diff --git a/roles/fedoauth/templates/fedoauth.cfg b/roles/fedoauth/templates/fedoauth.cfg index a745993f8f..33832af2c4 100644 --- a/roles/fedoauth/templates/fedoauth.cfg +++ b/roles/fedoauth/templates/fedoauth.cfg @@ -49,19 +49,17 @@ PERSONA_PRIVATE_KEY_PASSPHRASE = '{{ fedoauth_persona_key_passphrase }}' # OPENID CONFIGURATION # This is the OpenID url provided to users. Add %(username)s where the username should be entered # A list of trust roots for which the user will not need to confirm again -OPENID_TRUSTED_ROOTS = [] -# Currently all kicked out due to them being on the list for the covert check -# 'http://jenkins.cloud.fedoraproject.org/securityRealm/finishLogin', -# 'https://ask.fedoraproject.org/', -# 'https://fedorahosted.org/', -# 'https://badges.fedoraproject.org', -# 'https://apps.fedoraproject.org/tagger/', -# 'https://apps.fedoraproject.org/nuancier/', -# 'https://apps.fedoraproject.org/datagrepper/', -# 'https://apps.fedoraproject.org/calendar/', -# 'http://apps.fedoraproject.org/notifications/', -# 'http://copr.fedoraproject.org/', -# 'http://copr-fe.cloud.fedoraproject.org/'] +OPENID_TRUSTED_ROOTS = ['http://jenkins.cloud.fedoraproject.org/securityRealm/finishLogin', + 'https://ask.fedoraproject.org/', + 'https://fedorahosted.org/', + 'https://badges.fedoraproject.org', + 'https://apps.fedoraproject.org/tagger/', + 'https://apps.fedoraproject.org/nuancier/', + 'https://apps.fedoraproject.org/datagrepper/', + 'https://apps.fedoraproject.org/calendar/', + 'http://apps.fedoraproject.org/notifications/', + 'http://copr.fedoraproject.org/', + 'http://copr-fe.cloud.fedoraproject.org/'] OPENID_NON_TRUSTED_ROOTS = [] ### The maximum time after which the user must re-authenticate for OpenID in minutes (use 0 for no limit) OPENID_MAX_AUTH_TIME = 120