From 70f71744fb24cebe52899bd87bbade6cfc95d43c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= <aurelien@bompard.org>
Date: Fri, 11 Sep 2020 15:22:15 +0200
Subject: [PATCH] Ipsilon: prepare config changes for staging
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
---
 roles/ipsilon/templates/configuration.conf | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/roles/ipsilon/templates/configuration.conf b/roles/ipsilon/templates/configuration.conf
index 423fb2918e..82fffa18c6 100644
--- a/roles/ipsilon/templates/configuration.conf
+++ b/roles/ipsilon/templates/configuration.conf
@@ -5,15 +5,16 @@ fas FAS Proxy client user Agent=Fedora Ipsilon
 fas FAS Insecure Auth=False
 
 [info_config]
+{% if env == "production" %}
 global enabled=fas
 fas FAS url=https://admin{{env_suffix}}.fedoraproject.org/accounts/
 fas FAS Proxy client user Agent=Fedora Ipsilon
 fas FAS Insecure Auth=False
 fas Bind Username={{ ipsilon_fasinfo_username }}
-{% if env == "production" %}
 fas Bind Password={{ ipsilon_fasinfo_prod_password }}
 {% else %}
-fas Bind Password={{ ipsilon_fasinfo_stg_password }}
+global enabled=fasjson
+fasjson fasjson url=https://fasjson{{env_suffix}}.fedoraproject.org/
 {% endif %}
 
 [authz_config]
@@ -42,7 +43,11 @@ openidc policy url=https://fedoraproject.org/wiki/Legal:PrivacyPolicy
 openidc tos url=https://fedoraproject.org/wiki/Legal:PrivacyPolicy
 openidc idp sig key id=20161031-sig
 openidc allow dynamic client registration=False
+{% if env == 'staging' %}
+openidc default attribute mapping=[["email", "email"], ["username", "preferred_username"], ["timezone", "zoneinfo"], ["locale", "locale"], ["human_name","name"], ["agreements","agreements"], ["groups","groups"]]
+{% else %}
 openidc default attribute mapping=[["*", "*"], ["timezone", "zoneinfo"], ["_groups", "groups"], [["_extras", "cla"], "cla"], ["fullname", "name"], ["_username", "preferred_username"]]
+{% endif %}
 
 openid endpoint url=https://id{{env_suffix}}.fedoraproject.org/openid/
 openid identity url template=http://%(username)s.id{{env_suffix}}.fedoraproject.org/