Skip to content
Snippets Groups Projects
Commit 754dafca authored by Klaas Kliffen's avatar Klaas Kliffen :satellite:
Browse files

Update settings for openid

parent 8a4b29a0
No related branches found
No related tags found
2 merge requests!323merge keycloak changes into branch,!322Sdc 1055/use openid config
Pipeline #59327 passed
Stage: build
Stage: deploy_to_test
Stage: deploy_to_production
Hide whitespace changes
Inline Side-by-side
atdb/atdb/settings/base.py
+ 23
14
View file @ 754dafca
...@@ -45,8 +45,7 @@ INSTALLED_APPS = [ ...@@ -45,8 +45,7 @@ INSTALLED_APPS = [
'allauth', 'allauth',
'allauth.account', 'allauth.account',
'allauth.socialaccount', 'allauth.socialaccount',
'allauth.socialaccount.providers.keycloak', 'allauth.socialaccount.providers.openid_connect',
] ]
MIDDLEWARE = [ MIDDLEWARE = [
...@@ -59,6 +58,7 @@ MIDDLEWARE = [ ...@@ -59,6 +58,7 @@ MIDDLEWARE = [
'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware', 'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware',
'allauth.account.middleware.AccountMiddleware',
#'silk.middleware.SilkyMiddleware', #'silk.middleware.SilkyMiddleware',
] ]
...@@ -228,17 +228,27 @@ AUTHENTICATION_BACKENDS = [ ...@@ -228,17 +228,27 @@ AUTHENTICATION_BACKENDS = [
"allauth.account.auth_backends.AuthenticationBackend", "allauth.account.auth_backends.AuthenticationBackend",
] ]
try: # Set your keycloak url and realm
KEYCLOAK_URL = os.environ['KEYCLOAK_URL']
except:
KEYCLOAK_URL = 'https://keycloak.astron.nl/auth'
SOCIALACCOUNT_PROVIDERS = { SOCIALACCOUNT_PROVIDERS = {
'keycloak': { "openid_connect": {
'KEYCLOAK_URL': KEYCLOAK_URL, "SERVERS": [
'KEYCLOAK_REALM': 'SDC', {
'SCOPE': ['openid', 'profile', 'email'] "id": "keycloak",
} "name": "Keycloak",
"server_url": os.getenv(
"KEYCLOAK_URL", "https://keycloak.astron.nl/auth"
)
+ "/realms/"
+ os.getenv("KEYCLOAK_REALM", "SDC")
+ "/.well-known/openid-configuration",
"APP": {
"client_id": os.getenv("KEYCLOAK_CLIENT_ID"),
"secret": os.getenv("KEYCLOAK_CLIENT_SECRET"),
},
"SCOPE": ["openid", "profile", "email"],
}
]
},
} }
try: try:
...@@ -247,11 +257,10 @@ except: ...@@ -247,11 +257,10 @@ except:
LOGIN_REDIRECT_URL = '/atdb/' LOGIN_REDIRECT_URL = '/atdb/'
logger.info("LOGIN_REDIRECT_URL:" + LOGIN_REDIRECT_URL) logger.info("LOGIN_REDIRECT_URL:" + LOGIN_REDIRECT_URL)
logger.info("KEYCLOAK_URL:" + KEYCLOAK_URL)
SESSION_COOKIE_NAME = 'atdb_session_id' SESSION_COOKIE_NAME = 'atdb_session_id'
CSRF_COOKIE_NAME = 'atdb_csrftoken' CSRF_COOKIE_NAME = 'atdb_csrftoken'
#SILKY_PYTHON_PROFILER = False #SILKY_PYTHON_PROFILER = False
#SILKY_PYTHON_PROFILER_BINARY = False #SILKY_PYTHON_PROFILER_BINARY = False
\ No newline at end of file
atdb/requirements/base.txt
+ 2
2
View file @ 754dafca
astronauth==0.3.3 astronauth==0.3.3
Django==3.2 Django==3.2
django-allauth==0.52.0 django-allauth==0.57.0 # note allauth only supports Django >= 3.2
django-bootstrap-pagination==1.7.0 django-bootstrap-pagination==1.7.0
django-bootstrap3==14.2.0 django-bootstrap3==14.2.0
django-cors-headers==3.6.0 django-cors-headers==3.6.0
...@@ -15,4 +15,4 @@ psycopg2-binary==2.9.3 ...@@ -15,4 +15,4 @@ psycopg2-binary==2.9.3
python3-openid==3.2.0 python3-openid==3.2.0
requests-oauthlib==1.3.1 requests-oauthlib==1.3.1
six==1.15.0 six==1.15.0
whitenoise==5.0.1 whitenoise==5.0.1
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment