studio/docs
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

(settings) Allow configuring PKCE for the SSO (#886)

Browse Source 
C.f.
https://mozilla-django-oidc.readthedocs.io/en/latest/settings.html#OIDC_USE_PKCE

## Purpose

Add pkce settings

## Proposal
Get the settings from the environment

Signed-off-by: Tom Hubrecht <github@mail.hubrecht.ovh>
This commit is contained in:
Tom Hubrecht
2025-04-28 12:54:30 +02:00
committed by GitHub
parent 5268699d50
commit 5cdbdbf215
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -12,6 +12,7 @@ and this project adheres to
- 🚸(backend) make document search on title accent-insensitive #874 - 🚸(backend) make document search on title accent-insensitive #874
- 🚩 add homepage feature flag #861 - 🚩 add homepage feature flag #861
- ✨(settings) Allow configuring PKCE for the SSO #886
## Changed ## Changed

11
src/backend/impress/settings.py
View File

@@ -520,6 +520,17 @@ class Base(Configuration):
environ_name="OIDC_FALLBACK_TO_EMAIL_FOR_IDENTIFICATION", environ_name="OIDC_FALLBACK_TO_EMAIL_FOR_IDENTIFICATION",
environ_prefix=None, environ_prefix=None,
) )
OIDC_USE_PKCE = values.BooleanValue(
default=False, environ_name="OIDC_USE_PKCE", environ_prefix=None
)
OIDC_PKCE_CODE_CHALLENGE_METHOD = values.Value(
default="S256",
environ_name="OIDC_PKCE_CODE_CHALLENGE_METHOD",
environ_prefix=None,
)
OIDC_PKCE_CODE_VERIFIER_SIZE = values.IntegerValue(
default=64, environ_name="OIDC_PKCE_CODE_VERIFIER_SIZE", environ_prefix=None
)
# WARNING: Enabling this setting allows multiple user accounts to share the same email # WARNING: Enabling this setting allows multiple user accounts to share the same email
# address. This may cause security issues and is not recommended for production use when # address. This may cause security issues and is not recommended for production use when