Enable service redirect auth and reverse-sync from DAB (#15489)

* Update settings from DAB features * Move to the end of the list more correctly
2026-01-10 15:32:07 -03:30 · 2024-09-23 08:52:06 -04:00 · 2024-09-23 08:52:06 -04:00 · 5b7a0504f4
commit 5b7a0504f4
parent 7db7abcd65
1 changed files with 8 additions and 1 deletions
--- a/awx/settings/defaults.py
+++ b/awx/settings/defaults.py
@ -524,7 +524,11 @@ _SOCIAL_AUTH_PIPELINE_BASE = (
    'social_core.pipeline.user.user_details',
    'awx.sso.social_base_pipeline.prevent_inactive_login',
 )
-SOCIAL_AUTH_PIPELINE = _SOCIAL_AUTH_PIPELINE_BASE + ('awx.sso.social_pipeline.update_user_orgs', 'awx.sso.social_pipeline.update_user_teams')
+SOCIAL_AUTH_PIPELINE = _SOCIAL_AUTH_PIPELINE_BASE + (
+    'awx.sso.social_pipeline.update_user_orgs',
+    'awx.sso.social_pipeline.update_user_teams',
+    'ansible_base.resource_registry.utils.service_backed_sso_pipeline.redirect_to_resource_server',
+)
 SOCIAL_AUTH_SAML_PIPELINE = _SOCIAL_AUTH_PIPELINE_BASE + ('awx.sso.saml_pipeline.populate_user', 'awx.sso.saml_pipeline.update_user_flags')
 SAML_AUTO_CREATE_OBJECTS = True

@ -1165,6 +1169,9 @@ OPTIONAL_UI_URL_PREFIX = ''
 # Use AWX base view, to give 401 on unauthenticated requests
 ANSIBLE_BASE_CUSTOM_VIEW_PARENT = 'awx.api.generics.APIView'

+# If we have a resource server defined, apply local changes to that server
+RESOURCE_SERVER_SYNC_ENABLED = True
+
 # Settings for the ansible_base RBAC system

 # This has been moved to data migration code