TTMK/web2.0-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change google creds format. Ugly but works.

Browse Source
This commit is contained in:
Ojakoo
2022-09-12 22:38:18 +03:00
parent 37a9750d4d
commit f0179c1840
5 changed files with 72 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
production_entrypoint.sh
+14 -2
View File
@@ -10,8 +10,20 @@ fi
if test -f "$DB_PASSWD_FILE"; then
export DB_PASSWD=$(cat $DB_PASSWD_FILE)
fi
if test -f "$GOOGLE_CREDS_FILE"; then
export GOOGLE_CREDS=$(cat $GOOGLE_CREDS_FILE)
if test -f "$G_PRIVATE_KEY_ID_FILE"; then
export G_PRIVATE_KEY_ID=$(cat $G_PRIVATE_KEY_ID_FILE)
fi
if test -f "$G_PRIVATE_KEY_FILE"; then
export G_PRIVATE_KEY=$(cat $G_PRIVATE_KEY_FILE)
fi
if test -f "$G_CLIENT_EMAIL_FILE"; then
export G_CLIENT_EMAIL=$(cat $G_CLIENT_EMAIL_FILE)
fi
if test -f "$G_CLIENT_ID_FILE"; then
export G_CLIENT_ID=$(cat $G_CLIENT_ID_FILE)
fi
if test -f "$G_CLIENT_URL_FILE"; then
export G_CLIENT_URL=$(cat $G_CLIENT_URL_FILE)
fi
if test -f "$GROUP_KEY_FILE"; then
export GROUP_KEY=$(cat $GROUP_KEY_FILE)
sikweb/settings.py
+12 -4
View File
@@ -82,11 +82,19 @@ DATABASES = {
# Google api settings
GROUP_KEY = os.getenv("GROUP_KEY", "")
try:
GOOGLE_CREDS_JSON = json.loads(os.getenv("GOOGLE_CREDS", "{}"))
except:
GOOGLE_CREDS_JSON = json.loads("{}")
GOOGLE_CREDS = {
"type": "service_account",
"project_id": "web2-backend",
"private_key_id": os.getenv("G_PRIVATE_KEY_ID", ""),
"private_key": os.getenv("G_PRIVATE_KEY", ""),
"client_email": os.getenv("G_CLIENT_EMAIL", ""),
"client_id": os.getenv("G_CLIENT_ID", ""),
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": os.getenv("G_CLIENT_URL", ""),
}
# JWT authentication
SIMPLE_JWT = {
stack-compose-dev.yml
+19 -3
View File
@@ -29,20 +29,36 @@ services:
- FRONTEND_URL=dev.sahkoinsinoorikilta.fi
- DEBUG=True
- EMAIL_API_KEY_FILE=/run/secrets/DJANGO_EMAIL_API_KEY
- GOOGLE_CREDS_FILE=/run/secrets/BACKEND_GOOGLE_CREDS
- G_PRIVATE_KEY_ID_FILE=/run/secrets/BACKEND_G_PRIVATE_KEY_ID
- G_PRIVATE_KEY_FILE=/run/secrets/BACKEND_G_PRIVATE_KEY
- G_CLIENT_EMAIL_FILE=/run/secrets/BACKEND_G_CLIENT_EMAIL
- G_CLIENT_ID_FILE=/run/secrets/BACKEND_G_CLIENT_ID
- G_CLIENT_URL_FILE=/run/secrets/BACKEND_G_CLIENT_URL
- GROUP_KEY_FILE=/run/secrets/BACKEND_GROUP_KEY
- DB_HOST=db
- DB_PORT=5432
secrets:
- DJANGO_EMAIL_API_KEY
- BACKEND_GOOGLE_CREDS
- BACKEND_G_PRIVATE_KEY_ID
- BACKEND_G_PRIVATE_KEY
- BACKEND_G_CLIENT_EMAIL
- BACKEND_G_CLIENT_ID
- BACKEND_G_CLIENT_URL
- BACKEND_GROUP_KEY
secrets:
DJANGO_EMAIL_API_KEY:
external: true
BACKEND_GOOGLE_CREDS:
BACKEND_G_PRIVATE_KEY_ID:
external: true
