From 1b5be9c387cc508f26a1cd8229dcfa701630916a Mon Sep 17 00:00:00 2001
From: Sam Oehlert <sam.oehlert@gmail.com>
Date: Fri, 19 Sep 2025 12:43:00 -0500
Subject: [PATCH 1/4] fix(login/out/redirect): edit the log{in|out}_urls and
 log{in|out}_redirect_urls to fix the local auth and hopefully the oidc

added some debugging that will go away once its working
---
 .gitignore                                |  1 +
 config/settings/base.py                   | 17 ++++++++---------
 config/settings/local.py                  |  6 ------
 scram/route_manager/context_processors.py | 16 ++++++++++++++--
 4 files changed, 23 insertions(+), 17 deletions(-)

diff --git a/.gitignore b/.gitignore
index 650900c1..de45d5c7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -348,3 +348,4 @@ coverage.xml
 
 # Ignore copied-back autogenerated grpc library
 translator/*pb2*.py*
+.idea/ruff.xml
diff --git a/config/settings/base.py b/config/settings/base.py
index 0001daf1..289f5f59 100644
--- a/config/settings/base.py
+++ b/config/settings/base.py
@@ -319,6 +319,12 @@
     # Extend middleware to add OIDC auth backend
     AUTHENTICATION_BACKENDS += ["scram.route_manager.authentication_backends.ESnetAuthBackend"]
 
+    # https://docs.djangoproject.com/en/dev/ref/settings/#login-url
+    LOGIN_URL = "oidc_authentication_init"
+
+    # https://docs.djangoproject.com/en/dev/ref/settings/#logout-url
+    LOGOUT_URL = "oidc_logout"
+
     # Need to point somewhere otherwise /oidc/logout/ redirects to /oidc/logout/None which 404s
     # https://github.com/mozilla/mozilla-django-oidc/issues/118
     LOGIN_REDIRECT_URL = "/"
@@ -327,21 +333,14 @@
     # https://github.com/mozilla/mozilla-django-oidc/issues/434
     LOGOUT_REDIRECT_URL = "/"
 
-    # https://docs.djangoproject.com/en/dev/ref/settings/#login-url
-    LOGIN_URL = "/"
-
-    # https://docs.djangoproject.com/en/dev/ref/settings/#logout-url
-    LOGOUT_URL = "/"
-
     OIDC_RP_CLIENT_ID = os.environ.get("OIDC_RP_CLIENT_ID")
     OIDC_RP_CLIENT_SECRET = os.environ.get("OIDC_RP_CLIENT_SECRET")
 
 elif AUTH_METHOD == "local":
-    # Points to 'route_manager:home'
     # https://docs.djangoproject.com/en/dev/ref/settings/#login-redirect-url
-    LOGIN_REDIRECT_URL = "local_auth:login"
+    LOGIN_REDIRECT_URL = "route_manager:home"
 
-    LOGOUT_REDIRECT_URL = "local_auth:logout"
+    LOGOUT_REDIRECT_URL = "route_manager:home"
 
     # https://docs.djangoproject.com/en/dev/ref/settings/#login-url
     LOGIN_URL = "local_auth:login"
diff --git a/config/settings/local.py b/config/settings/local.py
index c6618ab3..5e4d7802 100644
--- a/config/settings/local.py
+++ b/config/settings/local.py
@@ -82,12 +82,6 @@
     msg = "oidc is not yet implemented"
     raise NotImplementedError(msg)
 
-# https://docs.djangoproject.com/en/dev/ref/settings/#login-url
-LOGIN_URL = "admin:login"
-# https://docs.djangoproject.com/en/dev/ref/settings/#logout-url
-LOGOUT_URL = "admin:logout"
-
-
 SCRAM_HOSTNAME = env(
     "SCRAM_HOSTNAME",
     default="scram_hostname_not_set",
diff --git a/scram/route_manager/context_processors.py b/scram/route_manager/context_processors.py
index b87dcf70..3fbfc87d 100644
--- a/scram/route_manager/context_processors.py
+++ b/scram/route_manager/context_processors.py
@@ -2,6 +2,7 @@
 
 from django.conf import settings
 from django.urls import reverse
+from django.shortcuts import redirect
 
