CERN-specific Flask-Multipass providers
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Project description
Flask-Multipass-CERN
This package provides the cern auth and identity providers for Flask-Multipass.
These providers are only useful if you are at CERN and intend to use Flask-Multipass with the new Keycloak-based CERN authentication infrastructure.
In its current state it also overkill if all you want to do is logging in via OIDC. If that's your
goal use the authlib multipass provider since Keycloak works perfectly fine with it.
In case you need access to arbitrary group membership information (e.g. for user-managed ACLs) and the ability to search for CERN users, then this is a good choice for you.
CERN usage details
The following permissions (requested through the application portal) are needed:
- Token exchange with
authorization-service-apifor basic login functionality - Group membership in
authorization-service-groups-readersfor group functionality - Group membership in
authorization-service-identity-readersfor user search functionality - Tokens with group membership information (optional) - this needs to be requested directly from the authorization service team
Requesting them will most likely require you to have a professional justification.
Performance
When using group membership or user search, the library need to get an "API access" token from
keycloak which typically takes 200-300ms. Set the cache key of the multipass identity
provider configuration to the import path of a Flask-Caching instance or a function returning such
an instance, or the instance itself to enable caching of tokens (until they expire) and group
data (30 minutes).
If group membership information is included in tokens, it will be cached during login so the extra API call when checking whether a user is in a group won't be needed unless the cached data already expired.
Note
In applying the MIT license, CERN does not waive the privileges and immunities granted to it by virtue of its status as an Intergovernmental Organization or submit itself to any jurisdiction.
Project details
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file flask_multipass_cern-2.2.11.tar.gz.
File metadata
- Download URL: flask_multipass_cern-2.2.11.tar.gz
- Upload date:
- Size: 13.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.1 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e171acedfea8829427079abacee25ad433e9d03a0daf6cfe736c7d6aef46cfc5 |
|
| MD5 | 1b91d9ea203f5035710d2229a7797d66 |
|
| BLAKE2b-256 | 0e7fe870b8dee58e665c3e35860c8e27aa0f5e0d2682d5fc0748baa929246d01 |
File details
Details for the file flask_multipass_cern-2.2.11-py3-none-any.whl.
File metadata
- Download URL: flask_multipass_cern-2.2.11-py3-none-any.whl
- Upload date:
- Size: 8.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.1 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f7eeea8caef7ef5ee6a962858755e9343f150d87a48b204b72bcd8fcbe86844b |
|
| MD5 | 92c1f375c60821050f3bfd74eb87b8e7 |
|
| BLAKE2b-256 | c39ca742a60a86b48a1e032b1be6e90855cd710011aa33f5c929cb4f1729c337 |
