Commit 75371692 authored by BAIRE Anthony's avatar BAIRE Anthony

rename the token-related env var as ALLGO_TOKEN_XXXXXX

and define them in config.env with a default value
parent c2ee1851
...@@ -7,14 +7,16 @@ import subprocess ...@@ -7,14 +7,16 @@ import subprocess
from Crypto.PublicKey import RSA from Crypto.PublicKey import RSA
from jose import jwt from jose import jwt
SIGNING_KEY_PATH = os.environ.get('SIGNING_KEY_PATH') import config
SIGNING_KEY_TYPE = os.environ.get('SIGNING_KEY_TYPE')
SIGNING_KEY_ALG = os.environ.get('SIGNING_KEY_ALG') SIGNING_KEY_PATH = config.env.ALLGO_TOKEN_SIGNING_KEY_PATH
SIGNING_KEY_TYPE = config.env.ALLGO_TOKEN_SIGNING_KEY_TYPE
SIGNING_KEY_ALG = config.env.ALLGO_TOKEN_SIGNING_KEY_ALG
SIGNING_KEY = open(SIGNING_KEY_PATH).read() SIGNING_KEY = open(SIGNING_KEY_PATH).read()
ISSUER = os.environ.get('ISSUER') ISSUER = config.env.ALLGO_TOKEN_ISSUER
TOKEN_EXPIRATION = os.environ.get('TOKEN_EXPIRATION') TOKEN_EXPIRATION = config.env.ALLGO_TOKEN_EXPIRATION
TOKEN_TYPE = os.environ.get('TOKEN_TYPE') TOKEN_TYPE = config.env.ALLGO_TOKEN_TYPE
def run_command(command): def run_command(command):
......
...@@ -95,3 +95,36 @@ with env_loader.EnvironmentVarLoader(__name__, "ALLGO_", ...@@ -95,3 +95,36 @@ with env_loader.EnvironmentVarLoader(__name__, "ALLGO_",
default="4567", default="4567",
help="TCP port of the allgo controller (for the notifications)") help="TCP port of the allgo controller (for the notifications)")
#
# allgo authentication tokens
#
# TODO: decide a default location in the container
env_var("ALLGO_TOKEN_SIGNING_KEY_PATH",
default="/certs/server.key",
help="path of the secret key (PEM file) for signing authentication tokens")
env_var("ALLGO_TOKEN_SIGNING_KEY_TYPE", fixed=True,
default="RSA",
help="""type of the secret key for signing authentication tokens
For the moment, only 'RSA' is supported.
""")
env_var("ALLGO_TOKEN_SIGNING_KEY_ALG",
default="RS256",
help='RFC 7515 "alg" parameter (signature algorithm)')
env_var("ALLGO_TOKEN_ISSUER",
default="allgo_oauth",
help='RFC 7519 "iss" parameter (identifies the principal that issuset the token)')
env_var("ALLGO_TOKEN_EXPIRATION",
default="3600",
help='RFC 7519 "exp" parameter (lifetime of authentication tokens in seconds')
env_var("ALLGO_TOKEN_TYPE", fixed=True,
default="JWT",
help='RFC 7519 "typ" parameter (token type)')
...@@ -38,12 +38,7 @@ services: ...@@ -38,12 +38,7 @@ services:
ALLGO_DEBUG: "True" ALLGO_DEBUG: "True"
ALLGO_EMAIL_BACKEND: "django.core.mail.backends.console.EmailBackend" ALLGO_EMAIL_BACKEND: "django.core.mail.backends.console.EmailBackend"
ALLGO_SECRET_KEY: "nFgLEiedSJfYKyJA6WjkiGs8c23vokcVoM4DDLi9GsCX36TdsR" ALLGO_SECRET_KEY: "nFgLEiedSJfYKyJA6WjkiGs8c23vokcVoM4DDLi9GsCX36TdsR"
SIGNING_KEY_PATH: "/certs/server.key" ALLGO_TOKEN_SIGNING_KEY_PATH: "/certs/server.key"
SIGNING_KEY_TYPE: "RSA"
SIGNING_KEY_ALG: "RS256"
ISSUER: "allgo_oauth"
TOKEN_EXPIRATION: "3600"
TOKEN_TYPE: "JWT"
# REGISTRY # REGISTRY
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment