1 files changed, 26 insertions, 1 deletions

diff --git a/src/laas_dashboard/settings.py b/src/laas_dashboard/settings.py
index 86778c1..a32b1c5 100644
--- a/src/laas_dashboard/settings.py
+++ b/src/laas_dashboard/settings.py
@@ -31,6 +31,7 @@ INSTALLED_APPS = [
     'analytics',
     'django.contrib.admin',
     'django.contrib.auth',
+    'mozilla_django_oidc',  # needs to be defined after auth
     'django.contrib.contenttypes',
     'django.contrib.sessions',
     'django.contrib.messages',
@@ -38,7 +39,7 @@ INSTALLED_APPS = [
     'django.contrib.humanize',
     'bootstrap4',
     'rest_framework',
-    'rest_framework.authtoken'
+    'rest_framework.authtoken',
 ]
 
 MIDDLEWARE = [
@@ -52,6 +53,30 @@ MIDDLEWARE = [
     'account.middleware.TimezoneMiddleware',
 ]
 
+if os.environ['AUTH_SETTING'] == 'LFID':
+    AUTHENTICATION_BACKENDS = ['account.views.MyOIDCAB']
+
+    # OpenID Authentications
+    OIDC_RP_CLIENT_ID = os.environ['OIDC_CLIENT_ID']
+    OIDC_RP_CLIENT_SECRET = os.environ['OIDC_CLIENT_SECRET']
+
+    OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ['OIDC_AUTHORIZATION_ENDPOINT']
+    OIDC_OP_TOKEN_ENDPOINT = os.environ['OIDC_TOKEN_ENDPOINT']
+    OIDC_OP_USER_ENDPOINT = os.environ['OIDC_USER_ENDPOINT']
+
+    LOGIN_REDIRECT_URL = os.environ['DASHBOARD_URL']
+    LOGOUT_REDIRECT_URL = os.environ['DASHBOARD_URL']
+
+    OIDC_RP_SIGN_ALGO = os.environ["OIDC_RP_SIGN_ALGO"]
+
+    if OIDC_RP_SIGN_ALGO == "RS256":
+        OIDC_OP_JWKS_ENDPOINT = os.environ["OIDC_OP_JWKS_ENDPOINT"]
+
+# This is for LFID auth setups w/ an HTTPS proxy
+if os.environ['EXPECT_HOST_FORWARDING'] == 'True':
+    SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', "https")
+    USE_X_FORWARDED_HOST = True
+
 ROOT_URLCONF = 'laas_dashboard.urls'
 
 TEMPLATE_OVERRIDE = os.environ.get("TEMPLATE_OVERRIDE_DIR", "")  # the user's custom template dir