Merge pull request #1626 from SUSE/feature/oidc-upstream

Add OIDC configuration

configuration/configuration.py

@@ -317,6 +317,14 @@ SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL = environ.get('SOCIAL_AUTH_OKTA_OPENIDCON
 SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = environ.get('SOCIAL_AUTH_GOOGLE_OAUTH2_KEY')
 SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = _read_secret('google_oauth2_secret', environ.get('SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET', ''))
 
+# OIDC Configuration
+SOCIAL_AUTH_OIDC_OIDC_ENDPOINT = environ.get('SOCIAL_AUTH_OIDC_OIDC_ENDPOINT')
+SOCIAL_AUTH_OIDC_KEY = environ.get('SOCIAL_AUTH_OIDC_KEY')
+SOCIAL_AUTH_OIDC_SECRET = _read_secret('oidc_secret', environ.get('SOCIAL_AUTH_OIDC_SECRET', ''))
+SOCIAL_AUTH_OIDC_SCOPE = _environ_get_and_map('SOCIAL_AUTH_OIDC_SCOPE', '', _AS_LIST)
+LOGOUT_REDIRECT_URL = environ.get('LOGOUT_REDIRECT_URL')
+SOCIAL_AUTH_OIDC_JWT_ALGORITHMS = _environ_get_and_map('SOCIAL_AUTH_OIDC_JWT_ALGORITHMS', "RS256", _AS_LIST)
+
 # This repository is used to check whether there is a new release of NetBox available. Set to None to disable the
 # version check or use the URL below to check for release in the official NetBox repository.
 RELEASE_CHECK_URL = environ.get('RELEASE_CHECK_URL', None)

env/netbox.env

@@ -42,3 +42,12 @@ SKIP_SUPERUSER=true
 # SOCIAL_AUTH_GOOGLE_OAUTH2_KEY=your_google_client_id
 # SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET=your_google_client_secret
 WEBHOOKS_ENABLED=true
+
+# Configuration for OIDC
+# REMOTE_AUTH_BACKEND='social_core.backends.open_id_connect.OpenIdConnectAuth'
+# SOCIAL_AUTH_OIDC_OIDC_ENDPOINT='https://example.org'
+# SOCIAL_AUTH_OIDC_KEY=''
+# SOCIAL_AUTH_OIDC_SECRET=''
+# SOCIAL_AUTH_OIDC_SCOPE=openid profile email roles
+# LOGOUT_REDIRECT_URL='https://example.org'
+# SOCIAL_AUTH_OIDC_JWT_ALGORITHMS=RS256