From e054b454aaae8dd789d47ebc27ea432ac7ff35f7 Mon Sep 17 00:00:00 2001 From: Michael Olund Date: Sat, 17 Oct 2020 09:34:45 -0700 Subject: [PATCH] Fixed some issues found in code review --- edivorce/apps/core/authenticators.py | 22 ---------------------- edivorce/apps/core/tests/test_api.py | 2 -- edivorce/settings/base.py | 8 +------- edivorce/settings/local.py | 1 + 4 files changed, 2 insertions(+), 31 deletions(-) delete mode 100644 edivorce/apps/core/authenticators.py diff --git a/edivorce/apps/core/authenticators.py b/edivorce/apps/core/authenticators.py deleted file mode 100644 index 00361cc0..00000000 --- a/edivorce/apps/core/authenticators.py +++ /dev/null @@ -1,22 +0,0 @@ -from rest_framework import authentication - -from edivorce.apps.core.models import BceidUser - - -class BCeIDAuthentication(authentication.BaseAuthentication): - """ - Make the DRF user the BCeID user populated in our middleware, to avoid DRF - overwriting our user for API calls. - - This relies on our middleware entirely for authentication. - """ - - def authenticate(self, request): - try: - request.user = request._user # pylint: disable=protected-access - except: - request.user = request._request.user # pylint: disable=protected-access - return (request.user, None) - - def get_user(self, pk): - return BceidUser.objects.get(pk=pk) \ No newline at end of file diff --git a/edivorce/apps/core/tests/test_api.py b/edivorce/apps/core/tests/test_api.py index e3fdfa13..bddb9951 100644 --- a/edivorce/apps/core/tests/test_api.py +++ b/edivorce/apps/core/tests/test_api.py @@ -307,8 +307,6 @@ class APITest(APITestCase): @mock.patch.object(Redis, 'get', MockRedis.get) @mock.patch.object(Redis, 'delete', MockRedis.delete) @mock.patch.object(Redis, 'exists', MockRedis.exists) -@override_settings(AUTHENTICATION_BACKENDS=('edivorce.apps.core.authenticators.BCeIDAuthentication',)) -@modify_settings(MIDDLEWARE={'remove': 'edivorce.apps.core.middleware.bceid_middleware.BceidMiddleware', }) class GraphQLAPITest(GraphQLTestCase): GRAPHQL_URL = reverse('graphql') diff --git a/edivorce/settings/base.py b/edivorce/settings/base.py index 145d00c0..7e774df5 100644 --- a/edivorce/settings/base.py +++ b/edivorce/settings/base.py @@ -65,7 +65,7 @@ if ENVIRONMENT in ['localdev', 'dev', 'test', 'minishift']: ) MIDDLEWARE = ( - # 'edivorce.apps.core.middleware.basicauth_middleware.BasicAuthMiddleware', + 'edivorce.apps.core.middleware.basicauth_middleware.BasicAuthMiddleware', 'debug_toolbar.middleware.DebugToolbarMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'corsheaders.middleware.CorsMiddleware', @@ -74,7 +74,6 @@ MIDDLEWARE = ( 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', - # 'edivorce.apps.core.middleware.bceid_middleware.BceidMiddleware', 'django.middleware.security.SecurityMiddleware', 'whitenoise.middleware.WhiteNoiseMiddleware', ) @@ -185,10 +184,6 @@ DEBUG_TOOLBAR_CONFIG = { SECURE_BROWSER_XSS_FILTER = True -# LOGOUT_URL = '/accounts/logout/' - -# CLAMAV settings - # eFiling Hub settings EFILING_HUB_TOKEN_BASE_URL = env('EFILING_HUB_TOKEN_BASE_URL', 'https://efiling.gov.bc.ca') EFILING_HUB_REALM = env('EFILING_HUB_REALM', 'abc') @@ -205,5 +200,4 @@ OIDC_RP_SIGN_ALGO = 'RS256' OIDC_RP_SCOPES = 'openid email profile' # this is needed to bypass the Keycloak login screen OIDC_AUTH_REQUEST_EXTRA_PARAMS = {'kc_idp_hint': 'bceid'} -OIDC_RP_CLIENT_ID = env('KEYCLOAK_CLIENT_ID', '') OIDC_RP_CLIENT_SECRET = env('KEYCLOAK_CLIENT_SECRET', '') diff --git a/edivorce/settings/local.py b/edivorce/settings/local.py index 68307e8b..49d64131 100644 --- a/edivorce/settings/local.py +++ b/edivorce/settings/local.py @@ -46,5 +46,6 @@ OIDC_OP_JWKS_ENDPOINT = 'http://localhost:8081/auth/realms/justice/protocol/open OIDC_OP_AUTHORIZATION_ENDPOINT = 'http://localhost:8081/auth/realms/justice/protocol/openid-connect/auth' OIDC_OP_TOKEN_ENDPOINT = 'http://localhost:8081/auth/realms/justice/protocol/openid-connect/token' OIDC_OP_USER_ENDPOINT = 'http://localhost:8081/auth/realms/justice/protocol/openid-connect/userinfo' +OIDC_RP_CLIENT_ID = 'edivorce-app' LOGIN_REDIRECT_URL = '/signin' LOGOUT_REDIRECT_URL = '/'