Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 883289bc6f | |||
| 619c961598 | |||
| 136d2d610b | |||
| e4e2c15505 | |||
| 289a24545d |
@@ -0,0 +1 @@
|
||||
"""Meet core add-ons module."""
|
||||
@@ -0,0 +1,126 @@
|
||||
"""Authentication session management for add-ons using temporary cache-based sessions."""
|
||||
|
||||
import secrets
|
||||
from datetime import datetime, timedelta, timezone
|
||||
from enum import Enum
|
||||
from logging import getLogger
|
||||
|
||||
from django.conf import settings
|
||||
from django.core.cache import cache
|
||||
from django.core.exceptions import SuspiciousOperation
|
||||
|
||||
from core.models import User
|
||||
from core.services.jwt_token_service import TokenService
|
||||
|
||||
logger = getLogger(__name__)
|
||||
|
||||
|
||||
class SessionState(str, Enum):
|
||||
"""Add-on authentication session states."""
|
||||
|
||||
PENDING = "pending"
|
||||
AUTHENTICATED = "authenticated"
|
||||
|
||||
|
||||
class TokenExchangeService:
|
||||
"""Manage temporary authentication sessions for add-on JWT token exchange."""
|
||||
|
||||
def __init__(self):
|
||||
"""Initialize the service with the configured token service."""
|
||||
|
||||
self._token_service = TokenService(
|
||||
secret_key=settings.ADDONS_JWT_SECRET_KEY,
|
||||
algorithm=settings.ADDONS_JWT_ALG,
|
||||
issuer=settings.ADDONS_JWT_ISSUER,
|
||||
audience=settings.ADDONS_JWT_AUDIENCE,
|
||||
expiration_seconds=settings.ADDONS_JWT_EXPIRATION_SECONDS,
|
||||
token_type=settings.ADDONS_JWT_TOKEN_TYPE,
|
||||
)
|
||||
|
||||
def _get_cache_key(self, session_id: str) -> str:
|
||||
"""Generate cache key for a session ID."""
|
||||
return f"{settings.ADDONS_SESSION_KEY_PREFIX}_{session_id}"
|
||||
|
||||
def init_session(self) -> str:
|
||||
"""Create a new pending authentication session and return its ID."""
|
||||
|
||||
session_id = secrets.token_urlsafe(settings.ADDONS_SESSION_ID_LENGTH)
|
||||
expires_at = datetime.now(timezone.utc) + timedelta(
|
||||
seconds=settings.ADDONS_SESSION_TIMEOUT
|
||||
)
|
||||
|
||||
session_data = {
|
||||
"state": SessionState.PENDING,
|
||||
"expires_at": expires_at.isoformat(),
|
||||
}
|
||||
|
||||
cache_key = self._get_cache_key(session_id)
|
||||
cache.set(
|
||||
cache_key,
|
||||
session_data,
|
||||
timeout=settings.ADDONS_SESSION_TIMEOUT,
|
||||
)
|
||||
|
||||
return session_id
|
||||
|
||||
def get_session(self, session_id: str) -> dict:
|
||||
"""Retrieve session data and clear it if authenticated."""
|
||||
|
||||
cache_key = self._get_cache_key(session_id)
|
||||
data = cache.get(cache_key)
|
||||
|
||||
if not data:
|
||||
return {}
|
||||
|
||||
if data.get("state") == SessionState.AUTHENTICATED:
|
||||
self.clear_session(session_id)
|
||||
|
||||
# Return copy without internal fields
|
||||
internal_fields = {"expires_at"}
|
||||
return {k: v for k, v in data.items() if k not in internal_fields}
|
||||
|
||||
def clear_session(self, session_id: str) -> None:
|
||||
"""Remove session data from cache."""
|
||||
|
||||
cache_key = self._get_cache_key(session_id)
|
||||
cache.delete(cache_key)
|
||||
|
||||
def set_access_token(self, user: User, session_id: str):
|
||||
"""Generate and store access token for an authenticated user session."""
|
||||
|
||||
cache_key = self._get_cache_key(session_id)
|
||||
existing_data = cache.get(cache_key)
|
||||
|
||||
if not existing_data:
|
||||
raise SuspiciousOperation("Session not found.")
|
||||
|
||||
expires_at = existing_data.get("expires_at", None)
|
||||
|
||||
if not expires_at:
|
||||
self.clear_session(session_id)
|
||||
raise SuspiciousOperation("Invalid session data.")
|
||||
|
||||
remaining_seconds = int(
|
||||
(
|
||||
datetime.fromisoformat(expires_at) - datetime.now(timezone.utc)
|
||||
).total_seconds()
|
||||
)
|
||||
|
||||
if remaining_seconds <= 0:
|
||||
self.clear_session(session_id)
|
||||
raise SuspiciousOperation("Session expired.")
|
||||
|
||||
if existing_data.get("state") != SessionState.PENDING:
|
||||
self.clear_session(session_id)
|
||||
raise SuspiciousOperation("Access token already set.")
|
||||
|
||||
response = self._token_service.generate_access_token(
|
||||
user, settings.ADDONS_SCOPES
|
||||
)
|
||||
new_data = {
|
||||
**existing_data,
|
||||
**response,
|
||||
"state": SessionState.AUTHENTICATED,
|
||||
}
|
||||
|
||||
cache.set(cache_key, new_data, timeout=remaining_seconds)
|
||||
@@ -0,0 +1,57 @@
|
||||
"""Add-ons views."""
|
||||
|
||||
from django.conf import settings
|
||||
from django.core.exceptions import SuspiciousOperation
|
||||
from django.shortcuts import redirect, render
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from django.views.decorators.http import require_http_methods
|
||||
|
||||
from core.addons.service import SessionState, TokenExchangeService
|
||||
|
||||
|
||||
def render_error(request, message, status=400):
|
||||
"""Render simple error page."""
