From cb0b3cc6c79c649ec0f076848ed52dbe5a212ae9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Palma?= Date: Thu, 2 Jan 2025 18:42:00 +0000 Subject: [PATCH] fix: prod oidc callback invalid url --- django/tts_be/settings.py | 4 ++-- django/university/routes/auth/Csrf.py | 2 -- django/university/urls.py | 1 + django/university/views.py | 2 -- nginx/nginx.conf | 11 ----------- 5 files changed, 3 insertions(+), 17 deletions(-) diff --git a/django/tts_be/settings.py b/django/tts_be/settings.py index 7106140..36d160d 100644 --- a/django/tts_be/settings.py +++ b/django/tts_be/settings.py @@ -109,13 +109,13 @@ OIDC_RP_CLIENT_SECRET = os.environ['OIDC_RP_CLIENT_SECRET'] OIDC_RP_SIGN_ALGO = "RS256" -OIDC_STORE_ID_TOKEN = True -OIDC_STORE_ACCESS_TOKEN = True +OIDC_AUTHENTICATION_CALLBACK_URL = "api_oidc_authentication_callback" OIDC_OP_AUTHORIZATION_ENDPOINT = "https://open-id.up.pt/realms/sigarra/protocol/openid-connect/auth" OIDC_OP_TOKEN_ENDPOINT = "https://open-id.up.pt/realms/sigarra/protocol/openid-connect/token" OIDC_OP_USER_ENDPOINT = "https://open-id.up.pt/realms/sigarra/protocol/openid-connect/userinfo" OIDC_OP_JWKS_ENDPOINT = "https://open-id.up.pt/realms/sigarra/protocol/openid-connect/certs" + OIDC_OP_LOGOUT_ENDPOINT = "https://open-id.up.pt/realms/sigarra/protocol/openid-connect/logout" OIDC_RP_SCOPES = "openid email profile uporto_data" diff --git a/django/university/routes/auth/Csrf.py b/django/university/routes/auth/Csrf.py index 21cac89..a4eea43 100644 --- a/django/university/routes/auth/Csrf.py +++ b/django/university/routes/auth/Csrf.py @@ -6,8 +6,6 @@ class Csrf(View): def get(self, request): response = HttpResponse() - print("csrf request cookies is: ", request.COOKIES) - if("csrftoken" not in request.COOKIES): cookies = request.COOKIES response.COOKIES = cookies diff --git a/django/university/urls.py b/django/university/urls.py index bf9c644..196e800 100644 --- a/django/university/urls.py +++ b/django/university/urls.py @@ -44,4 +44,5 @@ path('professors//', views.professor), path('course_unit/hash', views.get_course_unit_hashes), path('oidc-auth/', include('mozilla_django_oidc.urls')), + path('api/oidc-auth/callback/', oidc_views.OIDCAuthenticationCallbackView.as_view(), name="api_oidc_authentication_callback") ] diff --git a/django/university/views.py b/django/university/views.py index a524b99..9809009 100644 --- a/django/university/views.py +++ b/django/university/views.py @@ -83,8 +83,6 @@ def course_units(request, course_id, year, semester): return JsonResponse(json_data, safe=False) - - """ Returns the classes of a course unit. """ diff --git a/nginx/nginx.conf b/nginx/nginx.conf index 540485e..dbbea75 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -12,17 +12,6 @@ http { ssl_certificate_key /etc/nginx/certs/server.key; server_name tts-dev.niaefeup.pt; - location /oidc-auth/ { - rewrite ^/oidc-auth/(.*)$ /api/oidc-auth/$1 last; - - proxy_pass http://tts_django:8000/; - - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - location /api/ { rewrite ^/api/(.*)$ /$1 break;