diff options
| -rw-r--r-- | README.md | 12 | ||||
| -rw-r--r-- | gn_auth/wsgi.py | 1 |
2 files changed, 9 insertions, 4 deletions
@@ -210,13 +210,17 @@ custom local_settings. At minimum it can contain: ```python # contents for local_settings saved at /absolute/path/to/local_settings_file.conf -SECRET_KEY = "qQIrgiK29kXZU6v8D09y4uw_sk8I4cqgNZniYUrRoUk" SQL_URI = "mysql://user:password@localhost/db_name" # mysql uri AUTH_DB = "/absolute/path/to/auth.db/" # path to sqlite db file +# path to file containings SECRETS key. +# Note: this path is also used to determine the jwks location +GN_AUTH_SECRETS = "/home/rookie/gn_data/gn2_files/secrets.conf" +``` + +Here's an example `secrets.conf` file: -# OpenSSL keys -CLIENTS_SSL_PUBLIC_KEYS_DIR = "/path/to/gn-auth/repo/tests/unit/test-public-keys-dir" # clients' public keys' directory -SSL_PRIVATE_KEY = "/path/to/gn-auth/repo/tests/unit/test-ssl-private-key.pem" # authorisation server primary key +```python +SECRET_KEY = "qQIrgiK29kXZU6v8D09y4uw_sk8I4cqgNZniYUrRoUk" ``` and you set up the oauth clients using: diff --git a/gn_auth/wsgi.py b/gn_auth/wsgi.py index c91c564..bb8abd2 100644 --- a/gn_auth/wsgi.py +++ b/gn_auth/wsgi.py @@ -130,6 +130,7 @@ def init_dev_clients(client_uri): "default_redirect_uri": f"{client_uri}/oauth2/code", "redirect_uris": [f"{client_uri}/oauth2/code", f"{client_uri}/oauth2/token"], + "public-jwks-uri": f"{client_uri}/oauth2/public-jwks", "response_type": ["code", "token"], "scope": ["profile", "group", "role", "resource", "register-client", "user", "masquerade", "migrate-data", "introspect"] |