Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove the JWT hook that overrides hostname and content origin. #2181

Merged
merged 2 commits into from
Jun 19, 2024
Merged

Remove the JWT hook that overrides hostname and content origin. #2181

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
226b8ba
Remove the JWT hook that overrides hostname and content origin.
jctanner Jun 19, 2024
325cef1
Lint fix.
jctanner Jun 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 0 additions & 26 deletions galaxy_ng/app/dynaconf_hooks.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@
import os
import re
from typing import Any, Dict, List
from urllib.parse import urlparse, urlunparse
from django_auth_ldap.config import LDAPSearch
from dynaconf import Dynaconf, Validator
from galaxy_ng.app.dynamic_settings import DYNAMIC_SETTINGS_SCHEMA
Expand Down Expand Up @@ -56,7 +55,6 @@ def post(settings: Dynaconf) -> Dict[str, Any]:
data.update(configure_api_base_path(settings))
data.update(configure_legacy_roles(settings))
data.update(configure_dab_required_settings(settings))
data.update(configure_resource_provider(settings))

# This should go last, and it needs to receive the data from the previous configuration
# functions because this function configures the rest framework auth classes based off
Expand Down Expand Up @@ -582,30 +580,6 @@ def configure_legacy_roles(settings: Dynaconf) -> Dict[str, Any]:
return data


def configure_resource_provider(settings: Dynaconf) -> Dict[str, Any]:
# The following variable is either a URL or a key file path.
ANSIBLE_BASE_JWT_KEY = settings.get("ANSIBLE_BASE_JWT_KEY")
if ANSIBLE_BASE_JWT_KEY is None:
return {}

data = {
"ANSIBLE_API_HOSTNAME": settings.get("ANSIBLE_API_HOSTNAME", ""),
"ANSIBLE_CONTENT_HOSTNAME": settings.get("ANSIBLE_CONTENT_HOSTNAME", ""),
}
gw_url = urlparse(ANSIBLE_BASE_JWT_KEY)
if gw_url.scheme and gw_url.hostname:
for k in data:
k_parsed = urlparse(data[k])
if gw_url.scheme and gw_url.hostname:
k_updated = k_parsed._replace(
scheme=gw_url.scheme,
netloc=gw_url.netloc,
)
data.update({k: urlunparse(k_updated)})
return data
return {}


def validate(settings: Dynaconf) -> None:
"""Validate the configuration, raise ValidationError if invalid"""
settings.validators.register(
Expand Down
10 changes: 5 additions & 5 deletions galaxy_ng/app/settings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -390,11 +390,11 @@
ANSIBLE_BASE_ORGANIZATION_MODEL = "galaxy.Organization"
ANSIBLE_BASE_JWT_VALIDATE_CERT = False

# WARNING: When set to a url such as https://localhost this will
# cause a hook configure_resource_provider to set API_HOSTNAME/CONTENT_HOSTNAME
# scheme and netloc to the same. This variable must be None (or unset)
# whenever galaxy is running standalone (without a RESOURCE_SERVER proxy)
# and set to `https://resource_server` when running behind the resource proxy.
# This is meant to be a url to the resource server
# which the JWT consumer code can obtain a certificate
# from for decrypting the JWT. If the hub system can
# reach the resource server via an internal url,
# use that here for the best network performance.
ANSIBLE_BASE_JWT_KEY = None

# NOTE: For the Resource Sync Feature the following are required:
Expand Down
Loading