# Setup steps for Production

## Shop Product

In the Django shop app, create new products that should be available in the shop:

- `vv-de` Price 32430 (324_3- -> 324.30 CHF), base 300 CHF + 8.1% MWSt., name & description can be anything.
  - ONLY if `COURSE_VERSICHERUNGSVERMITTLERIN_ID` exists!
- `vv-fr` Price 32430 (324_3- -> 324.30 CHF), base 300 CHF + 8.1% MWSt., name & description can be anything.
  - ONLY if `COURSE_VERSICHERUNGSVERMITTLERIN_ID_FR` exists!
- `vv-it` Price 32430 (324_3- -> 324.30 CHF), base 300 CHF + 8.1% MWSt., name & description can be anything.
  - ONLY if `COURSE_VERSICHERUNGSVERMITTLERIN_ID_IT` exists!

## Datatrans (Payment Provider)

- Set `DATATRANS_BASIC_AUTH_KEY`:
  - https://admin.sandbox.datatrans.com/MenuDispatch.jsp?main=1&sub=4
  - `echo -n "{merchantid}:{password}" | base64`

- Set `DATATRANS_HMAC_KEY`:
  - https://admin.sandbox.datatrans.com/MerchSecurAdmin.jsp

For Production:

1. Coordinate with datatrans to get production account. -> TBD!
2. Set `DATATRANS_BASIC_AUTH_KEY` and `DATATRANS_HMAC_KEY` to the production values (see above).

## OAUTH

For Production: Make sure that the following env vars are set:

### Azure B2C

- Set `OAUTH_SIGNUP_CLIENT_ID`
- Set `OAUTH_SIGNUP_CLIENT_SECRET`
- Set `OAUTH_SIGNUP_SERVER_METADATA_URL` (.well-known/openid-configuration)
- Set `OAUTH_SIGNUP_TENANT_ID`
- Set `OAUTH_SIGNUP_REDIRECT_URI` (`.../sso/login` e.g. `https://myvbv-stage.iterativ.ch/sso/login`)

### Keycloak

- Set `OAUTH_SIGNIN_CLIENT_ID`
- Set `OAUTH_SIGNIN_CLIENT_SECRET`
- Set `OAUTH_SIGNIN_SERVER_METADATA_URL` (.well-known/openid-configuration)
- Set `OAUTH_SIGNIN_REDIRECT_URI` (`.../sso/callback` e.g. `https://myvbv-stage.iterativ.ch/sso/callback`)

### Caprover (VITEx)

- Set `VITE_OAUTH_API_BASE_URL` in `caprover_deploy.sh` for `prod` environment.
  - `OAUTH_SIGNIN_SERVER_METADATA_URL` should help to find the correct value.
  - Should be the SSO Prod one from Lernnetz. -> TBD!

### send_vv_welcome_email()

- Due to lack of access to Sendgrid, never tested actually sending the email.

## Testing Payment Flow

- To get user into state for testing (e.g. test-student1@example.com so that he can buy the course):
  - Remove all existing course session users for the user.
  - Remove all existing checkout information for the user.

### Cleanup

After everything runs fine, we should be able to remove the following deprecated env vars:

1. `IT_OAUTH_TENANT_ID`
2. `IT_OAUTH_CLIENT_NAME`
3. `IT_OAUTH_CLIENT_ID`
4. `IT_OAUTH_CLIENT_SECRET`
5. `IT_OAUTH_API_BASE_URL`
6. `IT_OAUTH_LOCAL_REDIRECT_URI`
7. `IT_OAUTH_SERVER_METADATA_URL`
8. `IT_OAUTH_SCOPE`