TMSS-2813: update default Keycloak endpoint urls

7e533941 · Jörn Künsemöller · 37533507 · 7e533941
Commit 7e533941 authored 1 year ago by Jörn Künsemöller
--- a/SAS/TMSS/backend/src/tmss/settings.py
+++ b/SAS/TMSS/backend/src/tmss/settings.py
@@ -300,12 +300,12 @@ if "OIDC_RP_CLIENT_ID" in os.environ.keys():
    OIDC_RP_CLIENT_ID = os.environ.get('OIDC_RP_CLIENT_ID', 'secret')  # Secret, do not put real credentials on Git
    OIDC_RP_CLIENT_SECRET = os.environ.get('OIDC_RP_CLIENT_SECRET', 'secret')  # Secret, do not put real credentials on Git
    OIDC_RP_SIGN_ALGO = os.environ.get('OIDC_RP_SIGN_ALGO', 'RS256')
-    OIDC_OP_JWKS_ENDPOINT = os.environ.get('OIDC_OP_JWKS_ENDPOINT', 'https://keycloak.astron.nl/auth/realms/SDC/protocol/openid-connect/certs')
+    OIDC_OP_JWKS_ENDPOINT = os.environ.get('OIDC_OP_JWKS_ENDPOINT', 'https://keycloak-sdc.astron.nl/realms/TMSS/protocol/openid-connect/certs')
-    OIDC_ENDPOINT_HOST = os.environ.get('OIDC_ENDPOINT_HOST', 'https://keycloak.astron.nl')
+    OIDC_ENDPOINT_HOST = os.environ.get('OIDC_ENDPOINT_HOST', 'https://keycloak-sdc.astron.nl')
-    OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ.get('OIDC_OP_AUTHORIZATION_ENDPOINT', "https://keycloak.astron.nl/auth/realms/SDC/protocol/openid-connect/auth")
+    OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ.get('OIDC_OP_AUTHORIZATION_ENDPOINT', "https://keycloak-sdc.astron.nl/realms/TMSS/protocol/openid-connect/auth")
-    OIDC_OP_TOKEN_ENDPOINT = os.environ.get('OIDC_OP_TOKEN_ENDPOINT', "https://keycloak.astron.nl/auth/realms/SDC/protocol/openid-connect/token")
+    OIDC_OP_TOKEN_ENDPOINT = os.environ.get('OIDC_OP_TOKEN_ENDPOINT', "https://keycloak-sdc.astron.nl/realms/TMSS/protocol/openid-connect/token")
-    OIDC_OP_USER_ENDPOINT = os.environ.get('OIDC_OP_USER_ENDPOINT', "https://keycloak.astron.nl/auth/realms/SDC/protocol/openid-connect/userinfo")
+    OIDC_OP_USER_ENDPOINT = os.environ.get('OIDC_OP_USER_ENDPOINT', "https://keycloak-sdc.astron.nl/realms/TMSS/protocol/openid-connect/userinfo")
    AUTHENTICATION_BACKENDS += ('lofar.sas.tmss.tmss.authentication_backends.TMSSOIDCAuthenticationBackend',)
    # MIDDLEWARE.append('mozilla_django_oidc.middleware.SessionRefresh')  # this seems to forward us to Keycloak on a request that was submitted after some minutes. Commenting this out for now, can probably be removed if it does not break sth else.
@@ -316,7 +316,7 @@ if len(AUTHENTICATION_BACKENDS) == 1:
 LOGIN_REDIRECT_URL = "/"
 LOGIN_REDIRECT_URL_FAILURE = "/"
-LOGOUT_REDIRECT_URL = os.environ.get('TMSS_LOGOUT_REDIRECT_URL', "https://keycloak.astron.nl/auth/realms/SDC/account/#/")  # so the user can log out of OpenID provider too
+LOGOUT_REDIRECT_URL = os.environ.get('TMSS_LOGOUT_REDIRECT_URL', "https://keycloak-sdc.astron.nl/realms/TMSS/account/#/")  # so the user can log out of OpenID provider too
 LOGOUT_REDIRECT_URL_FAILURE = "/"
 # Password validation