endi_oidc_provider

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for tonthon21 from gravatar.com tonthon21

Unverified details

These details have not been verified by PyPI
Meta
  • Tags web, wsgi, bfg, pylons, pyramid
Classifiers

Project description

This is still a work in progress.

Open Id connect provider based on enDI (http://endi.coop).

Only Authorization Code Flow is supported

Getting Started

  • cd <directory containing this file>

  • $VENV/bin/pip install -e .

  • $VENV/bin/initialize_endi_oidc_provider_db development.ini

  • $VENV/bin/pserve development.ini

Authorization handling

Generate a new client’s key :

oidc-manage <config_uri> clientadd --client=<client> --uri=<redirect_uri> --scopes=<scopes> --cert_salt=<cert_salt>

config_uri : Your ini file

client: A label for your client

redirect_uri : The redirect uri has described in the openid connect specifications (The one passed in the Authorize step)

scopes : The scope the application is requesting (at least the openid scope should be provided) e.g: “openid profile”

cert_salt : A salt random key that will be used to encrypt the client secret in the database

After generating both client_id and client_secret. The client app is able to request authentication.

Authorize Endpoint

The client app can call the Authorization url :

https://myoidc_provider.com/oidc/authorize

It allows :

  • Authenticate a user

  • Get an Authorization code in the response

Token url

Called in the background, the Token endpoint is accessible at the following url :

https://myoidc_provider.com/oidc/token

The RFC : https://tools.ietf.org/html/rfc6749#section-2.3.1

Describes Client Password transmission methods.

Supported client auth method :

  • Through request headers : Basic auth tokens are supported

  • Through request POST params : client_id and client_secret keys are then expected

In the response you get :

  • An access token with mandatory informations

  • An id_token JWS encrypted as described in the spec

  • Since we use code flow, the id_token also returns the at_hash access_token identification key

enDI integration

In your enDI’s ini file add the following :

pyramid.includes =
                    ...
                    endi_oidc_provider
                    ...

(That’s for model registration so that the db startup initialize the tables)

And add the following :

endi.includes =
                    ...
                    endi_oidc_provider.plugin
                    ...

That register OIDC client application configuration UI :

  • routes

  • views

  • traversal tree branch

  • template api stuff

  • templates

  • menu entries

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for tonthon21 from gravatar.com tonthon21

Unverified details

These details have not been verified by PyPI
Meta
  • Tags web, wsgi, bfg, pylons, pyramid
Classifiers

Release history Release notifications | RSS feed

6.3.1

6.3.0

6.3.0a1 pre-release

6.2.0

This version

6.2.0a0 pre-release

6.0.1

5.0.1

5.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

endi_oidc_provider-6.2.0a0.tar.gz (32.3 kB view details)

Uploaded Source

Built Distribution

endi_oidc_provider-6.2.0a0-py3-none-any.whl (40.5 kB view details)

Uploaded Python 3

File details

Details for the file endi_oidc_provider-6.2.0a0.tar.gz.

File metadata

  • Download URL: endi_oidc_provider-6.2.0a0.tar.gz
  • Upload date:
  • Size: 32.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.3.0 pkginfo/1.7.0 requests/2.25.1 setuptools/49.1.3 requests-toolbelt/0.9.1 tqdm/4.56.1 CPython/3.9.7

File hashes

Hashes for endi_oidc_provider-6.2.0a0.tar.gz
Algorithm Hash digest
SHA256 5eaaeb51d3f4fd1cad2a8ac4201c69452a0b2deabcfe497a58c259c0f397784a
MD5 3dee2ddf55b8c4f89718d80546717b9b
BLAKE2b-256 0b3b4fe833190da46682383ffed309b69bded7e7fb3698433941d628f6c66003

See more details on using hashes here.

File details

Details for the file endi_oidc_provider-6.2.0a0-py3-none-any.whl.

File metadata

  • Download URL: endi_oidc_provider-6.2.0a0-py3-none-any.whl
  • Upload date:
  • Size: 40.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.3.0 pkginfo/1.7.0 requests/2.25.1 setuptools/49.1.3 requests-toolbelt/0.9.1 tqdm/4.56.1 CPython/3.9.7

File hashes

Hashes for endi_oidc_provider-6.2.0a0-py3-none-any.whl
Algorithm Hash digest
SHA256 ddadae3c6283d9a71c21e3ea4b8b3da4d63abf431879b17ab023de2b9f67e27e
MD5 59525dfe406db79484aba4c1cc8677c0
BLAKE2b-256 616412760f9f63ec8fcc424f4313217c8bfe3be244b82370425dda6f361564fb

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page