|
||||
return render(request, "addons/error.html", {"message": message}, status=status)
|
||||
|
||||
|
||||
@require_http_methods(["GET"])
|
||||
def transit_page(request):
|
||||
"""Initialize authentication flow for add-on session."""
|
||||
|
||||
session_id = request.GET.get("session_id")
|
||||
|
||||
if not session_id:
|
||||
return render_error(request, _("Session ID is required."), status=400)
|
||||
|
||||
data = TokenExchangeService().get_session(session_id)
|
||||
|
||||
if not data:
|
||||
return render_error(request, _("Session not found or expired."), status=404)
|
||||
|
||||
if data.get("state") != SessionState.PENDING:
|
||||
return render_error(request, _("Invalid session state."), status=400)
|
||||
|
||||
request.session[settings.ADDONS_SESSION_KEY_AUTH] = session_id
|
||||
|
||||
return_to = request.build_absolute_uri("/addons/redirect")
|
||||
return redirect(f"/api/{settings.API_VERSION}/authenticate/?returnTo={return_to}")
|
||||
|
||||
|
||||
@require_http_methods(["GET"])
|
||||
def redirect_page(request):
|
||||
"""Complete authentication and close the popup window."""
|
||||
|
||||
if not request.user.is_authenticated:
|
||||
return render_error(request, _("Authentication required."), status=401)
|
||||
|
||||
session_id = request.session.pop(settings.ADDONS_SESSION_KEY_AUTH, None)
|
||||
|
||||
if not session_id:
|
||||
return render_error(request, _("No active session found."), status=404)
|
||||
|
||||
try:
|
||||
TokenExchangeService().set_access_token(request.user, session_id)
|
||||
except SuspiciousOperation:
|
||||
return render_error(request, _("Invalid or expired session."), status=400)
|
||||
|
||||
return render(request, "addons/redirect_success.html")
|
||||
@@ -0,0 +1,53 @@
|
||||
"""Add-ons API endpoints"""
|
||||
|
||||
from logging import getLogger
|
||||
|
||||
from rest_framework import (
|
||||
response as drf_response,
|
||||
)
|
||||
from rest_framework import status as drf_status
|
||||
from rest_framework import throttling, viewsets
|
||||
|
||||
from core.addons.service import TokenExchangeService
|
||||
|
||||
logger = getLogger(__name__)
|
||||
|
||||
|
||||
class AuthSessionThrottle(throttling.AnonRateThrottle):
|
||||
"""Throttle request to the addons auth session endpoints."""
|
||||
|
||||
scope = "addons_auth_sessions"
|
||||
|
||||
|
||||
class AuthSessionViewSet(viewsets.ViewSet):
|
||||
"""ViewSet for managing add-on authentication sessions via token exchange."""
|
||||
|
||||
authentication_classes = []
|
||||
permission_classes = []
|
||||
throttle_classes = [AuthSessionThrottle]
|
||||
|
||||
def create(self, request):
|
||||
"""Create a new pending authentication session."""
|
||||
session_id = TokenExchangeService().init_session()
|
||||
return drf_response.Response(
|
||||
{"session_id": session_id}, status=drf_status.HTTP_201_CREATED
|
||||
)
|
||||
|
||||
def retrieve(self, request, pk=None):
|
||||
"""Retrieve authentication session data by session ID."""
|
||||
data = TokenExchangeService().get_session(pk)
|
||||
|
||||
if not data:
|
||||
return drf_response.Response(
|
||||
{"detail": "Session not found or expired."},
|
||||
status=drf_status.HTTP_404_NOT_FOUND,
|
||||
)
|
||||
|
||||
return drf_response.Response(data, status=drf_status.HTTP_200_OK)
|
||||
|
||||
def destroy(self, request, pk=None):
|
||||
"""Delete an authentication session by session ID."""
|
||||
TokenExchangeService().clear_session(pk)
|
||||
return drf_response.Response(
|
||||
{"status": "ok"}, status=drf_status.HTTP_204_NO_CONTENT
|
||||
)
|
||||
@@ -14,12 +14,13 @@ User = get_user_model()
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class ApplicationJWTAuthentication(authentication.BaseAuthentication):
|
||||
"""JWT authentication for application-delegated API access.
|
||||
class BaseJWTAuthentication(authentication.BaseAuthentication):
|
||||
"""Base JWT authentication class."""
|
||||
|
||||
Validates JWT tokens issued to applications that are acting on behalf
|
||||
of users. Tokens must include user_id, client_id, and delegation flag.
|
||||
"""
|
||||
secret_key = None
|
||||
algorithm = None
|
||||
issuer = None
|
||||
audience = None
|
||||
|
||||
def authenticate(self, request):
|
||||
"""Extract and validate JWT from Authorization header.
|
||||
@@ -46,6 +47,87 @@ class ApplicationJWTAuthentication(authentication.BaseAuthentication):
|
||||
|
||||
return self.authenticate_credentials(token)
|
||||
|
||||
def decode_jwt(self, token):
|
||||
"""Decode and validate JWT token.
|
||||
|
||||
Args:
|
||||
token: JWT token string
|
||||
|
||||
Returns:
|
||||
Decoded payload dict, or None if token is invalid
|
||||
|
||||
Raises:
|
||||
AuthenticationFailed: If token is expired or has invalid issuer/audience
|
||||
"""
|
||||
|
||||
try:
|
||||
payload = pyJwt.decode(
|
||||
token,
|
||||
self.secret_key,
|
||||
algorithms=[self.algorithm],
|
||||
issuer=self.issuer,
|
||||
audience=self.audience,
|
||||
)
|
||||
return payload
|
||||
except pyJwt.ExpiredSignatureError as e:
|
||||
logger.warning("Token expired")
|
||||
raise exceptions.AuthenticationFailed("Token expired.") from e
|
||||
except pyJwt.InvalidIssuerError as e:
|
||||
logger.warning("Invalid JWT issuer: %s", e)
|
||||
raise exceptions.AuthenticationFailed("Invalid token.") from e
|
||||
except pyJwt.InvalidAudienceError as e:
|
||||
logger.warning("Invalid JWT audience: %s", e)
|
||||
raise exceptions.AuthenticationFailed("Invalid token.") from e
|
||||
except pyJwt.InvalidTokenError:
|
||||
# Invalid JWT token - defer to next authentication backend
|
||||
return None
|
||||
|
||||
def validate_payload(self, payload):
|
||||
"""Validate JWT payload claims.
