From 27ada27d347e4867f4992b4162c5c025b88764c6 Mon Sep 17 00:00:00 2001
From: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
Date: Tue, 1 Aug 2023 09:11:44 +0000
Subject: /onap-logging proxy config is causing container startup failure

Issue-ID: PORTALNG-36
Change-Id: I1baf948a344c8ef170d73bb0cd8b26e67582dddf
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
---
 server/nginx.template | 56 ---------------------------------------------------
 1 file changed, 56 deletions(-)

diff --git a/server/nginx.template b/server/nginx.template
index 2b8edd0..e3dd750 100644
--- a/server/nginx.template
+++ b/server/nginx.template
@@ -1,17 +1,6 @@
-# Log format for onap logging
-log_format onap_logging '"$request_body"';
-
-lua_package_path '/usr/local/openresty/lualib/?.lua;;';
-# cache for discovery metadata documents
-lua_shared_dict discovery 1m;
-# cache for JWKs
-lua_shared_dict jwks 1m;
-
 # if run in local docker container add this resolver for the DNS to connect to Keycloak
 resolver ${CLUSTER_NAMESERVER_IP};
 
-error_log logs/error.log error;
-
 server {
     listen       ${NGINX_PORT};
 
@@ -50,51 +39,6 @@ server {
             proxy_set_header    X-Forwarded-Port   $server_port;
             proxy_set_header    X-Forwarded-Proto  $scheme;
     }
-
-    location = /onap_logging {
-        access_by_lua '
-                  local openidc = require("resty.openidc");
-                  -- uncomment for logging next line
-                  -- openidc.set_logging(nil, { DEBUG = ngx.DEBUG });
-                  local opts = {
-                   discovery = "${KEYCLOAK_INTERNAL_URL}/auth/realms/${KEYCLOAK_REALM}/.well-known/openid-configuration",
-
-                   -- the signature algorithm that you expect has been used;
-                   -- can be a single string or a table.
-                   -- You should set this for security reasons in order to
-                   -- avoid accepting a token claiming to be signed by HMAC
-                   -- using a public RSA key.
-                   -- token_signing_alg_values_expected = { "HS256" },
-
-                   -- if you want to accept unsigned tokens (using the
-                   -- "none" signature algorithm) then set this to true.
-                   accept_none_alg = false,
-
-                   -- if you want to reject tokens signed using an algorithm
-                   -- not supported by lua-resty-jwt set this to false. If
-                   -- you leave it unset, the token signature will not be
-                   -- verified at all.
-                   accept_unsupported_alg = false
-                 }
-                 -- call introspect for OAuth 2.0 Bearer Access Token validation
-                 local res, err = require("resty.openidc").bearer_jwt_verify(opts)
-
-                 if err then
-                   ngx.status = 403
-                   ngx.say(err)
-                   ngx.exit(ngx.HTTP_FORBIDDEN)
-                 end
-
-               ';
-            access_log /dev/stdout onap_logging;
-            proxy_pass http://portal-ui/onap_logging_proxy;
-            proxy_http_version 1.1;
-    }
-
-    location = /onap_logging_proxy {
-          access_log off;
-          return 200 'Message logged';
-    }
 }
 
 ##
-- 
cgit 1.2.3-korg