Merge pull request #130 from maykinmedia/issue/129-move-endpoints-to-…

…endpoints-config

 🐛 [#129] Move all endpoints to endpoints_config in setup config model

mozilla_django_oidc_db/setup_configuration/models.py

@@ -1,4 +1,4 @@
-from typing import Union
+from typing import Literal, Union
 
 from django_setup_configuration.fields import DjangoModelRef
 from django_setup_configuration.models import ConfigurationModel
@@ -18,6 +18,12 @@ class OIDCFullEndpointConfig(ConfigurationModel):
     oidc_op_user_endpoint: AnyUrl = DjangoModelRef(
         OpenIDConnectConfig, "oidc_op_user_endpoint"
     )
+    oidc_op_logout_endpoint: AnyUrl | Literal[""] = DjangoModelRef(
+        OpenIDConnectConfig, "oidc_op_logout_endpoint"
+    )
+    oidc_op_jwks_endpoint: AnyUrl | Literal[""] = DjangoModelRef(
+        OpenIDConnectConfig, "oidc_op_jwks_endpoint"
+    )
 
 
 class OIDCDiscoveryEndpoint(ConfigurationModel):
@@ -80,8 +86,6 @@ class Meta:
                 "oidc_token_use_basic_auth",
                 "oidc_rp_sign_algo",
                 "oidc_rp_idp_sign_key",
-                "oidc_op_logout_endpoint",
-                "oidc_op_jwks_endpoint",
                 "oidc_use_nonce",
                 "oidc_nonce_size",
                 "oidc_state_size",

mozilla_django_oidc_db/setup_configuration/steps.py

@@ -34,10 +34,8 @@ def execute(self, model: AdminOIDCConfigurationModel) -> None:
             "oidc_rp_client_secret": config_model.oidc_rp_client_secret,
             "oidc_rp_sign_algo": config_model.oidc_rp_sign_algo,
             "oidc_rp_scopes_list": config_model.oidc_rp_scopes_list,
-            "oidc_op_jwks_endpoint": config_model.oidc_op_jwks_endpoint,
             "oidc_token_use_basic_auth": config_model.oidc_token_use_basic_auth,
             "oidc_rp_idp_sign_key": config_model.oidc_rp_idp_sign_key,
-            "oidc_op_logout_endpoint": config_model.oidc_op_logout_endpoint,
             "oidc_use_nonce": config_model.oidc_use_nonce,
             "oidc_nonce_size": config_model.oidc_nonce_size,
             "oidc_state_size": config_model.oidc_state_size,
@@ -66,6 +64,8 @@ def execute(self, model: AdminOIDCConfigurationModel) -> None:
                 oidc_op_authorization_endpoint=config_model.endpoint_config.oidc_op_authorization_endpoint,
                 oidc_op_token_endpoint=config_model.endpoint_config.oidc_op_token_endpoint,
                 oidc_op_user_endpoint=config_model.endpoint_config.oidc_op_user_endpoint,
+                oidc_op_logout_endpoint=config_model.endpoint_config.oidc_op_logout_endpoint,
+                oidc_op_jwks_endpoint=config_model.endpoint_config.oidc_op_jwks_endpoint,
             )
 
         form = OpenIDConnectConfigForm(

tests/setupconfig/files/full_setup.yml

@@ -12,11 +12,13 @@ oidc_db_config_admin_auth:
     - extra_scope
     oidc_rp_sign_algo: RS256
     oidc_rp_idp_sign_key: key
-    oidc_op_jwks_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/certs
     endpoint_config:
         oidc_op_authorization_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/auth
         oidc_op_token_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/token
         oidc_op_user_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/userinfo
+        oidc_op_jwks_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/certs
+        oidc_op_logout_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/logout
+    oidc_token_use_basic_auth: True
     username_claim:
     - claim_name
     groups_claim:
@@ -35,5 +37,6 @@ oidc_db_config_admin_auth:
     oidc_use_nonce: false
     oidc_nonce_size: 48
     oidc_state_size: 48
+    oidc_keycloak_idp_hint: foo
     userinfo_claims_source: id_token