update keycloak realm and place envvars in correct place

Signed-off-by: omrishiv <327609+omrishiv@users.noreply.github.com>
2024-07-16 11:10:59 -07:00 · 2024-07-16 11:10:59 -07:00 · 28cd90a48c
commit 28cd90a48c
parent 5ca58d78a1
2 changed files with 12 additions and 12 deletions
--- a/jupyterhub/jupyterhub.yaml
+++ b/jupyterhub/jupyterhub.yaml
@ -17,21 +17,21 @@ spec:
        values: |
          hub:
            baseUrl: /jupyterhub
+            extraEnv:
+              - name: OAUTH_TLS_VERIFY # for getting around self signed certificate issue
+                value: "0"
+              - name: OAUTH_CLIENT_SECRET
+                valueFrom:
+                  secretKeyRef:
+                    name: jupyterhub-oidc
+                    key: JUPYTERHUB_OAUTH_CLIENT_SECRET
            config:
-              extraEnv:
-                - name: OAUTH_TLS_VERIFY # for getting around self signed certificate issue
-                  value: "0"
-                - name: OAUTH_CLIENT_SECRET
-                  valueFrom:
-                    secretKeyRef:
-                      name: jupyterhub-oidc
-                      key: JUPYTERHUB_OAUTH_CLIENT_SECRET
              GenericOAuthenticator:
                oauth_callback_url: https://cnoe.localtest.me:8443/jupyterhub/hub/oauth_callback
                client_id: jupyterhub
-                authorize_url: https://cnoe.localtest.me:8443/keycloak/realms/master/protocol/openid-connect/auth
-                token_url: https://cnoe.localtest.me:8443/keycloak/realms/master/protocol/openid-connect/token
-                userdata_url: https://cnoe.localtest.me:8443/keycloak/realms/master/protocol/openid-connect/userinfo
+                authorize_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/auth
+                token_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/token
+                userdata_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/userinfo
                scope:
                  - openid
                  - profile
--- a/jupyterhub/jupyterhub/manifests/jupyterhub-config.yaml
+++ b/jupyterhub/jupyterhub/manifests/jupyterhub-config.yaml
@ -12,7 +12,7 @@ data:
      "name": "Jupyterhub Client",
      "description": "Used for Jupyterhub SSO",
      "publicClient": false,
-      "authorizationServicesEnabled": true,
+      "authorizationServicesEnabled": false,
      "serviceAccountsEnabled": false,
      "implicitFlowEnabled": false,
      "directAccessGrantsEnabled": true,