ImperialCollegeLondon / fair-data-repository

BSD 3-Clause "New" or "Revised" License
0 stars 0 forks source link

Use app_key #70

Closed J4bbi closed 3 weeks ago

J4bbi commented 3 weeks ago

Documentation around setting up SSO is limited. In addition to the docs themselves, it is largely found in config.py .

I assume the starting point for writing the current SSO integration config was taken here from config.py. The current approach passes consumer_key and consumer_secret directly to Flask-OAuthLib whereas Invenio prefers to use lazy loading via config app_key .

The invenio-oauthclient module makes one reference to the app_key in configuration for remote apps in a wrapper around the disconnect_handler. This only comes into play when a user tries to disconnect a remote app (an SSO service) from his account. As local logins won't be enabled, this situation can't arise as long as Imperial SSO is the only configured SSO service and as long as a user isn't created before an SSO login occurs.

I've put in a PR for the invenio-oauthclient here.

Developer Checklist

Developers should review and confirm each of these items before requesting review

Reviewer Checklist

Reviewers should review and confirm each of these items before approval If there are multiple reviewers, this section can be duplicated for each reviewer

Testing

List user test scripts that need to be run

List any non-unit test scripts that need to be run