|
||||
|
||||
Override in subclasses to add custom validation.
|
||||
|
||||
Args:
|
||||
payload: Decoded JWT payload
|
||||
|
||||
Raises:
|
||||
AuthenticationFailed: If required claims are missing or invalid
|
||||
"""
|
||||
|
||||
def get_user(self, payload):
|
||||
"""Retrieve and validate user from payload.
|
||||
|
||||
Args:
|
||||
payload: Decoded JWT payload
|
||||
|
||||
Returns:
|
||||
User instance
|
||||
|
||||
Raises:
|
||||
AuthenticationFailed: If user not found or inactive
|
||||
"""
|
||||
user_id = payload.get("user_id")
|
||||
|
||||
if not user_id:
|
||||
logger.warning("Missing 'user_id' in JWT payload")
|
||||
raise exceptions.AuthenticationFailed("Invalid token claims.")
|
||||
|
||||
try:
|
||||
user = User.objects.get(id=user_id)
|
||||
except User.DoesNotExist as e:
|
||||
logger.warning("User not found: %s", user_id)
|
||||
raise exceptions.AuthenticationFailed("User not found.") from e
|
||||
|
||||
if not user.is_active:
|
||||
logger.warning("Inactive user attempted authentication: %s", user_id)
|
||||
raise exceptions.AuthenticationFailed("User account is disabled.")
|
||||
|
||||
return user
|
||||
|
||||
def authenticate_header(self, request):
|
||||
"""Return authentication scheme for WWW-Authenticate header."""
|
||||
return "Bearer"
|
||||
|
||||
def authenticate_credentials(self, token):
|
||||
"""Validate JWT token and return authenticated user.
|
||||
|
||||
@@ -60,36 +142,35 @@ class ApplicationJWTAuthentication(authentication.BaseAuthentication):
|
||||
Raises:
|
||||
AuthenticationFailed: If token is expired, or user not found
|
||||
"""
|
||||
# Decode and validate JWT
|
||||
try:
|
||||
payload = pyJwt.decode(
|
||||
token,
|
||||
settings.APPLICATION_JWT_SECRET_KEY,
|
||||
algorithms=[settings.APPLICATION_JWT_ALG],
|
||||
issuer=settings.APPLICATION_JWT_ISSUER,
|
||||
audience=settings.APPLICATION_JWT_AUDIENCE,
|
||||
)
|
||||
except pyJwt.ExpiredSignatureError as e:
|
||||
logger.warning("Token expired")
|
||||
raise exceptions.AuthenticationFailed("Token expired.") from e
|
||||
except pyJwt.InvalidIssuerError as e:
|
||||
logger.warning("Invalid JWT issuer: %s", e)
|
||||
raise exceptions.AuthenticationFailed("Invalid token.") from e
|
||||
except pyJwt.InvalidAudienceError as e:
|
||||
logger.warning("Invalid JWT audience: %s", e)
|
||||
raise exceptions.AuthenticationFailed("Invalid token.") from e
|
||||
except pyJwt.InvalidTokenError:
|
||||
# Invalid JWT token - defer to next authentication backend
|
||||
|
||||
payload = self.decode_jwt(token)
|
||||
|
||||
if payload is None:
|
||||
return None
|
||||
|
||||
user_id = payload.get("user_id")
|
||||
self.validate_payload(payload)
|
||||
user = self.get_user(payload)
|
||||
|
||||
return (user, payload)
|
||||
|
||||
|
||||
class ApplicationJWTAuthentication(BaseJWTAuthentication):
|
||||
"""JWT authentication for application-delegated API access.
|
||||
|
||||
Validates JWT tokens issued to applications that are acting on behalf
|
||||
of users. Tokens must include user_id, client_id, and delegation flag.
|
||||
"""
|
||||
|
||||
secret_key = settings.APPLICATION_JWT_SECRET_KEY
|
||||
algorithm = settings.APPLICATION_JWT_ALG
|
||||
issuer = settings.APPLICATION_JWT_ISSUER
|
||||
audience = settings.APPLICATION_JWT_AUDIENCE
|
||||
|
||||
def validate_payload(self, payload):
|
||||
"""Validate application-specific claims."""
|
||||
client_id = payload.get("client_id")
|
||||
is_delegated = payload.get("delegated", False)
|
||||
|
||||
if not user_id:
|
||||
logger.warning("Missing 'user_id' in JWT payload")
|
||||
raise exceptions.AuthenticationFailed("Invalid token claims.")
|
||||
|
||||
if not client_id:
|
||||
logger.warning("Missing 'client_id' in JWT payload")
|
||||
raise exceptions.AuthenticationFailed("Invalid token claims.")
|
||||
@@ -98,21 +179,18 @@ class ApplicationJWTAuthentication(authentication.BaseAuthentication):
|
||||
logger.warning("Token is not marked as delegated")
|
||||
raise exceptions.AuthenticationFailed("Invalid token type.")
|
||||
|
||||
try:
|
||||
user = User.objects.get(id=user_id)
|
||||
except User.DoesNotExist as e:
|
||||
logger.warning("User not found: %s", user_id)
|
||||
raise exceptions.AuthenticationFailed("User not found.") from e
|
||||
|
||||
if not user.is_active:
|
||||
logger.warning("Inactive user attempted authentication: %s", user_id)
|
||||
raise exceptions.AuthenticationFailed("User account is disabled.")
|
||||
class AddonsJWTAuthentication(BaseJWTAuthentication):
|
||||
"""JWT authentication for addons API access.
