CESNET OIDC Auth backend for OARepo
Project description
..
CESNET OIDC Auth backend for OARepo
This remote backend is appropriate for e.g. a SPA application which communicates with Invenio via REST calls.
- Register a new application with CESNET OIDC Provider. When registering the application ensure that the Redirect URI points to:
https://<my_invenio_site>:5000/api/oauth/authorized/eduid/
- Grab the Client ID and Client Secret after registering the application
and add them to your ENVIRONMENT (
.env
):
OPENIDC_KEY=*Client ID*
OPENIDC_SECRET=*Client Secret*
- Now access the login page from your SPA using CESNET OAuth:
window.location =
"https://<my_invenio_site>:5000/api/oauth/login/eduid?next=<my_next_page>";
By default the CESNET module will try first look if a link already exists
between an eduID account and a user. If no link is found, it will be created.
Any external Perun groups will be automatically linked to invenio roles on
each login.
For more details you can play with a :doc:working example <examplesapp>
.
Customization
To customize group handling and validation, refer to your custom validation and parse functions using the following config values:
OAUTHCLIENT_CESNET_OPENID_GROUP_VALIDATOR = 'cesnet_openid_remote.groups.validate_group_uri'
"""Function used to validate external group URI."""
OAUTHCLIENT_CESNET_OPENID_GROUP_PARSER = 'cesnet_openid_remote.groups.parse_group_uri'
"""Function used to parse external group URI to (UUID, extra_data) pair."""
Further documentation is available on https://cesnet-openid-remote.readthedocs.io/
Copyright (C) 2021 CESNET.
CESNET-OpenID-Remote is free software; you can redistribute it and/or modify it under the terms of the MIT License; see LICENSE file for more details.
.. Copyright (C) 2021 CESNET.
CESNET-OpenID-Remote is free software; you can redistribute it and/or
modify it under the terms of the MIT License; see LICENSE file for more
details.
Changes
Version 0.1.0 (released TBD)
- Initial public release.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for cesnet-openid-remote-1.0.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2e666b06fc14ef3960249c748eba2fdae496267424a65c6d1e7133aa41c18513 |
|
MD5 | 54741338bcb3e021216ddfe70218f836 |
|
BLAKE2b-256 | 826f796d6b0fe1977c0e0eb01c06d1e2f80b411302f115a6e7894376bd46b09e |
Hashes for cesnet_openid_remote-1.0.0-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 85d7b8ea4d9f6ea7cb479e8f0c9357efa6ba1f332da1351c0faae4178c67201e |
|
MD5 | 3da1986a8640048433f7ad068dd6c3fb |
|
BLAKE2b-256 | fa2fe424b2d4d7dd1aceb6084c44710d9461bff548a0fa0b427b12155602cf3e |