From d7dff9e122cae5dd14a425acaefd46bf0c4d80be Mon Sep 17 00:00:00 2001 From: Julien Godin <40758407+JGodin-C2C@users.noreply.github.com> Date: Thu, 12 Dec 2024 18:49:00 +0100 Subject: [PATCH] fix(oauth2): google oauth2 whitelisting. (#11372) * Update release step3 * fix(oauth2): Fix google oauth2 whitelisting. The variable is a tuple and should be managed as such Signed-off-by: Julien Godin --------- Signed-off-by: Julien Godin Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> --- .../integrations/social-authentication.md | 12 ++++++++++++ dojo/settings/settings.dist.py | 4 ++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/docs/content/en/open_source/archived_docs/integrations/social-authentication.md b/docs/content/en/open_source/archived_docs/integrations/social-authentication.md index 97d052d4fac..db2a536f775 100644 --- a/docs/content/en/open_source/archived_docs/integrations/social-authentication.md +++ b/docs/content/en/open_source/archived_docs/integrations/social-authentication.md @@ -86,12 +86,24 @@ to be created. Closely follow the steps below to guarantee success. DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = ['example.com', 'example.org'] {{< /highlight >}} + As an environment variable: + + {{< highlight python >}} + DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = example.com,example.org + {{< /highlight >}} + or {{< highlight python >}} DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = [''] {{< /highlight >}} + As an environment variable: + + {{< highlight python >}} + DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = email@example.com,email2@example.com + {{< /highlight >}} + ## OKTA In a similar fashion to that of Google, using OKTA as a OAuth2 provider diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index 83794dfa22e..483688dcd4e 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -543,8 +543,8 @@ def generate_url(scheme, double_slashes, user, password, host, port, path, param GOOGLE_OAUTH_ENABLED = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_ENABLED") SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_KEY") SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET") -SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS") -SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = env("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS") +SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS = tuple(env.list("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS", default=[""])) +SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS = tuple(env.list("DD_SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_EMAILS", default=[""])) SOCIAL_AUTH_LOGIN_ERROR_URL = "/login" SOCIAL_AUTH_BACKEND_ERROR_URL = "/login"