From 735221cf59ea98f868f3b6de1aa235f11232a56d Mon Sep 17 00:00:00 2001
From: alangsto <46360176+alangsto@users.noreply.github.com>
Date: Tue, 21 Jun 2022 13:35:14 -0400
Subject: [PATCH] fix: ensure oauth is setup properly for local dev (#17)

---
 edx_exams/settings/local.py  | 35 ++++++++++++++++++++++++++++++++---
 local-provision-edx-exams.sh |  2 +-
 2 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/edx_exams/settings/local.py b/edx_exams/settings/local.py
index 9ca11a15..d097e780 100644
--- a/edx_exams/settings/local.py
+++ b/edx_exams/settings/local.py
@@ -53,11 +53,40 @@
 # Generic OAuth2 variables irrespective of SSO/backend service key types.
 OAUTH2_PROVIDER_URL = 'http://localhost:18000/oauth2'
 
+# OAuth2 variables specific to social-auth/SSO login use case.
+SOCIAL_AUTH_EDX_OAUTH2_KEY = os.environ.get('SOCIAL_AUTH_EDX_OAUTH2_KEY', 'edx_exams-sso-key')
+SOCIAL_AUTH_EDX_OAUTH2_SECRET = os.environ.get('SOCIAL_AUTH_EDX_OAUTH2_SECRET', 'edx_exams-sso-secret')
+SOCIAL_AUTH_EDX_OAUTH2_ISSUER = os.environ.get('SOCIAL_AUTH_EDX_OAUTH2_ISSUER', 'http://localhost:18000')
+SOCIAL_AUTH_EDX_OAUTH2_URL_ROOT = os.environ.get('SOCIAL_AUTH_EDX_OAUTH2_URL_ROOT', 'http://localhost:18000')
+SOCIAL_AUTH_EDX_OAUTH2_LOGOUT_URL = os.environ.get('SOCIAL_AUTH_EDX_OAUTH2_LOGOUT_URL', 'http://localhost:18000/logout')
+SOCIAL_AUTH_EDX_OAUTH2_PUBLIC_URL_ROOT = os.environ.get(
+    'SOCIAL_AUTH_EDX_OAUTH2_PUBLIC_URL_ROOT', 'http://localhost:18000',
+)
+
+# OAuth2 variables specific to backend service API calls.
+BACKEND_SERVICE_EDX_OAUTH2_KEY = os.environ.get('BACKEND_SERVICE_EDX_OAUTH2_KEY', 'edx_exams-backend-service-key')
+BACKEND_SERVICE_EDX_OAUTH2_SECRET = os.environ.get(
+    'BACKEND_SERVICE_EDX_OAUTH2_SECRET',
+    'edx_exams-backend-service-secret'
+)
+
 JWT_AUTH.update({
     'JWT_ALGORITHM': 'HS256',
-    'JWT_SECRET_KEY': SOCIAL_AUTH_EDX_OAUTH2_SECRET,
-    'JWT_ISSUER': OAUTH2_PROVIDER_URL,
-    'JWT_AUDIENCE': SOCIAL_AUTH_EDX_OAUTH2_KEY,
+    'JWT_SECRET_KEY': 'lms-secret',
+    'JWT_ISSUER': 'http://localhost:18000/oauth2',
+    'JWT_AUDIENCE': None,
+    'JWT_VERIFY_AUDIENCE': False,
+    'JWT_PUBLIC_SIGNING_JWK_SET': (
+        '{"keys": [{"kid": "devstack_key", "e": "AQAB", "kty": "RSA", "n": "smKFSYowG6nNUAdeqH1jQQnH1PmIHphzBmwJ5vRf1vu'
+        '48BUI5VcVtUWIPqzRK_LDSlZYh9D0YFL0ZTxIrlb6Tn3Xz7pYvpIAeYuQv3_H5p8tbz7Fb8r63c1828wXPITVTv8f7oxx5W3lFFgpFAyYMmROC'
+        '4Ee9qG5T38LFe8_oAuFCEntimWxN9F3P-FJQy43TL7wG54WodgiM0EgzkeLr5K6cDnyckWjTuZbWI-4ffcTgTZsL_Kq1owa_J2ngEfxMCObnzG'
+        'y5ZLcTUomo4rZLjghVpq6KZxfS6I1Vz79ZsMVUWEdXOYePCKKsrQG20ogQEkmTf9FT_SouC6jPcHLXw"}]}'
+    ),
+    'JWT_ISSUERS': [{
+        'AUDIENCE': 'lms-key',
+        'ISSUER': 'http://localhost:18000/oauth2',
+        'SECRET_KEY': 'lms-secret',
+    }],
 })
 
 ENABLE_AUTO_AUTH = True
diff --git a/local-provision-edx-exams.sh b/local-provision-edx-exams.sh
index 55c7b801..1adc8d39 100644
--- a/local-provision-edx-exams.sh
+++ b/local-provision-edx-exams.sh
@@ -1,5 +1,5 @@
 name="edx_exams"
-port="8140"
+port="18740"
 
 # Create superuser
 echo -e "${GREEN}Creating super-user for ${name}...${NC}"