aboutsummaryrefslogtreecommitdiff
path: root/gn_auth/__init__.py
AgeCommit message (Collapse)Author
2024-11-04Move logging setup functions to gn_auth.__init__.py moduleFrederick Muriuki Muriithi
To ensure that logging will always be setup correctly, move the functions into the __init__.py module and call it within the create_app(..) function as before.
2024-10-09Update Configs: Change `OAUTH2_SCOPE` => `OAUTH2_SCOPES_SUPPORTED`Frederick Muriuki Muriithi
Use the OAUTH2_SCOPES_SUPPORTED application configuration variable, that is used by the flask integration for the Authlib library to set up the supported scopes.
2024-09-25feat: add base implementation for hooks systemJohn Nduli
2024-07-31Remove the `CLIENTS_SSL_PUBLIC_KEYS_DIR` configurationFrederick Muriuki Muriithi
Moving forward, each client will advertise it's current JWKs at a known endpoint, and we'll use those, rather than having a configuration that requires manual update of the certificates. This will make it easier to implement key rotation on the clients too.
2024-07-31Remove obsoleted SSL_PRIVATE_KEY configurationFrederick Muriuki Muriithi
With the key rotation in place, eliminate the use of the SSL_PRIVATE_KEY configuration which pointed to a specific non-changing JWK.
2024-04-25Make `CLIENTS_SSL_PUBLIC_KEYS_DIR` explicitly a config setting.Frederick Muriuki Muriithi
2024-04-24Setup logging: Use gunicorn's loggers where appropriateFrederick Muriuki Muriithi
If the application is run under GUnicorn, then use the gunicorn loggers otherwise, use some default development loggers. This can be extended to support other WSGI servers down the line if ever necessary.
2024-04-23pylint: Fix linting errors.Frederick Muriuki Muriithi
2024-04-23Rename function and do minor bug-fixes.Frederick Muriuki Muriithi
2024-04-23Make UPLOADS_DIR mandatory rather than CLIENTS_SSL_PUBLIC_KEYS_DIRFrederick Muriuki Muriithi
2024-04-23Make the keys storage dir depend on the more generic uploads directoryFrederick Muriuki Muriithi
2024-04-22Separate clients' keys from authorisation server's keyFrederick Muriuki Muriithi
The authorisation server uses its key to sign any token it generates. It uses the clients' public keys to validate any assertions it receives from a client using the client's public key.
2024-04-18Add the `SSL_KEY_PAIR_*` configurationsFrederick Muriuki Muriithi
Add paths to the SSL key-pair used for signing and verifying the JWTs.
2024-03-01Put `GN_AUTH_SECRETS` config in the main configuration file.Frederick Muriuki Muriithi
2024-03-01Configs: Check that all mandatory settings exist and are non-empty.Frederick Muriuki Muriithi
2024-02-27Remove use of instance path in configurations.Frederick Muriuki Muriithi
2023-12-05Enable CORS to allow access from GN2 javascriptFrederick Muriuki Muriithi
2023-11-02Config: Use instance_path to load secrets.Frederick Muriuki Muriithi
2023-09-26Handle AuthorisationError at the top-levelFrederick Muriuki Muriithi
Add an error handler to gracefully handle the custom AuthorisationError at the application's top-level to avoid having to manually handle it everywhere that the error (and its sub-classes) might be raised.
2023-08-08Use relative imports to break circular import errorsFrederick Muriuki Muriithi
2023-08-08Fix issues caught by linterFrederick Muriuki Muriithi
* Add a .pylintrc to silence annoying messages * Fix imports * Add missing `parse_db_url` function * Add a new `gn_auth.auth.db.redis` module
2023-08-07Add routes to the applicationFrederick Muriuki Muriithi
2023-08-04Initialise the application and update some module importsFrederick Muriuki Muriithi
2023-08-04Copy over files from GN3 repository.Frederick Muriuki Muriithi