Skip to content

Commit

Permalink
Load RSA key from environment variables, stored in vault (#3117)
Browse files Browse the repository at this point in the history 
* Load RSA key from environment variables, stored in vault
  • Loading branch information
@henrikskog
henrikskog authored Jan 23, 2024
1 parent d8c27f0 commit cd4aa17
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 7 deletions.
8 changes: 1 addition & 7 deletions onlineweb4/settings/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,22 +67,16 @@
}

# SSO / OAuth2 settings

OIDC_RSA_PRIVATE_KEY = "" # Default case
if os.path.isfile("oidc.key"):
with open("oidc.key", "r") as f:
OIDC_RSA_PRIVATE_KEY = f.read()

OAUTH2_PROVIDER_APPLICATION_MODEL = "sso.Client"
OAUTH2_PROVIDER = {
"OAUTH2_VALIDATOR_CLASS": "apps.sso.validator.Validator",
"OIDC_ENABLED": True,
"PKCE": True,
"OIDC_RSA_PRIVATE_KEY": OIDC_RSA_PRIVATE_KEY,
"SCOPES": OAUTH2_SCOPES,
"ACCESS_TOKEN_EXPIRE_SECONDS": 3600,
"AUTHORIZATION_CODE_EXPIRE_SECONDS": 60,
"REFRESH_TOKEN_EXPIRE_SECONDS": 43200,
"OIDC_RSA_PRIVATE_KEY": config("OW4_OIDC_RSA_PRIVATE_KEY", default=""),
}


Expand Down
5 changes: 5 additions & 0 deletions onlineweb4/settings/zappa.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@

from decouple import config

from .base import OAUTH2_PROVIDER

DEBUG = False
TEMPLATE_DEBUG = False

Expand All @@ -26,8 +28,11 @@
},
}

OAUTH2_PROVIDER["OIDC_RSA_PRIVATE_KEY"] = env["OIDC_RSA_PRIVATE_KEY"]

SECRET_KEY = env["SECRET_KEY"]


DATAPORTEN = {
"STUDY": {
"TESTING": config("OW4_DP_STUDY_TESTING", cast=bool, default=True),
Expand Down

0 comments on commit cd4aa17

Please sign in to comment.