This is an automated email from the ASF dual-hosted git repository. machristie pushed a commit to branch develop in repository https://gitbox.apache.org/repos/asf/airavata.git
commit f8ed00e398c34a95fa8b81301881b62eec54afcc Author: Marcus Christie <[email protected]> AuthorDate: Tue Jul 27 15:04:47 2021 -0400 AIRAVATA-3319 Ansible: add external IDP userinfo config --- .../ansible/inventories/scigap/develop/group_vars/django/vars.yml | 1 + .../ansible/inventories/scigap/develop/host_vars/seagrid/vars.yml | 2 ++ .../inventories/scigap/production/group_vars/django/vars.yml | 1 + .../ansible/inventories/scigap/production/host_vars/delta/vars.yml | 2 ++ .../inventories/scigap/production/host_vars/seagrid/vars.yml | 2 ++ dev-tools/ansible/roles/django/templates/settings_local.py.j2 | 6 ++++++ 6 files changed, 14 insertions(+) diff --git a/dev-tools/ansible/inventories/scigap/develop/group_vars/django/vars.yml b/dev-tools/ansible/inventories/scigap/develop/group_vars/django/vars.yml index 194ace4..614b3e7 100644 --- a/dev-tools/ansible/inventories/scigap/develop/group_vars/django/vars.yml +++ b/dev-tools/ansible/inventories/scigap/develop/group_vars/django/vars.yml @@ -32,3 +32,4 @@ django_hidden_airavata_apps: "['django_airavata_dataparsers']" django_tus_endpoint: "https://tus.dev.scigap.org/files/"; airavata_django_git_branch: "develop" # django_keycloak_ca_certfile_path: 'os.path.join(BASE_DIR, "django_airavata", "resources", "incommon_rsa_server_ca.pem")' +cilogon_userinfo_url: "https://cilogon.org/oauth2/userinfo"; diff --git a/dev-tools/ansible/inventories/scigap/develop/host_vars/seagrid/vars.yml b/dev-tools/ansible/inventories/scigap/develop/host_vars/seagrid/vars.yml index 9b268f7..922710f 100644 --- a/dev-tools/ansible/inventories/scigap/develop/host_vars/seagrid/vars.yml +++ b/dev-tools/ansible/inventories/scigap/develop/host_vars/seagrid/vars.yml @@ -36,6 +36,8 @@ auth_options: external: - name: "CILogon" idp_alias: "oidc" + idp_token_url: "{{ oauth_service_url }}/realms/{{ tenant_domain }}/broker/oidc/token" + userinfo_url: "{{ cilogon_userinfo_url }}" gateway_id: "seagrid" experiment_data_dir: "{{ user_data_dir }}/django-seagrid" diff --git a/dev-tools/ansible/inventories/scigap/production/group_vars/django/vars.yml b/dev-tools/ansible/inventories/scigap/production/group_vars/django/vars.yml index 8f5d4a8..280dab2 100644 --- a/dev-tools/ansible/inventories/scigap/production/group_vars/django/vars.yml +++ b/dev-tools/ansible/inventories/scigap/production/group_vars/django/vars.yml @@ -29,6 +29,7 @@ django_database_name: "django_{{ inventory_hostname }}" django_hidden_airavata_apps: "['django_airavata_dataparsers']" django_tus_endpoint: "https://tus.airavata.org/files/"; # django_keycloak_ca_certfile_path: 'os.path.join(BASE_DIR, "django_airavata", "resources", "incommon_rsa_server_ca.pem")' +cilogon_userinfo_url: "https://cilogon.org/oauth2/userinfo"; # Default email settings portal_email_host: "smtp.gmail.com" diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/delta/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/delta/vars.yml index 1428c26..902b2ee 100644 --- a/dev-tools/ansible/inventories/scigap/production/host_vars/delta/vars.yml +++ b/dev-tools/ansible/inventories/scigap/production/host_vars/delta/vars.yml @@ -48,6 +48,8 @@ auth_options: - name: "existing institution credentials" idp_alias: "cilogon" logo: "images/cilogon-logo-24x24-b.png" + idp_token_url: "{{ oauth_service_url }}/realms/{{ tenant_domain }}/broker/cilogon/token" + userinfo_url: "{{ cilogon_userinfo_url }}" gateway_id: "delta" experiment_data_dir: "{{ user_data_dir }}/delta" diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/seagrid/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/seagrid/vars.yml index 06f75d1..5351ba3 100644 --- a/dev-tools/ansible/inventories/scigap/production/host_vars/seagrid/vars.yml +++ b/dev-tools/ansible/inventories/scigap/production/host_vars/seagrid/vars.yml @@ -42,6 +42,8 @@ auth_options: external: - name: "CILogon" idp_alias: "cilogon" + idp_token_url: "{{ oauth_service_url }}/realms/{{ tenant_domain }}/broker/cilogon/token" + userinfo_url: "{{ cilogon_userinfo_url }}" gateway_id: "seagrid" experiment_data_dir: "{{ user_data_dir }}/seagrid" diff --git a/dev-tools/ansible/roles/django/templates/settings_local.py.j2 b/dev-tools/ansible/roles/django/templates/settings_local.py.j2 index 90e5bda..6113909 100644 --- a/dev-tools/ansible/roles/django/templates/settings_local.py.j2 +++ b/dev-tools/ansible/roles/django/templates/settings_local.py.j2 @@ -104,6 +104,12 @@ AUTHENTICATION_OPTIONS = { {% if external.logo is defined %} 'logo': '{{ external.logo }}', {% endif %} + {% if external.idp_token_url is defined %} + 'idp_token_url': '{{ external.idp_token_url }}', + {% endif %} + {% if external.userinfo_url is defined %} + 'userinfo_url': '{{ external.userinfo_url }}', + {% endif %} }, {% endfor %} ]
