From 99dfb2c0e97bce2f8827a6e8eef79b4abb60297a Mon Sep 17 00:00:00 2001 From: Sean Smith Date: Wed, 19 Aug 2020 11:00:50 -0400 Subject: LFID login for both projects Signed-off-by: Sean Smith Change-Id: I4a14dc75d7890a6d395b3f52177a7000ae1a2150 --- src/laas_dashboard/settings.py | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) (limited to 'src/laas_dashboard') diff --git a/src/laas_dashboard/settings.py b/src/laas_dashboard/settings.py index 92f763f..a32b1c5 100644 --- a/src/laas_dashboard/settings.py +++ b/src/laas_dashboard/settings.py @@ -53,19 +53,29 @@ MIDDLEWARE = [ 'account.middleware.TimezoneMiddleware', ] -AUTHENTICATION_BACKENDS = ['account.views.MyOIDCAB'] +if os.environ['AUTH_SETTING'] == 'LFID': + AUTHENTICATION_BACKENDS = ['account.views.MyOIDCAB'] + # OpenID Authentications + OIDC_RP_CLIENT_ID = os.environ['OIDC_CLIENT_ID'] + OIDC_RP_CLIENT_SECRET = os.environ['OIDC_CLIENT_SECRET'] -# OpenID Authentications -OIDC_RP_CLIENT_ID = os.environ['OIDC_CLIENT_ID'] -OIDC_RP_CLIENT_SECRET = os.environ['OIDC_CLIENT_SECRET'] + OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ['OIDC_AUTHORIZATION_ENDPOINT'] + OIDC_OP_TOKEN_ENDPOINT = os.environ['OIDC_TOKEN_ENDPOINT'] + OIDC_OP_USER_ENDPOINT = os.environ['OIDC_USER_ENDPOINT'] -OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ['OIDC_AUTHORIZATION_ENDPOINT'] -OIDC_OP_TOKEN_ENDPOINT = os.environ['OIDC_TOKEN_ENDPOINT'] -OIDC_OP_USER_ENDPOINT = os.environ['OIDC_USER_ENDPOINT'] + LOGIN_REDIRECT_URL = os.environ['DASHBOARD_URL'] + LOGOUT_REDIRECT_URL = os.environ['DASHBOARD_URL'] -LOGIN_REDIRECT_URL = os.environ['DASHBOARD_URL'] -LOGOUT_REDIRECT_URL = os.environ['DASHBOARD_URL'] + OIDC_RP_SIGN_ALGO = os.environ["OIDC_RP_SIGN_ALGO"] + + if OIDC_RP_SIGN_ALGO == "RS256": + OIDC_OP_JWKS_ENDPOINT = os.environ["OIDC_OP_JWKS_ENDPOINT"] + +# This is for LFID auth setups w/ an HTTPS proxy +if os.environ['EXPECT_HOST_FORWARDING'] == 'True': + SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', "https") + USE_X_FORWARDED_HOST = True ROOT_URLCONF = 'laas_dashboard.urls' -- cgit 1.2.3-korg