Merge branch 'master' into feature/body

Dockerfile

@@ -32,8 +32,8 @@ RUN sed -i -r "/^(root|nobody)/!d" /etc/passwd /etc/shadow /etc/group \
 # variable.
 #
 # -  PEP_PROXY_USERNAME
-# -  PEP_PASSWORD
-# -  PEP_TOKEN_SECRET
+# -  PEP_PROXY_PASSWORD
+# -  PEP_PROXY_TOKEN_SECRET
 #
 ########################################################################################
 
@@ -80,8 +80,8 @@ HEALTHCHECK  --interval=30s --timeout=3s --start-period=60s \
 #    PEP_PROXY_ORG_HEADER
 #    PEP_PROXY_APP_ID
 #    PEP_PROXY_USERNAME
-#    PEP_PASSWORD
-#    PEP_TOKEN_SECRET
+#    PEP_PROXY_PASSWORD
+#    PEP_PROXY_TOKEN_SECRET
 #    PEP_PROXY_AUTH_ENABLED
 #    PEP_PROXY_PDP
 #    PEP_PROXY_PDP_PROTOCOL

doc/admin_guide.md

@@ -295,7 +295,8 @@ These are the parameters that can be configured in the global section:
 
 -   **pep_port**: Port to use if HTTPS is disabled
 -   **https**: HTTPS configuration. Disable or leave undefined if you are testing without an HTTPS certificate
--   **error_template**: A [Handlebars](https://handlebarsjs.com/) template defining the format of an error message payload
+-   **error_template**: A [Handlebars](https://handlebarsjs.com/) template defining the format of an error message
+    payload
 -   **error_content_type**: The content-type header of the error message
 
 ```json
@@ -446,9 +447,9 @@ overrides.
 | PEP_PROXY_ORG_HEADER                  | `organizations.header`            |                                             |
 | PEP_PROXY_APP_ID                      | `pep.app_id`                      |                                             |
 | PEP_PROXY_USERNAME                    | `pep.username`                    |                                             |
-| PEP_PASSWORD                          | `pep.password`                    |                                             |
-| PEP_TOKEN_SECRET                      | `pep.token`                       |                                             |
-| PEP_TRUSTED_APPS                      | `pep.trusted_apps`                |                                             |
+| PEP_PROXY_PASSWORD                    | `pep.password`                    |                                             |
+| PEP_PROXY_TOKEN_SECRET                | `pep.token`                       |                                             |
+| PEP_PROXY_TRUSTED_APPS                | `pep.trusted_apps`                |                                             |
 | PEP_PROXY_AUTH_ENABLED                | `authorization.enabled`           |                                             |
 | PEP_PROXY_PDP                         | `authorization.pdp`               |                                             |
 | PEP_PROXY_PDP_PROTOCOL                | `authorization.pdp.protocol`      |                                             |
@@ -468,9 +469,8 @@ overrides.
 | PEP_PROXY_CORS_CREDENTIALS            | `cors.credentials`                |                                             |
 | PEP_PROXY_CORS_MAX_AGE                | `cors.maxAge`                     |                                             |
 | PEP_PROXY_AUTH_FOR_NGINX              | `config.auth_for_nginx`           |                                             |
-| PEP_PROXY_MAGIC_KEY                   | `config.magic_key`                                              |
-| PEP_PROXY_ERROR_TEMPLATE              | `config.error_template`                                              |
-
+| PEP_PROXY_MAGIC_KEY                   | `config.magic_key`                |
+| PEP_PROXY_ERROR_TEMPLATE              | `config.error_template`           |
 
