From 0d065a463470ab15e72a48a876042d6920681086 Mon Sep 17 00:00:00 2001
From: Michael Olund <michaelo@openroad.ca>
Date: Fri, 30 Oct 2020 15:25:41 -0700
Subject: [PATCH] DIV-1225 - Moved openshift settings to config files

---
 .env.example                                  |  4 +-
 edivorce/settings/base.py                     |  2 +-
 edivorce/settings/openshift.py                | 45 +++++++++++++------
 openshift/EFILING-README.md                   |  2 +-
 .../edivorce-django-deploy.yaml               |  6 +--
 5 files changed, 38 insertions(+), 21 deletions(-)

diff --git a/.env.example b/.env.example
index 2dd7ba85..a7a11a40 100644
--- a/.env.example
+++ b/.env.example
@@ -19,10 +19,10 @@ REDIS_DB=
 REDIS_PASSWORD=
 
 # eFiling Hub settings
-EFILING_HUB_TOKEN_BASE_URL=''
+EDIVORCE_KEYCLOAK_BASE_URL=''
 EFILING_HUB_REALM=''
 EFILING_HUB_CLIENT_ID=''
-EFILING_KEYCLOAK_SECRET=''
+EFILING_HUB_KEYCLOAK_SECRET=''
 EFILING_HUB_API_BASE_URL=''
 
 # BCE ID test accounts for localdev
diff --git a/edivorce/settings/base.py b/edivorce/settings/base.py
index 296a1733..d67c16d7 100644
--- a/edivorce/settings/base.py
+++ b/edivorce/settings/base.py
@@ -187,7 +187,7 @@ EFILING_HUB_ENABLED = False
 EFILING_HUB_TOKEN_BASE_URL = env('EFILING_HUB_TOKEN_BASE_URL', '')
 EFILING_HUB_REALM = env('EFILING_HUB_REALM', '')
 EFILING_HUB_CLIENT_ID = env('EFILING_HUB_CLIENT_ID', '')
-EFILING_HUB_KEYCLOAK_SECRET = env('EFILING_KEYCLOAK_SECRET', '')
+EFILING_HUB_KEYCLOAK_SECRET = env('EFILING_HUB_KEYCLOAK_SECRET', '')
 EFILING_HUB_API_BASE_URL = env('EFILING_HUB_API_BASE_URL', '')
 
 EFILING_BCEID = env('EFILING_BCEID', '', subcast=str)
diff --git a/edivorce/settings/openshift.py b/edivorce/settings/openshift.py
index 83fd6d16..f75b86ba 100644
--- a/edivorce/settings/openshift.py
+++ b/edivorce/settings/openshift.py
@@ -52,9 +52,13 @@ PROXY_BASE_URL = os.getenv('PROXY_BASE_URL', 'https://justice.gov.bc.ca')
 if DEPLOYMENT_TYPE in ['dev', 'unittest']:
     DEBUG = True
     # Keycloak OpenID Connect settings
-    OIDC_BASE_URL = 'https://dev.oidc.gov.bc.ca'
-    OIDC_REALM = 'tz0e228w'
-    OIDC_RP_CLIENT_ID = 'e-divorce-app'
+    EDIVORCE_KEYCLOAK_BASE_URL = 'https://dev.oidc.gov.bc.ca'
+    EDIVORCE_KEYCLOAK_REALM = 'tz0e228w'
+    EDIVORCE_KEYCLOAK_CLIENT_ID = 'e-divorce-app'
+    # EFiling Hub Settings
+    EFILING_HUB_KEYCLOAK_CLIENT_ID = 'e-divorce'
+    EFILING_HUB_KEYCLOAK_BASE_URL = 'https://dev.oidc.gov.bc.ca'
+    EFILING_HUB_API_BASE_URL = 'https://fla-nginx-proxy-qzaydf-dev.pathfinder.gov.bc.ca/api'
 
