Startup issue when configuring the color scheme

README.md

@@ -75,28 +75,31 @@ concerns are:
 
 During development, environment variables can be set to control execution:
 
-| Variable                                    | Description                                                       |
-| :-------------------------------------      | :---------------------------------------------------------------- |
-| BRAND=[braini, cat, heal, restartr, scidas, eduhelx] | Product context configuration for the appstore.                   |
-| DJANGO_SETTINGS_MODULE=[appstore.settings.<brand>_settings] | Product settings module configuration for the appstore.                   |
-| DEV_PHASE=[stub, local, dev, val, prod]     | In stub, does not require a Tycho service.                        |
-| ALLOW_DJANGO_LOGIN=[TRUE, FALSE]            | When true, presents username and password authentication options. |
-| SECRET_KEY                                  | Key for securing the application.                                 |
-| OAUTH_PROVIDERS                             | Contains all the providers(google, github).                       |
-| GOOGLE_CLIENT_ID                            | Contains the client_id of the provider.                           |
-| GOOGLE_SECRET                               | Contains the secret key for provider.                             |
-| GOOGLE_NAME                                 | Sets the name for the provider.                                   |
-| GITHUB_CLIENT_ID                            | Contains the client_id of the provider.                           |
-| GITHUB_SECRET                               | Contains the secret key of the provider.                          |
-| GITHUB_NAME                                 | Sets the name for the provider.                                   |
-| APPSTORE_DJANGO_USERNAME                    | Holds superuser username credentials.                             |
-| APPSTORE_DJANGO_PASSWORD                    | Holds superuser password credentials.                             |
-| TYCHO_URL                                   | Contains the url of the running tycho host.                       |
-| OAUTH_DB_DIR                                | Contains the path for the database directory.                     |
-| OAUTH_DB_FILE                               | Contains the path for the database file.                          |
-| APPSTORE_DEFAULT_FROM_EMAIL                 | Default email address for appstore.                               |
-| APPSTORE_DEFAULT_SUPPORT_EMAIL              | Default support email for appstore.                               |
-| ACCOUNT_DEFAULT_HTTP_PROTOCOL               | Allows to switch between http and https protocol.                 |
+| Variable                                                     | Description                                                       |
+|:-------------------------------------------------------------|:------------------------------------------------------------------|
+| BRAND=[braini, cat, heal, restartr, scidas, eduhelx]         | Product context configuration for the appstore.                   |
+| DJANGO_SETTINGS_MODULE=[appstore.settings.<brand>_settings]  | Product settings module configuration for the appstore.           |
+| DEV_PHASE=[stub, local, dev, val, prod]                      | In stub, does not require a Tycho service.                        |
+| ALLOW_DJANGO_LOGIN=[TRUE, FALSE]                             | When true, presents username and password authentication options. |
+| SECRET_KEY                                                   | Key for securing the application.                                 |
+| OAUTH_PROVIDERS                                              | Contains all the providers(google, github, cilogon).              |
+| CILOGON_CLIENT_ID                                            | Contains the client_id of the provider.                           |
+| CILOGON_SECRET                                               | Contains the secret key for provider.                             |
+| CILOGON_NAME                                                 | Sets the name for the provider.                                   |
+| GOOGLE_CLIENT_ID                                             | Contains the client_id of the provider.                           |
+| GOOGLE_SECRET                                                | Contains the secret key for provider.                             |
+| GOOGLE_NAME                                                  | Sets the name for the provider.                                   |
+| GITHUB_CLIENT_ID                                             | Contains the client_id of the provider.                           |
+| GITHUB_SECRET                                                | Contains the secret key of the provider.                          |
+| GITHUB_NAME                                                  | Sets the name for the provider.                                   |
+| APPSTORE_DJANGO_USERNAME                                     | Holds superuser username credentials.                             |
+| APPSTORE_DJANGO_PASSWORD                                     | Holds superuser password credentials.                             |
+| TYCHO_URL                                                    | Contains the url of the running tycho host.                       |
+| OAUTH_DB_DIR                                                 | Contains the path for the database directory.                     |
+| OAUTH_DB_FILE                                                | Contains the path for the database file.                          |
+| APPSTORE_DEFAULT_FROM_EMAIL                                  | Default email address for appstore.                               |
+| APPSTORE_DEFAULT_SUPPORT_EMAIL                               | Default support email for appstore.                               |
+| ACCOUNT_DEFAULT_HTTP_PROTOCOL                                | Allows to switch between http and https protocol.                 |
 