|
||||
|
||||
return (user, payload)
|
||||
Validates JWT tokens issued by addons for authenticating users.
|
||||
Tokens must include user_id to identify the authenticated user.
|
||||
"""
|
||||
|
||||
def authenticate_header(self, request):
|
||||
"""Return authentication scheme for WWW-Authenticate header."""
|
||||
return "Bearer"
|
||||
secret_key = settings.ADDONS_JWT_SECRET_KEY
|
||||
algorithm = settings.ADDONS_JWT_ALG
|
||||
issuer = settings.ADDONS_JWT_ISSUER
|
||||
audience = settings.ADDONS_JWT_AUDIENCE
|
||||
|
||||
|
||||
class ResourceServerBackend(LaSuiteBackend):
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
"""External API endpoints"""
|
||||
|
||||
from datetime import datetime, timedelta, timezone
|
||||
from logging import getLogger
|
||||
|
||||
from django.conf import settings
|
||||
@@ -8,7 +7,6 @@ from django.contrib.auth.hashers import check_password
|
||||
from django.core.exceptions import SuspiciousOperation, ValidationError
|
||||
from django.core.validators import validate_email
|
||||
|
||||
import jwt
|
||||
from lasuite.oidc_resource_server.authentication import ResourceServerAuthentication
|
||||
from rest_framework import decorators, mixins, viewsets
|
||||
from rest_framework import (
|
||||
@@ -22,6 +20,7 @@ from rest_framework import (
|
||||
)
|
||||
|
||||
from core import api, models
|
||||
from core.services.jwt_token_service import TokenService
|
||||
|
||||
from . import authentication, permissions, serializers
|
||||
|
||||
@@ -128,33 +127,28 @@ class ApplicationViewSet(viewsets.GenericViewSet):
|
||||
"Multiple user accounts share a common email."
|
||||
) from e
|
||||
|
||||
now = datetime.now(timezone.utc)
|
||||
scope = " ".join(application.scopes or [])
|
||||
|
||||
payload = {
|
||||
"iss": settings.APPLICATION_JWT_ISSUER,
|
||||
"aud": settings.APPLICATION_JWT_AUDIENCE,
|
||||
"iat": now,
|
||||
"exp": now + timedelta(seconds=settings.APPLICATION_JWT_EXPIRATION_SECONDS),
|
||||
"client_id": client_id,
|
||||
"scope": scope,
|
||||
"user_id": str(user.id),
|
||||
"delegated": True,
|
||||
}
|
||||
|
||||
token = jwt.encode(
|
||||
payload,
|
||||
settings.APPLICATION_JWT_SECRET_KEY,
|
||||
token_service = TokenService(
|
||||
secret_key=settings.APPLICATION_JWT_SECRET_KEY,
|
||||
algorithm=settings.APPLICATION_JWT_ALG,
|
||||
issuer=settings.APPLICATION_JWT_ISSUER,
|
||||
audience=settings.APPLICATION_JWT_AUDIENCE,
|
||||
expiration_seconds=settings.APPLICATION_JWT_EXPIRATION_SECONDS,
|
||||
token_type=settings.APPLICATION_JWT_TOKEN_TYPE,
|
||||
)
|
||||
|
||||
data = token_service.generate_access_token(
|
||||
user,
|
||||
scope,
|
||||
{
|
||||
"client_id": client_id,
|
||||
"delegated": True,
|
||||
},
|
||||
)
|
||||
|
||||
return drf_response.Response(
|
||||
{
|
||||
"access_token": token,
|
||||
"token_type": settings.APPLICATION_JWT_TOKEN_TYPE,
|
||||
"expires_in": settings.APPLICATION_JWT_EXPIRATION_SECONDS,
|
||||
"scope": scope,
|
||||
},
|
||||
data,
|
||||
status=drf_status.HTTP_200_OK,
|
||||
)
|
||||
|
||||
@@ -179,6 +173,7 @@ class RoomViewSet(
|
||||
|
||||
authentication_classes = [
|
||||
authentication.ApplicationJWTAuthentication,
|
||||
authentication.AddonsJWTAuthentication,
|
||||
ResourceServerAuthentication,
|
||||
]
|
||||
permission_classes = [
|
||||
|
||||
@@ -0,0 +1,97 @@
|
||||
"""JWT token service."""
|
||||
|
||||
# pylint: disable=R0913,R0917
|
||||
# ruff: noqa: PLR0913
|
||||
|
||||
from datetime import datetime, timedelta, timezone
|
||||
from typing import Optional
|
||||
|
||||
from django.core.exceptions import ImproperlyConfigured
|
||||
|
||||
import jwt
|
||||
|
||||
|
||||
class TokenService:
|
||||
"""Generic JWT token service with configurable settings."""
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
secret_key: str,
|
||||
algorithm: str,
|
||||
issuer: str,
|
||||
audience: str,
|
||||
expiration_seconds: int,
|
||||
token_type: str,
|
||||
):
|
||||
"""
|
||||
Initialize the token service with custom settings.
|
||||
|
||||
Args:
|
||||
secret_key: Secret key for JWT encoding/decoding
|
||||
algorithm: JWT algorithm (default: HS256)
|
||||
issuer: Token issuer identifier
|
||||
audience: Token audience identifier
|
||||
expiration_seconds: Token expiration time in seconds (default: 3600)
|
||||
token_type: Token type (default: Bearer)
|
||||
|
||||
Raises:
|
||||
ImproperlyConfigured: If secret_key is None or empty
|
||||
"""
|
||||
if not secret_key:
|
||||
raise ImproperlyConfigured("Secret key is required.")
|
||||
|
||||
self._key = secret_key
|
||||
self._alg = algorithm
|
||||
self._issuer = issuer
|
||||
self._audience = audience
|
||||
self._expiration_seconds = expiration_seconds
|
||||
self._token_type = token_type
|
||||
|
||||
def generate_access_token(
|
||||
self, user, scope: str, extra_payload: Optional[dict] = None
|
||||
) -> dict:
|
||||
"""
|
||||
Generate an access token for the given user.