BACKEND_G_PRIVATE_KEY:
external: true
BACKEND_G_CLIENT_EMAIL:
external: true
BACKEND_G_CLIENT_ID:
external: true
BACKEND_G_CLIENT_URL:
external: true
BACKEND_GROUP_KEY:
external: true
stack-compose.yml
+19 -3
View File
@@ -34,14 +34,22 @@ services:
- SECRET_KEY_FILE=/run/secrets/BACKEND_SECRET_KEY
- DB_PASSWD_FILE=/run/secrets/BACKEND_DB_PASSWD
- EMAIL_API_KEY_FILE=/run/secrets/BACKEND_EMAIL_API_KEY
- GOOGLE_CREDS_FILE=/run/secrets/BACKEND_GOOGLE_CREDS
- G_PRIVATE_KEY_ID_FILE=/run/secrets/BACKEND_G_PRIVATE_KEY_ID
- G_PRIVATE_KEY_FILE=/run/secrets/BACKEND_G_PRIVATE_KEY
- G_CLIENT_EMAIL_FILE=/run/secrets/BACKEND_G_CLIENT_EMAIL
- G_CLIENT_ID_FILE=/run/secrets/BACKEND_G_CLIENT_ID
- G_CLIENT_URL_FILE=/run/secrets/BACKEND_G_CLIENT_URL
- GROUP_KEY_FILE=/run/secrets/BACKEND_GROUP_KEY
secrets:
- BACKEND_SECRET_KEY
- BACKEND_DB_PASSWD
- BACKEND_EMAIL_API_KEY
- BACKEND_GOOGLE_CREDS
- BACKEND_G_PRIVATE_KEY_ID
- BACKEND_G_PRIVATE_KEY
- BACKEND_G_CLIENT_EMAIL
- BACKEND_G_CLIENT_ID
- BACKEND_G_CLIENT_URL
- BACKEND_GROUP_KEY
secrets:
@@ -51,7 +59,15 @@ secrets:
external: true
BACKEND_EMAIL_API_KEY:
external: true
BACKEND_GOOGLE_CREDS:
BACKEND_G_PRIVATE_KEY_ID:
external: true
BACKEND_G_PRIVATE_KEY:
external: true
BACKEND_G_CLIENT_EMAIL:
external: true
BACKEND_G_CLIENT_ID:
external: true
BACKEND_G_CLIENT_URL:
external: true
BACKEND_GROUP_KEY:
external: true
webapp/utils.py
+8 -4
View File
@@ -25,7 +25,7 @@ from sikweb.settings import (
DEFAULT_EMAIL_FROM_ADDR,
ENABLE_AUTOMATIC_EMAILS,
GROUP_KEY,
GOOGLE_CREDS_JSON,
GOOGLE_CREDS,
)
from datetime import timedelta
@@ -136,13 +136,17 @@ def add_to_mailinglist(email: str):
# create credentials, with subject is used to impersonate admin account
# jas_manager has groups editor rights in google admin
credentials = service_account.Credentials.from_service_account_info(
info=GOOGLE_CREDS_JSON, scopes=SCOPES
info=GOOGLE_CREDS, scopes=SCOPES
).with_subject("jas_manager@sahkoinsinoorikilta.fi")
service = build("admin", "directory_v1", credentials=credentials)
service.members().insert(groupKey=GROUP_KEY, body={"email": email}).execute()
except HttpError as err:
# Already in list, do nothing
print()
print(err)
print()
if err.status_code == 409:
pass
else:
@@ -157,7 +161,7 @@ def add_to_mailinglist(email: str):
)
send_email(to, subject, body)
except ValueError as err:
""" except ValueError as err:
logging.exception("Formatting of google credentials is incorrect")
if DEPLOY_ENV == "production":
@@ -167,4 +171,4 @@ def add_to_mailinglist(email: str):
email
)
send_email(to, subject, body)
send_email(to, subject, body) """