Update CyVerse Keycloak settings for SSO

mb-wali · mb-wali · commit c973ef2abeb3 · 2026-01-08T12:08:42.000+01:00
diff --git a/themes/MUG/invenio.cfg b/themes/MUG/invenio.cfg
@@ -384,22 +384,28 @@ _keycloak_helper = KeycloakSettingsHelper(
     legacy_url_path=False
 )
 
-_cyverse_keycloak_helper = KeycloakSettingsHelper(
-    title="CyVerse",
-    description="CyVerse",
-    base_url="https://keycloak.cyverse.at",
-    realm="CyVerse",
-    app_key="CYVERSE_KEYCLOAK_APP_CREDENTIALS",
-    legacy_url_path=False,
-)
-
 OAUTHCLIENT_KEYCLOAK_REALM_URL = _keycloak_helper.realm_url
 OAUTHCLIENT_KEYCLOAK_USER_INFO_URL = _keycloak_helper.user_info_url
 OAUTHCLIENT_KEYCLOAK_VERIFY_EXP = True  # whether to verify the expiration date of tokens
 OAUTHCLIENT_KEYCLOAK_VERIFY_AUD = True  # whether to verify the audience tag for tokens
 OAUTHCLIENT_KEYCLOAK_AUD = "inveniordm"  # probably the same as the client ID
 OAUTHCLIENT_KEYCLOAK_USER_INFO_FROM_ENDPOINT = True
 
+_cyverse_keycloak_helper = KeycloakSettingsHelper(
+    title="Cyverse SSO",
+    description="Cyverse SSO",
+    base_url="https://keycloak.cyverse.at",
+    realm="CyVerse",
+    app_key="CYVERSE_KEYCLOAK_APP_CREDENTIALS",
+)
+OAUTHCLIENT_CYVERSE_KEYCLOAK_REALM_URL = _cyverse_keycloak_helper.realm_url
+OAUTHCLIENT_CYVERSE_KEYCLOAK_USER_INFO_URL = _cyverse_keycloak_helper.user_info_url
+OAUTHCLIENT_CYVERSE_KEYCLOAK_VERIFY_EXP = True
+OAUTHCLIENT_CYVERSE_KEYCLOAK_VERIFY_AUD = True
+OAUTHCLIENT_CYVERSE_KEYCLOAK_AUD = "inveniordm"
+OAUTHCLIENT_CYVERSE_KEYCLOAK_USER_INFO_FROM_ENDPOINT = True
+
+
 OAUTHCLIENT_REMOTE_APPS = {
     "keycloak": _keycloak_helper.remote_app,
     # Enable when needed (see docs: multiple keycloak authentication providers):
