From d520a98c5b5850ced9a7a6c45b0bd6e9acf9ff36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn=20K=C3=BCnsem=C3=B6ller?=
 <jkuensem@physik.uni-bielefeld.de>
Date: Fri, 28 Jan 2022 14:16:53 +0100
Subject: [PATCH] TMSS-1160: change default config to point to production
 Keycloak

---
 SAS/TMSS/backend/src/tmss/settings.py                | 12 ++++++------
 .../backend/src/tmss/tmssapp/adapters/keycloak.py    |  4 ++--
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/SAS/TMSS/backend/src/tmss/settings.py b/SAS/TMSS/backend/src/tmss/settings.py
index 1a6ce9652b2..1e82d9921df 100644
--- a/SAS/TMSS/backend/src/tmss/settings.py
+++ b/SAS/TMSS/backend/src/tmss/settings.py
@@ -295,12 +295,12 @@ if "OIDC_RP_CLIENT_ID" in os.environ.keys():
     OIDC_RP_CLIENT_ID = os.environ.get('OIDC_RP_CLIENT_ID', 'secret')  # Secret, do not put real credentials on Git
     OIDC_RP_CLIENT_SECRET = os.environ.get('OIDC_RP_CLIENT_SECRET', 'secret')  # Secret, do not put real credentials on Git
     OIDC_RP_SIGN_ALGO = os.environ.get('OIDC_RP_SIGN_ALGO', 'RS256')
-    OIDC_OP_JWKS_ENDPOINT = os.environ.get('OIDC_OP_JWKS_ENDPOINT', 'https://sdc-dev.astron.nl/auth/realms/master/protocol/openid-connect/certs')
+    OIDC_OP_JWKS_ENDPOINT = os.environ.get('OIDC_OP_JWKS_ENDPOINT', 'https://keycloak.astron.nl/auth/realms/SDC/protocol/openid-connect/certs')
 
-    OIDC_ENDPOINT_HOST = os.environ.get('OIDC_ENDPOINT_HOST', 'https://sdc-dev.astron.nl')
-    OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ.get('OIDC_OP_AUTHORIZATION_ENDPOINT', "https://sdc-dev.astron.nl/auth/realms/master/protocol/openid-connect/auth")
-    OIDC_OP_TOKEN_ENDPOINT = os.environ.get('OIDC_OP_TOKEN_ENDPOINT', "https://sdc-dev.astron.nl/auth/realms/master/protocol/openid-connect/token")
-    OIDC_OP_USER_ENDPOINT = os.environ.get('OIDC_OP_USER_ENDPOINT', "https://sdc-dev.astron.nl/auth/realms/master/protocol/openid-connect/userinfo")
+    OIDC_ENDPOINT_HOST = os.environ.get('OIDC_ENDPOINT_HOST', 'https://keycloak.astron.nl')
+    OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ.get('OIDC_OP_AUTHORIZATION_ENDPOINT', "https://keycloak.astron.nl/auth/realms/SDC/protocol/openid-connect/auth")
+    OIDC_OP_TOKEN_ENDPOINT = os.environ.get('OIDC_OP_TOKEN_ENDPOINT', "https://keycloak.astron.nl/auth/realms/SDC/protocol/openid-connect/token")
+    OIDC_OP_USER_ENDPOINT = os.environ.get('OIDC_OP_USER_ENDPOINT', "https://keycloak.astron.nl/auth/realms/SDC/protocol/openid-connect/userinfo")
 
     AUTHENTICATION_BACKENDS += ('lofar.sas.tmss.tmss.authentication_backends.TMSSOIDCAuthenticationBackend',)
     # MIDDLEWARE.append('mozilla_django_oidc.middleware.SessionRefresh')  # this seems to forward us to Keycloak on a request that was submitted after some minutes. Commenting this out for now, can probably be removed if it does not break sth else.
@@ -311,7 +311,7 @@ if len(AUTHENTICATION_BACKENDS) == 1:
 
 LOGIN_REDIRECT_URL = "/"
 LOGIN_REDIRECT_URL_FAILURE = "/"
-LOGOUT_REDIRECT_URL = os.environ.get('TMSS_LOGOUT_REDIRECT_URL', "https://sdc-dev.astron.nl/auth/realms/master/account/#/")  # so the user can log out of OpenID provider too
+LOGOUT_REDIRECT_URL = os.environ.get('TMSS_LOGOUT_REDIRECT_URL', "https://keycloak.astron.nl/auth/realms/SDC/account/#/")  # so the user can log out of OpenID provider too
 LOGOUT_REDIRECT_URL_FAILURE = "/"
 
 # Password validation
diff --git a/SAS/TMSS/backend/src/tmss/tmssapp/adapters/keycloak.py b/SAS/TMSS/backend/src/tmss/tmssapp/adapters/keycloak.py
index 94852a52d58..d36413a4d56 100644
--- a/SAS/TMSS/backend/src/tmss/tmssapp/adapters/keycloak.py
+++ b/SAS/TMSS/backend/src/tmss/tmssapp/adapters/keycloak.py
@@ -8,10 +8,10 @@ from lofar.sas.tmss.tmss.exceptions import TMSSException
 from lofar.sas.tmss.tmss.tmssapp import models
 logger = logging.Logger(__name__)
 
-KEYCLOAK_TOKEN_URL = os.environ.get('KEYCLOAK_TOKEN_URL', 'https://sdc-dev.astron.nl/auth/realms/master/protocol/openid-connect/token')
+KEYCLOAK_TOKEN_URL = os.environ.get('KEYCLOAK_TOKEN_URL', 'https://keycloak.astron.nl/auth/realms/SDC/protocol/openid-connect/token')
 KEYCLOAK_ADMIN_USER = os.environ.get('KEYCLOAK_ADMIN_USER', 'secret')
 KEYCLOAK_ADMIN_PASSWORD = os.environ.get('KEYCLOAK_ADMIN_PASSWORD', 'secret')
-KEYCLOAK_API_BASE_URL = os.environ.get('KEYCLOAK_API_BASE_URL', 'https://sdc-dev.astron.nl/auth/admin/realms/master')
+KEYCLOAK_API_BASE_URL = os.environ.get('KEYCLOAK_API_BASE_URL', 'https://keycloak.astron.nl/auth/admin/realms/SDC')
 
 
 class KeycloakAdminAPISession(requests.Session):
-- 
GitLab