[maykinmedia/objects-api#480] Setup configuration mozilla django OIDC db

maykinmedia · Dec 13, 2024 · e3f043d · e3f043d
1 parent 6fb512e
commit e3f043d
Show file tree

Hide file tree

Showing 10 changed files with 189 additions and 72 deletions.
diff --git a/bin/setup_configuration.sh b/bin/setup_configuration.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# setup initial configuration using environment variables
+# setup initial configuration using a yaml file
 # Run this script from the root of the repository
 
 set -e

diff --git a/docker/setup_configuration/data.yaml b/docker/setup_configuration/data.yaml
@@ -13,4 +13,18 @@ sites_config_enable: true
 sites_config:
   items:
     - domain: example.com
-      name: example
+      name: example
+
+oidc_db_config_enable: true
+oidc_db_config_admin_auth:
+  items:
+    - identifier: admin-oidc
+      oidc_rp_client_id: client-id
+      oidc_rp_client_secret: secret
+      endpoint_config:
+        oidc_op_authorization_endpoint: https://example.com/realms/test/protocol/openid-connect/auth
+        oidc_op_token_endpoint: https://example.com/realms/test/protocol/openid-connect/token
+        oidc_op_user_endpoint: https://example.com/realms/test/protocol/openid-connect/userinfo
+
+      # workaround for https://github.com/maykinmedia/django-setup-configuration/issues/27
+      userinfo_claims_source: id_token
diff --git a/requirements/base.in b/requirements/base.in
@@ -8,6 +8,7 @@ furl
 django-jsonsuit
 sharing-configs
 django-setup-configuration>=0.4.0
+mozilla-django-oidc-db[django-setup-configuration]
 
 # API libraries
 drf-nested-routers
diff --git a/requirements/base.txt b/requirements/base.txt
@@ -244,8 +244,10 @@ maykin-2fa==1.0.1
     # via open-api-framework
 mozilla-django-oidc==4.0.0
     # via mozilla-django-oidc-db
-mozilla-django-oidc-db==0.19.0
-    # via open-api-framework
+mozilla-django-oidc-db[django-setup-configuration]==0.21.1
+    # via
+    #   -r requirements/base.in
+    #   open-api-framework
 notifications-api-common==0.3.1
     # via commonground-api-common
 open-api-framework==0.9.0
@@ -266,11 +268,11 @@ psycopg2==2.9.9
     # via open-api-framework
 pycparser==2.21
     # via cffi
-pydantic==2.9.2
+pydantic==2.10.3
     # via
     #   django-setup-configuration
     #   pydantic-settings
-pydantic-core==2.23.4
+pydantic-core==2.27.1
     # via pydantic
 pydantic-settings[yaml]==2.6.1
     # via django-setup-configuration
@@ -338,7 +340,7 @@ sqlparse==0.5.0
     # via django
 tornado==6.4.1
     # via flower
-typing-extensions==4.11.0
+typing-extensions==4.12.2
     # via
     #   mozilla-django-oidc-db
     #   pydantic

