fix(oauth2): google oauth2 whitelisting. (#11372)

* Update release step3 * fix(oauth2): Fix google oauth2 whitelisting. The variable is a tuple and should be managed as such Signed-off-by: Julien Godin <[email protected]> --------- Signed-off-by: Julien Godin <[email protected]> Co-authored-by: Cody Maffucci <[email protected]>
DefectDojo · Dec 12, 2024 · d7dff9e · d7dff9e
1 parent b0e2819
commit d7dff9e
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 2 deletions.
diff --git a/docs/content/en/open_source/archived_docs/integrations/social-authentication.md b/docs/content/en/open_source/archived_docs/integrations/social-authentication.md
@@ -86,12 +86,24 @@ to be created. Closely follow the steps below to guarantee success.
     DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = ['example.com', 'example.org']
     {{< /highlight >}}
 
+    As an environment variable: 
+
+    {{< highlight python >}}
+    DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = example.com,example.org
+    {{< /highlight >}}
+
     or
 
     {{< highlight python >}}
     DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = ['<[email protected]>']
     {{< /highlight >}}
 
+    As an environment variable: 
+
+    {{< highlight python >}}
+    DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = [email protected],[email protected]
+    {{< /highlight >}}
+
 ## OKTA
 
 In a similar fashion to that of Google, using OKTA as a OAuth2 provider

diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
@@ -543,8 +543,8 @@ def generate_url(scheme, double_slashes, user, password, host, port, path, param
 GOOGLE_OAUTH_ENABLED = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_ENABLED")
 SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_KEY")
 SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET")
-SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS")
-SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS")
+SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = tuple(env.list("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS", default=[""]))
+SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = tuple(env.list("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS", default=[""]))
 SOCIAL_AUTH_LOGIN_ERROR_URL = "/login"
 SOCIAL_AUTH_BACKEND_ERROR_URL = "/login"