 if DEPLOYMENT_TYPE == 'unittest':
     PROXY_URL_PREFIX = ''
@@ -69,26 +73,39 @@ if DEPLOYMENT_TYPE == 'test':
     REGISTER_BCEID_URL = 'https://www.test.bceid.ca/directories/bluepages/details.aspx?serviceID=5521'
     REGISTER_BCSC_URL = 'https://logontest7.gov.bc.ca/clp-cgi/fed/fedLaunch.cgi?partner=fed38&partnerList=fed38&flags=0001:0,7&TARGET=http://test.justice.gov.bc.ca/divorce/oidc/authenticate'
     # Keycloak OpenID Connect settings
-    OIDC_BASE_URL = 'https://test.oidc.gov.bc.ca'
-    OIDC_REALM = 'tz0e228w'
-    OIDC_RP_CLIENT_ID = 'e-divorce-app'
+    EDIVORCE_KEYCLOAK_BASE_URL = 'https://test.oidc.gov.bc.ca'
+    EDIVORCE_KEYCLOAK_REALM = 'tz0e228w'
+    EDIVORCE_KEYCLOAK_CLIENT_ID = 'e-divorce-app'
+    # EFiling Hub Settings
+    EFILING_HUB_KEYCLOAK_CLIENT_ID = 'e-divorce'
+    EFILING_HUB_KEYCLOAK_BASE_URL = 'https://sso-test.pathfinder.gov.bc.ca'
+    EFILING_HUB_API_BASE_URL = 'https://efiling-api-nginx-proxy-qzaydf-test.pathfinder.gov.bc.ca/api'
 
 if DEPLOYMENT_TYPE == 'prod':
     REGISTER_BCEID_URL = 'https://www.bceid.ca/directories/bluepages/details.aspx?serviceID=5203'
     REGISTER_BCSC_URL = 'https://logon7.gov.bc.ca/clp-cgi/fed/fedLaunch.cgi?partner=fed49&partnerList=fed49&flags=0001:0,8&TARGET=http://justice.gov.bc.ca/divorce/oidc/authenticate'
     # Keycloak OpenID Connect settings
-    OIDC_BASE_URL = 'https://oidc.gov.bc.ca'
-    OIDC_REALM = 'tz0e228w'
-    OIDC_RP_CLIENT_ID = 'e-divorce-app'
+    EDIVORCE_KEYCLOAK_BASE_URL = 'https://oidc.gov.bc.ca'
+    EDIVORCE_KEYCLOAK_REALM = 'tz0e228w'
+    EDIVORCE_KEYCLOAK_CLIENT_ID = 'e-divorce-app'
+    # EFiling Hub Settings
+    EFILING_HUB_KEYCLOAK_CLIENT_ID = 'e-divorce'
+    EFILING_HUB_KEYCLOAK_BASE_URL = 'https://oidc.gov.bc.ca'
+    EFILING_HUB_API_BASE_URL = 'https://to-be-filled-in-later'
+
     # Google Tag Manager (Production)
     GTM_ID = 'GTM-W4Z2SPS'
 