|
||||
|
||||
Args:
|
||||
user: User instance for whom to generate the token
|
||||
scope: Space-separated scope string
|
||||
|
||||
Returns:
|
||||
Dictionary containing access_token, token_type, expires_in, and scope
|
||||
"""
|
||||
now = datetime.now(timezone.utc)
|
||||
|
||||
payload = extra_payload.copy() if extra_payload else {}
|
||||
|
||||
payload.update(
|
||||
{
|
||||
"iat": now,
|
||||
"exp": now + timedelta(seconds=self._expiration_seconds),
|
||||
"user_id": str(user.id),
|
||||
}
|
||||
)
|
||||
|
||||
if self._issuer:
|
||||
payload["iss"] = self._issuer
|
||||
if self._audience:
|
||||
payload["aud"] = self._audience
|
||||
if scope:
|
||||
payload["scope"] = scope
|
||||
|
||||
token = jwt.encode(
|
||||
payload,
|
||||
self._key,
|
||||
algorithm=self._alg,
|
||||
)
|
||||
|
||||
response = {
|
||||
"access_token": token,
|
||||
"token_type": self._token_type,
|
||||
"expires_in": self._expiration_seconds,
|
||||
}
|
||||
|
||||
if scope:
|
||||
response["scope"] = scope
|
||||
|
||||
return response
|
||||
@@ -0,0 +1,17 @@
|
||||
{% load i18n %}
|
||||
{% get_current_language as LANGUAGE %}
|
||||
<!DOCTYPE html>
|
||||
<html lang="{{ LANGUAGE }}">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>{% trans "Error" %}</title>
|
||||
</head>
|
||||
<body>
|
||||
<div class="container">
|
||||
<h1>{{ title|default:_("Error") }}</h1>
|
||||
<p>{{ message|default:_("Something went wrong.") }}</p>
|
||||
<button onclick="window.close()">{% trans "Close" %}</button>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
{% load i18n %}
|
||||
{% get_current_language as LANGUAGE %}
|
||||
<!DOCTYPE html>
|
||||
<html lang="{{ LANGUAGE }}">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>{% trans "Authentication Success" %}</title>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
window.close();
|
||||
</script>
|
||||
<p>{% trans "Session stored successfully. This window will close automatically." %}</p>
|
||||
<p>{% trans "If it doesn't close" %}, <a href="javascript:window.close()">{% trans "click here" %}</a>.</p>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
@@ -6,6 +6,8 @@ from django.urls import include, path
|
||||
from lasuite.oidc_login.urls import urlpatterns as oidc_urls
|
||||
from rest_framework.routers import DefaultRouter
|
||||
|
||||
from core.addons import views as addons_views
|
||||
from core.addons import viewsets as addons_viewsets
|
||||
from core.api import get_frontend_configuration, viewsets
|
||||
from core.external_api import viewsets as external_viewsets
|
||||
|
||||
@@ -26,12 +28,24 @@ external_router.register(
|
||||
basename="external_application",
|
||||
)
|
||||
|
||||
# - Addons API
|
||||
addons_router = DefaultRouter()
|
||||
addons_router.register(
|
||||
"addons/sessions",
|
||||
addons_viewsets.AuthSessionViewSet,
|
||||
basename="addons_auth_sessions",
|
||||
)
|
||||
|
||||
external_router.register(
|
||||
"rooms",
|
||||
external_viewsets.RoomViewSet,
|
||||
basename="external_room",
|
||||
)
|
||||
|
||||
|
||||
addons_urls = addons_router.urls if settings.ADDONS_ENABLED else []
|
||||
|
||||
|
||||
urlpatterns = [
|
||||
path(
|
||||
f"api/{settings.API_VERSION}/",
|
||||
@@ -39,12 +53,26 @@ urlpatterns = [
|
||||
[
|
||||
*router.urls,
|
||||
*oidc_urls,
|
||||
*addons_urls,
|
||||
path("config/", get_frontend_configuration, name="config"),
|
||||
]
|
||||
),
|
||||
),
|
||||
]
|
||||
|
||||
if settings.ADDONS_ENABLED:
|
||||
urlpatterns.append(
|
||||
path(
|
||||
"addons/",
|
||||
include(
|
||||
[
|
||||
path("transit/", addons_views.transit_page, name="transit_page"),
|
||||
path("redirect/", addons_views.redirect_page, name="redirect_page"),
|
||||
]
|
||||
),
|
||||
),
|
||||
)
|
||||
|
||||
if settings.EXTERNAL_API_ENABLED:
|
||||
urlpatterns.append(
|
||||
path(
|
||||
|
||||
Binary file not shown.
@@ -8,7 +8,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2025-12-29 15:15+0000\n"
|
||||
"POT-Creation-Date: 2026-01-26 15:40+0000\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
@@ -17,6 +17,30 @@ msgstr ""
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#: core/addons/views.py:24
|
||||
msgid "Session ID is required."
|
||||
msgstr "Sitzungs-ID ist erforderlich."
|
||||
|
||||
#: core/addons/views.py:29
|
||||
msgid "Session not found or expired."
|
||||
msgstr "Sitzung nicht gefunden oder abgelaufen."
|
||||
|
||||
#: core/addons/views.py:32
|
||||
msgid "Invalid session state."
|
||||
msgstr "Ungültiger Sitzungsstatus."
|
||||
|
||||
#: core/addons/views.py:45
|
||||
msgid "Authentication required."
|
||||
msgstr "Authentifizierung erforderlich."
|
||||
|
||||
#: core/addons/views.py:50
|
||||
msgid "No active session found."
|
||||
msgstr "Keine aktive Sitzung gefunden."
|
||||
|
||||
#: core/addons/views.py:55
|
||||
msgid "Invalid or expired session."
|
||||
msgstr "Ungültige oder abgelaufene Sitzung."
