This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description

dj-sso-server is a Django application that provides Single Sign-on feature for your project.

The dj-sso-server application works as a SSO provider , you can use dj-sso-client (https://github.com/feifangit/dj-sso-client) as the SSO client in other projects need SSO.

Installation

Install by command pip install dj-sso-server

The dependent package dj-api-auth (https://github.com/feifangit/dj-api-auth) will be installed automatically.

How it works

  • Based on the dj-api-auth module, we can create an API key with SSO related APIs initially included. All the API communications between dj-sso-server and dj-sso-client are protected by dj-api-auth

  • The API key will also be bind with a host which is used to limit the origin of SSO requests.

  • SSO work flow with dj-sso-client

    1. Firstly, dj-sso-client applies a request key via API reqeusttoken/ on dj-sso-server

    2. The request key in dj-sso-server side will be kept in cache for 5 minutes, so the whole SSO login process should be done in 5 minutes.

    3. With the request key, dj-sso-client redirects user to SSO login page on SSO provider, and get auth token if login success. dj-sso-server will

      • verify the request origin
      • verify request key validity (expired?)
      • save user information in cache
    4. dj-sso-client verifies the auth token with dj-sso-server via API authtoken/, and get a SSOUser object.

    5. dj-sso-server delete the request key from cache once the authtoken/ is called.

  • If there’s an already logged-in account on dj-sso-server (say, the project where SSO provider is placed also provides other features, and there’s a valid cookies in browser side and valid session on server side), user can select to continue with that logged account.

  • SSO login through dj-sso-server with not affect the login status on dj-sso-server.

Attention

Since request keys are stored in cache waiting for verification or expiration. If you have multiple application process running in your deployment (gunicorn etc.), please use proper cache system that can be shared between processes.

Memcached and Redis are both great for caching, be aware, the Local-memory caching (django.core.cache.backends.locmem.LocMemCache) is a toy for local debugging.

Add dj-sso-server to project

  1. Add djapiauth and djssoserver to INSTALLED_APPS in sttings.py
  2. Assign an URL to the module
# add auth for a browser-oriented view
url(r'^sso/', include("djssoserver.urls"))
#...

Settings

  • SSO_SERVER_USER_MODEL_TO_DICT_CLS
    • optional, a path to JSON encoder class
    • the default encoder processes datetime, date, time and decimal.Decimal
    # DjangoJSONEncoder from Django 1.7 source code
    class DjangoJSONEncoder(json.JSONEncoder):
        """
        JSONEncoder subclass that knows how to encode date/time and decimal types.
        """
    
        def default(self, o):
            # See "Date Time String Format" in the ECMA-262 specification.
            if isinstance(o, datetime.datetime):
                r = o.isoformat()
                if o.microsecond:
                    r = r[:23] + r[26:]
                if r.endswith('+00:00'):
                    r = r[:-6] + 'Z'
                return r
            elif isinstance(o, datetime.date):
                return o.isoformat()
            elif isinstance(o, datetime.time):
                if is_aware(o):
                    raise ValueError("JSON can't represent timezone-aware times.")
                r = o.isoformat()
                if o.microsecond:
                    r = r[:12]
                return r
            elif isinstance(o, decimal.Decimal):
                return str(o)
            else:
                return super(DjangoJSONEncoder, self).default(o)
    

Scan API

In order to discover and manage APIs, after dj-sso-server is added in an accessible urls.py, run command python manage.py reloadentrypoints to collect APIs to database.

Create API key for SSO

  1. From your admin site, create an API key at Single sign-on/SSO credential. All SSO related APIs will assigned to this API Key automatically.
  2. After the API key for SSO is ready, you can assign more APIs for this API key at API Auth/Credential from admin site

Customize SSO login page

You can add styles to your own SSO login page. simply create djsso/ssologin.html under the templates folder. Revamp it by imitating the original page

SSOUser object

dj-sso-client gets a SSOUser object whatever the User model is used in SSO provider project.

See detail in README file of dj-sso-client (https://github.com/feifangit/dj-sso-client)

DEMO

We have a SSO provider application running on Heroku (https://dj-sso-sample.herokuapp.com/).

Source code: under example folder

To try the demo out, check out the README file of dj-sso-client (https://github.com/feifangit/dj-sso-client)

Release History

Release History

0.5

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.3

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
dj-sso-server-0.5.tar.gz (36.8 kB) Copy SHA256 Checksum SHA256 Source Mar 10, 2015

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS HPE HPE Development Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting