[landscape] Substitute oidc conf in service file

Substitute sensitive informations about oidc
found in landscape service configuration file.

From release 19.10, Landscape can use OpenID-Connect
(OIDC) to authenticate users. To enable OpenID-Connect
support, please add oidc-issuer, oidc-client-id and
oidc-client-secret to /etc/landscape/service.conf in
the [landscape] section.

Reference:
https://docs.ubuntu.com/landscape/en/onprem-auth#openid-connect-support

Closes: #2023
Resolves: #2025

Signed-off-by: Eric Desrochers <eric.desrochers@canonical.com>
Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>

1 files changed, 20 insertions, 0 deletions

diff --git a/sos/report/plugins/landscape.py b/sos/report/plugins/landscape.py
index e5574f77..3bb537e6 100644
--- a/sos/report/plugins/landscape.py
+++ b/sos/report/plugins/landscape.py
@@ -61,6 +61,16 @@ class Landscape(Plugin, UbuntuPlugin):
             r"secret-token = [********]"
         )
         self.do_file_sub(
+            "/etc/landscape/service.conf",
+            r"oidc-client-secret = (.*)",
+            r"oidc-client-secret = [********]"
+        )
+        self.do_file_sub(
+            "/etc/landscape/service.conf",
+            r"oidc-client-id = (.*)",
+            r"oidc-client-id = [********]"
+        )
+        self.do_file_sub(
             "/etc/landscape/service.conf.old",
             r"password = (.*)",
             r"password = [********]"
@@ -75,5 +85,15 @@ class Landscape(Plugin, UbuntuPlugin):
             r"secret-token = (.*)",
             r"secret-token = [********]"
         )
+        self.do_file_sub(
+            "/etc/landscape/service.conf.old",
+            r"oidc-client-secret = (.*)",
+            r"oidc-client-secret = [********]"
+        )
+        self.do_file_sub(
+            "/etc/landscape/service.conf.old",
+            r"oidc-client-id = (.*)",
+            r"oidc-client-id = [********]"
+        )
 
 # vim: set et ts=4 sw=4 :