OpenID Connect authentication provider for Sentry
An SSO provider for Sentry which enables OpenID Connect Apps authentication.
This is a fork of sentry-auth-google.
Why fork, instead of adapting sentry-auth-google to work with every OpenID Connect provider?
The maintainer has different ideas with sentry-auth-google. See:
$ pip install sentry-auth-oidc
Example Setup for Google
In the Authorized redirect URIs add the SSO endpoint for your installation:
Naturally other providers, that are supporting OpenID-Connect can also be used (like GitLab).
Finally, obtain the API keys and the well-known account URL and plug them into your sentry.conf.py:
OIDC_CLIENT_ID = "" OIDC_CLIENT_SECRET = "" OIDC_SCOPE = "openid email" OIDC_DOMAIN = "https://accounts.google.com" # e.g. for Google
The OIDC_DOMAIN defines where the OIDC configuration is going to be pulled from. Basically it specifies the OIDC server and adds the path .well-known/openid-configuration to it. That’s where different endpoint paths can be found.
Detailed information can be found in the ProviderConfig specification.
If your provider doesn’t support the OIDC_DOMAIN, then you have to set these required endpoints by yourself (autorization_endpoint, token_endpoint, userinfo_endpoint, issuer).
OIDC_AUTHORIZATION_ENDPOINT = "https://accounts.google.com/o/oauth2/v2/auth" # e.g. for Google OIDC_TOKEN_ENDPOINT = "https://www.googleapis.com/oauth2/v4/token" # e.g. for Google OIDC_USERINFO_ENDPOINT = "https://www.googleapis.com/oauth2/v3/userinfo" # e.g. for Google OIDC_ISSUER = "Google"
|Filename, size||File type||Python version||Upload date||Hashes|
|Filename, size g85-sentry-auth-oidc-2.0.2.tar.gz (10.1 kB)||File type Source||Python version None||Upload date||Hashes View hashes|
Hashes for g85-sentry-auth-oidc-2.0.2.tar.gz