diff --git a/requirements/ci.txt b/requirements/ci.txt
@@ -33,13 +33,13 @@ attrs==23.1.0
     #   -r requirements/base.txt
     #   glom
     #   jsonschema
-beautifulsoup4==4.12.2
+beautifulsoup4==4.12.3
     # via webtest
 billiard==4.2.0
     # via
     #   -r requirements/base.txt
     #   celery
-black==24.8.0
+black==24.10.0
     # via -r requirements/test-tools.in
 bleach==6.1.0
     # via
@@ -108,7 +108,7 @@ coreschema==0.0.4
     # via
     #   -r requirements/base.txt
     #   coreapi
-coverage==4.5.4
+coverage==7.6.9
     # via
     #   -r requirements/ci.in
     #   codecov
@@ -263,7 +263,7 @@ django-two-factor-auth[phonenumberslite,webauthn]==1.16.0
     # via
     #   -r requirements/base.txt
     #   maykin-2fa
-django-webtest==1.9.10
+django-webtest==1.9.12
     # via -r requirements/test-tools.in
 djangorestframework==3.15.2
     # via
@@ -317,17 +317,17 @@ face==20.1.1
     # via
     #   -r requirements/base.txt
     #   glom
-factory-boy==3.2.1
+factory-boy==3.3.1
     # via -r requirements/test-tools.in
-faker==18.9.0
+faker==33.1.0
     # via factory-boy
 flake8==7.1.1
     # via -r requirements/test-tools.in
 flower==2.0.1
     # via
     #   -r requirements/base.txt
     #   open-api-framework
-freezegun==1.2.2
+freezegun==1.5.1
     # via -r requirements/test-tools.in
 furl==2.1.3
     # via
@@ -381,7 +381,7 @@ kombu==5.3.5
     # via
     #   -r requirements/base.txt
     #   celery
-lxml==4.9.2
+lxml==5.3.0
     # via pyquery
 markupsafe==2.1.2
     # via
@@ -397,11 +397,11 @@ mozilla-django-oidc==4.0.0
     # via
     #   -r requirements/base.txt
     #   mozilla-django-oidc-db
-mozilla-django-oidc-db==0.19.0
+mozilla-django-oidc-db[django-setup-configuration]==0.21.1
     # via
     #   -r requirements/base.txt
     #   open-api-framework
-multidict==6.0.5
+multidict==6.1.0
     # via yarl
 mypy-extensions==1.0.0
     # via black
@@ -440,6 +440,8 @@ prompt-toolkit==3.0.38
     # via
     #   -r requirements/base.txt
     #   click-repl
+propcache==0.2.1
+    # via yarl
 psycopg2==2.9.9
     # via
     #   -r requirements/base.txt
@@ -450,12 +452,12 @@ pycparser==2.21
     # via
     #   -r requirements/base.txt
     #   cffi
-pydantic==2.9.2
+pydantic==2.10.3
     # via
     #   -r requirements/base.txt
     #   django-setup-configuration
     #   pydantic-settings
-pydantic-core==2.23.4
+pydantic-core==2.27.1
     # via
     #   -r requirements/base.txt
     #   pydantic
@@ -475,7 +477,7 @@ pyopenssl==24.0.0
     #   -r requirements/base.txt
     #   josepy
     #   webauthn
-pyquery==2.0.0
+pyquery==2.0.1
     # via -r requirements/test-tools.in
 pyrsistent==0.19.3
     # via
@@ -552,21 +554,22 @@ six==1.16.0
     #   orderedmultidict
     #   python-dateutil
     #   qrcode
-soupsieve==2.4.1
+soupsieve==2.6
     # via beautifulsoup4
 sqlparse==0.5.0
     # via
     #   -r requirements/base.txt
     #   django
-tblib==1.7.0
+tblib==3.0.0
     # via -r requirements/test-tools.in
 tornado==6.4.1
     # via
     #   -r requirements/base.txt
     #   flower
-typing-extensions==4.11.0
+typing-extensions==4.12.2
     # via
     #   -r requirements/base.txt
+    #   faker
     #   mozilla-django-oidc-db
     #   pydantic
     #   pydantic-core
@@ -587,19 +590,20 @@ urllib3==2.2.2
     #   elastic-apm
     #   requests
     #   sentry-sdk
+    #   vcrpy
 uwsgi==2.0.24
     # via
     #   -r requirements/base.txt
     #   open-api-framework
-vcrpy==6.0.1
+vcrpy==6.0.2
     # via -r requirements/test-tools.in
 vine==5.1.0
     # via
     #   -r requirements/base.txt
     #   amqp
     #   celery
     #   kombu
-waitress==2.1.2
+waitress==3.0.2
     # via webtest
 wcwidth==0.2.6
     # via
@@ -613,16 +617,16 @@ webencodings==0.5.1
     # via
     #   -r requirements/base.txt
     #   bleach
-webob==1.8.8
+webob==1.8.9
     # via webtest
-webtest==3.0.0
+webtest==3.0.2
     # via django-webtest
 wrapt==1.14.1
     # via
     #   -r requirements/base.txt
     #   elastic-apm
     #   vcrpy
-yarl==1.9.4
+yarl==1.18.3
     # via vcrpy
 zgw-consumers==0.35.1
     # via