From 1134cd312ed1ffb62700a5287fb359ef26bbceef Mon Sep 17 00:00:00 2001
From: Steven Bal <steven@maykinmedia.nl>
Date: Tue, 10 Dec 2024 09:53:36 +0100
Subject: [PATCH 1/2] :bug: [#129] Move all endpoints to endpoints_config in
 setup config model

---
 mozilla_django_oidc_db/setup_configuration/models.py | 10 +++++++---
 mozilla_django_oidc_db/setup_configuration/steps.py  |  4 ++--
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/mozilla_django_oidc_db/setup_configuration/models.py b/mozilla_django_oidc_db/setup_configuration/models.py
index 75c0652..e342645 100644
--- a/mozilla_django_oidc_db/setup_configuration/models.py
+++ b/mozilla_django_oidc_db/setup_configuration/models.py
@@ -1,4 +1,4 @@
-from typing import Union
+from typing import Literal, Union
 
 from django_setup_configuration.fields import DjangoModelRef
 from django_setup_configuration.models import ConfigurationModel
@@ -18,6 +18,12 @@ class OIDCFullEndpointConfig(ConfigurationModel):
     oidc_op_user_endpoint: AnyUrl = DjangoModelRef(
         OpenIDConnectConfig, "oidc_op_user_endpoint"
     )
+    oidc_op_logout_endpoint: AnyUrl | Literal[""] = DjangoModelRef(
+        OpenIDConnectConfig, "oidc_op_logout_endpoint"
+    )
+    oidc_op_jwks_endpoint: AnyUrl | Literal[""] = DjangoModelRef(
+        OpenIDConnectConfig, "oidc_op_jwks_endpoint"
+    )
 
 
 class OIDCDiscoveryEndpoint(ConfigurationModel):
@@ -80,8 +86,6 @@ class Meta:
                 "oidc_token_use_basic_auth",
                 "oidc_rp_sign_algo",
                 "oidc_rp_idp_sign_key",
-                "oidc_op_logout_endpoint",
-                "oidc_op_jwks_endpoint",
                 "oidc_use_nonce",
                 "oidc_nonce_size",
                 "oidc_state_size",
diff --git a/mozilla_django_oidc_db/setup_configuration/steps.py b/mozilla_django_oidc_db/setup_configuration/steps.py
index 9146308..b37ef96 100644
--- a/mozilla_django_oidc_db/setup_configuration/steps.py
+++ b/mozilla_django_oidc_db/setup_configuration/steps.py
@@ -34,10 +34,8 @@ def execute(self, model: AdminOIDCConfigurationModel) -> None:
             "oidc_rp_client_secret": config_model.oidc_rp_client_secret,
             "oidc_rp_sign_algo": config_model.oidc_rp_sign_algo,
             "oidc_rp_scopes_list": config_model.oidc_rp_scopes_list,
-            "oidc_op_jwks_endpoint": config_model.oidc_op_jwks_endpoint,
             "oidc_token_use_basic_auth": config_model.oidc_token_use_basic_auth,
             "oidc_rp_idp_sign_key": config_model.oidc_rp_idp_sign_key,
-            "oidc_op_logout_endpoint": config_model.oidc_op_logout_endpoint,
             "oidc_use_nonce": config_model.oidc_use_nonce,
             "oidc_nonce_size": config_model.oidc_nonce_size,
             "oidc_state_size": config_model.oidc_state_size,
@@ -66,6 +64,8 @@ def execute(self, model: AdminOIDCConfigurationModel) -> None:
                 oidc_op_authorization_endpoint=config_model.endpoint_config.oidc_op_authorization_endpoint,
                 oidc_op_token_endpoint=config_model.endpoint_config.oidc_op_token_endpoint,
                 oidc_op_user_endpoint=config_model.endpoint_config.oidc_op_user_endpoint,
+                oidc_op_logout_endpoint=config_model.endpoint_config.oidc_op_logout_endpoint,
+                oidc_op_jwks_endpoint=config_model.endpoint_config.oidc_op_jwks_endpoint,
             )
 
         form = OpenIDConnectConfigForm(

From 9c9a75c5a266dd56584cc2f9c8f592efb563ff16 Mon Sep 17 00:00:00 2001
From: Steven Bal <steven@maykinmedia.nl>
Date: Tue, 10 Dec 2024 09:54:03 +0100
Subject: [PATCH 2/2] :white_check_mark: [#128/#129] Add missing fields to
 full_setup setup config data

---
 tests/setupconfig/files/full_setup.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tests/setupconfig/files/full_setup.yml b/tests/setupconfig/files/full_setup.yml
index dbdd1e6..b3c004c 100644
--- a/tests/setupconfig/files/full_setup.yml
+++ b/tests/setupconfig/files/full_setup.yml
@@ -12,11 +12,13 @@ oidc_db_config_admin_auth:
     - extra_scope
     oidc_rp_sign_algo: RS256
     oidc_rp_idp_sign_key: key
-    oidc_op_jwks_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/certs
     endpoint_config:
         oidc_op_authorization_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/auth
         oidc_op_token_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/token
         oidc_op_user_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/userinfo
+        oidc_op_jwks_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/certs
+        oidc_op_logout_endpoint: http://localhost:8080/realms/test/protocol/openid-connect/logout
+    oidc_token_use_basic_auth: True
     username_claim:
     - claim_name
     groups_claim:
@@ -35,5 +37,6 @@ oidc_db_config_admin_auth:
     oidc_use_nonce: false
     oidc_nonce_size: 48
     oidc_state_size: 48
+    oidc_keycloak_idp_hint: foo
     userinfo_claims_source: id_token