|
||||
|
||||
#: core/admin.py:29
|
||||
msgid "Personal info"
|
||||
msgstr "Persönliche Informationen"
|
||||
@@ -408,7 +432,7 @@ msgstr "Anwendungsdomain"
|
||||
msgid "Application domains"
|
||||
msgstr "Anwendungsdomains"
|
||||
|
||||
#: core/recording/event/notification.py:94
|
||||
#: core/recording/event/notification.py:116
|
||||
msgid "Your recording is ready"
|
||||
msgstr "Ihre Aufzeichnung ist bereit"
|
||||
|
||||
@@ -417,6 +441,30 @@ msgstr "Ihre Aufzeichnung ist bereit"
|
||||
msgid "Video call in progress: {sender.email} is waiting for you to connect"
|
||||
msgstr "Videoanruf läuft: {sender.email} wartet auf Ihre Teilnahme"
|
||||
|
||||
#: core/templates/addons/error.html:7 core/templates/addons/error.html:11
|
||||
msgid "Error"
|
||||
msgstr "Fehler"
|
||||
|
||||
#: core/templates/addons/error.html:12
|
||||
msgid "Something went wrong."
|
||||
msgstr "Etwas ist schiefgelaufen."
|
||||
|
||||
#: core/templates/addons/error.html:13
|
||||
msgid "Close"
|
||||
msgstr "Schließen"
|
||||
|
||||
#: core/templates/addons/redirect_success.html:7
|
||||
msgid "Authentication Success"
|
||||
msgstr "Authentifizierung erfolgreich"
|
||||
|
||||
#: core/templates/addons/redirect_success.html:13
|
||||
msgid "Session stored successfully. This window will close automatically."
|
||||
msgstr "Sitzung erfolgreich gespeichert. Dieses Fenster wird automatisch geschlossen."
|
||||
|
||||
#: core/templates/addons/redirect_success.html:14
|
||||
msgid "If it doesn't close"
|
||||
msgstr "Falls es sich nicht schließt"
|
||||
|
||||
#: core/templates/mail/html/invitation.html:159
|
||||
#: core/templates/mail/html/screen_recording.html:159
|
||||
#: core/templates/mail/text/invitation.txt:3
|
||||
|
||||
Binary file not shown.
@@ -8,7 +8,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2025-12-29 15:15+0000\n"
|
||||
"POT-Creation-Date: 2026-01-26 15:40+0000\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
@@ -17,6 +17,30 @@ msgstr ""
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#: core/addons/views.py:24
|
||||
msgid "Session ID is required."
|
||||
msgstr "Session ID is required."
|
||||
|
||||
#: core/addons/views.py:29
|
||||
msgid "Session not found or expired."
|
||||
msgstr "Session not found or expired."
|
||||
|
||||
#: core/addons/views.py:32
|
||||
msgid "Invalid session state."
|
||||
msgstr "Invalid session state."
|
||||
|
||||
#: core/addons/views.py:45
|
||||
msgid "Authentication required."
|
||||
msgstr "Authentication required."
|
||||
|
||||
#: core/addons/views.py:50
|
||||
msgid "No active session found."
|
||||
msgstr "No active session found."
|
||||
|
||||
#: core/addons/views.py:55
|
||||
msgid "Invalid or expired session."
|
||||
msgstr "Invalid or expired session."
|
||||
|
||||
#: core/admin.py:29
|
||||
msgid "Personal info"
|
||||
msgstr "Personal info"
|
||||
@@ -405,7 +429,7 @@ msgstr "Application domain"
|
||||
msgid "Application domains"
|
||||
msgstr "Application domains"
|
||||
|
||||
#: core/recording/event/notification.py:94
|
||||
#: core/recording/event/notification.py:116
|
||||
msgid "Your recording is ready"
|
||||
msgstr "Your recording is ready"
|
||||
|
||||
@@ -414,6 +438,30 @@ msgstr "Your recording is ready"
|
||||
msgid "Video call in progress: {sender.email} is waiting for you to connect"
|
||||
msgstr "Video call in progress: {sender.email} is waiting for you to connect"
|
||||
|
||||
#: core/templates/addons/error.html:7 core/templates/addons/error.html:11
|
||||
msgid "Error"
|
||||
msgstr "Error"
|
||||
|
||||
#: core/templates/addons/error.html:12
|
||||
msgid "Something went wrong."
|
||||
msgstr "Something went wrong."
|
||||
|
||||
#: core/templates/addons/error.html:13
|
||||
msgid "Close"
|
||||
msgstr "Close"
|
||||
|
||||
#: core/templates/addons/redirect_success.html:7
|
||||
msgid "Authentication Success"
|
||||
msgstr "Authentication Success"
|
||||
|
||||
#: core/templates/addons/redirect_success.html:13
|
||||
msgid "Session stored successfully. This window will close automatically."
|
||||
msgstr "Session stored successfully. This window will close automatically."
|
||||
|
||||
#: core/templates/addons/redirect_success.html:14
|
||||
msgid "If it doesn't close"
|
||||
msgstr "If it doesn't close"
|
||||
|
||||
#: core/templates/mail/html/invitation.html:159
|
||||
#: core/templates/mail/html/screen_recording.html:159
|
||||
#: core/templates/mail/text/invitation.txt:3
|
||||
|
||||
Binary file not shown.
