From a2879903cac30d8d03c8df4097c3cd7b67bcb8f4 Mon Sep 17 00:00:00 2001
From: Carles Garcia Cabot <carles.garcia.cabot@cern.ch>
Date: Mon, 11 May 2020 10:53:00 +0200
Subject: [PATCH] Make Providers section optional. OIDC disabled if section not
 in conf

---
 src/fts3/util/config.py                    | 30 ++++++++++++----------
 src/fts3rest/fts3rest/config/middleware.py |  9 ++++---
 2 files changed, 23 insertions(+), 16 deletions(-)

diff --git a/src/fts3/util/config.py b/src/fts3/util/config.py
index cc4931d9..66b4b112 100644
--- a/src/fts3/util/config.py
+++ b/src/fts3/util/config.py
@@ -15,7 +15,7 @@
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 
-from ConfigParser import ConfigParser, NoOptionError
+from ConfigParser import ConfigParser, NoOptionError, NoSectionError
 from StringIO import StringIO
 from urllib import quote_plus
 import os
@@ -98,17 +98,21 @@ def fts3_config_load(path='/etc/fts3/fts3config'):
 
     # Initialize providers
     log.debug('initialize providers config in load environment')
-    fts3cfg['fts3.Providers'] = {}
-    for option in parser.options('providers'):
-        if '_' not in option:
-            provider_name = option
-            provider_url = parser.get('providers', provider_name)
-            if not provider_url.endswith('/'):
-                provider_url += '/'
-            fts3cfg['fts3.Providers'][provider_url] = {}
-            client_id = parser.get('providers', option + '_ClientId')
-            fts3cfg['fts3.Providers'][provider_url]['client_id'] = client_id
-            client_secret = parser.get('providers', option + '_ClientSecret')
-            fts3cfg['fts3.Providers'][provider_url]['client_secret'] = client_secret
+    fts3cfg["fts3.Providers"] = {}
+    try:
+        for option in parser.options("providers"):
+            if "_" not in option:
+                provider_name = option
+                provider_url = parser.get("providers", provider_name)
+                if not provider_url.endswith("/"):
+                    provider_url += "/"
+                fts3cfg["fts3.Providers"][provider_url] = {}
+                client_id = parser.get("providers", option + "_ClientId")
+                fts3cfg["fts3.Providers"][provider_url]["client_id"] = client_id
+                client_secret = parser.get("providers", option + "_ClientSecret")
+                fts3cfg["fts3.Providers"][provider_url]["client_secret"] = client_secret
+    except NoSectionError:
+        pass
+
 
     return fts3cfg
diff --git a/src/fts3rest/fts3rest/config/middleware.py b/src/fts3rest/fts3rest/config/middleware.py
index e092d6ff..df6c1d40 100644
--- a/src/fts3rest/fts3rest/config/middleware.py
+++ b/src/fts3rest/fts3rest/config/middleware.py
@@ -102,9 +102,12 @@ def make_app(global_conf, full_stack=True, static_files=True, **app_conf):
     # Heartbeat thread
     Heartbeat('fts_rest', int(config.get('fts3.HeartBeatInterval', 60))).start()
     # Start OIDC clients
+    if "fts3.Providers" not in app.config or not app.config["fts3.Providers"]:
+        oidc_manager.setup(app.config)
+        IAMTokenRefresher("fts_token_refresh_daemon", app.config).start()
+        log.info("OpenID Connect support enabled.")
 
-    log.debug('start oidc manager')
-    oidc_manager.setup(app.config)
-    IAMTokenRefresher('fts_token_refresh_daemon', app.config).start()
+    else:
+        log.info("OpenID Connect support disabled. Providers not found in config")
 
     return app
-- 
GitLab