Add OIDC_RSA_KEY_FOLDER to settings.
This commit is contained in:
parent
d0d64ace36
commit
fa7d64c04b
2 changed files with 25 additions and 11 deletions
|
@ -21,7 +21,7 @@ def get_rsa_key():
|
||||||
"""
|
"""
|
||||||
Load the rsa key previously created with `creatersakey` command.
|
Load the rsa key previously created with `creatersakey` command.
|
||||||
"""
|
"""
|
||||||
file_path = django_settings.BASE_DIR + '/OIDC_RSA_KEY.pem'
|
file_path = settings.get('OIDC_RSA_KEY_FOLDER') + '/OIDC_RSA_KEY.pem'
|
||||||
with open(file_path, 'r') as f:
|
with open(file_path, 'r') as f:
|
||||||
key = f.read()
|
key = f.read()
|
||||||
|
|
||||||
|
|
|
@ -8,21 +8,22 @@ class DefaultSettings(object):
|
||||||
@property
|
@property
|
||||||
def LOGIN_URL(self):
|
def LOGIN_URL(self):
|
||||||
"""
|
"""
|
||||||
REQUIRED.
|
REQUIRED. Used to log the user in.
|
||||||
"""
|
"""
|
||||||
return None
|
return None
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def SITE_URL(self):
|
def SITE_URL(self):
|
||||||
"""
|
"""
|
||||||
REQUIRED.
|
REQUIRED. The OP server url.
|
||||||
"""
|
"""
|
||||||
return None
|
return None
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def OIDC_AFTER_USERLOGIN_HOOK(self):
|
def OIDC_AFTER_USERLOGIN_HOOK(self):
|
||||||
"""
|
"""
|
||||||
OPTIONAL.
|
OPTIONAL. Provide a way to plug into the process after
|
||||||
|
the user has logged in, typically to perform some business logic.
|
||||||
"""
|
"""
|
||||||
def default_hook_func(request, user, client):
|
def default_hook_func(request, user, client):
|
||||||
return None
|
return None
|
||||||
|
@ -32,52 +33,65 @@ class DefaultSettings(object):
|
||||||
@property
|
@property
|
||||||
def OIDC_CODE_EXPIRE(self):
|
def OIDC_CODE_EXPIRE(self):
|
||||||
"""
|
"""
|
||||||
OPTIONAL.
|
OPTIONAL. Code expiration time expressed in seconds.
|
||||||
"""
|
"""
|
||||||
return 60*10
|
return 60*10
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def OIDC_EXTRA_SCOPE_CLAIMS(self):
|
def OIDC_EXTRA_SCOPE_CLAIMS(self):
|
||||||
"""
|
"""
|
||||||
OPTIONAL.
|
OPTIONAL. A string with the location of your class.
|
||||||
|
Used to add extra scopes specific for your app.
|
||||||
"""
|
"""
|
||||||
return 'oidc_provider.lib.claims.AbstractScopeClaims'
|
return 'oidc_provider.lib.claims.AbstractScopeClaims'
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def OIDC_IDTOKEN_EXPIRE(self):
|
def OIDC_IDTOKEN_EXPIRE(self):
|
||||||
"""
|
"""
|
||||||
OPTIONAL.
|
OPTIONAL. Id token expiration time expressed in seconds.
|
||||||
"""
|
"""
|
||||||
return 60*10
|
return 60*10
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def OIDC_IDTOKEN_SUB_GENERATOR(self):
|
def OIDC_IDTOKEN_SUB_GENERATOR(self):
|
||||||
"""
|
"""
|
||||||
OPTIONAL.
|
OPTIONAL. Subject Identifier. A locally unique and never
|
||||||
|
reassigned identifier within the Issuer for the End-User,
|
||||||
|
which is intended to be consumed by the Client.
|
||||||
"""
|
"""
|
||||||
def default_sub_generator(user):
|
def default_sub_generator(user):
|
||||||
return user.id
|
return user.id
|
||||||
|
|
||||||
return default_sub_generator
|
return default_sub_generator
|
||||||
|
|
||||||
|
@property
|
||||||
|
def OIDC_RSA_KEY_FOLDER(self):
|
||||||
|
"""
|
||||||
|
REQUIRED.
|
||||||
|
"""
|
||||||
|
return None
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def OIDC_SKIP_CONSENT_ENABLE(self):
|
def OIDC_SKIP_CONSENT_ENABLE(self):
|
||||||
"""
|
"""
|
||||||
OPTIONAL.
|
OPTIONAL. If enabled, the Server will save the user consent
|
||||||
|
given to a specific client, so that user won't be prompted for
|
||||||
|
the same authorization multiple times.
|
||||||
"""
|
"""
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def OIDC_SKIP_CONSENT_EXPIRE(self):
|
def OIDC_SKIP_CONSENT_EXPIRE(self):
|
||||||
"""
|
"""
|
||||||
OPTIONAL.
|
OPTIONAL. User consent expiration after been granted.
|
||||||
"""
|
"""
|
||||||
return 30*3
|
return 30*3
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def OIDC_TOKEN_EXPIRE(self):
|
def OIDC_TOKEN_EXPIRE(self):
|
||||||
"""
|
"""
|
||||||
OPTIONAL.
|
OPTIONAL. Token object expiration after been created.
|
||||||
|
Expressed in seconds.
|
||||||
"""
|
"""
|
||||||
return 60*60
|
return 60*60
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue