From f1349608efcf3e6810aba005d61b03f397eb4767 Mon Sep 17 00:00:00 2001
From: Michael Olund <michaelo@openroad.ca>
Date: Fri, 30 Oct 2020 10:44:47 -0700
Subject: [PATCH] DIV-1225 - Refactor Settings Files #1

---
 .env.example                            |  4 +--
 edivorce/apps/core/tests/test_upload.py |  2 +-
 edivorce/apps/core/validators.py        |  2 +-
 edivorce/settings/local.py              |  4 +--
 edivorce/settings/openshift.py          | 41 +++++++++++--------------
 openshift/EFILING-README.md             |  2 +-
 6 files changed, 25 insertions(+), 30 deletions(-)

diff --git a/.env.example b/.env.example
index 6c2fcbd4..3bc33971 100644
--- a/.env.example
+++ b/.env.example
@@ -9,8 +9,8 @@ DATABASE_PORT=
 
 # ClamAV settings
 CLAMAV_ENABLED=True
-CLAMAV_TCP_PORT=3310
-CLAMAV_TCP_ADDR=localhost
+CLAMAV_PORT=3310
+CLAMAV_HOST=localhost
 
 # Redis settings
 REDIS_HOST=localhost
diff --git a/edivorce/apps/core/tests/test_upload.py b/edivorce/apps/core/tests/test_upload.py
index 2c7863f9..30f73af5 100644
--- a/edivorce/apps/core/tests/test_upload.py
+++ b/edivorce/apps/core/tests/test_upload.py
@@ -28,7 +28,7 @@ class UploadScanTests(TestCase):
             self.assertTrue(serializer.is_valid(), serializer.errors)
 
     def test_validation_invalid_network_connection(self):
-        with self.settings(CLAMAV_TCP_PORT=9999):
+        with self.settings(CLAMAV_PORT=9999):
             infected = SimpleUploadedFile('infected.txt', clamd.EICAR)
             serializer = TestUploadSerializer(data={'upload': infected})
 
diff --git a/edivorce/apps/core/validators.py b/edivorce/apps/core/validators.py
index 5302f969..75c830bc 100644
--- a/edivorce/apps/core/validators.py
+++ b/edivorce/apps/core/validators.py
@@ -28,7 +28,7 @@ def file_scan_validation(file):
     file.seek(0)
 
     # we're just going to assume a network connection to clamav here .. no local unix socket support
-    scanner = clamd.ClamdNetworkSocket(settings.CLAMAV_TCP_ADDR, settings.CLAMAV_TCP_PORT)
+    scanner = clamd.ClamdNetworkSocket(settings.CLAMAV_HOST, settings.CLAMAV_PORT)
     try:
         result = scanner.instream(file)
     except:
diff --git a/edivorce/settings/local.py b/edivorce/settings/local.py
index f5522875..c1639d71 100644
--- a/edivorce/settings/local.py
+++ b/edivorce/settings/local.py
@@ -31,8 +31,8 @@ CORS_ORIGIN_ALLOW_ALL = True
 
 # CLAMAV settings
 CLAMAV_ENABLED = env.bool('CLAMAV_ENABLED', True)
-CLAMAV_TCP_PORT = env.int('CLAMAV_TCP_PORT', 3310)
-CLAMAV_TCP_ADDR = env('CLAMAV_TCP_ADDR', 'localhost')
+CLAMAV_PORT = env.int('CLAMAV_PORT', 3310)
+CLAMAV_HOST = env('CLAMAV_HOST', 'localhost')
 
 # Redis settings
 REDIS_HOST = env('REDIS_HOST', 'localhost')
diff --git a/edivorce/settings/openshift.py b/edivorce/settings/openshift.py
index 0bca401a..aa2d6c87 100644
--- a/edivorce/settings/openshift.py
+++ b/edivorce/settings/openshift.py
@@ -1,4 +1,4 @@
-from mozilla_django_oidc import utils
+from mozilla_django_oidc import utils as mozilla_django_oidc_utils
 from .base import *
 
 
@@ -40,10 +40,7 @@ DATABASES = {
 COMPRESS_ENABLED = True
 COMPRESS_OFFLINE = True
 
-# The app will be served out of a subdirectory of justice.gov.bc.ca via reverse-proxy
-# PROD: /divorce
-# TEST: /divorce-test
-# DEV: /divorce-dev
+# The app will be served out of the subdirectory justice.gov.bc.ca/divorce via reverse-proxy
 #
 # See nginx-proxy/conf.d/server.conf for related settings
 #
@@ -55,11 +52,8 @@ PROXY_BASE_URL = os.getenv('PROXY_BASE_URL', 'https://justice.gov.bc.ca')
 if DEPLOYMENT_TYPE in ['dev', 'unittest']:
     DEBUG = True
     # Keycloak OpenID Connect settings
-    OIDC_OP_JWKS_ENDPOINT = 'https://dev.oidc.gov.bc.ca/auth/realms/tz0e228w/protocol/openid-connect/certs'
-    OIDC_OP_AUTHORIZATION_ENDPOINT = 'https://dev.oidc.gov.bc.ca/auth/realms/tz0e228w/protocol/openid-connect/auth'
-    OIDC_OP_TOKEN_ENDPOINT = 'https://dev.oidc.gov.bc.ca/auth/realms/tz0e228w/protocol/openid-connect/token'
-    OIDC_OP_USER_ENDPOINT = 'https://dev.oidc.gov.bc.ca/auth/realms/tz0e228w/protocol/openid-connect/userinfo'
-    KEYCLOAK_LOGOUT = 'https://dev.oidc.gov.bc.ca/auth/realms/tz0e228w/protocol/openid-connect/logout'
+    OIDC_BASE_URL = 'https://dev.oidc.gov.bc.ca'
+    OIDC_REALM = 'tz0e228w'
     OIDC_RP_CLIENT_ID = 'e-divorce-app'
 
 if DEPLOYMENT_TYPE == 'unittest':
@@ -75,26 +69,27 @@ if DEPLOYMENT_TYPE == 'test':
     REGISTER_BCEID_URL = 'https://www.test.bceid.ca/directories/bluepages/details.aspx?serviceID=5521'
     REGISTER_BCSC_URL = 'https://logontest7.gov.bc.ca/clp-cgi/fed/fedLaunch.cgi?partner=fed38&partnerList=fed38&flags=0001:0,7&TARGET=http://test.justice.gov.bc.ca/divorce/oidc/authenticate'
     # Keycloak OpenID Connect settings
-    OIDC_OP_JWKS_ENDPOINT = 'https://test.oidc.gov.bc.ca/auth/realms/tz0e228w/protocol/openid-connect/certs'
-    OIDC_OP_AUTHORIZATION_ENDPOINT = 'https://test.oidc.gov.bc.ca/auth/realms/tz0e228w/protocol/openid-connect/auth'
-    OIDC_OP_TOKEN_ENDPOINT = 'https://test.oidc.gov.bc.ca/auth/realms/tz0e228w/protocol/openid-connect/token'
-    OIDC_OP_USER_ENDPOINT = 'https://test.oidc.gov.bc.ca/auth/realms/tz0e228w/protocol/openid-connect/userinfo'
-    KEYCLOAK_LOGOUT = 'https://test.oidc.gov.bc.ca/auth/realms/tz0e228w/protocol/openid-connect/logout'
+    OIDC_BASE_URL = 'https://test.oidc.gov.bc.ca'
+    OIDC_REALM = 'tz0e228w'
     OIDC_RP_CLIENT_ID = 'e-divorce-app'
 