 The provided .env.sample contains a starter that you can update and source for
 development.
@@ -527,13 +530,17 @@ appstore:
     EMAIL_HOST_PASSWORD: <secret>
     DOCKSTORE_APPS_BRANCH: <appstore branch>
     oauth:
-      OAUTH_PROVIDERS: "github,google"
+      OAUTH_PROVIDERS: "github,google,cilogon"
       GITHUB_NAME: <github name>
       GITHUB_CLIENT_ID: <github id>
       GITHUB_SECRET: <github secret>
       GOOGLE_NAME: <google name>
       GOOGLE_CLIENT_ID: <google client id>
-      GOOGLE_SECRET: <google client secret>
+      GOOGLE_SECRET: <CILogon client secret>
+      CILOGON_NAME: <cilogon name>
+      CILOGON_CLIENT_ID: <CILogon client id>
+      CILOGON_SECRET: <CILogon client secret>
+
   ACCOUNT_DEFAULT_HTTP_PROTOCOL: https
   appstoreEntrypointArgs: "make start"
   userStorage:
@@ -558,6 +565,9 @@ As part of user configuration, system administration will obtain the following
   - GOOGLE_NAME
   - GOOGLE_CLIENT_ID
   - GOOGLE_SECRET
+  - CILOGON_NAME
+  - CILOGON_CLIENT_ID
+  - CILOGON_SECRET
   - serverName
   - IP
   - nginxTLSSecret

appstore/api/v1/views.py

@@ -873,11 +873,12 @@ def _get_social_providers(self, request, settings):
             "allauth.account.auth_backends.AuthenticationBackend"
             in settings.AUTHENTICATION_BACKENDS
         ):
-            for provider in socialaccount.providers.registry.get_class_list():
-                inst = provider(request, "allauth.socialaccount")
+            adapter = socialaccount.adapter.get_adapter(request)
+            providers = adapter.list_providers(request)
+            for provider in providers:
                 provider_data.append(
                     asdict(
-                        LoginProvider(inst.name, inst.get_login_url(request))
+                        LoginProvider(provider.name, provider.get_login_url(request))
                     )
                 )
 

appstore/appstore/adapter.py

@@ -16,7 +16,6 @@ def clean_email(self, email):
             )
         return email
 
-
 class LoginRedirectAdapter(DefaultAccountAdapter, DefaultSocialAccountAdapter):
     """
     For regular form login redirect the user to the correct
@@ -60,6 +59,12 @@ def get_logout_redirect_url(self, request):
         return url
 
 class SocialAccountAdapter(DefaultSocialAccountAdapter):
+
+    def populate_user(self, request, sociallogin, data):
+        user = super().populate_user(request, sociallogin, data)
+        print('sociallogin.account.extra_data:', sociallogin.account.extra_data)
+        return user
+
     def on_authentication_error(self, request, provider, error=None, exception=None, extra_context=None):
         provider_id = provider.id if provider else "unknown"
         error_code = error.name if error else "unknown"

appstore/appstore/settings/base.py

@@ -11,6 +11,27 @@
 
 logger = logging.getLogger(__name__)
 
+# SECURITY WARNING: don't run with debug turned on in production!
+# Empty quotes equates to false in kubernetes env.
+DEBUG_STRING = os.environ.get("DEBUG", "")
+if DEBUG_STRING.lower() == "false":
+    DEBUG_STRING = ""
+
+DEBUG = bool(DEBUG_STRING)
+
+if DEBUG:
+    from product.configuration import ProductSettings, ProductColorScheme
+
+    APPLICATION_BRAND = os.environ.get("BRAND", "")
+
+    PRODUCT_SETTINGS = ProductSettings(
+        brand=APPLICATION_BRAND,
+        title=APPLICATION_BRAND,
+        logo_url=f"/static/images/{APPLICATION_BRAND}/logo.png",
+        color_scheme=ProductColorScheme("#191348", "#0079bc"),
+        links=None,
+    )
+
 APPSTORE_NESTED_SETTINGS_DIR = Path(__file__).parent.resolve(strict=True)
 APPSTORE_CONFIG_DIR = APPSTORE_NESTED_SETTINGS_DIR.parent
 DJANGO_PROJECT_ROOT_DIR = APPSTORE_CONFIG_DIR.parent
@@ -35,12 +56,6 @@
 
