Girder plugin for OIDC/Keycloak authentication

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for josselin.duchateau from gravatar.com josselin.duchateau

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache 2.0)
  • Author: Josselin Duchateau
  • Tags girder , oidc , keycloak , authentication
Classifiers
Report project as malware

Project description

Girder OIDC Plugin

A Girder plugin for OpenID Connect (OIDC) authentication via Keycloak.

Features

  • OIDC/Keycloak integration with automatic user creation
  • Admin panel configuration
  • Secure token exchange using authorization code flow
  • Automatic OIDC endpoint discovery

Installation

pip install -e .

Configuration

In the Girder admin panel, go to OIDC/Keycloak Configuration and set:

  • Keycloak URL (Internal): Internal URL for server communication (e.g., https://keycloak:8443)
  • Keycloak Public URL: Public URL for browser redirects (e.g., https://localhost:8443)
  • Keycloak Realm: Realm name (e.g., girder)
  • Client ID: OIDC client ID
  • Client Secret: OIDC client secret
  • Enable OIDC: Enable authentication
  • Auto Create Users: Create Girder users automatically
  • Allow Registration: Allow new user registration

Keycloak Setup

  1. Create an OIDC client in Keycloak:

    • Access Type: confidential
    • Valid Redirect URIs: https://your-girder-host/api/v1/oidc/callback

  2. Copy the client credentials to Girder configuration

API Endpoints

  • GET /api/v1/oidc/configuration - Get config (admin only)
  • PUT /api/v1/oidc/configuration - Update config (admin only)
  • GET /api/v1/oidc/login?redirect=URL - Get authorization URL
  • GET /api/v1/oidc/callback - Callback from Keycloak

Development

pytest plugin_tests/

License

Apache 2.0

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for josselin.duchateau from gravatar.com josselin.duchateau

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache 2.0)
  • Author: Josselin Duchateau
  • Tags girder , oidc , keycloak , authentication
Classifiers

Release history Release notifications | RSS feed

This version

0.0.2

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

girder_oidc-0.0.2.tar.gz (21.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

girder_oidc-0.0.2-py3-none-any.whl (28.0 kB view details)

Uploaded Python 3

File details

Details for the file girder_oidc-0.0.2.tar.gz.

File metadata

  • Download URL: girder_oidc-0.0.2.tar.gz
  • Upload date:
  • Size: 21.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.0

File hashes

Hashes for girder_oidc-0.0.2.tar.gz
Algorithm Hash digest
SHA256 6689aee05d6572ce20fbc135a5090aa2149a39906ed664679a8593bfb3a8ae8b
MD5 b8bf2a3d3ba97c703c5bf6bdc296cc19
BLAKE2b-256 188912c1faada5d91527a96b9c3013e4f2df843e8b7cd0a14b85d02123f05e46

See more details on using hashes here.

File details

Details for the file girder_oidc-0.0.2-py3-none-any.whl.

File metadata

  • Download URL: girder_oidc-0.0.2-py3-none-any.whl
  • Upload date:
  • Size: 28.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.0

File hashes

Hashes for girder_oidc-0.0.2-py3-none-any.whl
Algorithm Hash digest
SHA256 aa051c9d8cca1e4736948c5e0de71dd3f1becebc8322a133feab75b442ffb5de
MD5 073819767a69bdcb5990c3a610d017b1
BLAKE2b-256 b71e9a125c3d90adf9347aba2b516bddebdff92f270bb85531e64c97457db5d8

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page