From 99dfb2c0e97bce2f8827a6e8eef79b4abb60297a Mon Sep 17 00:00:00 2001
From: Sean Smith <ssmith@iol.unh.edu>
Date: Wed, 19 Aug 2020 11:00:50 -0400
Subject: LFID login for both projects

Signed-off-by: Sean Smith <ssmith@iol.unh.edu>
Change-Id: I4a14dc75d7890a6d395b3f52177a7000ae1a2150
---
 src/laas_dashboard/settings.py | 28 +++++++++++++++++++---------
 1 file changed, 19 insertions(+), 9 deletions(-)

(limited to 'src/laas_dashboard')

diff --git a/src/laas_dashboard/settings.py b/src/laas_dashboard/settings.py
index 92f763f..a32b1c5 100644
--- a/src/laas_dashboard/settings.py
+++ b/src/laas_dashboard/settings.py
@@ -53,19 +53,29 @@ MIDDLEWARE = [
     'account.middleware.TimezoneMiddleware',
 ]
 
-AUTHENTICATION_BACKENDS = ['account.views.MyOIDCAB']
+if os.environ['AUTH_SETTING'] == 'LFID':
+    AUTHENTICATION_BACKENDS = ['account.views.MyOIDCAB']
 
+    # OpenID Authentications
+    OIDC_RP_CLIENT_ID = os.environ['OIDC_CLIENT_ID']
+    OIDC_RP_CLIENT_SECRET = os.environ['OIDC_CLIENT_SECRET']
 
-# OpenID Authentications
-OIDC_RP_CLIENT_ID = os.environ['OIDC_CLIENT_ID']
-OIDC_RP_CLIENT_SECRET = os.environ['OIDC_CLIENT_SECRET']
+    OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ['OIDC_AUTHORIZATION_ENDPOINT']
+    OIDC_OP_TOKEN_ENDPOINT = os.environ['OIDC_TOKEN_ENDPOINT']
+    OIDC_OP_USER_ENDPOINT = os.environ['OIDC_USER_ENDPOINT']
 
-OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ['OIDC_AUTHORIZATION_ENDPOINT']
-OIDC_OP_TOKEN_ENDPOINT = os.environ['OIDC_TOKEN_ENDPOINT']
-OIDC_OP_USER_ENDPOINT = os.environ['OIDC_USER_ENDPOINT']
+    LOGIN_REDIRECT_URL = os.environ['DASHBOARD_URL']
+    LOGOUT_REDIRECT_URL = os.environ['DASHBOARD_URL']
 
-LOGIN_REDIRECT_URL = os.environ['DASHBOARD_URL']
-LOGOUT_REDIRECT_URL = os.environ['DASHBOARD_URL']
+    OIDC_RP_SIGN_ALGO = os.environ["OIDC_RP_SIGN_ALGO"]
+
+    if OIDC_RP_SIGN_ALGO == "RS256":
+        OIDC_OP_JWKS_ENDPOINT = os.environ["OIDC_OP_JWKS_ENDPOINT"]
+
+# This is for LFID auth setups w/ an HTTPS proxy
+if os.environ['EXPECT_HOST_FORWARDING'] == 'True':
+    SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', "https")
+    USE_X_FORWARDED_HOST = True
 
 ROOT_URLCONF = 'laas_dashboard.urls'
 
-- 
cgit 1.2.3-korg