From 2703c51a2c891373645b930ef4ff709e326ee17d Mon Sep 17 00:00:00 2001
From: Art Lukyanchyk <artiom.lukyanchyk@hs-hannover.de>
Date: Thu, 7 Sep 2017 16:31:14 +0200
Subject: [PATCH] Simplify development setup.

---
 ssoauth/app_settings/__init__.py | 13 +++++++++----
 ssoauth/app_settings/defaults.py |  2 +-
 ssoauth/apps.py                  |  6 +++---
 3 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/ssoauth/app_settings/__init__.py b/ssoauth/app_settings/__init__.py
index 420e5a5..c30b676 100644
--- a/ssoauth/app_settings/__init__.py
+++ b/ssoauth/app_settings/__init__.py
@@ -17,9 +17,11 @@ for setting_name in [k for k in globals().keys() if k.isupper()]:
 
 # checks
 
-assert SP_HOST and SP_PORT, "Need SP_HOST and SP_PORT configured in settings."
-assert not SP_HOST.lower().startswith(("http:", "https:",)), "Need host name without protocol and port."
-
+SSO_DISABLED = SSO_DISABLED or getattr(conf.settings, "IDP_IGNORE", False)  # legacy config
+if not SSO_DISABLED:
+    assert conf.settings.DEBUG, "Not ignoring IDP on production."
+    assert SP_HOST and SP_PORT, "Need SP_HOST and SP_PORT configured in settings."
+    assert not SP_HOST.lower().startswith(("http:", "https:",)), "Need host name without protocol and port."
 
 # helpers
 
@@ -41,7 +43,10 @@ def read_key(path):
         with open(path, "r") as f:
             return f.read()
     except FileNotFoundError:
-        raise FileNotFoundError("SSO requires a key pair. Missing: {path}".format(path=path))
+        if SSO_DISABLED:
+            return None
+        else:
+            raise FileNotFoundError("SSO requires a key pair. Missing: {path}".format(path=path))
 
 
 # template for OneLogin toolkit settings
diff --git a/ssoauth/app_settings/defaults.py b/ssoauth/app_settings/defaults.py
index 3af2425..b9055a8 100644
--- a/ssoauth/app_settings/defaults.py
+++ b/ssoauth/app_settings/defaults.py
@@ -28,8 +28,8 @@ Settings you might want to change on development (don't change them for producti
 """
 
 # development helpers
+SSO_DISABLED = False
 SP_FORCE_ENTITY_ID = None  # do NOT set for production, set to some unique string on development
-IDP_IGNORE = False  # ignore IDP entirely, SSO will not function
 
 
 """
diff --git a/ssoauth/apps.py b/ssoauth/apps.py
index f9056e1..beff009 100644
--- a/ssoauth/apps.py
+++ b/ssoauth/apps.py
@@ -13,9 +13,9 @@ class SSOAuthConfig(AppConfig):
     def ready(self, *args, **kwargs):
         super().ready(*args, **kwargs)
         # OneLogin settings stuff
-        if app_settings.IDP_IGNORE:
-            assert conf.settings.DEBUG, "And how should SSO work on production if you ignore the IDP?"
-            logger.info("SSO will not work.")
+        if app_settings.SSO_DISABLED:
+            assert conf.settings.DEBUG
+            logger.debug("SSO is disabled.")
         else:
             try:
                 app_settings.ONELOGIN_SETTINGS = sso_utils.create_onelogin_settings(app_settings.ONELOGIN_SETTINGS_TEMPLATE)
-- 
GitLab