From bed18cb4dec120b8eb6a370b8e5885c48a188390 Mon Sep 17 00:00:00 2001
From: Simon Chen <schen@C02QJ0RFG8WM.tld>
Date: Tue, 29 Jan 2019 14:49:16 -0500
Subject: [PATCH] Add the social auth config values

---
 registrar/settings/base.py  | 10 ++++++++++
 registrar/settings/local.py | 18 ++++++++++++++----
 2 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/registrar/settings/base.py b/registrar/settings/base.py
index 2c66ee4..e8d9099 100644
--- a/registrar/settings/base.py
+++ b/registrar/settings/base.py
@@ -171,6 +171,16 @@
 SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL = 'replace-me'
 SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY = SOCIAL_AUTH_EDX_OIDC_SECRET
 
+
+JWT_AUTH = {
+    'JWT_ISSUERS': [],
+    'JWT_ALGORITHM': 'HS256',
+    'JWT_VERIFY_EXPIRATION': True,
+    'JWT_PAYLOAD_GET_USERNAME_HANDLER': lambda d: d.get('preferred_username'),
+    'JWT_LEEWAY': 1,
+    'JWT_DECODE_HANDLER': 'edx_rest_framework_extensions.auth.jwt.decoder.jwt_decode_handler',
+}
+
 # Request the user's permissions in the ID token
 EXTRA_SCOPE = ['permissions']
 
diff --git a/registrar/settings/local.py b/registrar/settings/local.py
index c93330d..ed67033 100644
--- a/registrar/settings/local.py
+++ b/registrar/settings/local.py
@@ -47,18 +47,28 @@
 # END TOOLBAR CONFIGURATION
 
 # AUTHENTICATION
+OAUTH2_PROVIDER_URL = 'http://edx.devstack.lms:18000/oauth2'
+
 # Use a non-SSL URL for authorization redirects
 SOCIAL_AUTH_REDIRECT_IS_HTTPS = False
 
 # Set these to the correct values for your OAuth2/OpenID Connect provider (e.g., devstack)
-SOCIAL_AUTH_EDX_OIDC_KEY = 'replace-me'
-SOCIAL_AUTH_EDX_OIDC_SECRET = 'replace-me'
-SOCIAL_AUTH_EDX_OIDC_URL_ROOT = 'replace-me'
-SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL = 'replace-me'
+SOCIAL_AUTH_EDX_OIDC_KEY = 'registrar-key'
+SOCIAL_AUTH_EDX_OIDC_SECRET = 'registrar-secret'
+SOCIAL_AUTH_EDX_OIDC_URL_ROOT = 'http://edx.devstack.edxapp:18000/oauth2'
+SOCIAL_AUTH_EDX_OIDC_PUBLIC_URL_ROOT = 'http://localhost:18000/oauth2'
+SOCIAL_AUTH_EDX_OIDC_LOGOUT_URL = 'http://localhost:18000/logout'
+SOCIAL_AUTH_EDX_OIDC_ISSUER = 'http://edx.devstack.lms:18000/oauth2'
 SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY = SOCIAL_AUTH_EDX_OIDC_SECRET
 
 ENABLE_AUTO_AUTH = True
 
+JWT_AUTH['JWT_ISSUERS'].append({
+    'AUDIENCE': 'lms-key',
+    'ISSUER': 'http://edx.devstack.lms:18000/oauth2',
+    'SECRET_KEY': 'lms-secret',
+})
+
 #####################################################################
 # Lastly, see if the developer has any local overrides.
 if os.path.isfile(join(dirname(abspath(__file__)), 'private.py')):