From 32af94e163a652642a9e453cdee041df68127a27 Mon Sep 17 00:00:00 2001
From: Robin Appelman <robin@icewind.nl>
Date: Thu, 19 Oct 2023 22:19:36 +0200
Subject: [PATCH] ci fixes

Signed-off-by: Robin Appelman <robin@icewind.nl>
---
 .github/workflows/smb-kerberos.yml                   | 12 ++++--------
 .../tests/sso-setup/apache-session.conf              | 12 ++++++++++++
 apps/files_external/tests/sso-setup/run.sh           |  8 ++++----
 apps/files_external/tests/sso-setup/start-dc.sh      |  2 ++
 .../tests/sso-setup/test-sso-smb-session.sh          |  2 ++
 5 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/smb-kerberos.yml b/.github/workflows/smb-kerberos.yml
index fb5c0af8b1381..c69ee3833d806 100644
--- a/.github/workflows/smb-kerberos.yml
+++ b/.github/workflows/smb-kerberos.yml
@@ -18,8 +18,6 @@ jobs:
 
     if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
 
-    name: smb-kerberos-sso
-
     steps:
       - name: Checkout server
         uses: actions/checkout@v3
@@ -62,8 +60,6 @@ jobs:
 
     if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
 
-    name: smb-kerberos-sso
-
     steps:
       - name: Checkout server
         uses: actions/checkout@v3
@@ -74,7 +70,7 @@ jobs:
         with:
           repository: nextcloud/user_saml
           path: apps/user_saml
-          ref: event-dispatcher
+          ref: stable27
       - name: Pull images
         run: |
           docker pull ghcr.io/icewind1991/samba-krb-test-dc
@@ -86,6 +82,7 @@ jobs:
       - name: Setup AD-DC
         run: |
           DC_IP=$(apps/files_external/tests/sso-setup/start-dc.sh)
+          sleep 1
           apps/files_external/tests/sso-setup/start-apache.sh $DC_IP $PWD -v $PWD/apps/files_external/tests/sso-setup/apache-session.conf:/etc/apache2/sites-enabled/000-default.conf
           echo "DC_IP=$DC_IP" >> $GITHUB_ENV
       - name: Set up Nextcloud
@@ -106,8 +103,6 @@ jobs:
 
     if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
 
-    name: smb-kerberos-sso
-
     steps:
       - name: Checkout server
         uses: actions/checkout@v3
@@ -118,7 +113,7 @@ jobs:
         with:
           repository: nextcloud/user_saml
           path: apps/user_saml
-          ref: event-dispatcher
+          ref: stable27
       - name: Pull images
         run: |
           docker pull ghcr.io/icewind1991/samba-krb-test-dc
@@ -130,6 +125,7 @@ jobs:
       - name: Setup AD-DC
         run: |
           DC_IP=$(apps/files_external/tests/sso-setup/start-dc.sh)
+          sleep 1
           apps/files_external/tests/sso-setup/start-apache.sh $DC_IP $PWD -v $PWD/apps/files_external/tests/sso-setup/apache-session.conf:/etc/apache2/sites-enabled/000-default.conf
           echo "DC_IP=$DC_IP" >> $GITHUB_ENV
       - name: Set up Nextcloud
diff --git a/apps/files_external/tests/sso-setup/apache-session.conf b/apps/files_external/tests/sso-setup/apache-session.conf
index 6ef28d5d954f3..d401b07710ed6 100644
--- a/apps/files_external/tests/sso-setup/apache-session.conf
+++ b/apps/files_external/tests/sso-setup/apache-session.conf
@@ -14,6 +14,18 @@
                 require valid-user
         </Location>
 
+        <Location /index.php>
+                AuthType Kerberos
+                AuthName "Kerberos authenticated intranet"
+                KrbAuthRealms DOMAIN.TEST
+                KrbServiceName HTTP/httpd.domain.test
+                Krb5Keytab /shared/httpd.keytab
+                KrbMethodNegotiate On
+                KrbMethodK5Passwd On
+                KrbSaveCredentials On
+                require valid-user
+        </Location>
+
         ErrorLog /shared/apache-error.log
         CustomLog /shared/apache-access.log combined
 </VirtualHost>
diff --git a/apps/files_external/tests/sso-setup/run.sh b/apps/files_external/tests/sso-setup/run.sh
index 863f4c954dd46..af7a72467a2d8 100755
--- a/apps/files_external/tests/sso-setup/run.sh
+++ b/apps/files_external/tests/sso-setup/run.sh
@@ -3,8 +3,8 @@ set -e
 
 SCRIPT_DIR="${0%/*}"
 
-DC_IP=$(apps/files_external/tests/sso-setup/start-dc.sh)
-apps/files_external/tests/sso-setup/start-apache.sh "$DC_IP" "$PWD" -v "$PWD/$SCRIPT_DIR"/apache-session.conf:/etc/apache2/sites-enabled/000-default.conf
-apps/files_external/tests/sso-setup/setup-sso-nc.sh smb::kerberos_sso_session
+DC_IP=$("$SCRIPT_DIR"/start-dc.sh)
+"$SCRIPT_DIR"/start-apache.sh "$DC_IP" "$PWD" -v "$PWD/$SCRIPT_DIR"/apache-session.conf:/etc/apache2/sites-enabled/000-default.conf
+"$SCRIPT_DIR"/setup-sso-nc.sh smb::kerberos_sso_session
 
-apps/files_external/tests/sso-setup/test-sso-smb-session.sh "$DC_IP"
+"$SCRIPT_DIR"/test-sso-smb-session.sh "$DC_IP"
diff --git a/apps/files_external/tests/sso-setup/start-dc.sh b/apps/files_external/tests/sso-setup/start-dc.sh
index 14a80c4644e8c..821a72bfb67b4 100755
--- a/apps/files_external/tests/sso-setup/start-dc.sh
+++ b/apps/files_external/tests/sso-setup/start-dc.sh
@@ -27,4 +27,6 @@ docker run -dit --name dc -v /tmp/shared:/shared --hostname krb.domain.test --ca
 
 waitContainer dc
 
+sleep 5
+
 docker inspect dc --format '{{.NetworkSettings.IPAddress}}'
diff --git a/apps/files_external/tests/sso-setup/test-sso-smb-session.sh b/apps/files_external/tests/sso-setup/test-sso-smb-session.sh
index 1f5be8d14f337..d39b4dea815b6 100755
--- a/apps/files_external/tests/sso-setup/test-sso-smb-session.sh
+++ b/apps/files_external/tests/sso-setup/test-sso-smb-session.sh
@@ -13,6 +13,8 @@ else
   exit 1
 fi
 
+"$SCRIPT_DIR/client-cmd.sh" "$DC_IP" curl -s -b /shared/cookie -c /shared/cookie --negotiate -u testuser@DOMAIN.TEST: --delegation always http://httpd.domain.test/index.php
+
 echo -n "Getting test with session file: "
 CONTENT=$("$SCRIPT_DIR/client-cmd.sh" "$DC_IP" curl -s -b /shared/cookie 'http://httpd.domain.test/remote.php/webdav/smb/test.txt?XDEBUG_SESSION_START=1')
 CONTENT=$(echo "$CONTENT" | head -n 1 | tr -d '[:space:]')