Skip to content
Felix Eckhofer edited this page Jul 13, 2023 · 4 revisions

Development setup to test SSO

SSO support for Vaultwarden is currently in development. The following describes a docker-compose based setup for locally testing these changes.

ONLY USE FOR TESTING SSO, SETUP IS INSECURE

Setup

  • Checkout the SSO branch, note the path
  • Create a docker-compose.yml somewhere with the following contents (replace the path as needed):
services:
  vaultwarden:
    build: /path/to/vaultwarden-source-with-sso
    environment:
      DOMAIN: "http://localhost:8000"
      I_REALLY_WANT_VOLATILE_STORAGE: "true"
      SSO_ENABLED: "true"
      SSO_CLIENT_ID: "client"
      SSO_CLIENT_SECRET: "clientsecret"
      SSO_AUTHORITY: "http://auth.test:8080/mock"
    ports:
      - 127.0.0.1:8000:80

  mock-oauth2:
    image: ghcr.io/navikt/mock-oauth2-server:0.5.10
    hostname: "auth.test"
    ports:
      - 127.0.0.1:8080:8080
  • Add auth.test to your systems host file: echo "127.0.0.1 auth.test" | sudo tee -a /etc/hosts

Testing

  • Start the services: cd /path/to/docker-compose.yml && docker compose up --build
  • Go to http://localhost:8000/#/sso, enter any string as identifier, click "Log in".
  • On the Mock Auth2 Server Sign-in-Page, enter any string for user/subject and add the email you want to test in the claims field like so: {"email": "user@example.com"}
  • If everything went according to plan, you will be asked for a master password.
Clone this wiki locally