source: trunk/ndg_oauth/ndg_oauth_server/ndg/oauth/server/examples/bearer_tok/bearer_tok_server_app.ini @ 8116

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg-security/trunk/ndg_oauth/ndg_oauth_server/ndg/oauth/server/examples/bearer_tok/bearer_tok_server_app.ini@8116
Revision 8116, 7.1 KB checked in by pjkersha, 9 years ago (diff)

Rename to bearer_tok to be consistent with client example

Line 
1#
2# NDG OAuth Server - Pylons development environment configuration
3#
4# The %(here)s variable will be replaced with the parent directory of this file
5#
6[DEFAULT]
7debug = true
8# Uncomment and replace with the address which should receive any error reports
9#email_to = you@yourdomain.com
10smtp_server = localhost
11error_email_from = paste@localhost
12
13beakerSessionKeyName = beaker.session.oauth2server
14
15[server:main]
16use = egg:Paste#http
17#host = 127.0.0.1
18host = 0.0.0.0
19port = 5000
20ssl_pem = %(here)s/host.pem
21
22[pipeline:main]
23pipeline = BeakerSessionFilter
24           repoze_who
25           AuthnForm
26           MyProxyClient
27           OAuth2Authz
28           OAuth2ServerFilterApp
29#           OAuth2Server
30
31# This filter sets up a server side session linked to a cookie.  The session
32# caches authentication and authorisation state information
33[filter:BeakerSessionFilter]
34paste.filter_app_factory = beaker.middleware:SessionMiddleware
35
36# Cookie name
37beaker.session.key = ndg.oauth.server.session
38
39# WSGI environ key name
40environ_key = %(beakerSessionKeyName)s
41beaker.session.secret = somesecret
42#beaker.cache.data_dir = %(here)s/authn/beaker/cache
43beaker.session.type = file
44beaker.session.data_dir = %(here)s/authn/beaker/sessions
45
46[filter:repoze_who]
47use = egg:repoze.who#config
48config_file = %(here)s/repoze_who.ini
49log_file = stdout
50log_level = debug
51
52[filter:AuthnForm]
53paste.filter_app_factory = ndg.oauth.server.wsgi.authentication_filter:AuthenticationFormMiddleware.filter_app_factory
54authenticationForm.base_url_path = /authentication
55authenticationForm.client_register=%(here)s/client_register.ini
56# If true, client authorization included on login form, otherwise the separate
57# client authorization form is always used.
58authenticationForm.combined_authorization = True
59authenticationForm.login_cancelled = %(here)s/templates/login_cancelled.html
60authenticationForm.login_form = %(here)s/templates/login_form.html
61authenticationForm.return_url_param = returnurl
62authenticationForm.session_key_name = %(beakerSessionKeyName)s
63# Authentication form configuration
64authenticationForm.layout.heading = OAuth Login
65authenticationForm.layout.title = OAuth Login
66authenticationForm.layout.rightLink = http://ceda.ac.uk/
67authenticationForm.layout.rightImage = /layout/CEDA_RightButton60.png
68authenticationForm.layout.rightAlt = Centre for Environmental Data Archival
69authenticationForm.layout.footerText = This site is for test purposes only.
70authenticationForm.layout.helpIcon = /layout/help.png
71
72
73[filter:MyProxyClient]
74paste.filter_app_factory = myproxy.server.wsgi.middleware:MyProxyClientMiddleware.filter_app_factory
75# Default environ key for MyProxy client
76# myproxy.client.clientEnvKeyName=myproxy.server.wsgi.middleware.MyProxyClientMiddleware.myProxyClient
77
78# MyProxy server which this MyProxy WSGI app is a client to.  Set here to the
79# fully qualified domain name or else set the MYPROXY_SERVER environment
80# variable.  See the documentation for the MyProxyClient egg for details
81myproxy.client.hostname = myproxy.ac.uk
82#myproxy.client.port = 7512
83
84# CA Certificate directory to enable this application to trust the MyProxy
85# server that it fronts e.g. set to /etc/grid-security/certificates.  For these
86# tests set to local ca directory
87myproxy.client.caCertDir = %(here)s/ca
88
89[filter:OAuth2Authz]
90# Authorization filter configuration options - defaults are commented out.
91paste.filter_app_factory = ndg.oauth.server.wsgi.authorization_filter:Oauth2AuthorizationMiddleware.filter_app_factory
92oauth2authorization.base_url_path=/client_authorization
93oauth2authorization.client_authorization_form=%(here)s/templates/auth_client_form.html
94#oauth2authorization.client_authorizations_key=client_authorizations
95oauth2authorization.client_register=%(here)s/client_register.ini
96oauth2authorization.session_key_name = %(beakerSessionKeyName)s
97#oauth2authorization.user_identifier_key=REMOTE_USER
98# Authorization form configuration
99oauth2authorization.layout.heading = OAuth Authorisation
100oauth2authorization.layout.title = OAuth Authorisation
101oauth2authorization.layout.rightLink = http://ceda.ac.uk/
102oauth2authorization.layout.rightImage = /layout/CEDA_RightButton60.png
103oauth2authorization.layout.rightAlt = Centre for Environmental Data Archival
104oauth2authorization.layout.footerText = This site is for test purposes only.
105oauth2authorization.layout.helpIcon = /layout/icons/help.png
106
107[app:OAuth2Server]
108paste.app_factory = ndg.oauth.server.wsgi.oauth2_server:Oauth2ServerMiddleware.app_factory
109
110# OAuth2 server configuration options - defaults are commented out.
111#oauth2server.access_token_lifetime=86400
112# Allowed values: slcs (default) or bearer (which returns a UUID)
113#oauth2server.access_token_type=slcs
114oauth2server.access_token_type=bearer
115#oauth2server.authorization_grant_lifetime=600
116oauth2server.base_url_path=/oauth
117#oauth2server.certificate_request_parameter=certificate_request
118# Allowed values: certificate (default) or none.
119#oauth2server.client_authentication_method=certificate
120oauth2server.client_authentication_method=none
121#oauth2server.client_authorization_url=client_authorization/authorize
122#oauth2server.client_authorizations_key=client_authorizations
123oauth2server.client_register=%(here)s/client_register.ini
124#oauth2server.myproxy_client_key=myproxy.server.wsgi.middleware.MyProxyClientMiddleware.myProxyClient
125oauth2server.myproxy_global_password=i93rRugz
126#oauth2server.session_key_name=beaker.session.oauth2server
127#oauth2server.user_identifier_key=REMOTE_USER
128
129# Configuration of access token cache
130oauth2server.cache.accesstokenregister.expire=86400
131oauth2server.cache.accesstokenregister.type=file
132oauth2server.cache.accesstokenregister.data_dir=%(here)s/authn/accesstokenregister
133# data_dir is used if lock_dir not set:
134#oauth2server.cache.accesstokenregister.lock_dir
135
136# Configuration of authorization grant cache
137oauth2server.cache.authorizationgrantregister.expire=86400
138oauth2server.cache.authorizationgrantregister.type=file
139oauth2server.cache.authorizationgrantregister.data_dir=%(here)s/authn/authorizationgrantregister
140# data_dir is used if lock_dir not set:
141#oauth2server.cache.authorizationgrantregister.lock_dir
142
143[filter-app:OAuth2ServerFilterApp]
144use = egg:Paste#httpexceptions
145next = cascade
146
147[composit:cascade]
148use = egg:Paste#cascade
149app1 = OAuth2Server
150app2 = StaticContent
151catch = 404
152
153[app:StaticContent]
154use = egg:Paste#static
155document_root = %(here)s/static
156
157# WARNING: *THE LINE BELOW MUST BE UNCOMMENTED ON A PRODUCTION ENVIRONMENT*
158# Debug mode will enable the interactive debugging tool, allowing ANYONE to
159# execute malicious code after an exception is raised.
160#set debug = false
161
162
163# Logging configuration
164[loggers]
165keys = root, routes, ndgoauthserver
166
167[handlers]
168keys = console
169
170[formatters]
171keys = generic
172
173[logger_root]
174level = INFO
175handlers = console
176
177[logger_routes]
178level = INFO
179handlers =
180qualname = routes.middleware
181# "level = DEBUG" logs the route matched and routing variables.
182
183[logger_ndgoauthserver]
184level = DEBUG
185handlers =
186qualname = ndg.oauth.server
187
188[handler_console]
189class = StreamHandler
190args = (sys.stderr,)
191level = NOTSET
192formatter = generic
193
194[formatter_generic]
195format = %(asctime)s,%(msecs)03d %(levelname)-5.5s [%(name)s] [%(threadName)s] %(message)s
196datefmt = %H:%M:%S
Note: See TracBrowser for help on using the repository browser.