mozilla-django-oidc 0.2.0

A lightweight authentication and access management library for integration with OpenID Connect enabled authentication services.

A lightweight authentication and access management library for integration with OpenID Connect enabled authentication services.

Documentation

The full documentation is at https://mozilla-django-oidc.readthedocs.io.

Running Tests

Use tox to run as many different versions of Python you have. If you don’t have tox installed (and executable) already you can either install it in your system Python or https://pypi.python.org/pypi/pipsi. Once installed, simply execute in the project root directory.

$ tox

tox will do the equivalent of installing virtual environments for every combination mentioned in the tox.ini file. If your system, for example, doesn’t have python3.4 those tox tests will be skipped.

For a faster test-rinse-repeat cycle you can run tests in a specific environment with a specific version of Python and specific version of Django of your choice. Here is such an example:

$ virtualenv -p /path/to/bin/python3.5 venv
$ source venv
(venv) $ pip install Django==1.11.1
(venv) $ pip install -r tests/requirements.txt
(venv) $ DJANGO_SETTINGS_MODULE=tests.settings django-admin.py test

Measuring code coverage, continuing the steps above:

(venv) $ pip install coverage
(venv) $ DJANGO_SETTINGS_MODULE=tests.settings coverage run --source mozilla_django_oidc `which django-admin.py` test
(venv) $ coverage report
(venv) $ coverage html
(venv) $ open htmlcov/index.html

Linting

All code is checked with https://pypi.python.org/pypi/flake8 in continuous integration. To make sure your code still passes all style guides install flake8 and check:

$ flake8 mozilla_django_oidc tests

Note

When you run tox it also does a flake8 run on the main package files and the tests.

You can also run linting with tox:

$ tox -e lint

License

This software is licensed under the MPL 2.0 license. For more info check the LICENSE file.

Credits

Tools used in rendering this package:

• Cookiecutter

• cookiecutter-djangopackage

History

0.2.0 (2017-06-07)

Backwards-incompatible changes:

• Drop support for Django 1.9 (#130)

  If you’re using Django 1.9, you should update Django first.

• Move middleware to mozilla_django_oidc.middleware and change it to use authentication endpoint with prompt=none (#94)

  You’ll need to update your MIDDLEWARE_CLASSES/MIDDLEWARE setting accordingly.

• Remove legacy base64 handling of OIDC secret. Now RP secret should be plaintext.

Features:

• Add support for Django 1.11 and Python 3.6 (#85)

• Update middleware to work with Django 1.10+ (#90)

• Documentation updates

• Rework test infrastructure so it’s tox-based (#100)

Bugs:

• always decode verified token before json.load() (#116)

• always redirect to logout_url even when logged out (#121)

• Change email matching to be case-insensitive (#102)

• Allow combining OIDCAuthenticationBackend with other backends (#87)

• fix is_authenticated usage for Django 1.10+ (#125)

0.1.0 (2016-10-12)

• First release on PyPI.