 # Keycloak OpenID Connect settings
-OIDC_OP_JWKS_ENDPOINT = f'{OIDC_BASE_URL}/auth/realms/{OIDC_REALM}/protocol/openid-connect/certs'
-OIDC_OP_AUTHORIZATION_ENDPOINT = f'{OIDC_BASE_URL}/auth/realms/{OIDC_REALM}/protocol/openid-connect/auth'
-OIDC_OP_TOKEN_ENDPOINT = f'{OIDC_BASE_URL}/auth/realms/{OIDC_REALM}/protocol/openid-connect/token'
-OIDC_OP_USER_ENDPOINT = f'{OIDC_BASE_URL}/auth/realms/{OIDC_REALM}/protocol/openid-connect/userinfo'
-KEYCLOAK_LOGOUT = f'{OIDC_BASE_URL}/auth/realms/{OIDC_REALM}/protocol/openid-connect/logout'
+KEYCLOAK_LOGOUT = f'{EDIVORCE_KEYCLOAK_BASE_URL}/auth/realms/{EDIVORCE_KEYCLOAK_REALM}/protocol/openid-connect/logout'
+OIDC_OP_JWKS_ENDPOINT = f'{EDIVORCE_KEYCLOAK_BASE_URL}/auth/realms/{EDIVORCE_KEYCLOAK_REALM}/protocol/openid-connect/certs'
+OIDC_OP_AUTHORIZATION_ENDPOINT = f'{EDIVORCE_KEYCLOAK_BASE_URL}/auth/realms/{EDIVORCE_KEYCLOAK_REALM}/protocol/openid-connect/auth'
+OIDC_OP_TOKEN_ENDPOINT = f'{EDIVORCE_KEYCLOAK_BASE_URL}/auth/realms/{EDIVORCE_KEYCLOAK_REALM}/protocol/openid-connect/token'
+OIDC_OP_USER_ENDPOINT = f'{EDIVORCE_KEYCLOAK_BASE_URL}/auth/realms/{EDIVORCE_KEYCLOAK_REALM}/protocol/openid-connect/userinfo'
+OIDC_RP_CLIENT_ID = EDIVORCE_KEYCLOAK_CLIENT_ID
+
+# EFiling Hub Settings
+EFILING_HUB_KEYCLOAK_REALM = EDIVORCE_KEYCLOAK_REALM
 
 # Internal Relative Urls
 FORCE_SCRIPT_NAME = PROXY_URL_PREFIX + '/'
diff --git a/openshift/EFILING-README.md b/openshift/EFILING-README.md
index b0d4d26a..340dfa2c 100644
--- a/openshift/EFILING-README.md
+++ b/openshift/EFILING-README.md
@@ -40,6 +40,6 @@ Click "Add Value from Config Map or Secret"
 - select key = "edivorce-client-secrets"
 
 Click "Add Value from Config Map or Secret"
-- name = EFILING_KEYCLOAK_SECRET
+- name = EFILING_HUB_KEYCLOAK_SECRET
 - select a resource = "keycloak-secrets"
 - select key = "efiling-client-secrets"
diff --git a/openshift/templates/edivorce-django/edivorce-django-deploy.yaml b/openshift/templates/edivorce-django/edivorce-django-deploy.yaml
index fb65790c..0df87f89 100644
--- a/openshift/templates/edivorce-django/edivorce-django-deploy.yaml
+++ b/openshift/templates/edivorce-django/edivorce-django-deploy.yaml
@@ -113,7 +113,7 @@ objects:
               secretKeyRef:
                 key: edivorce-client-secret
                 name: "keycloak-secrets"
-          - name: EFILING_KEYCLOAK_SECRET
+          - name: EFILING_HUB_KEYCLOAK_SECRET
             valueFrom:
               secretKeyRef:
                 key: efiling-client-secret
@@ -143,7 +143,7 @@ objects:
       app: "${NAME}"
   data:
     edivorce-client-secret: "${EDIVORCE_KEYCLOAK_SECRET}"
-    efiling-client-secret: "${EFILING_KEYCLOAK_SECRET}"
+    efiling-client-secret: "${EFILING_HUB_KEYCLOAK_SECRET}"
   type: Opaque
 - kind: HorizontalPodAutoscaler
   apiVersion: autoscaling/v1
@@ -209,7 +209,7 @@ parameters:
 - name: EDIVORCE_KEYCLOAK_SECRET
   displayName: Keycloak client secret for the e-divorce-app client
   required: true
-- name: EFILING_KEYCLOAK_SECRET
+- name: EFILING_HUB_KEYCLOAK_SECRET
   displayName: Keycloak client secret for the efiling hub
   required: true
 - name: BASICAUTH_USERNAME