 if DEPLOYMENT_TYPE == 'prod':
     REGISTER_BCEID_URL = 'https://www.bceid.ca/directories/bluepages/details.aspx?serviceID=5203'
     REGISTER_BCSC_URL = 'https://logon7.gov.bc.ca/clp-cgi/fed/fedLaunch.cgi?partner=fed49&partnerList=fed49&flags=0001:0,8&TARGET=http://justice.gov.bc.ca/divorce/oidc/authenticate'
     # Keycloak OpenID Connect settings
-    OIDC_OP_JWKS_ENDPOINT = 'https://oidc.gov.bc.ca/auth/realms/XXXXXXXX/protocol/openid-connect/certs'
-    OIDC_OP_AUTHORIZATION_ENDPOINT = 'https://oidc.gov.bc.ca/auth/realms/XXXXXXXX/protocol/openid-connect/auth'
-    OIDC_OP_TOKEN_ENDPOINT = 'https://oidc.gov.bc.ca/auth/realms/XXXXXXXX/protocol/openid-connect/token'
-    OIDC_OP_USER_ENDPOINT = 'https://oidc.gov.bc.ca/auth/realms/XXXXXXXX/protocol/openid-connect/userinfo'
-    KEYCLOAK_LOGOUT = 'https://oidc.gov.bc.ca/auth/realms/XXXXXXXX/protocol/openid-connect/logout'
+    OIDC_BASE_URL = 'https://oidc.gov.bc.ca'
+    OIDC_REALM = 'tz0e228w'
     OIDC_RP_CLIENT_ID = 'e-divorce-app'
     # Google Tag Manager (Production)
     GTM_ID = 'GTM-W4Z2SPS'
 
+# Keycloak OpenID Connect settings
+OIDC_OP_JWKS_ENDPOINT = f'{OIDC_BASE_URL}/auth/realms/{OIDC_REALM}/protocol/openid-connect/certs'
+OIDC_OP_AUTHORIZATION_ENDPOINT = f'{OIDC_BASE_URL}/auth/realms/{OIDC_REALM}/protocol/openid-connect/auth'
+OIDC_OP_TOKEN_ENDPOINT = f'{OIDC_BASE_URL}/auth/realms/{OIDC_REALM}protocol/openid-connect/token'
+OIDC_OP_USER_ENDPOINT = f'{OIDC_BASE_URL}/auth/realms/{OIDC_REALM}/protocol/openid-connect/userinfo'
+KEYCLOAK_LOGOUT = f'{OIDC_BASE_URL}/auth/realms/{OIDC_REALM}/protocol/openid-connect/logout'
+
 # Internal Relative Urls
 FORCE_SCRIPT_NAME = PROXY_URL_PREFIX + '/'
 STATIC_URL = PROXY_URL_PREFIX + '/static/'
@@ -114,8 +109,8 @@ SESSION_EXPIRE_AT_BROWSER_CLOSE = True
 
 # CLAMAV settings
 CLAMAV_ENABLED = True
-CLAMAV_TCP_PORT = 3310
-CLAMAV_TCP_ADDR = os.getenv('CLAMAV_TCP_ADDR', 'clamav')
+CLAMAV_PORT = 3310
+CLAMAV_HOST = os.getenv('CLAMAV_HOST', 'clamav')
 
 # Redis settings
 REDIS_HOST = os.getenv('REDIS_HOST', 'redis')
@@ -139,4 +134,4 @@ def monkey_absolutify(request, path):
 
 # monkey-patching mozilla_django_oidc.utils.absolutify so it doesn't
 # return urls prefixed with 'http://edivorce-django:8080' on OpenShift
-utils.absolutify = monkey_absolutify
+mozilla_django_oidc_utils.absolutify = monkey_absolutify
diff --git a/openshift/EFILING-README.md b/openshift/EFILING-README.md
index 97c21554..a34c3c40 100644
--- a/openshift/EFILING-README.md
+++ b/openshift/EFILING-README.md
@@ -22,7 +22,7 @@ Select the "Environment" tab.
 Add 2 new environment variables:
 
 REDIS_HOST=redis
-CLAMAV_TCP_ADDR=clamav
+CLAMAV_HOST=clamav
 
 Click "Add Value from Config Map or Secret"