Django SAML auth plugin for python 3
Project description
Django-python3-saml is a Django app designed to allow plug & play SAML authentication setup for Python 3 enabled Django instance.
Install
Run the following command to install:
$pip install django-python3-saml
Setup
Create .env file in the same folder as settings.py if one does not already exist.
Copy the template below into the .env:
# Fill out all that apply. # On true or false pick the one that applies. # Django-environ expects lowercase true/false # Redirect URL passed to the next parameter. LOGIN_REDIRECT_URL="" # Absolute Path to X509CERT file location. X509CERT="" # HTTPS setting HTTPS=true or false # Service Provider Information SP_METADATA_URL="" SP_LOGIN_URL="" SP_LOGOUT_URL="" SP_X509CERT="" SP_PRIVATE_KEY="" # Identity Provider Information IDP_METADATA_URL="" IDP_SSO_URL="" IDP_SLO_URL="" IDP_X509_FINGERPRINT="" # New User Groups is a list of Groups to assign # Upon new Django account creation. # Environ expects a comma separated string. # E.G. "Now,Is,The,Time" # If no groups to be assigned leave list blank. NEW_USER_GROUPS="" # New Users setup ACTIVE_STATUS=true or false STAFF_STATUS=true or false # Contact Information Technical CI_TECH_GIVEN_NAME="" CI_TECH_EMAIL="" # Contact Information Support CI_SUPPORT_GIVEN_NAME="" CI_SUPPORT_EMAIL="" # Organizational Information EN_US ORG_NAME="" ORG_DISPLAY_NAME="" ORG_HOME_URL=""
Copy the template below into settings.py:
# Set up django-environ by the instructions # https://github.com/joke2k/django-environ # if the project has a different .env package # simply change the env("variable") to package format import os import sys import environ # This should setting should walk the path # back to the project's root (e.g. where manage.py exists) # Three folder back (/config/settings/.env - 3 = /) root = environ.Path(__file__) - 3 # Initialize root function PROJECT_ROOT = root() # Initialize Env function # Environ requires variable casting. # Required variables are initialized # in the ENV_CAST dict below. ENV_CAST = { 'HTTPS': (bool,False), 'NEW_USER_GROUPS': (list,[]), 'ACTIVE_STATUS': (bool,False), 'STAFF_STATUS': (bool,False), 'DEBUG': (bool,False), } env = environ.Env(**ENV_CAST) # Reads the .env file env.read_env() # Set the system path to the base application folder. # This may not be required in your project. # Below is an example setup. sys.path.insert(0, os.path.join(PROJECT_ROOT, 'apps')) # SAML variable houses all .env variables in a single location. # All variable requests in the module will pull from these settings. # The .env file is used for security and should not be committed. SAML = { 'LOGIN_REDIRECT': env("LOGIN_REDIRECT_URL"), 'X509CERT': env("X509CERT"), 'HTTPS': 'on' if env("HTTPS") else 'off', 'SP': { 'METADATA_URL': env("SP_METADATA_URL"), 'LOGIN_URL': env("SP_LOGIN_URL"), 'LOGOUT_URL': env("SP_LOGOUT_URL"), 'X509CERT': env("SP_X509CERT"), 'PRIVATE_KEY': env("SP_PRIVATE_KEY"), }, 'IDP': { 'METADATA_URL': env("IDP_METADATA_URL"), 'SSO_URL': env("IDP_SSO_URL"), 'SLO_URL': env("IDP_SLO_URL"), 'X509_FINGERPRINT': env("IDP_X509_FINGERPRINT"), }, 'NEW_USER': { 'GROUPS': env("NEW_USER_GROUPS"), 'ACTIVE': env("ACTIVE_STATUS"), 'STAFF': env("STAFF_STATUS"), }, 'CONTACT_INFO': { 'TECHNICAL': { 'GIVEN_NAME': env("CI_TECH_GIVEN_NAME"), 'EMAIL': env("CI_TECH_EMAIL"), }, 'SUPPORT': { 'GIVEN_NAME': env("CI_SUPPORT_GIVEN_NAME"), 'EMAIL': env("CI_SUPPORT_EMAIL"), } }, 'ORGANIZATION_INFO': { 'EN_US': { 'NAME': env("ORG_NAME"), 'DISPLAY_NAME': env("ORG_DISPLAY_NAME"), 'URL': env("ORG_HOME_URL"), } } }
Add ‘django-python3-saml’ to your INSTALLED_APPS setting like this:
INSTALLED_APPS = [ ... 'django_python3_saml', ]
Include the dango-python3-saml URLconf into project urls.py like this:
url(r'^saml/', include('django_python3_saml.urls')),
Once the urls have been included as above the SP url paths should be as the following example:
Start Url --> https://example.com/saml/initiate-login/ ACS URL --> https://example.com/saml/complete-login/ Enitiy ID --> https://example.com/saml/metadata/
Add ‘django-python3-saml.backends.SAMLServiceProviderBackend’ to AUTHENTICATION_BACKENDS like this:
AUTHENTICATION_BACKENDS = [ 'django-python3-saml.backends.SAMLServiceProviderBackend', ... ]
Setup chosen Identity Provider (IDP) and Attribute Mapping:
Example Google Attribute Mapping expected format for new users: first_name - Basic Information - First Name last_name - Basic Information - Last Name email - Basic Information - Primary Email
Special Thanks
Kristian Oellegaard –> django-saml-service-provider
OneLogin’s SAML Python Toolkit –> python3-saml
Daniele Faraglia –> django-environ
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file django_python3_saml-1.0.tar.gz
.
File metadata
- Download URL: django_python3_saml-1.0.tar.gz
- Upload date:
- Size: 10.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
4913f1a231a1e4af3cf4ad603f92c93246caac60d1974c7974deb847e3c34a98
|
|
MD5 |
254ce963973e96b74a277dd75976c9af
|
|
BLAKE2b-256 |
5d37635b414b959b73ad935744a310bdcd2fbf0ad7699127954655b811e6809d
|