➕(backend) add django-lasuite dependency

Use the OIDC backend from the new library and add settings to setup OIDC token storage required for later calls to OIDC Resource Servers.
2025-01-27 15:21:39 +01:00
parent df173c3ce6
commit 2557c6bc77
13 changed files with 126 additions and 609 deletions
--- a/src/backend/impress/settings.py
+++ b/src/backend/impress/settings.py
@@ -533,6 +533,17 @@ class Base(Configuration):
    OIDC_PKCE_CODE_VERIFIER_SIZE = values.IntegerValue(
        default=64, environ_name="OIDC_PKCE_CODE_VERIFIER_SIZE", environ_prefix=None
    )
+    OIDC_STORE_ACCESS_TOKEN = values.BooleanValue(
+        default=False, environ_name="OIDC_STORE_ACCESS_TOKEN", environ_prefix=None
+    )
+    OIDC_STORE_REFRESH_TOKEN = values.BooleanValue(
+        default=False, environ_name="OIDC_STORE_REFRESH_TOKEN", environ_prefix=None
+    )
+    OIDC_STORE_REFRESH_TOKEN_KEY = values.Value(
+        default=None,
+        environ_name="OIDC_STORE_REFRESH_TOKEN_KEY",
+        environ_prefix=None,
+    )

    # WARNING: Enabling this setting allows multiple user accounts to share the same email
    # address. This may cause security issues and is not recommended for production use when
@@ -546,14 +557,23 @@ class Base(Configuration):
    USER_OIDC_ESSENTIAL_CLAIMS = values.ListValue(
        default=[], environ_name="USER_OIDC_ESSENTIAL_CLAIMS", environ_prefix=None
    )
-    USER_OIDC_FIELDS_TO_FULLNAME = values.ListValue(
-        default=["first_name", "last_name"],
-        environ_name="USER_OIDC_FIELDS_TO_FULLNAME",
+
+    OIDC_USERINFO_FULLNAME_FIELDS = values.ListValue(
+        default=values.ListValue(  # retrocompatibility
+            default=["first_name", "last_name"],
+            environ_name="USER_OIDC_FIELDS_TO_FULLNAME",
+            environ_prefix=None,
+        ),
+        environ_name="OIDC_USERINFO_FULLNAME_FIELDS",
        environ_prefix=None,
    )
-    USER_OIDC_FIELD_TO_SHORTNAME = values.Value(
-        default="first_name",
-        environ_name="USER_OIDC_FIELD_TO_SHORTNAME",
+    OIDC_USERINFO_SHORTNAME_FIELD = values.Value(
+        default=values.Value(  # retrocompatibility
+            default="first_name",
+            environ_name="USER_OIDC_FIELD_TO_SHORTNAME",
+            environ_prefix=None,
+        ),
+        environ_name="OIDC_USERINFO_SHORTNAME_FIELD",
        environ_prefix=None,
    )