg = JSON.stringify(msg, null, 2);
-        }
-        message += msg
-    });
-    _management_logger.info(message)
-}
-
 function oauth_is_logged_in() {
     return mgr.getUser().then(user => {
         if (!user) {

deps/rabbitmq_management/src/rabbit_mgmt_wm_auth.erl

@@ -77,6 +77,10 @@ getAllDeclaredOauth2Resources(OAuth2BackendProps) ->
     undefined -> OAuth2Resources;
     Id -> maps:put(Id, [{id, Id}], OAuth2Resources)
   end.
+buildRootResourceServerIfAny(Props) ->
+  [ {id, proplists:get_value(resource_server_id, Props) }, 
+    {oauth_client_id, proplists:get_value(oauth_client_id, Props)}, 
+    {oauth_client_id, proplists:get_value(oauth_client_id, Props)} ].
 
 authSettings() ->
   ManagementProps = application:get_all_env(rabbitmq_management),

deps/rabbitmq_management/test/js/.babelrc

@@ -0,0 +1,3 @@
+{
+  "presets": ["@babel/preset-env"]
+}

deps/rabbitmq_management/test/js/package.json

@@ -0,0 +1,35 @@
+{
+  "type":"module",
+  "dependencies": {
+  
+    
+  "json": "^11.0.0",
+  
+    
+  "mocha": "^10.7.3"
+  
+  },
+  
+  "scripts": {
+  
+    
+  "test": "mocha --recursive --trace-warnings  --require @babel/register"
+  
+  },
+  
+  "devDependencies": {
+  
+    
+  "@babel/cli": "^7.25.6",
+  
+    
+  "@babel/core": "^7.25.2",
+  
+    
+  "@babel/preset-env": "^7.25.4",
+  
+    
+  "@babel/register": "^7.24.6"
+  
+  }
+}

deps/rabbitmq_management/test/js/test/oidc-oauth/helper.test.js

@@ -0,0 +1,22 @@
+const assert = require('assert')
+import oidc_settings_from from '../../../../priv/www/js/oidc-oauth/helper.js'
+
+describe('oidc_settings_from', function () {
+  describe('single root resource', function () {
+    
+    describe('with minimum required settings', function () {
+        var resource = { 
+            oauth_client_id : "some-client",
+            oauth_provider_url : "https://someurl",
+            oauth_metadata_url : "https://someurl/extra"        
+        }
+        var oidc_settings = oidc_settings_from(resource)
+
+        it('oidc_settings should have client_id ', function () {
+            assert.equal(resource.oauth_provider_url, oidc_settings.authority)
+            assert.equal(resource.oauth_metadata_url, oidc_settings.metadataUrl)
+            assert.equal(resource.oauth_client_id, oidc_settings.client_id)
+        })
+    })
+  })
+})

deps/rabbitmq_management/test/rabbit_mgmt_wm_auth_SUITE.erl

@@ -40,7 +40,7 @@ groups() ->
           should_return_disabled_auth_settings,
           {with_root_issuer_url1, [], [
             {with_resource_server_id_rabbit, [], [
-              should_return_disabled_auth_settings,
+              should_return_disabled_auth_settings,              
               {with_mgt_oauth_client_id_z, [], [
                 should_return_oauth_enabled,
                 should_return_oauth_client_id_z,