drop local fxa credentials; simplify FXA_CONFIGs (#19685)
This commit is contained in:
Родитель
d0446956b2
Коммит
5274157249
37
settings.py
37
settings.py
|
@ -93,41 +93,16 @@ DATABASES = {
|
|||
'default': get_db_config('DATABASES_DEFAULT_URL'),
|
||||
}
|
||||
|
||||
# FxA config for local development only.
|
||||
FXA_CONFIG = {
|
||||
'default': {
|
||||
'client_id': env('FXA_CLIENT_ID', default='a25796da7bc73ffa'),
|
||||
'client_secret': env(
|
||||
'FXA_CLIENT_SECRET',
|
||||
default='4828af02f60a12738a79c7121b06d42b481f112dce1831440902a8412d2770c5',
|
||||
),
|
||||
# fxa redirects to http://olympia.test/api/auth/authenticate-callback/
|
||||
},
|
||||
'amo': {
|
||||
'client_id': env('FXA_CLIENT_ID', default='0f95f6474c24c1dc'),
|
||||
'client_secret': env(
|
||||
'FXA_CLIENT_SECRET',
|
||||
default='ca45e503a1b4ec9e2a3d4855d79849e098da18b7dfe42b6bc76dfed420fc1d38',
|
||||
),
|
||||
# fxa redirects to http://localhost:3000/fxa-authenticate
|
||||
},
|
||||
'local': {
|
||||
'client_id': env('FXA_CLIENT_ID', default='4dce1adfa7901c08'),
|
||||
'client_secret': env(
|
||||
'FXA_CLIENT_SECRET',
|
||||
default='d7d5f1148a35b12c067fb9eafafc29d35165a90f5d8b0032f1fcd37468ae49fe',
|
||||
),
|
||||
# fxa redirects to http://localhost:3000/api/auth/authenticate-callback/?config=local # noqa
|
||||
},
|
||||
}
|
||||
FXA_CONTENT_HOST = 'https://stable.dev.lcip.org'
|
||||
FXA_OAUTH_HOST = 'https://oauth-stable.dev.lcip.org/v1'
|
||||
FXA_PROFILE_HOST = 'https://stable.dev.lcip.org/profile/v1'
|
||||
ALLOWED_FXA_CONFIGS = ['default', 'amo', 'local']
|
||||
FXA_CONTENT_HOST = 'https://accounts.stage.mozaws.net'
|
||||
FXA_OAUTH_HOST = 'https://oauth.stage.mozaws.net/v1'
|
||||
FXA_PROFILE_HOST = 'https://profile.stage.mozaws.net/v1'
|
||||
|
||||
# When USE_FAKE_FXA_AUTH and settings.DEBUG are both True, we serve a fake
|
||||
# authentication page, bypassing FxA. To disable this behavior, set
|
||||
# USE_FAKE_FXA = False in your local settings.
|
||||
# You will also need to specify `client_id` and `client_secret` in your
|
||||
# local_settings.py or environment variables - you must contact the FxA team to get your
|
||||
# own credentials for FxA stage.
|
||||
USE_FAKE_FXA_AUTH = True
|
||||
|
||||
# CSP report endpoint which returns a 204 from addons-nginx in local dev.
|
||||
|
|
|
@ -63,15 +63,15 @@ SKIP_REDIRECT_FXA_CONFIG = {
|
|||
}
|
||||
|
||||
|
||||
@override_settings(FXA_CONFIG={'current-config': FXA_CONFIG})
|
||||
@override_settings(
|
||||
FXA_CONFIG={'current-config': FXA_CONFIG},
|
||||
DEFAULT_FXA_CONFIG_NAME='current-config',
|
||||
)
|
||||
@override_settings(FXA_OAUTH_HOST='https://accounts.firefox.com/v1')
|
||||
class TestLoginStartBaseView(WithDynamicEndpoints, TestCase):
|
||||
class LoginStartView(views.LoginStartView):
|
||||
DEFAULT_FXA_CONFIG_NAME = 'current-config'
|
||||
|
||||
def setUp(self):
|
||||
super().setUp()
|
||||
self.endpoint(self.LoginStartView, r'^login/start/')
|
||||
self.endpoint(views.LoginStartView, r'^login/start/')
|
||||
self.url = '/en-US/firefox/login/start/'
|
||||
self.initialize_session({})
|
||||
|
||||
|
@ -174,10 +174,6 @@ def has_cors_headers(response, origin='https://addons-frontend'):
|
|||
|
||||
|
||||
class TestLoginStartView(TestCase):
|
||||
def test_default_config_is_used(self):
|
||||
assert views.LoginStartView.DEFAULT_FXA_CONFIG_NAME == 'default'
