diff options
Diffstat (limited to 'src/laas_dashboard')
-rw-r--r-- | src/laas_dashboard/settings.py | 27 | ||||
-rw-r--r-- | src/laas_dashboard/urls.py | 3 |
2 files changed, 28 insertions, 2 deletions
diff --git a/src/laas_dashboard/settings.py b/src/laas_dashboard/settings.py index 86778c1..a32b1c5 100644 --- a/src/laas_dashboard/settings.py +++ b/src/laas_dashboard/settings.py @@ -31,6 +31,7 @@ INSTALLED_APPS = [ 'analytics', 'django.contrib.admin', 'django.contrib.auth', + 'mozilla_django_oidc', # needs to be defined after auth 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', @@ -38,7 +39,7 @@ INSTALLED_APPS = [ 'django.contrib.humanize', 'bootstrap4', 'rest_framework', - 'rest_framework.authtoken' + 'rest_framework.authtoken', ] MIDDLEWARE = [ @@ -52,6 +53,30 @@ MIDDLEWARE = [ 'account.middleware.TimezoneMiddleware', ] +if os.environ['AUTH_SETTING'] == 'LFID': + AUTHENTICATION_BACKENDS = ['account.views.MyOIDCAB'] + + # OpenID Authentications + OIDC_RP_CLIENT_ID = os.environ['OIDC_CLIENT_ID'] + OIDC_RP_CLIENT_SECRET = os.environ['OIDC_CLIENT_SECRET'] + + OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ['OIDC_AUTHORIZATION_ENDPOINT'] + OIDC_OP_TOKEN_ENDPOINT = os.environ['OIDC_TOKEN_ENDPOINT'] + OIDC_OP_USER_ENDPOINT = os.environ['OIDC_USER_ENDPOINT'] + + LOGIN_REDIRECT_URL = os.environ['DASHBOARD_URL'] + LOGOUT_REDIRECT_URL = os.environ['DASHBOARD_URL'] + + OIDC_RP_SIGN_ALGO = os.environ["OIDC_RP_SIGN_ALGO"] + + if OIDC_RP_SIGN_ALGO == "RS256": + OIDC_OP_JWKS_ENDPOINT = os.environ["OIDC_OP_JWKS_ENDPOINT"] + +# This is for LFID auth setups w/ an HTTPS proxy +if os.environ['EXPECT_HOST_FORWARDING'] == 'True': + SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', "https") + USE_X_FORWARDED_HOST = True + ROOT_URLCONF = 'laas_dashboard.urls' TEMPLATE_OVERRIDE = os.environ.get("TEMPLATE_OVERRIDE_DIR", "") # the user's custom template dir diff --git a/src/laas_dashboard/urls.py b/src/laas_dashboard/urls.py index 17cbe84..7a37d7e 100644 --- a/src/laas_dashboard/urls.py +++ b/src/laas_dashboard/urls.py @@ -41,7 +41,8 @@ urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')), url(r'^api/', include('api.urls')), - url(r'^messages/', include('notifier.urls', namespace='notifier')) + url(r'^messages/', include('notifier.urls', namespace='notifier')), + url(r'^oidc/', include('mozilla_django_oidc.urls')), ] if settings.DEBUG is True: |