From d2aa4be29e98cb0f8bbd53f023698b3213380aca Mon Sep 17 00:00:00 2001
From: Evan Cordell <cordell.evan@gmail.com>
Date: Thu, 28 Apr 2016 14:29:21 -0500
Subject: [PATCH] Explicitly set jwtproxy audience

---
 boot.py   | 5 +----
 config.py | 1 +
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/boot.py b/boot.py
index e4b34f537..01d9f1083 100644
--- a/boot.py
+++ b/boot.py
@@ -27,10 +27,7 @@ def create_quay_service_key():
 
 
 def create_jwtproxy_conf(quay_key_id):
-  audience = urlunparse((
-    app.config.get('PREFERRED_URL_SCHEME'),
-    app.config.get('SERVER_HOSTNAME'), '', '', '', ''))
-
+  audience = app.config.get('JWTPROXY_AUDIENCE')
   registry = audience + '/keys'
 
   with open("/conf/jwtproxy_conf.yaml.jnj") as f:
diff --git a/config.py b/config.py
index abd1d70bd..495f64e73 100644
--- a/config.py
+++ b/config.py
@@ -290,6 +290,7 @@ class DefaultConfig(object):
     'API_TIMEOUT_POST_SECONDS': 480,
   }
   JWTPROXY_SIGNER = 'localhost:8080'
+  JWTPROXY_AUDIENCE = 'https://quay.io:443'
 
   # Torrent management flags
   FEATURE_BITTORRENT = False