From 8e3e6b7d4ac20dbd045b6ffbb293181e65273f79 Mon Sep 17 00:00:00 2001 From: Sergei Maertens Date: Wed, 14 Feb 2024 15:08:40 +0100 Subject: [PATCH] :wrench: [#3623] Ensure all configuration options are exposed in the admin --- src/digid_eherkenning_oidc_generics/admin.py | 51 +++++++++++++++++-- .../tests/digid/test_admin.py | 2 + .../tests/eherkenning/test_admin.py | 2 + 3 files changed, 52 insertions(+), 3 deletions(-) diff --git a/src/digid_eherkenning_oidc_generics/admin.py b/src/digid_eherkenning_oidc_generics/admin.py index d28d344366..6b23a53e1e 100644 --- a/src/digid_eherkenning_oidc_generics/admin.py +++ b/src/digid_eherkenning_oidc_generics/admin.py @@ -33,7 +33,6 @@ class OpenIDConnectConfigBaseAdmin(SingletonModelAdmin): "oidc_rp_scopes_list", "oidc_rp_sign_algo", "oidc_rp_idp_sign_key", - "userinfo_claims_source", ) }, ), @@ -45,12 +44,28 @@ class OpenIDConnectConfigBaseAdmin(SingletonModelAdmin): "oidc_op_jwks_endpoint", "oidc_op_authorization_endpoint", "oidc_op_token_endpoint", + "oidc_token_use_basic_auth", "oidc_op_user_endpoint", "oidc_op_logout_endpoint", ) }, ), (_("Keycloak specific settings"), {"fields": ("oidc_keycloak_idp_hint",)}), + ( + _("Advanced settings"), + { + "fields": ( + "oidc_use_nonce", + "oidc_nonce_size", + "oidc_state_size", + "oidc_exempt_urls", + "userinfo_claims_source", + ), + "classes": [ + "collapse in", + ], + }, + ), ) @@ -82,7 +97,6 @@ class OpenIDConnectConfigDigiDMachtigenAdmin(SingletonModelAdmin): "oidc_rp_scopes_list", "oidc_rp_sign_algo", "oidc_rp_idp_sign_key", - "userinfo_claims_source", ) }, ), @@ -103,12 +117,28 @@ class OpenIDConnectConfigDigiDMachtigenAdmin(SingletonModelAdmin): "oidc_op_jwks_endpoint", "oidc_op_authorization_endpoint", "oidc_op_token_endpoint", + "oidc_token_use_basic_auth", "oidc_op_user_endpoint", "oidc_op_logout_endpoint", ) }, ), (_("Keycloak specific settings"), {"fields": ("oidc_keycloak_idp_hint",)}), + ( + _("Advanced settings"), + { + "fields": ( + "oidc_use_nonce", + "oidc_nonce_size", + "oidc_state_size", + "oidc_exempt_urls", + "userinfo_claims_source", + ), + "classes": [ + "collapse in", + ], + }, + ), ) @@ -130,7 +160,6 @@ class OpenIDConnectConfigEHerkenningBewindvoeringAdmin(SingletonModelAdmin): "oidc_rp_scopes_list", "oidc_rp_sign_algo", "oidc_rp_idp_sign_key", - "userinfo_claims_source", ) }, ), @@ -151,10 +180,26 @@ class OpenIDConnectConfigEHerkenningBewindvoeringAdmin(SingletonModelAdmin): "oidc_op_jwks_endpoint", "oidc_op_authorization_endpoint", "oidc_op_token_endpoint", + "oidc_token_use_basic_auth", "oidc_op_user_endpoint", "oidc_op_logout_endpoint", ) }, ), (_("Keycloak specific settings"), {"fields": ("oidc_keycloak_idp_hint",)}), + ( + _("Advanced settings"), + { + "fields": ( + "oidc_use_nonce", + "oidc_nonce_size", + "oidc_state_size", + "oidc_exempt_urls", + "userinfo_claims_source", + ), + "classes": [ + "collapse in", + ], + }, + ), ) diff --git a/src/openforms/authentication/contrib/digid_eherkenning_oidc/tests/digid/test_admin.py b/src/openforms/authentication/contrib/digid_eherkenning_oidc/tests/digid/test_admin.py index 863138965a..bd4ac1769e 100644 --- a/src/openforms/authentication/contrib/digid_eherkenning_oidc/tests/digid/test_admin.py +++ b/src/openforms/authentication/contrib/digid_eherkenning_oidc/tests/digid/test_admin.py @@ -50,6 +50,7 @@ def test_digid_oidc_disable_allowed(self): form["enabled"] = False # set the value manually, normally this is done through JS form["oidc_rp_scopes_list"] = json.dumps(config.oidc_rp_scopes_list) + form["oidc_exempt_urls"] = json.dumps(config.oidc_exempt_urls) response = form.submit() self.assertEqual(response.status_code, 302) @@ -72,6 +73,7 @@ def test_digid_oidc_disable_not_allowed(self): form["enabled"] = False # set the value manually, normally this is done through JS form["oidc_rp_scopes_list"] = json.dumps(config.oidc_rp_scopes_list) + form["oidc_exempt_urls"] = json.dumps(config.oidc_exempt_urls) response = form.submit() self.assertEqual(response.status_code, 200) diff --git a/src/openforms/authentication/contrib/digid_eherkenning_oidc/tests/eherkenning/test_admin.py b/src/openforms/authentication/contrib/digid_eherkenning_oidc/tests/eherkenning/test_admin.py index e5b8ae20da..356f1540e4 100644 --- a/src/openforms/authentication/contrib/digid_eherkenning_oidc/tests/eherkenning/test_admin.py +++ b/src/openforms/authentication/contrib/digid_eherkenning_oidc/tests/eherkenning/test_admin.py @@ -50,6 +50,7 @@ def test_eherkenning_oidc_disable_allowed(self): form["enabled"] = False # set the value manually, normally this is done through JS form["oidc_rp_scopes_list"] = json.dumps(config.oidc_rp_scopes_list) + form["oidc_exempt_urls"] = json.dumps(config.oidc_exempt_urls) response = form.submit() self.assertEqual(response.status_code, 302) @@ -72,6 +73,7 @@ def test_eherkenning_oidc_disable_not_allowed(self): form["enabled"] = False # set the value manually, normally this is done through JS form["oidc_rp_scopes_list"] = json.dumps(config.oidc_rp_scopes_list) + form["oidc_exempt_urls"] = json.dumps(config.oidc_exempt_urls) response = form.submit() self.assertEqual(response.status_code, 200)