Login to CKAN using The Microsoft Authentication Library (MSAL)

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for DataShades from gravatar.com DataShades Avatar for mutantsan from gravatar.com mutantsan

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU Affero General Public License v3 or later (AGPLv3+) (AGPL)
  • Author: DataShades
  • Maintainer: DataShades
  • Tags SSO, CKAN, Microsoft, SAML, MSAL
Classifiers

Project description

ckanext-msal

This extension allows you to sign in users with Microsoft identities (Azure AD, Microsoft Accounts and Azure AD B2C accounts). It uses Microsoft MSAL library.

It works with Microsoft 365 accounts. But in future, the situation could change.

Requirements

Compatibility with core CKAN versions:

CKAN version Compatible?
2.7 and earlier no
2.8 no
2.9 no
2.10.0+ yes

Installation

To install ckanext-msal:

  1. Activate your CKAN virtual environment, for example:

    . /usr/lib/ckan/default/bin/activate

  2. Clone the source and install it on the virtualenv

    git clone https://github.com/mutantsan/ckanext-msal.git cd ckanext-msal pip install -e . pip install -r requirements.txt

  3. Add msal to the ckan.plugins setting in your CKAN config file (by default the config file is located at /etc/ckan/default/ckan.ini).

  4. Restart CKAN. For example if you've deployed CKAN with Apache on Ubuntu:

    sudo service apache2 reload

Config settings

# The application client id. Mandatory option.
ckanext.msal.client_id = 000000-0000-0000-0000-00000000000

# The client secret. Mandatory option.
ckanext.msal.client_secret = 000000-0000-0000-0000-00000000000

# The tenant ID. If it's not provided, the common one for multi-tenant app will be used.
# In this case, the application is not guaranteed to work properly.
# (optional, default: 'common').
ckanext.msal.tenant_id = 000000-0000-0000-0000-00000000000

# The redirect path should be setted up in Azure AD web app config.
# It handles the response from Microsoft.
# (optional, default: "/get_msal_token").
ckanext.msal.redirect_path

# While the session lifespan could be manage only in Azure AD conditional policies panel,
# this option actually implies how often do we send a test request for the Microsoft Graph API
# to check if our Access token is still alive.
# (optional, default: 3600, in seconds).
ckanext.msal.session_lifetime = 3600

# The list of restricted email domains. User won't be able to login under
# an email with those domains (optional, default: None)
ckanext.msal.restrict.domain_list = gmail.com, onmicrosoft.com

# The list of allowed email domains. User won't be able to login under
# any other emails (optional, default: None)
ckanext.msal.restrict.allowed_domain_list = protonmail.com, orgname.onmicrosoft.com

# A message that will be shown to users with a restricted domain
# (optional, default: "Your email domain is restricted. Please, contact site admin.")
ckanext.msal.restrict.error_message

Developer installation

To install ckanext-msal for development, activate your CKAN virtualenv and do:

git clone https://github.com/mutantsan/ckanext-msal.git
cd ckanext-msal
python setup.py develop
pip install -r dev-requirements.txt

Tests

If you changed something - be sure to run tests before merging your changes. To run tests, do:

pytest --ckan-ini=test.ini

License

AGPL

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for DataShades from gravatar.com DataShades Avatar for mutantsan from gravatar.com mutantsan

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU Affero General Public License v3 or later (AGPLv3+) (AGPL)
  • Author: DataShades
  • Maintainer: DataShades
  • Tags SSO, CKAN, Microsoft, SAML, MSAL
Classifiers

Release history Release notifications | RSS feed

This version

1.5.1

1.5.0

1.4.5

1.4.4

1.4.3

0.4.3

0.3.3

0.2.3

0.1.3

0.1.2

0.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ckanext_msal-1.5.1.tar.gz (25.2 kB view details)

Uploaded Source

Built Distribution

ckanext_msal-1.5.1-py3-none-any.whl (25.7 kB view details)

Uploaded Python 3

File details

Details for the file ckanext_msal-1.5.1.tar.gz.

File metadata

  • Download URL: ckanext_msal-1.5.1.tar.gz
  • Upload date:
  • Size: 25.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.8.10

File hashes

Hashes for ckanext_msal-1.5.1.tar.gz
Algorithm Hash digest
SHA256 7fff83dbc12f42e3766fb15025a8086ff911cced33d62316bba213762deeba31
MD5 eb25f6addda2459c248a16fce2a74e36
BLAKE2b-256 101bc13bc7abda66f82a62a705639b8095bd82b084d723021f7798d0dceb0d13

See more details on using hashes here.

File details

Details for the file ckanext_msal-1.5.1-py3-none-any.whl.

File metadata

  • Download URL: ckanext_msal-1.5.1-py3-none-any.whl
  • Upload date:
  • Size: 25.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.8.10

File hashes

Hashes for ckanext_msal-1.5.1-py3-none-any.whl
Algorithm Hash digest
SHA256 fe661c56f2963698d4d9ca2a131ed15de6b477248d26a6c1d83b18531f5e3cfd
MD5 e28fb61f0f81127207b1729f8ddf0c71
BLAKE2b-256 b9bd2e5fc9860136dc0d571158082b357dd2d095ea6926af58963a101129d333

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page