diff options
author | John Nduli | 2024-08-12 12:15:26 +0300 |
---|---|---|
committer | Munyoki Kilyungi | 2024-08-14 10:51:43 +0300 |
commit | 665a1edef6f90d60899fe185b7d978423b554761 (patch) | |
tree | 0be04cd639243369530f7a2d3bbb8d366f62a469 | |
parent | 12edc160df0ead9ac1ae4e62a44d49582e063021 (diff) | |
download | gn-auth-665a1edef6f90d60899fe185b7d978423b554761.tar.gz |
docs: update documentation to reflect new secrets handling
-rw-r--r-- | README.md | 12 | ||||
-rw-r--r-- | gn_auth/wsgi.py | 1 |
2 files changed, 9 insertions, 4 deletions
@@ -210,13 +210,17 @@ custom local_settings. At minimum it can contain: ```python # contents for local_settings saved at /absolute/path/to/local_settings_file.conf -SECRET_KEY = "qQIrgiK29kXZU6v8D09y4uw_sk8I4cqgNZniYUrRoUk" SQL_URI = "mysql://user:password@localhost/db_name" # mysql uri AUTH_DB = "/absolute/path/to/auth.db/" # path to sqlite db file +# path to file containings SECRETS key. +# Note: this path is also used to determine the jwks location +GN_AUTH_SECRETS = "/home/rookie/gn_data/gn2_files/secrets.conf" +``` + +Here's an example `secrets.conf` file: -# OpenSSL keys -CLIENTS_SSL_PUBLIC_KEYS_DIR = "/path/to/gn-auth/repo/tests/unit/test-public-keys-dir" # clients' public keys' directory -SSL_PRIVATE_KEY = "/path/to/gn-auth/repo/tests/unit/test-ssl-private-key.pem" # authorisation server primary key +```python +SECRET_KEY = "qQIrgiK29kXZU6v8D09y4uw_sk8I4cqgNZniYUrRoUk" ``` and you set up the oauth clients using: diff --git a/gn_auth/wsgi.py b/gn_auth/wsgi.py index c91c564..bb8abd2 100644 --- a/gn_auth/wsgi.py +++ b/gn_auth/wsgi.py @@ -130,6 +130,7 @@ def init_dev_clients(client_uri): "default_redirect_uri": f"{client_uri}/oauth2/code", "redirect_uris": [f"{client_uri}/oauth2/code", f"{client_uri}/oauth2/token"], + "public-jwks-uri": f"{client_uri}/oauth2/public-jwks", "response_type": ["code", "token"], "scope": ["profile", "group", "role", "resource", "register-client", "user", "masquerade", "migrate-data", "introspect"] |