Authentication via AAF Rapid Connect
Project description
ckanext-aaf
Allows AAF (Australian Acceess Federation) authentication to log into a CKAN installation.
Requirements
Tested with CKAN 2.5.1, should be fairly easy to port across versions as the codebase is quite small - PR’s welcome! Requires an AAF ‘Rapid Conect’ application to be setup (see https://rapid.aaf.edu.au/ or https://rapid.test.aaf.edu.au/) For a live installation, will require SSL (as AAF will not allow callbacks to a non SSL URL)
Installation
To install ckanext-aaf:
Activate your CKAN virtual environment, for example:
. /usr/lib/ckan/default/bin/activate
Install the ckanext-aaf Python package into your virtual environment:
pip install ckanext-aaf
Add aaf to the ckan.plugins setting in your CKAN config file (by default the config file is located at /etc/ckan/default/production.ini).
Setup config settings (described below), required to decode the JWT tokens passed back by AAF.
Restart CKAN. For example if you’ve deployed CKAN with Apache on Ubuntu:
sudo service apache2 reload
Config Settings
All the settings are required:
ckanext.aaf.url = The unique URL given by AAF Rapid Connect (get one from rapid.aaf.edu.au or rapid.test.aaf.edu.au) ckanext.aaf.secret = The secret used to set up the above URL ckanext.aaf.aud = The URL of your application, as provided to Rapid Connect (doesn't have to match the callback URL)
For example (these settings will not work, register your own application!):
ckan.aaf.url = https://rapid.aaf.edu.au/jwt/authnrequest/research/xxxxyyyzzzz ckan.aaf.secret = asdfasdf#$#$#$asdfasdf ckan.aaf.aud = http://myappurl.edu.au
Development Installation
To install ckanext-aaf for development, activate your CKAN virtualenv and do:
git clone https://github.com/Psykar/ckanext-aaf.git cd ckanext-aaf pip install -e .
Running the Tests
To run the tests, do:
nosetests --nologcapture --with-pylons=test.ini
To run the tests and produce a coverage report, first make sure you have coverage installed in your virtualenv (pip install coverage) then run:
nosetests --nologcapture --with-pylons=test.ini --with-coverage --cover-package=ckanext.aaf --cover-inclusive --cover-erase --cover-tests
Registering ckanext-aaf on PyPI
ckanext-aaf should be availabe on PyPI as https://pypi.python.org/pypi/ckanext-aaf. If that link doesn’t work, then you can register the project on PyPI for the first time by following these steps:
Create a source distribution of the project:
python setup.py sdist
Register the project:
python setup.py register
Upload the source distribution to PyPI:
python setup.py sdist upload
Tag the first release of the project on GitHub with the version number from the setup.py file. For example if the version number in setup.py is 0.0.1 then do:
git tag 0.0.1 git push --tags
Releasing a New Version of ckanext-aaf
ckanext-aaf is availabe on PyPI as https://pypi.python.org/pypi/ckanext-aaf. To publish a new version to PyPI follow these steps:
Update the version number in the setup.py file. See PEP 440 for how to choose version numbers.
Create a source distribution of the new version:
python setup.py sdist
Upload the source distribution to PyPI:
python setup.py sdist upload
Tag the new release of the project on GitHub with the version number from the setup.py file. For example if the version number in setup.py is 0.0.2 then do:
git tag 0.0.2 git push --tags
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.