Merge branch 'SDC-1055/use_openid_config' into 'master'

Sdc 1055/use openid config See merge request !322

Merge branch 'SDC-1055/use_openid_config' into 'master'
cbf1e7c2 · Nico Vermaas · 8a4b29a0 · 52ab9578 · cbf1e7c2 · cbf1e7c2
Commit cbf1e7c2 authored 1 year ago by Nico Vermaas
--- a/atdb/atdb/settings/base.py
+++ b/atdb/atdb/settings/base.py
@@ -45,8 +45,7 @@ INSTALLED_APPS = [
    'allauth',
    'allauth.account',
    'allauth.socialaccount',
-    'allauth.socialaccount.providers.keycloak',
+    'allauth.socialaccount.providers.openid_connect',
 ]
 MIDDLEWARE = [
@@ -59,6 +58,7 @@ MIDDLEWARE = [
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'allauth.account.middleware.AccountMiddleware',
    #'silk.middleware.SilkyMiddleware',
 ]
@@ -228,17 +228,27 @@ AUTHENTICATION_BACKENDS = [
    "allauth.account.auth_backends.AuthenticationBackend",
 ]
-try:
+# Set your keycloak url and realm
-    KEYCLOAK_URL = os.environ['KEYCLOAK_URL']
-except:
-    KEYCLOAK_URL = 'https://keycloak.astron.nl/auth'
 SOCIALACCOUNT_PROVIDERS = {
-    'keycloak': {
+    "openid_connect": {
-        'KEYCLOAK_URL': KEYCLOAK_URL,
+        "SERVERS": [
-        'KEYCLOAK_REALM': 'SDC',
+            {
-        'SCOPE': ['openid', 'profile', 'email']
+                "id": "keycloak",
-    }
+                "name": "Keycloak",
+                "server_url": os.getenv(
+                    "KEYCLOAK_URL", "https://keycloak.astron.nl/auth"
+                )
+                + "/realms/"
+                + os.getenv("KEYCLOAK_REALM", "SDC")
+                + "/.well-known/openid-configuration",
+                "APP": {
+                    "client_id": os.getenv("KEYCLOAK_CLIENT_ID"),
+                    "secret": os.getenv("KEYCLOAK_CLIENT_SECRET"),
+                },
+                "SCOPE": ["openid", "profile", "email"],
+            }
+        ]
+    },
 }
 try:
@@ -247,11 +257,10 @@ except:
    LOGIN_REDIRECT_URL = '/atdb/'
 logger.info("LOGIN_REDIRECT_URL:" + LOGIN_REDIRECT_URL)
-logger.info("KEYCLOAK_URL:" + KEYCLOAK_URL)
 SESSION_COOKIE_NAME = 'atdb_session_id'
 CSRF_COOKIE_NAME = 'atdb_csrftoken'
 #SILKY_PYTHON_PROFILER = False
 #SILKY_PYTHON_PROFILER_BINARY = False
\ No newline at end of file
--- a/atdb/atdb/settings/dev.py
+++ b/atdb/atdb/settings/dev.py
@@ -13,9 +13,7 @@ DATABASES = {
         'ENGINE': 'django.db.backends.postgresql_psycopg2',
         'USER': 'atdb_admin',
         'PASSWORD': 'atdb123',
-         #'NAME': 'atdb_ldv_astronauth_6feb2023',
+         'NAME': 'atdb_ldv_8aug2023',
-          #'NAME': 'atdb_ldv_27jun2023',
-        'NAME': 'atdb_ldv_8aug2023',
         'HOST': 'localhost',
         'PORT': '5432',
    },
@@ -27,10 +25,3 @@ DATABASES = {
 AUTH_PASSWORD_VALIDATORS = []
 LOGIN_REDIRECT_URL = "http://localhost:8000/atdb"
-SOCIALACCOUNT_PROVIDERS = {
-    'keycloak': {
-        'KEYCLOAK_URL': 'https://sdc-dev.astron.nl/auth',
-        'KEYCLOAK_REALM': 'SDC',
-        'SCOPE': ['openid', 'profile', 'email']
-    }
-}
\ No newline at end of file
--- a/atdb/requirements/base.txt
+++ b/atdb/requirements/base.txt
 astronauth==0.3.3
 Django==3.2
-django-allauth==0.52.0
+django-allauth==0.57.0  # note allauth only supports Django >= 3.2
 django-bootstrap-pagination==1.7.0
 django-bootstrap3==14.2.0
 django-cors-headers==3.6.0
@@ -15,4 +15,4 @@ psycopg2-binary==2.9.3
 python3-openid==3.2.0
 requests-oauthlib==1.3.1
 six==1.15.0
 whitenoise==5.0.1
\ No newline at end of file
--- a/atdb/run.bat
+++ b/atdb/run.bat
-SET DEBUG=True
-SET DATABASE_HOST=localhost
-SET DATABASE_PORT=5432
-SET DATABASE_NAME=atdb_ldv
-SET DATABASE_USER=atdb_admin
-SET DATABASE_PASSWORD=atdb123
-python manage.py runserver --settings=atdb.settings.dev