|
||||
assert views.LoginStartView.ALLOWED_FXA_CONFIGS == (['default', 'amo', 'local'])
|
||||
|
||||
@override_settings(DEBUG=True, USE_FAKE_FXA_AUTH=True)
|
||||
def test_redirect_url_fake_fxa_auth(self):
|
||||
response = self.client.get(reverse_ns('accounts.login_start'))
|
||||
|
@ -690,44 +686,23 @@ class TestWithUser(TestCase):
|
|||
'foo': {'FOO': 123},
|
||||
'bar': {'BAR': 456},
|
||||
'baz': {'BAZ': 789},
|
||||
}
|
||||
},
|
||||
DEFAULT_FXA_CONFIG_NAME='baz',
|
||||
)
|
||||
class TestFxAConfigMixin(TestCase):
|
||||
class DefaultConfig(views.FxAConfigMixin):
|
||||
DEFAULT_FXA_CONFIG_NAME = 'bar'
|
||||
|
||||
class MultipleConfigs(views.FxAConfigMixin):
|
||||
DEFAULT_FXA_CONFIG_NAME = 'baz'
|
||||
ALLOWED_FXA_CONFIGS = ['foo', 'baz']
|
||||
|
||||
def test_default_only_no_config(self):
|
||||
def test_no_config(self):
|
||||
request = RequestFactory().get('/login')
|
||||
config = self.DefaultConfig().get_fxa_config(request)
|
||||
assert config == {'BAR': 456}
|
||||
config = views.FxAConfigMixin().get_fxa_config(request)
|
||||
assert config == {'BAZ': 789}
|
||||
|
||||
def test_default_only_not_allowed(self):
|
||||
request = RequestFactory().get('/login?config=foo')
|
||||
config = self.DefaultConfig().get_fxa_config(request)
|
||||
assert config == {'BAR': 456}
|
||||
|
||||
def test_default_only_allowed(self):
|
||||
def test_config_alternate(self):
|
||||
request = RequestFactory().get('/login?config=bar')
|
||||
config = self.DefaultConfig().get_fxa_config(request)
|
||||
config = views.FxAConfigMixin().get_fxa_config(request)
|
||||
assert config == {'BAR': 456}
|
||||
|
||||
def test_config_is_allowed(self):
|
||||
request = RequestFactory().get('/login?config=foo')
|
||||
config = self.MultipleConfigs().get_fxa_config(request)
|
||||
assert config == {'FOO': 123}
|
||||
|
||||
def test_config_is_default(self):
|
||||
request = RequestFactory().get('/login?config=baz')
|
||||
config = self.MultipleConfigs().get_fxa_config(request)
|
||||
assert config == {'BAZ': 789}
|
||||
|
||||
def test_config_is_not_allowed(self):
|
||||
request = RequestFactory().get('/login?config=bar')
|
||||
config = self.MultipleConfigs().get_fxa_config(request)
|
||||
config = views.FxAConfigMixin().get_fxa_config(request)
|
||||
assert config == {'BAZ': 789}
|
||||
|
||||
|
||||
|
|
|
@ -124,7 +124,7 @@ def check_and_update_fxa_access_token(request):
|
|||
|
||||
config_name = (
|
||||
request.session['fxa_config_name']
|
||||
if request.session.get('fxa_config_name') in settings.ALLOWED_FXA_CONFIGS
|
||||
if request.session.get('fxa_config_name') in settings.FXA_CONFIG
|
||||
else settings.DEFAULT_FXA_CONFIG_NAME
|
||||
)
|
||||
|
||||
|
|
|
@ -322,14 +322,12 @@ def with_user(f):
|
|||
|
||||
|
||||
class FxAConfigMixin:
|
||||
DEFAULT_FXA_CONFIG_NAME = settings.DEFAULT_FXA_CONFIG_NAME
|
||||
ALLOWED_FXA_CONFIGS = settings.ALLOWED_FXA_CONFIGS
|
||||
|
||||
def get_config_name(self, request):
|
||||
config_name = request.GET.get('config', self.DEFAULT_FXA_CONFIG_NAME)
|
||||
if config_name not in self.ALLOWED_FXA_CONFIGS:
|
||||
log.info(f'Using default FxA config instead of {config_name}')
|
||||
config_name = self.DEFAULT_FXA_CONFIG_NAME
|
||||
config_name = request.GET.get('config')
|
||||
if config_name not in settings.FXA_CONFIG:
|
||||
if config_name:
|
||||
log.info(f'Using default FxA config instead of {config_name}')
