feat(1136): Accept AMS OpenID

codecov.yml

@@ -16,6 +16,7 @@ coverage:
         target: 90%
         flags:
           - backend
+    patch: off
 
 parsers:
   gcov:

docs/Technical-Documentation/remote-development.md

@@ -0,0 +1,76 @@
+# Remote Development
+
+There will be times when a developer needs access to a container or a remote machine to debug a running application, or to change source code without needing to trigger a formal deployment. This document specifically describes how to use the Cloud.gov environments where TDRS is deployed as development environments.
+
+## Tools
+
+### Visual Studio Code
+This guide presumes the use of [VS Code](https://code.visualstudio.com/) with the [Remote Development](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.vscode-remote-extensionpack) extension pack. You can achieve a similar setup on other IDEs or in the terminal (as this all uses OpenSSH underneath); please save yourself the time and just go download VS Code.
+
+### **`cf-cli`**
+Additionally, install the latest version of the  [Cloudfoundry CLI](https://docs.cloudfoundry.org/cf-cli/install-go-cli.html) if you haven't.
+
+- **Important**: There are issues with `cf-cli` versions below `7.0` so I suggest grabbing the latest version.
+
+To get the latest version as of this writing (on macOS):
+
+```shell
+brew install cloudfoundry/tap/cf-cli@7
+```
+
+## Access Cloudfoundry
+
+Login to CloudFoundry with the CLI:
+
+```shell
+ cf login -a api.fr.cloud.gov  --sso
+```
+
+### Get App GUID
+
+Use `curl` to get the process GUID of the application on deployed application you want to connect to; replace `<app-name>` with a string like `tdp-backend-raft`. You can see a list of currently running app names with `cf apps`.
+
+```shell
+cf curl /v3/apps/$(cf app <app-name> --guid)/processes | jq --raw-output '.resources | .[] | select(.type == "web").guid'
+```
+
+**This GUID will be used to construct the `User` name of the SSH connection.** 
+
+## Create an SSH Config
+
+Create a file `~/username/.ssh/config` if one doesn't exist, and append the Host setting below:
+
+```
+# Read more about SSH config files: https://linux.die.net/man/5/ssh_config
+Host <app-name>
+    HostName ssh.fr.cloud.gov
+    User cf:<guid>/0
+    Port 2222
+```
+
+Where `<guid>` is the string received in the last step. The User setting should look like this: `User cf:38f6a064-4ba7-4693-8732-960dea9f32f8/0`. Note the `/0` at the end of the string is the ID of the *instance*.
+
+To connect with `ssh` from the terminal:
+
+```shell
+ssh -p 2222 cf:<guid>/0@ssh.fr.cloud.gov
+```
+
+## Get a One Time Password
+
+In VS Code, open the command menu (ctrl/cmd+shift+p), type "Remote-SSH", and select "Connect Current Window to Host". This should automatically look at the previously created config, and now prompt you for a one time password.
+
+```shell
+cf ssh-code
+```
+
+## Navigate to Application Code
+
+You should now be connected to the remote host, and need only navigate to the directory containing the application code you want to change (likely `/home/vcap/app/`).
+
+Note that redeploying or restaging will wipe all changes made remotely.
+
+## Useful Links
+
+[VS Code Remote Overview](https://code.visualstudio.com/docs/remote/remote-overview)
+[Jetbrains Remote development](https://www.jetbrains.com/help/idea/remote-development-starting-page.html)

tdrs-backend/.env.example

@@ -17,6 +17,13 @@ JWT_CERT_TEST=a_public_cert
 # Initial superuser username should be the developer's login.gov email address
 DJANGO_SU_NAME=dev.email@example.com
 
+
+### AMS OpenID vars ###
+
+AMS_CONFIGURATION_ENDPOINT=
+AMS_CLIENT_ID=
+AMS_CLIENT_SECRET=
+
 ###
 # Optional environment variables
 # These need not be defined, but can be overwritten as needed

tdrs-backend/Pipfile

@@ -46,6 +46,7 @@ psycopg2-binary = "==2.9.1"
 pyjwt = "==2.1.0"
 requests = "==2.26.0"
 wait-for-it = "==2.2.0"
+requests-mock = "==1.9.3"
 
 [requires]
 python_version = "3.8"

tdrs-backend/README.md

@@ -191,3 +191,8 @@ $ cf bind-service tdp-backend tdp-db
 ```bash
 $ cf restage tdp-backend
 ```
+
+
+### Useful Links
+
+[Remote Development Guide](../docs/Technical-Documentation/remote-development.md)

tdrs-backend/docker-compose.yml

@@ -63,6 +63,9 @@ services:
       - JWT_KEY
       - USE_LOCALSTACK
       - LOGGING_LEVEL
+      - AMS_CLIENT_ID
+      - AMS_CLIENT_SECRET
+      - AMS_CONFIGURATION_ENDPOINT
     volumes:
       - .:/tdpapp
     image: tdp

tdrs-backend/setup.cfg

@@ -26,15 +26,17 @@ docstring-convention=numpy
 exclude =
     .git,
     __pycache__,
-    # We ideally want migrations to be readbale, but they often get quite nested
+    # We ideally want migrations to be readable, but they often get quite nested
     # and often have long strings.
     */migrations/*,
     # No need to check blank files
     __init__.py,
+    # These settings files often have very long strings
+    */settings/common.py/,
 # D203 conflicts with D211, which is the more conventional of the two
 extend-ignore =  E226,E302,E41,D203
 # Reducing line length so flake8 linter forces easier to read code
-max-line-length = 88
+max-line-length = 120
 max-complexity = 10