Django database backend for Azure Postgresql that adds AAD authentication
Project description
django_database_postgresql_aad_backend
django-database-postgresql-aad-backend is a django database backend that adds Azure active directory authentication for your Azure postgresql server. It uses the authentication as described in Azure documentation : https://docs.microsoft.com/en-us/azure/postgresql/howto-configure-sign-in-aad-authentication.
This backend is based on Django postgresql backend (which it inherits from all its features) and adds AAD options in database settings as described bellow :
DATABASES = {
"default": {
"ENGINE": "django_database_postgresql_aad_backend",
"NAME": os.getenv("DB_NAME"),
"HOST": os.getenv("DB_HOST"),
"PORT": os.getenv("DB_PORT"),
"USER": os.getenv("DB_USERNAME"),
"PASSWORD": "",
"OPTIONS": {
"sslmode": "require"
},
"AAD_OPTIONS": {
"SP_CLIENT_ID": os.getenv("DB_SP_CLIENT_ID"),
"`SP_CLIENT_SECRET`": os.getenv("DB_SP_CLIENT_SECRET"),
"`SP_TENANT_ID`": os.getenv("DB_SP_TENANT_ID"),
}
}
}
To enable Azure Active directory authentication you need to :
- Install
django_database_postgresql_aad_backendusing pip :
pip install django_database_postgresql_aad_backend
- Add the backend to installed apps in
setting.py
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'django_database_postgresql_aad_backend',
]
-
Provide
AAD_OPTIONSdictionary inside database settings with the following keys :SP_CLIENT_ID(Required) The client ID of the service principal used to authenticate to Azure Active directory.SP_CLIENT_SECRET: (Required) The client secret of the service principal used to authenticate to Azure active directory.SP_TENANT_ID: (Required) The tenant ID of the service principal.REFRESH_BEFORE_MINUTES: (Optional) This is used to specify how much time (in minutes) the token should be valid. Default value is 5.
If you don't provide AAD_OPTIONS dictionary, Azure active directory authentication will be disabled and the backend
will use the default user/password authentication method.
Tests
To run tests :
python3 -m venv venv
source venv/bin/activate
pip3 install -r requirements.txt
coverage run --source django_database_postgresql_aad_backend -m unittest discover
coverage report
Building package
To build package :
python3 -m venv venv
source venv/bin/activate
pip3 install -r requirements.txt
python3 setup.py sdist bdist_wheel
Publish package
twine upload --repository-url https://test.pypi.org/legacy/ dist/*
Improvements
- The token is fetched and stored in memory. An improvement would be to support a caching system to store token and share it between multiple instances of the backend.
- Add more test cases !
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_database_postgresql_aad_backend-0.0.1.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0b0888af90718f4e5299a4c9d5347419c4e6da14b8db5ccaa90c9f60453740e0 |
|
| MD5 | 6595d4cb935ed50cbfa310e359d10cb1 |
|
| BLAKE2b-256 | 267fc58b272aa53794fab3eb5f9fc46fcb1d006ca607ebdc2c75c3cd754eb7d3 |
Hashes for django_database_postgresql_aad_backend-0.0.1-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 39afe35dadd6191a1e074f148ff3c6d5e90a758be690b688f891a91ed97c9217 |
|
| MD5 | 426f24c4966f31b778cb570d44f08119 |
|
| BLAKE2b-256 | c4ff63e60a24ab4e24f07c075eb3de30a937fcf61a1b432b89821dcc44ba120b |