@@ -8,7 +8,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2025-12-29 15:15+0000\n"
|
||||
"POT-Creation-Date: 2026-01-26 15:40+0000\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: antoine.lebaud@mail.numerique.gouv.fr\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
@@ -17,6 +17,30 @@ msgstr ""
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#: core/addons/views.py:24
|
||||
msgid "Session ID is required."
|
||||
msgstr "L'identifiant de session est requis."
|
||||
|
||||
#: core/addons/views.py:29
|
||||
msgid "Session not found or expired."
|
||||
msgstr "Session introuvable ou expirée."
|
||||
|
||||
#: core/addons/views.py:32
|
||||
msgid "Invalid session state."
|
||||
msgstr "État de session invalide."
|
||||
|
||||
#: core/addons/views.py:45
|
||||
msgid "Authentication required."
|
||||
msgstr "Authentification requise."
|
||||
|
||||
#: core/addons/views.py:50
|
||||
msgid "No active session found."
|
||||
msgstr "Aucune session active trouvée."
|
||||
|
||||
#: core/addons/views.py:55
|
||||
msgid "Invalid or expired session."
|
||||
msgstr "Session invalide ou expirée."
|
||||
|
||||
#: core/admin.py:29
|
||||
msgid "Personal info"
|
||||
msgstr "Informations personnelles"
|
||||
@@ -409,7 +433,7 @@ msgstr "Domaine d’application"
|
||||
msgid "Application domains"
|
||||
msgstr "Domaines d’application"
|
||||
|
||||
#: core/recording/event/notification.py:94
|
||||
#: core/recording/event/notification.py:116
|
||||
msgid "Your recording is ready"
|
||||
msgstr "Votre enregistrement est prêt"
|
||||
|
||||
@@ -418,6 +442,30 @@ msgstr "Votre enregistrement est prêt"
|
||||
msgid "Video call in progress: {sender.email} is waiting for you to connect"
|
||||
msgstr "Appel vidéo en cours : {sender.email} attend que vous vous connectiez"
|
||||
|
||||
#: core/templates/addons/error.html:7 core/templates/addons/error.html:11
|
||||
msgid "Error"
|
||||
msgstr "Erreur"
|
||||
|
||||
#: core/templates/addons/error.html:12
|
||||
msgid "Something went wrong."
|
||||
msgstr "Une erreur s'est produite."
|
||||
|
||||
#: core/templates/addons/error.html:13
|
||||
msgid "Close"
|
||||
msgstr "Fermer"
|
||||
|
||||
#: core/templates/addons/redirect_success.html:7
|
||||
msgid "Authentication Success"
|
||||
msgstr "Authentification réussie"
|
||||
|
||||
#: core/templates/addons/redirect_success.html:13
|
||||
msgid "Session stored successfully. This window will close automatically."
|
||||
msgstr "Session enregistrée avec succès. Cette fenêtre se fermera automatiquement."
|
||||
|
||||
#: core/templates/addons/redirect_success.html:14
|
||||
msgid "If it doesn't close"
|
||||
msgstr "Si elle ne se ferme pas"
|
||||
|
||||
#: core/templates/mail/html/invitation.html:159
|
||||
#: core/templates/mail/html/screen_recording.html:159
|
||||
#: core/templates/mail/text/invitation.txt:3
|
||||
|
||||
Binary file not shown.
@@ -8,7 +8,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2025-12-29 15:15+0000\n"
|
||||
"POT-Creation-Date: 2026-01-26 15:40+0000\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
@@ -17,6 +17,30 @@ msgstr ""
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#: core/addons/views.py:24
|
||||
msgid "Session ID is required."
|
||||
msgstr "Sessie-ID is vereist."
|
||||
|
||||
#: core/addons/views.py:29
|
||||
msgid "Session not found or expired."
|
||||
msgstr "Sessie niet gevonden of verlopen."
|
||||
|
||||
#: core/addons/views.py:32
|
||||
msgid "Invalid session state."
|
||||
msgstr "Ongeldige sessiestatus."
|
||||
|
||||
#: core/addons/views.py:45
|
||||
msgid "Authentication required."
|
||||
msgstr "Authenticatie vereist."
|
||||
|
||||
#: core/addons/views.py:50
|
||||
msgid "No active session found."
|
||||
msgstr "Geen actieve sessie gevonden."
|
||||
|
||||
#: core/addons/views.py:55
|
||||
msgid "Invalid or expired session."
|
||||
msgstr "Ongeldige of verlopen sessie."
|
||||
|
||||
#: core/admin.py:29
|
||||
msgid "Personal info"
|
||||
msgstr "Persoonlijke informatie"
|
||||
@@ -404,7 +428,7 @@ msgstr "Applicatiedomein"
|
||||
msgid "Application domains"
|
||||
msgstr "Applicatiedomeinen"
|
||||
|
||||
#: core/recording/event/notification.py:94
|
||||
#: core/recording/event/notification.py:116
|
||||
msgid "Your recording is ready"
|
||||
msgstr "Je opname is klaar"
|
||||
|
||||
@@ -413,6 +437,30 @@ msgstr "Je opname is klaar"
|
||||
msgid "Video call in progress: {sender.email} is waiting for you to connect"
|
||||
msgstr "Video-oproep bezig: {sender.email} wacht op je verbinding"
|
||||
|
||||
#: core/templates/addons/error.html:7 core/templates/addons/error.html:11
|
||||
msgid "Error"
|
||||
msgstr "Fout"
|
||||
|
||||
#: core/templates/addons/error.html:12
|
||||
msgid "Something went wrong."
|
||||
msgstr "Er is iets misgegaan."
|
||||
|
||||
#: core/templates/addons/error.html:13
|
||||
msgid "Close"
|
||||
msgstr "Sluiten"
|
||||
|
||||
#: core/templates/addons/redirect_success.html:7
|
||||
msgid "Authentication Success"
|
||||
msgstr "Authenticatie geslaagd"
|
||||
|
||||
#: core/templates/addons/redirect_success.html:13
|
||||
msgid "Session stored successfully. This window will close automatically."
|
||||
msgstr "Sessie succesvol opgeslagen. Dit venster wordt automatisch gesloten."
