Project

General

Profile

Download (1.6 KB) Statistics
| Branch: | Tag: | Revision:

oidc / ckanext / ozwillo_pyoidc / conf.py @ c8204b73

1
PORT = 8666
2
#BASE = "https://lingon.ladok.umu.se:" + str(PORT) + "/"
3
BASE = "http://ckan.dev.entrouvert.org"
4

    
5

    
6
# If BASE is https these has to be specified
7
SERVER_CERT = "certs/server.crt"
8
SERVER_KEY = "certs/server.key"
9
CA_BUNDLE = None
10

    
11
VERIFY_SSL = False
12

    
13
# information used when registering the client, this may be the same for all OPs
14

    
15
ME = {
16
    "application_type": "web",
17
    "application_name": "idpproxy",
18
    "contacts": ["ops@example.com"],
19
    "redirect_uris": ["%sauthz_cb" % BASE],
20
    "post_logout_redirect_uris": ["%slogout" % BASE],
21
    "response_types": ["code"]
22
}
23

    
24
BEHAVIOUR = {
25
    "response_type": "code",
26
    "scope": ["openid", "profile", "email", "address", "phone"],
27
}
28

    
29
ACR_VALUES = ["SAML"]
30

    
31
# The keys in this dictionary are the OPs short userfriendly name
32
# not the issuer (iss) name.
33

    
34
CLIENTS = {
35
    # The ones that support webfinger, OP discovery and client registration
36
    # This is the default, any client that is not listed here is expected to
37
    # support dynamic discovery and registration.
38
    # Supports OP information lookup but not client registration
39
    "ozwillo": {
40
        "srv_discovery_url": "https://accounts.ozwillo-preprod.eu/",
41
        "client_registration": {
42
            "client_id": "64a1002e-3149-4e1d-a374-6ff08b79dae6",
43
            "client_secret": "RCjT6YTN7CY0l8UAbGUOtSOrAKZKW4XXzK1ZWi7u0nE",
44
            "redirect_uris": ["https://ckan.dev.entrouvert.org/openid/callback"],
45
        },
46
        "behaviour": {
47
            "response_type": "code",
48
            "scope": ["openid", "profile"]
49
        },
50
        "allow": {
51
            "issuer_mismatch": True
52
        }
53
    }
54
}
(2-2/4)