 Note:
 

extras/docker/Dockerfile

@@ -85,8 +85,8 @@ RUN sed -i -r "/^(root|nobody)/!d" /etc/passwd /etc/shadow /etc/group \
 # variable.
 #
 # -  PEP_PROXY_USERNAME
-# -  PEP_PASSWORD
-# -  PEP_TOKEN_SECRET
+# -  PEP_PROXY_ASSWORD
+# -  PEP_PROXY_TOKEN_SECRET
 #
 ########################################################################################
 
@@ -174,8 +174,8 @@ HEALTHCHECK  --interval=30s --timeout=3s --start-period=60s \
 #    PEP_PROXY_ORG_HEADER
 #    PEP_PROXY_APP_ID
 #    PEP_PROXY_USERNAME
-#    PEP_PASSWORD
-#    PEP_TOKEN_SECRET
+#    PEP_PROXY_PASSWORD
+#    PEP_PROXY_TOKEN_SECRET
 #    PEP_PROXY_AUTH_ENABLED
 #    PEP_PROXY_PDP
 #    PEP_PROXY_TENANT_HEADER

extras/docker/README.md

@@ -91,7 +91,7 @@ sudo docker run -d --name pep-proxy-container -v [host_config_file]:/opt/fiware-
 -   `PEP_PROXY_APP_SSL_ENABLED` - default value is `false` - Use `true` if the app server listens in HTTPS
 -   `PEP_PROXY_APP_ID` - default value is left blank and must be overridden
 -   `PEP_PROXY_USERNAME` - default value is left blank and must be overridden
--   `PEP_PASSWORD` - default value is left blank and must be overridden
+-   `PEP_PROXY_PASSWORD` - default value is left blank and must be overridden
 -   `PEP_PROXY_AUTH_ENABLED` - default value is `false`
 -   `PEP_PROXY_PDP` - default value is `idm` can be set to `authzforce`, `iShare` or `xacml`
 -   `PEP_PROXY_PDP_PROTOCOL` - default value is `http`

lib/config_service.js

@@ -64,9 +64,12 @@ function process_environment_variables(verbose) {
     'PEP_PROXY_ORG_HEADER',
     'PEP_PROXY_APP_ID',
     'PEP_PROXY_USERNAME',
-    'PEP_PASSWORD',
-    'PEP_TOKEN_SECRET',
-    'PEP_TRUSTED_APPS',
+    'PEP_PROXY_PASSWORD',
+    'PEP_PROXY_TOKEN_SECRET',
+    'PEP_PROXY_TRUSTED_APPS',
+    'PEP_PASSWORD', // Deprecated
+    'PEP_TOKEN_SECRET', // Deprecated
+    'PEP_TRUSTED_APPS', // Deprecated
     'PEP_PROXY_AUTH_ENABLED',
     'PEP_PROXY_PDP',
     'PEP_PROXY_PDP_PROTOCOL',
@@ -92,7 +95,15 @@ function process_environment_variables(verbose) {
     'PEP_PROXY_ERROR_CONTENT_TYPE'
   ];
 
-  const protected_variables = ['PEP_PROXY_USERNAME', 'PEP_PASSWORD', 'PEP_TOKEN_SECRET', 'PEP_TRUSTED_APPS'];
+  const protected_variables = [
+    'PEP_PROXY_USERNAME',
+    'PEP_PROXY_PASSWORD',
+    'PEP_PROXY_TOKEN_SECRET',
+    'PEP_PROXY_TRUSTED_APPS',
+    'PEP_PASSWORD', // Deprecated
+    'PEP_TOKEN_SECRET', // Deprecated
+    'PEP_TRUSTED_APPS' // Deprecated
+  ];
 
   // Substitute Docker Secret Variables where set.
   protected_variables.forEach((key) => {
@@ -168,17 +179,23 @@ function process_environment_variables(verbose) {
   if (process.env.PEP_PROXY_USERNAME) {
     config.pep.username = process.env.PEP_PROXY_USERNAME;
   }
-  if (process.env.PEP_PASSWORD) {
+  if (process.env.PEP_PROXY_PASSWORD) {
+    config.pep.password = process.env.PEP_PROXY_PASSWORD;
+  } else if (process.env.PEP_PASSWORD) {
     config.pep.password = process.env.PEP_PASSWORD;
   }
 
   config.pep.token = config.pep.token || {};
-  if (process.env.PEP_TOKEN_SECRET) {
+  if (process.env.PEP_PROXY_TOKEN_SECRET) {
+    config.pep.token.secret = process.env.PEP_PROXY_TOKEN_SECRET;
+  } else if (process.env.PEP_TOKEN_SECRET) {
     config.pep.token.secret = process.env.PEP_TOKEN_SECRET;
   }
 
   config.pep.trusted_apps = config.pep.trusted_apps || [];
-  if (process.env.PEP_TRUSTED_APPS) {
+  if (process.env.PEP_PROXY_TRUSTED_APPS) {
+    config.pep.trusted_apps = to_array(process.env.PEP_PROXY_TRUSTED_APPS, []);
+  } else if (process.env.PEP_TRUSTED_APPS) {
     config.pep.trusted_apps = to_array(process.env.PEP_TRUSTED_APPS, []);
   }