Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add OIDC capabilities #173

Merged
merged 3 commits into from
Sep 1, 2024
Merged

add OIDC capabilities #173

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
77b2ce7
add oidc capabilities
esinx Sep 1, 2024
77a5f04
lint
esinx Sep 1, 2024
7fda953
fix: temp key for build step
esinx Sep 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions backend/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ COPY . /app/
ENV DJANGO_SETTINGS_MODULE Platform.settings.production
ENV SECRET_KEY 'temporary key just to build the docker image'
ENV IDENTITY_RSA_PRIVATE_KEY 'temporary private key just to build the docker image'
ENV OIDC_RSA_PRIVATE_KEY 'temporary private key just to build the docker image'

# Collect static files
RUN python3 /app/manage.py collectstatic --noinput
Expand Down
1 change: 1 addition & 0 deletions backend/Dockerfile.dev
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ COPY . /app/
ENV DJANGO_SETTINGS_MODULE Platform.settings.production
ENV SECRET_KEY 'temporary key just to build the docker image'
ENV IDENTITY_RSA_PRIVATE_KEY 'temporary private key just to build the docker image'
ENV OIDC_RSA_PRIVATE_KEY 'temporary private key just to build the docker image'

# Collect static files
RUN python3 /app/manage.py collectstatic --noinput
23 changes: 23 additions & 0 deletions backend/Platform/settings/base.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,26 @@
-----END RSA PRIVATE KEY-----""",
)

OIDC_RSA_PRIVATE_KEY = os.environ.get(
"OIDC_RSA_PRIVATE_KEY",
"""-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMF37VZGAUWIsrcE
Iw2uskamXXkQtFb7dMD96iaPNvp7Buc4Z/p+6Mc1uLJRKUeJavU5JIF3K2uRWuLh
OozP5O3WKDnD5johit1GsaBejc45unxMIAoP4fdLO+iVSHQSl9VS4SXBX1RtitgP
/eRvEBxk4/LCpJJiZo4cQVZjavc5AgMBAAECgYBx6qiwHQZQqB37D4+IVe4ZFYqC
Z6iYcvWbUadWzwsjT9+PtDHdWG6+Jc68CHgS7EIzZFMvfDjv3KW0Y8Qy95Kmw++z
HlmvfGatR8NRge1tdEUCFKkLfSj0hUh/RjculDWM5hlnWnaVa9kw+drUGVhNqUxa
pMbqYSDiMljtFVDeVQJBAP7KSS9Pm+XZx0qVo4u82Fd9AuoyGumt0EqqHcwpHTpu
N5mIUttIBvGeQ9Cc3LiUqzMBP/vIEIMoqLt104io1esCQQDCYxnFS+1DfFIvgXWu
K55PZKVLl4S8/6IKrfulpbZrBNYfQbbsjY+3GHHBzGU0cId3yAsTHZsZ1OdoFb4w
AyprAkAzfTWk9fWPUZ9Ql0ThrFwb8gtwwIdnydRaAl7bL0PU1wktYbs8zSV6Fn2l
3s1MD985A3umqhuMJd9TYtBIwbXZAkEAseVR616+J5m5+SHoWdovSodYQuLKptDo
Mg/hkkoitLQ7ZWWVi81N7gmf6fUt1Zz6TSO1Bux8Slqu4HGtmXD8OwJAW5FEDoOQ
D0LF8EFEhFrtPvkb0wTr6pyDWtIAJuxqvIRwaP4FACgOL/Cv6BGn5DyM6H/W5/Kp
Zk+r72xEuoNzUQ==
-----END PRIVATE KEY-----""",
)

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

Expand Down Expand Up @@ -179,12 +199,15 @@

OAUTH2_PROVIDER = {
"SCOPES": {
"openid": "OpenID Connect scope",
"read": "Read scope",
"write": "Write scope",
"introspection": "Introspect token scope",
},
"ALLOWED_REDIRECT_URI_SCHEMES": ["http", "https"],
"PKCE_REQUIRED": False,
"OIDC_ENABLED": True,
"OIDC_RSA_PRIVATE_KEY": OIDC_RSA_PRIVATE_KEY,
}

# Custom User Model
Expand Down
7 changes: 7 additions & 0 deletions backend/Platform/settings/production.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,13 @@
"Please provide environment variable IDENTITY_RSA_PRIVATE_KEY in production"
)


OIDC_RSA_PRIVATE_KEY = os.environ.get("OIDC_RSA_PRIVATE_KEY", None)
if OIDC_RSA_PRIVATE_KEY is None:
raise ImproperlyConfigured(
"Please provide environment variable OIDC_RSA_PRIVATE_KEY in production"
)

# Sentry settings
SENTRY_URL = os.environ.get("SENTRY_URL", "")
sentry_sdk.init(dsn=SENTRY_URL, integrations=[DjangoIntegration()])
Expand Down
Loading