A Django sso login based on django-mozilla-oidc that creates an inactive user upon SSO login.
Project description
Django Mozilla OIDC Custom
django-oidc-admin is a Django app that adds a custom login button to the Django admin login page using django-mozilla-oidc.
It does not allow direct authentication on the first SSO login but instead creates an inactive user.
The administrator must activate the user in the Django admin interface.
After activation, the user can log in using the SSO login button.
Quick Start
-
Add
django_oidc_admin"to yourINSTALLED_APPSsetting.
It must be before"django.contrib.admin".INSTALLED_APPS = [ ..., "django_oidc_admin", "django.contrib.admin", ..., ]
-
Add the following settings to your
settings.pyfile:# Required settings AUTHENTICATION_BACKENDS = ( "django_oidc_admin.authentication.DjangoOIDCAdminBackend", # Authentication OIDC "django.contrib.auth.backends.ModelBackend", # Classic authentication ) # Add the admin_navbar context processor to templates settings TEMPLATES = [ { "DIRS": [], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django_oidc_admin.context_processors.admin_navbar", ], }, }, ] # Mozilla Django OIDC mandatory settings OIDC_RP_CLIENT_ID = os.environ["OIDC_RP_CLIENT_ID"] OIDC_RP_CLIENT_SECRET = os.environ["OIDC_RP_CLIENT_SECRET"] OIDC_RP_SCOPES = "openid email profile" OIDC_OP_AUTHORIZATION_ENDPOINT = os.environ["OIDC_OP_AUTHORIZATION_ENDPOINT"] OIDC_OP_TOKEN_ENDPOINT = os.environ["OIDC_OP_TOKEN_ENDPOINT"] OIDC_OP_USER_ENDPOINT = os.environ["OIDC_OP_USER_ENDPOINT"] OIDC_OP_JWKS_ENDPOINT = os.environ["OIDC_OP_JWKS_ENDPOINT"] OIDC_RP_SIGN_ALGO = os.environ.get("OIDC_RP_SIGN_ALGO", "RS256") # Custom settings DMOC_NEW_USER_GROUP_NAME = os.environ.get("NAME_GROUP_USER_TO_ADD_TO") LOGIN_REDIRECT_URL = "admin:index" LOGIN_REDIRECT_URL_FAILURE = "admin:index" # Override the OIDC callback class to use the custom one OIDC_CALLBACK_CLASS = "django_oidc_admin.authentication.DjangoOIDCAdminCallbackView"
-
Include the app's URL configuration in
urls.py:from django.urls import path, include urlpatterns = [ path("oidc/", include("django_oidc_admin.urls")), ]
-
Start the development server and visit the admin login page to test the SSO login button.
License
See the LICENSE file for license rights and limitations (MIT).
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file django_oidc_admin-0.1.0.tar.gz.
File metadata
- Download URL: django_oidc_admin-0.1.0.tar.gz
- Upload date:
- Size: 9.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5bd17e2f56d8e6c770b1e97ab7720a0c2d1a79511e93b5e019aac0ac280143bb
|
|
| MD5 |
a11a27ac56aa107ba485d68e73e4a73e
|
|
| BLAKE2b-256 |
ad645edb3444f43e70ce340c02d245816d452646bd78a65b20517d31ba31e7d0
|
File details
Details for the file django_oidc_admin-0.1.0-py3-none-any.whl.
File metadata
- Download URL: django_oidc_admin-0.1.0-py3-none-any.whl
- Upload date:
- Size: 7.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.11.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ddb5eaa270d332f28cde16d6a3a0e34b7b8ff70e745052a64e57798b7870000c
|
|
| MD5 |
1a3e80a24ac46c90cb0046beb7f246ba
|
|
| BLAKE2b-256 |
3c58439b7a37a92cb2df4496df47a4c17e99519f649da55010f7e2bae282dcb9
|