 from scram.route_manager.models import Entry
 
@@ -12,8 +13,19 @@ def login_logout(request):
     Returns:
        dict: login and logout URLs
     """
-    login_url = reverse(settings.LOGIN_URL)
-    logout_url = reverse(settings.LOGOUT_URL)
+    if ":" in settings.LOGIN_URL:
+        print(f"WTFFFFFFFFFFFFFFFFFFFFFFF: {settings.LOGIN_URL}")
+        login_url = reverse(settings.LOGIN_URL)
+        logout_url = reverse(settings.LOGOUT_URL)
+    else:
+        login_url = redirect(settings.LOGIN_URL)
+        logout_url = redirect(settings.LOGOUT_URL)
+
+    print(f"REDIREC OUT: {settings.LOGOUT_REDIRECT_URL}")
+    print(f"REDIRECT IN: {settings.LOGIN_REDIRECT_URL}")
+    print(f"LOGOUT_URL: {logout_url}")
+    print(f"LOGIN_URL: {login_url}")
+
     return {"login": login_url, "logout": logout_url}
 
 

From b31f11979976ebbbf35ac74ddde120b25149436d Mon Sep 17 00:00:00 2001
From: Sam Oehlert <sam.oehlert@gmail.com>
Date: Fri, 19 Sep 2025 13:16:57 -0500
Subject: [PATCH 2/4] fix(oidc): fix oidc auth. i was overly complex and also
 misunderstanding the settings

---
 scram/route_manager/context_processors.py | 14 ++------------
 1 file changed, 2 insertions(+), 12 deletions(-)

diff --git a/scram/route_manager/context_processors.py b/scram/route_manager/context_processors.py
index 3fbfc87d..5f7d7756 100644
--- a/scram/route_manager/context_processors.py
+++ b/scram/route_manager/context_processors.py
@@ -13,18 +13,8 @@ def login_logout(request):
     Returns:
        dict: login and logout URLs
     """
-    if ":" in settings.LOGIN_URL:
-        print(f"WTFFFFFFFFFFFFFFFFFFFFFFF: {settings.LOGIN_URL}")
-        login_url = reverse(settings.LOGIN_URL)
-        logout_url = reverse(settings.LOGOUT_URL)
-    else:
-        login_url = redirect(settings.LOGIN_URL)
-        logout_url = redirect(settings.LOGOUT_URL)
-
-    print(f"REDIREC OUT: {settings.LOGOUT_REDIRECT_URL}")
-    print(f"REDIRECT IN: {settings.LOGIN_REDIRECT_URL}")
-    print(f"LOGOUT_URL: {logout_url}")
-    print(f"LOGIN_URL: {login_url}")
+    login_url = reverse(settings.LOGIN_URL)
+    logout_url = reverse(settings.LOGOUT_URL)
 
     return {"login": login_url, "logout": logout_url}
 

From a6c7c9a71eff5a7d5212ef0a93a5cd0f438d6e0c Mon Sep 17 00:00:00 2001
From: Sam Oehlert <sam.oehlert@gmail.com>
Date: Fri, 19 Sep 2025 13:18:36 -0500
Subject: [PATCH 3/4] refactor(update): use the newest mozilla oidc package

we were super out of date and it seems like everything works with the latest
---
 requirements/base.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index b43b582a..a9116374 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -26,6 +26,6 @@ drf-spectacular # https://github.com/tfranzel/drf-spectacular
 
 # OIDC
 # ------------------------------------------------------------------------------
-mozilla_django_oidc==2.0.0 # https://github.com/mozilla/mozilla-django-oidc
+mozilla_django_oidc==4.0.1 # https://github.com/mozilla/mozilla-django-oidc
 
 websockets~=10.3

From 79634945af164925d68b5753f4f7e64e57c80bca Mon Sep 17 00:00:00 2001
From: Sam Oehlert <sam.oehlert@gmail.com>
Date: Fri, 19 Sep 2025 13:28:23 -0500
Subject: [PATCH 4/4] style(isort): fix ruff isort failure

---
 scram/route_manager/context_processors.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/scram/route_manager/context_processors.py b/scram/route_manager/context_processors.py
index 5f7d7756..e08a2fc5 100644
--- a/scram/route_manager/context_processors.py
+++ b/scram/route_manager/context_processors.py
@@ -2,7 +2,6 @@
 
 from django.conf import settings
 from django.urls import reverse
-from django.shortcuts import redirect
 
 from scram.route_manager.models import Entry