From 9cff9d2142a8703db4bf1a1e0eb92ec474046909 Mon Sep 17 00:00:00 2001
From: Michael Krotscheck <krotscheck@gmail.com>
Date: Thu, 19 Feb 2015 09:49:22 -0800
Subject: [PATCH] Added new OAuth Parameters

Storyboard.conf now accepts authorization_code_ttl and a list of
valid_oauth_clients.

Change-Id: I29495a0b640c3ca097cca8c17349df5cc42388de
---
 manifests/application.pp      | 2 ++
 manifests/init.pp             | 5 ++++-
 templates/storyboard.conf.erb | 6 ++++++
 vagrant.pp                    | 8 ++++++++
 4 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/manifests/application.pp b/manifests/application.pp
index dc60596..f6022f3 100644
--- a/manifests/application.pp
+++ b/manifests/application.pp
@@ -30,9 +30,11 @@ class storyboard::application (
   $cors_max_age           = 3600,
 
   # storyboard.conf parameters
+  $authorization_code_ttl = 300,
   $access_token_ttl       = 3600,
   $refresh_token_ttl      = 604800,
   $openid_url,
+  $valid_oauth_clients    = [$::fqdn],
   $enable_token_cleanup   = 'True',
 
   $mysql_host             = 'localhost',
diff --git a/manifests/init.pp b/manifests/init.pp
index 95bd420..5ddcf5d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -24,9 +24,11 @@ class storyboard (
   $mysql_user          = 'storyboard',
   $mysql_user_password,
 
-  $rabbitmq_user            = 'storyboard',
+  $rabbitmq_user       = 'storyboard',
   $rabbitmq_user_password,
 
+  $valid_oauth_clients = [$::fqdn],
+
   $hostname            = $::fqdn,
   $openid_url          = 'https://login.launchpad.net/+openid',
 
@@ -66,6 +68,7 @@ class storyboard (
     mysql_database         => $mysql_database,
     mysql_user             => $mysql_user,
     mysql_user_password    => $mysql_user_password,
+    valid_oauth_clients    => $valid_oauth_clients,
 
     rabbitmq_user          => $rabbitmq_user,
     rabbitmq_user_password => $rabbitmq_user_password
diff --git a/templates/storyboard.conf.erb b/templates/storyboard.conf.erb
index 1a8a6e2..f1b534a 100644
--- a/templates/storyboard.conf.erb
+++ b/templates/storyboard.conf.erb
@@ -51,12 +51,18 @@ enable_notifications = <%= @enable_notifications %>
 # OpenId Authentication endpoint
 openid_url = <%= @openid_url %>
 
+# Time in seconds before an authorization code expires.
+authorization_code_ttl = <%= @authorization_code_ttl %>
+
 # Time in seconds before an access_token expires
 access_token_ttl = <%= @access_token_ttl %>
 
 # Time in seconds before an refresh_token expires
 refresh_token_ttl = <%= @refresh_token_ttl %>
 
+# A list of valid client id's that may connect to StoryBoard.
+valid_oauth_clients = <%= @valid_oauth_clients.join(',') %>
+
 [cron]
 # Storyboard's cron management configuration
 
diff --git a/vagrant.pp b/vagrant.pp
index b11ee64..8e88e80 100644
--- a/vagrant.pp
+++ b/vagrant.pp
@@ -3,6 +3,10 @@ node 'puppet-storyboard-precise64' {
     mysql_user_password    => 'storyboard',
     rabbitmq_user_password => 'storyboard',
     hostname               => '192.168.99.22',
+
+    valid_oauth_clients    => [
+      '192.168.99.22'
+    ],
   }
 }
 
@@ -11,5 +15,9 @@ node 'puppet-storyboard-trusty64' {
     mysql_user_password    => 'storyboard',
     rabbitmq_user_password => 'storyboard',
     hostname               => '192.168.99.23',
+
+    valid_oauth_clients    => [
+      '192.168.99.23'
+    ],
   }
 }
\ No newline at end of file