Merge pull request #17 from diffgram/add-oauth2-settings

Add OAuth2 Settings

Author: PJEstrada

templates/diffgram_settings.tpl

@@ -36,4 +36,14 @@
   RABBITMQ_HOST: {{.Values.diffgramSettings.RABBITMQ_HOST}}
   RABBITMQ_PORT: {{.Values.diffgramSettings.RABBITMQ_PORT}}
   RABBITMQ_DEFAULT_USER: {{.Values.rabbitmq.auth.username}}
+  USE_OAUTH2: {{.Values.diffgramSettings.USE_OAUTH2}}
+  OAUTH2_PROVIDER_NAME: {{.Values.diffgramSettings.OAUTH2_PROVIDER_NAME}}
+  OAUTH2_PROVIDER_HOST: {{.Values.diffgramSettings.OAUTH2_PROVIDER_HOST}}
+  OAUTH2_PROVIDER_CLIENT_ID: {{.Values.diffgramSettings.OAUTH2_PROVIDER_CLIENT_ID}}
+  OAUTH2_PROVIDER_PUBLIC_KEY: {{.Values.diffgramSettings.OAUTH2_PROVIDER_PUBLIC_KEY}}
+  DISABLE_SELF_REGISTRATION: {{.Values.diffgramSettings.DISABLE_SELF_REGISTRATION}}
+  COGNITO_LOGIN_URL: {{.Values.diffgramSettings.COGNITO_LOGIN_URL}}
+  KEY_CLOAK_MASTER_USER: {{.Values.diffgramSettings.KEY_CLOAK_MASTER_USER}}
+  KEY_CLOAK_DIFFGRAM_USER: {{.Values.diffgramSettings.KEY_CLOAK_DIFFGRAM_USER}}
+  KEYCLOAK_REALM: {{.Values.diffgramSettings.KEYCLOAK_REALM}}
 {{- end }}

templates/diffgrams_secrets.tpl

@@ -20,4 +20,7 @@
   USER_PASSWORDS_SECRET:  {{ .Values.diffgramSecrets.USER_PASSWORDS_SECRET }}
   DIFFGRAM_AZURE_CONNECTION_STRING:  {{ .Values.diffgramSecrets.DIFFGRAM_AZURE_CONNECTION_STRING }}
   RABBITMQ_DEFAULT_PASS:  {{ .Values.rabbitmq.auth.password }}
+  OAUTH2_PROVIDER_CLIENT_SECRET:  {{ .Values.diffgramSecrets.OAUTH2_PROVIDER_CLIENT_SECRET }}
+  KEY_CLOAK_MASTER_PASSWORD:  {{ .Values.diffgramSecrets.KEY_CLOAK_MASTER_PASSWORD }}
+  KEY_CLOAK_DIFFGRAM_PASSWORD:  {{ .Values.diffgramSecrets.KEY_CLOAK_DIFFGRAM_PASSWORD }}
 {{- end }}

values.yaml

@@ -56,7 +56,12 @@ diffgramSecrets:
   SERVICE_ACCOUNT_JSON_B64: put_your_gcp_secret_in_base_64_here
   DIFFGRAM_AZURE_CONNECTION_STRING: put_your_azure_connection_string_here
 
+  # OAuth2 Secrets
+  OAUTH2_PROVIDER_CLIENT_SECRET: none
 
+  # Keycloak specific secrets
+  KEY_CLOAK_MASTER_PASSWORD: '"admin"'
+  KEY_CLOAK_DIFFGRAM_PASSWORD: '"admin"'
 
 diffgramSettings:
   USERDOMAIN: kubernetes
@@ -100,6 +105,22 @@ diffgramSettings:
   SIGNED_URL_CACHE_MINIMUM_DAYS_VALID: "'5'"
   SIGNED_URL_CACHE_NEW_OFFSET_DAYS_VALID: "'6'"
 
+  # OAUTH2 Settings
+  USE_OAUTH2: "'False'"
+  OAUTH2_PROVIDER_NAME: "cognito"
+  OAUTH2_PROVIDER_HOST: "http://localhost:8099/auth/"
+  OAUTH2_PROVIDER_CLIENT_ID: "diffgram"
+  OAUTH2_PROVIDER_PUBLIC_KEY: none
+  DISABLE_SELF_REGISTRATION: '"False"'
+
+  # Cognito-specific Settings
+  COGNITO_LOGIN_URL: '"False"'
+
+  # Keycloak-specific Settings
+  KEY_CLOAK_MASTER_USER: '"admin"'
+  KEY_CLOAK_DIFFGRAM_USER: '"admin"'
+  KEYCLOAK_REALM: '"admin"'
+
 imagePullCredentials:
   # The service account with permissions to pull from the GCR Repository. [Should be Provided by Diffgram Team.]
   gcrCredentials: provided_by_diffgram_team