 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = os.environ["SECRET_KEY"]
-# SECURITY WARNING: don't run with debug turned on in production!
-# Empty quotes equates to false in kubernetes env.
-DEBUG_STRING = os.environ.get("DEBUG", "")
-if DEBUG_STRING.lower() == "false":
-    DEBUG_STRING = ""
-DEBUG = bool(DEBUG_STRING)
 
 # stub, local, dev, val, prod.
 DEV_PHASE = os.environ.get("DEV_PHASE", "local")
@@ -91,7 +106,7 @@
     "corsheaders",
     "crispy_forms",
     "rest_framework",
-    "drf_spectacular",
+    "drf_spectacular"
 ]
 
 ##  Setting to allow for a seamless login that was breaking at django-allauth 0.47.
@@ -111,6 +126,7 @@
 for PROVIDER in OAUTH_PROVIDERS:
     if PROVIDER != '':
         THIRD_PARTY_APPS.append(f"allauth.socialaccount.providers.{PROVIDER}")
+THIRD_PARTY_APPS.append("allauth.socialaccount.providers.openid_connect")
 
 INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS
 
@@ -154,16 +170,29 @@
 ACCOUNT_LOGOUT_REDIRECT_URL = "/helx"
 LOGIN_REDIRECT_URL = "/helx/workspaces/login/success"
 LOGIN_URL = "/accounts/login"
-LOGIN_WHITELIST_URL = "/login_whitelist/"
+LOGIN_WHITELIST_URL = "/helx/workspaces/login?whitelist_required=true"
 OIDC_SESSION_MANAGEMENT_ENABLE = True
 SAML_URL = "/accounts/saml"
 SAML_ACS_URL = "/saml2_auth/acs/"
 #SAML_ACS_URL = "/sso/acs/"
-SOCIALACCOUNT_ADAPATER = "appstore.adapter.SocialAccountAdapter"
+SOCIALACCOUNT_ADAPTER = "appstore.adapter.SocialAccountAdapter"
 SOCIALACCOUNT_QUERY_EMAIL = ACCOUNT_EMAIL_REQUIRED
 SOCIALACCOUNT_STORE_TOKENS = True
 SOCIALACCOUNT_PROVIDERS = {
-    "google": {"SCOPE": ["profile", "email"], "AUTH_PARAMS": {"access_type": "offline"}}
+    "google": {"SCOPE": ["profile", "email"], "AUTH_PARAMS": {"access_type": "offline"}},
+    "openid_connect": {
+        "APPS": [
+            {
+                "provider_id": "dex",
+                "name": "Dex IDP",
+                "client_id": "django",
+                "secret": "xL4QMryQ_6TrIzYBbpnZt864vFJtD_dkOFQJZmrYIZbV5Gz5LfNdzbFpCYk6aki3dOwrIqnuRhGKmU8WXz757Q",
+                "settings": {
+                    "server_url": "https://helx-dex-server.apps.renci.org/dex"
+                },
+            }
+        ]
+    }
 }
 SECURE_CROSS_ORIGIN_OPENER_POLICY = None
 

appstore/core/management/commands/addingwhitelistedsocialapp.py

@@ -25,4 +25,4 @@ def handle(self, *args, **kwargs):
 
     if not Group.objects.filter(name='whitelisted'):
         Group.objects.create(name='whitelisted')
-    print("Successfully added social applications GitHub and Google and whitelisted to the Group!")
+    print("Successfully added social applications and whitelisted them into the Group!")

appstore/product/configuration.py

@@ -34,6 +34,6 @@ class ProductSettings:
     brand: str = "CommonsShare"
     title: str = "CommonsShare"
     logo_url: str = "/static/images/commonsshare/logo-lg.png"
-    color_scheme: ProductColorScheme = ProductColorScheme()
+    color_scheme: ProductColorScheme = field(default_factory=lambda: ProductColorScheme())
     capabilities: List[str] = field(default_factory=lambda: ['app', 'search'])