From 989e205dd0773f462db88bdfda82a3ef45b936ec Mon Sep 17 00:00:00 2001
From: Gareth Hughes <gareth.hughes@cta-observatory.org>
Date: Thu, 21 Oct 2021 16:13:37 +0200
Subject: [PATCH] attempt to add django-scim2

---
 esap/esap/settings/base.py | 19 +++++++++++++++++--
 esap/esap/urls.py          |  1 +
 esap/requirements/base.txt |  5 ++++-
 3 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/esap/esap/settings/base.py b/esap/esap/settings/base.py
index ed753648..5b20cb6d 100644
--- a/esap/esap/settings/base.py
+++ b/esap/esap/settings/base.py
@@ -42,6 +42,7 @@ INSTALLED_APPS = [
     'rest_framework',
     'corsheaders',
     'django_filters',
+    'django_scim'
 ]
 
 #DATABASES = {
@@ -63,7 +64,8 @@ MIDDLEWARE = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'mozilla_django_oidc.middleware.SessionRefresh',
     'django.contrib.messages.middleware.MessageMiddleware',
-    'django.middleware.clickjacking.XFrameOptionsMiddleware'
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'django_scim.middleware.SCIMAuthCheckMiddleware'
 ]
 
 
@@ -245,6 +247,19 @@ try:
 except:
    OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS = 36000
 
+
+# SCIM Settings
+SCIM_SERVICE_PROVIDER = {
+    'NETLOC': 'localhost',
+    'AUTHENTICATION_SCHEMES': [
+        {
+            'type': 'oauth2',
+            'name': 'OAuth 2',
+            'description': 'Oauth 2 implemented with bearer token',
+        },
+    ],
+}
+
 # SECURITY WARNING: keep the secret key used in production secret!
 # preferably read the SECRET_KEY from the environment
 try:
@@ -277,4 +292,4 @@ CONFIGURATION_FILE = 'esap_default'
 
 # location of the YAML configuration files.
 # currently next to the (default) 'sqlite3' files, but can be moved later.
-CONFIGURATION_DATA_DIR = os.path.join(BASE_DIR)
\ No newline at end of file
+CONFIGURATION_DATA_DIR = os.path.join(BASE_DIR)
diff --git a/esap/esap/urls.py b/esap/esap/urls.py
index 7c498e3d..25b02426 100644
--- a/esap/esap/urls.py
+++ b/esap/esap/urls.py
@@ -23,4 +23,5 @@ urlpatterns = [
     path('esap-api/ida/', include('ida.api.urls')),
     path('esap-api/admin/', admin.site.urls, name='admin-view'),
     re_path('^esap-api/oidc/', include('mozilla_django_oidc.urls')),
+    path('scim/v2/', include('django_scim.urls')),
 ]
diff --git a/esap/requirements/base.txt b/esap/requirements/base.txt
index a6bd29ce..afbfc6dc 100644
--- a/esap/requirements/base.txt
+++ b/esap/requirements/base.txt
@@ -1,3 +1,6 @@
+::::::::::::::
+requirements/base.txt
+::::::::::::::
 #cython==0.29.14
 #cryptography
 Django==3.1.4
@@ -5,7 +8,6 @@ django-filter==2.3.0
 djangorestframework==3.11.1
 django-cors-headers==3.7.0
 whitenoise==5.0.1
-numpy==1.18.1
 astropy==4.0
 PyYAML==5.4.1
 pyvo==1.0
@@ -14,3 +16,4 @@ django-rest-knox==4.1.0
 mozilla-django-oidc==1.2.4
 panoptes-client==1.2.0
 eossr==0.2
+django-scim2
-- 
GitLab