E-infra OIDC Auth backend for OARepo
Project description
E-infra authentication and authorization module for InvenioRDM
This remote backend adds support for Czech e-infra AAI solution - login.e-infra.cz allowing all members of czech academic community can use their home institution credentials to log in.
Installation
Add the module to your repository's pyproject.toml:
dependencies = [
"oidc-einfra>=1.0.0",
# ...
]
Configuration
- Register a new application with e-infra OIDC Provider at
https://spadmin.e-infra.cz/. When registering the application
ensure that the Redirect URI points to
https://<my_invenio_site>:5000/oauth/authorized/e-infra/
- Grab the Client ID and Client Secret after registering the application and add them to your ENVIRONMENT variables:
INVENIO_EINFRA_CONSUMER_KEY=*Client ID*
INVENIO_EINFRA_CONSUMER_SECRET=*Client Secret*
- Add the remote application to the site's
invenio.cfg
:
from oidc_einfra import EINFRA_LOGIN_APP
OAUTHCLIENT_REMOTE_APPS = {
"e-infra": EINFRA_LOGIN_APP
}
- Add the e-infra public key to your invenio.cfg or environment variables:
EINFRA_RSA_KEY=b'-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmho5h/lz6USUUazQaVT3\nPHloIk/Ljs2vZl/RAaitkXDx6aqpl1kGpS44eYJOaer4oWc6/QNaMtynvlSlnkuW\nrG765adNKT9sgAWSrPb81xkojsQabrSNv4nIOWUQi0Tjh0WxXQmbV+bMxkVaElhd\nHNFzUfHv+XqI8Hkc82mIGtyeMQn+VAuZbYkVXnjyCwwa9RmPOSH+O4N4epDXKk1V\nK9dUxf/rEYbjMNZGDva30do0mrBkU8W3O1mDVJSSgHn4ejKdGNYMm0JKPAgCWyPW\nJDoL092ctPCFlUMBBZ/OP3omvgnw0GaWZXxqSqaSvxFJkqCHqLMwpxmWTTAgEvAb\nnwIDAQAB\n-----END PUBLIC KEY-----\n'
- Add the VO, communities group, api url and filters for eduperson_entitlement_extended:
EINFRA_REPOSITORY_VO = '0081581a-a0da-4ac9-8612-3af6b1c8bfe2'
EINFRA_COMMUNITIES_GROUP = '8becbbb6-cbb5-450e-8f71-20a12418e821'
EINFRA_API_URL = 'https://perun-api.e-infra.cz'
EINFRA_ENTITLEMENT_NAMESPACES = {'geant'}
EINFRA_ENTITLEMENT_GROUP_PARTS = [
['cesnet.cz', 'group'],
['e-infra.cz', 'group']
]
- Start the server and go to the login page https://127.0.0.1:5000/login/
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
oarepo_oidc_einfra-1.0.1.tar.gz
(20.7 kB
view hashes)
Built Distribution
Close
Hashes for oarepo_oidc_einfra-1.0.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 58d031437b96e9c85372fb3586602324b19b7d3398d674e511a33552fb953dc0 |
|
MD5 | c3fdf585288297e8907498b801723846 |
|
BLAKE2b-256 | 854092ef793f424dc7f2e97d27e48c33bf854f3a9515fc8adb52f40dbcc18021 |