|
||||
|
||||
#: core/templates/addons/redirect_success.html:14
|
||||
msgid "If it doesn't close"
|
||||
msgstr "Als het niet sluit"
|
||||
|
||||
#: core/templates/mail/html/invitation.html:159
|
||||
#: core/templates/mail/html/screen_recording.html:159
|
||||
#: core/templates/mail/text/invitation.txt:3
|
||||
|
||||
@@ -290,6 +290,11 @@ class Base(Configuration):
|
||||
environ_name="CREATION_CALLBACK_THROTTLE_RATES",
|
||||
environ_prefix=None,
|
||||
),
|
||||
"addons_auth_sessions": values.Value(
|
||||
default="150/minute",
|
||||
environ_name="ADDONS_AUTH_SESSION_THROTTLE_RATES",
|
||||
environ_prefix=None,
|
||||
),
|
||||
},
|
||||
}
|
||||
|
||||
@@ -786,6 +791,66 @@ class Base(Configuration):
|
||||
environ_prefix=None,
|
||||
)
|
||||
|
||||
# Addons
|
||||
ADDONS_ENABLED = values.BooleanValue(
|
||||
False,
|
||||
environ_name="ADDONS_ENABLED",
|
||||
environ_prefix=None,
|
||||
)
|
||||
ADDONS_SESSION_ID_LENGTH = values.PositiveIntegerValue(
|
||||
32,
|
||||
environ_name="ADDONS_SESSION_ID_LENGTH",
|
||||
environ_prefix=None,
|
||||
)
|
||||
# Used in cache key generation
|
||||
ADDONS_SESSION_KEY_PREFIX = values.Value(
|
||||
"addons_session_id",
|
||||
environ_name="ADDONS_SESSION_KEY_PREFIX",
|
||||
environ_prefix=None,
|
||||
)
|
||||
# Used as the Django session key in transit page
|
||||
ADDONS_SESSION_KEY_AUTH = values.Value(
|
||||
"addons_session_id",
|
||||
environ_name="ADDONS_SESSION_KEY_AUTH",
|
||||
environ_prefix=None,
|
||||
)
|
||||
ADDONS_SESSION_TIMEOUT = values.PositiveIntegerValue(
|
||||
600, environ_name="ADDONS_SESSION_TIMEOUT", environ_prefix=None
|
||||
)
|
||||
ADDONS_JWT_SECRET_KEY = SecretFileValue(
|
||||
None, environ_name="ADDONS_JWT_SECRET_KEY", environ_prefix=None
|
||||
)
|
||||
ADDONS_JWT_ALG = values.Value(
|
||||
"HS256",
|
||||
environ_name="ADDONS_JWT_ALG",
|
||||
environ_prefix=None,
|
||||
)
|
||||
ADDONS_SCOPES = values.Value(
|
||||
"rooms:create rooms:list",
|
||||
environ_name="ADDONS_SCOPES",
|
||||
environ_prefix=None,
|
||||
)
|
||||
ADDONS_JWT_ISSUER = values.Value(
|
||||
"lasuite-meet",
|
||||
environ_name="ADDONS_JWT_ISSUER",
|
||||
environ_prefix=None,
|
||||
)
|
||||
ADDONS_JWT_AUDIENCE = values.Value(
|
||||
None,
|
||||
environ_name="ADDONS_JWT_AUDIENCE",
|
||||
environ_prefix=None,
|
||||
)
|
||||
ADDONS_JWT_EXPIRATION_SECONDS = values.PositiveIntegerValue(
|
||||
3600,
|
||||
environ_name="ADDONS_JWT_EXPIRATION_SECONDS",
|
||||
environ_prefix=None,
|
||||
)
|
||||
ADDONS_JWT_TOKEN_TYPE = values.Value(
|
||||
"Bearer",
|
||||
environ_name="ADDONS_JWT_TOKEN_TYPE",
|
||||
environ_prefix=None,
|
||||
)
|
||||
|
||||
# pylint: disable=invalid-name
|
||||
@property
|
||||
def ENVIRONMENT(self):
|
||||
|
||||
@@ -75,6 +75,11 @@ backend:
|
||||
ROOM_TELEPHONY_PHONE_NUMBER: '+33901020304'
|
||||
SSL_CERT_FILE: /usr/local/lib/python3.13/site-packages/certifi/cacert.pem
|
||||
ROOM_SUBTITLE_ENABLED: True
|
||||
EXTERNAL_API_ENABLED: True
|
||||
APPLICATION_JWT_AUDIENCE: https://meet.127.0.0.1.nip.io/external-api/v1.0/
|
||||
APPLICATION_JWT_SECRET_KEY: devKeyApplication
|
||||
APPLICATION_BASE_URL: https://meet.127.0.0.1.nip.io
|
||||
ADDONS_JWT_SECRET_KEY: devKeyApplicationAddons
|
||||
|
||||
|
||||
migrate:
|
||||
|
||||
@@ -88,6 +88,20 @@ spec:
|
||||
serviceName: {{ include "meet.backend.fullname" . }}
|
||||
servicePort: {{ .Values.backend.service.port }}
|
||||
{{- end }}
|
||||
- path: /addons/
|
||||
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
|
||||
pathType: Prefix
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
|
||||
service:
|
||||
name: {{ include "meet.backend.fullname" . }}
|
||||
port:
|
||||
number: {{ .Values.backend.service.port }}
|
||||
{{- else }}
|
||||
serviceName: {{ include "meet.backend.fullname" . }}
|
||||
servicePort: {{ .Values.backend.service.port }}
|
||||
{{- end }}
|
||||
{{- with .Values.ingress.customBackends }}
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
@@ -138,6 +152,20 @@ spec:
|
||||
serviceName: {{ include "meet.backend.fullname" $ }}
|
||||
servicePort: {{ $.Values.backend.service.port }}
|
||||
{{- end }}
|
||||
- path: /addons/
|
||||
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
|
||||
pathType: Prefix
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
|
||||
service:
|
||||
name: {{ include "meet.backend.fullname" $ }}
|
||||
port:
|
||||
number: {{ $.Values.backend.service.port }}
|
||||
{{- else }}
|
||||
serviceName: {{ include "meet.backend.fullname" $ }}
|
||||
servicePort: {{ $.Values.backend.service.port }}
|
||||
{{- end }}
|
||||
{{- with $.Values.ingress.customBackends }}
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{- end }}
|
||||
|
||||
Reference in New Issue
Block a user