diff --git a/settings.py b/settings.py index 3e827be7c3..d94ba7dc4b 100644 --- a/settings.py +++ b/settings.py @@ -93,41 +93,16 @@ DATABASES = { 'default': get_db_config('DATABASES_DEFAULT_URL'), } -# FxA config for local development only. -FXA_CONFIG = { - 'default': { - 'client_id': env('FXA_CLIENT_ID', default='a25796da7bc73ffa'), - 'client_secret': env( - 'FXA_CLIENT_SECRET', - default='4828af02f60a12738a79c7121b06d42b481f112dce1831440902a8412d2770c5', - ), - # fxa redirects to http://olympia.test/api/auth/authenticate-callback/ - }, - 'amo': { - 'client_id': env('FXA_CLIENT_ID', default='0f95f6474c24c1dc'), - 'client_secret': env( - 'FXA_CLIENT_SECRET', - default='ca45e503a1b4ec9e2a3d4855d79849e098da18b7dfe42b6bc76dfed420fc1d38', - ), - # fxa redirects to http://localhost:3000/fxa-authenticate - }, - 'local': { - 'client_id': env('FXA_CLIENT_ID', default='4dce1adfa7901c08'), - 'client_secret': env( - 'FXA_CLIENT_SECRET', - default='d7d5f1148a35b12c067fb9eafafc29d35165a90f5d8b0032f1fcd37468ae49fe', - ), - # fxa redirects to http://localhost:3000/api/auth/authenticate-callback/?config=local # noqa - }, -} -FXA_CONTENT_HOST = 'https://stable.dev.lcip.org' -FXA_OAUTH_HOST = 'https://oauth-stable.dev.lcip.org/v1' -FXA_PROFILE_HOST = 'https://stable.dev.lcip.org/profile/v1' -ALLOWED_FXA_CONFIGS = ['default', 'amo', 'local'] +FXA_CONTENT_HOST = 'https://accounts.stage.mozaws.net' +FXA_OAUTH_HOST = 'https://oauth.stage.mozaws.net/v1' +FXA_PROFILE_HOST = 'https://profile.stage.mozaws.net/v1' # When USE_FAKE_FXA_AUTH and settings.DEBUG are both True, we serve a fake # authentication page, bypassing FxA. To disable this behavior, set # USE_FAKE_FXA = False in your local settings. +# You will also need to specify `client_id` and `client_secret` in your +# local_settings.py or environment variables - you must contact the FxA team to get your +# own credentials for FxA stage. USE_FAKE_FXA_AUTH = True # CSP report endpoint which returns a 204 from addons-nginx in local dev. diff --git a/src/olympia/accounts/tests/test_views.py b/src/olympia/accounts/tests/test_views.py index 9a0d8d896a..d676ea5aa5 100644 --- a/src/olympia/accounts/tests/test_views.py +++ b/src/olympia/accounts/tests/test_views.py @@ -63,15 +63,15 @@ SKIP_REDIRECT_FXA_CONFIG = { } -@override_settings(FXA_CONFIG={'current-config': FXA_CONFIG}) +@override_settings( + FXA_CONFIG={'current-config': FXA_CONFIG}, + DEFAULT_FXA_CONFIG_NAME='current-config', +) @override_settings(FXA_OAUTH_HOST='https://accounts.firefox.com/v1') class TestLoginStartBaseView(WithDynamicEndpoints, TestCase): - class LoginStartView(views.LoginStartView): - DEFAULT_FXA_CONFIG_NAME = 'current-config' - def setUp(self): super().setUp() - self.endpoint(self.LoginStartView, r'^login/start/') + self.endpoint(views.LoginStartView, r'^login/start/') self.url = '/en-US/firefox/login/start/' self.initialize_session({}) @@ -174,10 +174,6 @@ def has_cors_headers(response, origin='https://addons-frontend'): class TestLoginStartView(TestCase): - def test_default_config_is_used(self): - assert views.LoginStartView.DEFAULT_FXA_CONFIG_NAME == 'default' - assert views.LoginStartView.ALLOWED_FXA_CONFIGS == (['default', 'amo', 'local']) - @override_settings(DEBUG=True, USE_FAKE_FXA_AUTH=True) def test_redirect_url_fake_fxa_auth(self): response = self.client.get(reverse_ns('accounts.login_start')) @@ -690,44 +686,23 @@ class TestWithUser(TestCase): 'foo': {'FOO': 123}, 'bar': {'BAR': 456}, 'baz': {'BAZ': 789}, - } + }, + DEFAULT_FXA_CONFIG_NAME='baz', ) class TestFxAConfigMixin(TestCase): - class DefaultConfig(views.FxAConfigMixin): - DEFAULT_FXA_CONFIG_NAME = 'bar' - - class MultipleConfigs(views.FxAConfigMixin): - DEFAULT_FXA_CONFIG_NAME = 'baz' - ALLOWED_FXA_CONFIGS = ['foo', 'baz'] - - def test_default_only_no_config(self): + def test_no_config(self): request = RequestFactory().get('/login') - config = self.DefaultConfig().get_fxa_config(request) - assert config == {'BAR': 456} + config = views.FxAConfigMixin().get_fxa_config(request) + assert config == {'BAZ': 789} - def test_default_only_not_allowed(self): - request = RequestFactory().get('/login?config=foo') - config = self.DefaultConfig().get_fxa_config(request) - assert config == {'BAR': 456} - - def test_default_only_allowed(self): + def test_config_alternate(self): request = RequestFactory().get('/login?config=bar') - config = self.DefaultConfig().get_fxa_config(request) + config = views.FxAConfigMixin().get_fxa_config(request) assert config == {'BAR': 456} - def test_config_is_allowed(self): - request = RequestFactory().get('/login?config=foo') - config = self.MultipleConfigs().get_fxa_config(request) - assert config == {'FOO': 123} - def test_config_is_default(self): request = RequestFactory().get('/login?config=baz') - config = self.MultipleConfigs().get_fxa_config(request) - assert config == {'BAZ': 789} - - def test_config_is_not_allowed(self): - request = RequestFactory().get('/login?config=bar') - config = self.MultipleConfigs().get_fxa_config(request) + config = views.FxAConfigMixin().get_fxa_config(request) assert config == {'BAZ': 789} diff --git a/src/olympia/accounts/verify.py b/src/olympia/accounts/verify.py index c48434c74e..cc31c68164 100644 --- a/src/olympia/accounts/verify.py +++ b/src/olympia/accounts/verify.py @@ -124,7 +124,7 @@ def check_and_update_fxa_access_token(request): config_name = ( request.session['fxa_config_name'] - if request.session.get('fxa_config_name') in settings.ALLOWED_FXA_CONFIGS + if request.session.get('fxa_config_name') in settings.FXA_CONFIG else settings.DEFAULT_FXA_CONFIG_NAME ) diff --git a/src/olympia/accounts/views.py b/src/olympia/accounts/views.py index f92cb321a1..19852e2006 100644 --- a/src/olympia/accounts/views.py +++ b/src/olympia/accounts/views.py @@ -322,14 +322,12 @@ def with_user(f): class FxAConfigMixin: - DEFAULT_FXA_CONFIG_NAME = settings.DEFAULT_FXA_CONFIG_NAME - ALLOWED_FXA_CONFIGS = settings.ALLOWED_FXA_CONFIGS - def get_config_name(self, request): - config_name = request.GET.get('config', self.DEFAULT_FXA_CONFIG_NAME) - if config_name not in self.ALLOWED_FXA_CONFIGS: - log.info(f'Using default FxA config instead of {config_name}') - config_name = self.DEFAULT_FXA_CONFIG_NAME + config_name = request.GET.get('config') + if config_name not in settings.FXA_CONFIG: + if config_name: + log.info(f'Using default FxA config instead of {config_name}') + config_name = settings.DEFAULT_FXA_CONFIG_NAME return config_name def get_fxa_config(self, request): diff --git a/src/olympia/conf/dev/settings.py b/src/olympia/conf/dev/settings.py index 1c9abb8de8..a1ef4eb33a 100644 --- a/src/olympia/conf/dev/settings.py +++ b/src/olympia/conf/dev/settings.py @@ -72,11 +72,7 @@ ADDONS_LINTER_BIN = 'node_modules/.bin/addons-linter' ALLOW_SELF_REVIEWS = True FXA_CONFIG = { - 'default': { - 'client_id': env('FXA_CLIENT_ID'), - 'client_secret': env('FXA_CLIENT_SECRET'), - # fxa redirects to https://%s/api/auth/authenticate-callback/ % DOMAIN - }, + **FXA_CONFIG, 'local': { 'client_id': env('DEVELOPMENT_FXA_CLIENT_ID'), 'client_secret': env('DEVELOPMENT_FXA_CLIENT_SECRET'), @@ -87,9 +83,6 @@ FXA_CONTENT_HOST = 'https://accounts.stage.mozaws.net' FXA_OAUTH_HOST = 'https://oauth.stage.mozaws.net/v1' FXA_PROFILE_HOST = 'https://profile.stage.mozaws.net/v1' -DEFAULT_FXA_CONFIG_NAME = 'default' -ALLOWED_FXA_CONFIGS = ['default', 'local'] - REMOTE_SETTINGS_IS_TEST_SERVER = True SITEMAP_DEBUG_AVAILABLE = True diff --git a/src/olympia/conf/prod/settings.py b/src/olympia/conf/prod/settings.py index c11eaf7235..b0bc1cf1f6 100644 --- a/src/olympia/conf/prod/settings.py +++ b/src/olympia/conf/prod/settings.py @@ -54,16 +54,6 @@ NEW_FEATURES = True ADDONS_LINTER_BIN = 'node_modules/.bin/addons-linter' -FXA_CONFIG = { - 'default': { - 'client_id': env('FXA_CLIENT_ID'), - 'client_secret': env('FXA_CLIENT_SECRET'), - # fxa redirects to https://%s/api/auth/authenticate-callback/ % DOMAIN - }, -} -DEFAULT_FXA_CONFIG_NAME = 'default' -ALLOWED_FXA_CONFIGS = ['default'] - ES_DEFAULT_NUM_SHARDS = 10 RECOMMENDATION_ENGINE_URL = env( diff --git a/src/olympia/conf/stage/settings.py b/src/olympia/conf/stage/settings.py index da0c4d145b..fec70eb846 100644 --- a/src/olympia/conf/stage/settings.py +++ b/src/olympia/conf/stage/settings.py @@ -69,19 +69,13 @@ ADDONS_LINTER_BIN = 'node_modules/.bin/addons-linter' ALLOW_SELF_REVIEWS = True FXA_CONFIG = { - 'default': { - 'client_id': env('FXA_CLIENT_ID'), - 'client_secret': env('FXA_CLIENT_SECRET'), - # fxa redirects to https://%s/api/auth/authenticate-callback/ % DOMAIN - }, + **FXA_CONFIG, 'local': { 'client_id': env('DEVELOPMENT_FXA_CLIENT_ID'), 'client_secret': env('DEVELOPMENT_FXA_CLIENT_SECRET'), # fxa redirects to http://localhost:3000/api/auth/authenticate-callback/?config=local # noqa }, } -DEFAULT_FXA_CONFIG_NAME = 'default' -ALLOWED_FXA_CONFIGS = ['default', 'local'] TAAR_LITE_RECOMMENDATION_ENGINE_URL = env( 'TAAR_LITE_RECOMMENDATION_ENGINE_URL', diff --git a/src/olympia/lib/settings_base.py b/src/olympia/lib/settings_base.py index ee02f78426..4b7d38b2bf 100644 --- a/src/olympia/lib/settings_base.py +++ b/src/olympia/lib/settings_base.py @@ -1404,11 +1404,19 @@ ignore_logger('django.security.DisallowedHost') # Automatically do 'from olympia import amo' when running shell_plus. SHELL_PLUS_POST_IMPORTS = (('olympia', 'amo'),) +FXA_CONFIG = { + 'default': { + 'client_id': env('FXA_CLIENT_ID', default='.'), + 'client_secret': env('FXA_CLIENT_SECRET', default='.'), + # fxa redirects to https://%s/api/auth/authenticate-callback/ % DOMAIN + }, +} +DEFAULT_FXA_CONFIG_NAME = 'default' + FXA_CONTENT_HOST = 'https://accounts.firefox.com' FXA_OAUTH_HOST = 'https://oauth.accounts.firefox.com/v1' FXA_PROFILE_HOST = 'https://profile.accounts.firefox.com/v1' -DEFAULT_FXA_CONFIG_NAME = 'default' -ALLOWED_FXA_CONFIGS = ['default'] + USE_FAKE_FXA_AUTH = False # Should only be True for local development envs. VERIFY_FXA_ACCESS_TOKEN = True