|
||||
config_name = settings.DEFAULT_FXA_CONFIG_NAME
|
||||
return config_name
|
||||
|
||||
def get_fxa_config(self, request):
|
||||
|
|
|
@ -72,11 +72,7 @@ ADDONS_LINTER_BIN = 'node_modules/.bin/addons-linter'
|
|||
ALLOW_SELF_REVIEWS = True
|
||||
|
||||
FXA_CONFIG = {
|
||||
'default': {
|
||||
'client_id': env('FXA_CLIENT_ID'),
|
||||
'client_secret': env('FXA_CLIENT_SECRET'),
|
||||
# fxa redirects to https://%s/api/auth/authenticate-callback/ % DOMAIN
|
||||
},
|
||||
**FXA_CONFIG,
|
||||
'local': {
|
||||
'client_id': env('DEVELOPMENT_FXA_CLIENT_ID'),
|
||||
'client_secret': env('DEVELOPMENT_FXA_CLIENT_SECRET'),
|
||||
|
@ -87,9 +83,6 @@ FXA_CONTENT_HOST = 'https://accounts.stage.mozaws.net'
|
|||
FXA_OAUTH_HOST = 'https://oauth.stage.mozaws.net/v1'
|
||||
FXA_PROFILE_HOST = 'https://profile.stage.mozaws.net/v1'
|
||||
|
||||
DEFAULT_FXA_CONFIG_NAME = 'default'
|
||||
ALLOWED_FXA_CONFIGS = ['default', 'local']
|
||||
|
||||
REMOTE_SETTINGS_IS_TEST_SERVER = True
|
||||
|
||||
SITEMAP_DEBUG_AVAILABLE = True
|
||||
|
|
|
@ -54,16 +54,6 @@ NEW_FEATURES = True
|
|||
|
||||
ADDONS_LINTER_BIN = 'node_modules/.bin/addons-linter'
|
||||
|
||||
FXA_CONFIG = {
|
||||
'default': {
|
||||
'client_id': env('FXA_CLIENT_ID'),
|
||||
'client_secret': env('FXA_CLIENT_SECRET'),
|
||||
# fxa redirects to https://%s/api/auth/authenticate-callback/ % DOMAIN
|
||||
},
|
||||
}
|
||||
DEFAULT_FXA_CONFIG_NAME = 'default'
|
||||
ALLOWED_FXA_CONFIGS = ['default']
|
||||
|
||||
ES_DEFAULT_NUM_SHARDS = 10
|
||||
|
||||
RECOMMENDATION_ENGINE_URL = env(
|
||||
|
|
|
@ -69,19 +69,13 @@ ADDONS_LINTER_BIN = 'node_modules/.bin/addons-linter'
|
|||
ALLOW_SELF_REVIEWS = True
|
||||
|
||||
FXA_CONFIG = {
|
||||
'default': {
|
||||
'client_id': env('FXA_CLIENT_ID'),
|
||||
'client_secret': env('FXA_CLIENT_SECRET'),
|
||||
# fxa redirects to https://%s/api/auth/authenticate-callback/ % DOMAIN
|
||||
},
|
||||
**FXA_CONFIG,
|
||||
'local': {
|
||||
'client_id': env('DEVELOPMENT_FXA_CLIENT_ID'),
|
||||
'client_secret': env('DEVELOPMENT_FXA_CLIENT_SECRET'),
|
||||
# fxa redirects to http://localhost:3000/api/auth/authenticate-callback/?config=local # noqa
|
||||
},
|
||||
}
|
||||
DEFAULT_FXA_CONFIG_NAME = 'default'
|
||||
ALLOWED_FXA_CONFIGS = ['default', 'local']
|
||||
|
||||
TAAR_LITE_RECOMMENDATION_ENGINE_URL = env(
|
||||
'TAAR_LITE_RECOMMENDATION_ENGINE_URL',
|
||||
|
|
|
@ -1404,11 +1404,19 @@ ignore_logger('django.security.DisallowedHost')
|
|||
# Automatically do 'from olympia import amo' when running shell_plus.
|
||||
SHELL_PLUS_POST_IMPORTS = (('olympia', 'amo'),)
|
||||
|
||||
FXA_CONFIG = {
|
||||
'default': {
|
||||
'client_id': env('FXA_CLIENT_ID', default='.'),
|
||||
'client_secret': env('FXA_CLIENT_SECRET', default='.'),
|
||||
# fxa redirects to https://%s/api/auth/authenticate-callback/ % DOMAIN
|
||||
},
|
||||
}
|
||||
DEFAULT_FXA_CONFIG_NAME = 'default'
|
||||
|
||||
FXA_CONTENT_HOST = 'https://accounts.firefox.com'
|
||||
FXA_OAUTH_HOST = 'https://oauth.accounts.firefox.com/v1'
|
||||
FXA_PROFILE_HOST = 'https://profile.accounts.firefox.com/v1'
|
||||
DEFAULT_FXA_CONFIG_NAME = 'default'
|
||||
ALLOWED_FXA_CONFIGS = ['default']
|
||||
|
||||
USE_FAKE_FXA_AUTH = False # Should only be True for local development envs.
|
||||
VERIFY_FXA_ACCESS_TOKEN = True
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче