Skip to main content

django oidc provider

Project description

django-oidc-op

CI build pypi License Python version

A Django implementation of an OIDC Provider/OAuth2 AS on top of jwtconnect.io. This project is based on IdentityPython oidc-op. Please consult the official oidc-op documentation for any further information about its features and capabilities.

To configure a standard OIDC Provider you have to edit the oidcop configuration file. See django-oidc-op/oidc_provider/tests/example/example/settings.py and django-oidc-op/oidc_provider/tests/example/example/oidc_provider_settings.py to get in.

Run the example demo

git clone https://github.com/peppelinux/django-oidc-op.git
cd django-oidc-op

pip install -r requirements.txt
cd example

./manage.py createsuperuser

bash run.sh

Example Relying-Party

You can use JWTConnect-Python-OidcRP as follow:

cd JWTConnect-Python-OidcRP
RP_LOGFILE_NAME="./flrp.django.log" python3 -m flask_rp.wsgi ../django-oidc-op/example/data/oidc_rp/conf.django.yaml

You can also use a scripted RP handler on top of oidc-rp

python3 snippets/rp_handler.py -c oidc_provider/tests/oidc_rp/conf.json -u test -p testami18 -iss django_provider

Configuration

This project relyies interely on behaviour and features provided by oidcop, to get an exaustive integration in Django it adopts the following customizations.

oidc_provider_settings.py

In the example project it handles all the oidcop configurations. I think it's more cleaner but feel free to adapt in your preferred schema.

Settings

  • OIDCOP_CONFIG is a python dictionary that contains the oidcop configuration.
  • OIDC_URL_PREFIX, eg: oidcop/ if present will be used as url path in all the oidcop endpoints, except for .well-known/openid-configuration. In the example project I put this parameter in oidc_provider_settings, default is ''.

UserInfo endpoint

Claims to be released are configured in op.server_info.user_info (in oidc_provider_settings.py). The attributes release and user authentication mechanism rely on classes implemented in oidc_op/users.py.

Configuration Example:

      "userinfo": {
        "class": "oidc_provider.users.UserInfo",
        "kwargs": {
            # map claims to django user attributes here:
            "claims_map": {
                "phone_number": "telephone",
                "family_name": "last_name",
                "given_name": "first_name",
                "email": "email",
                "verified_email": "email",
                "gender": "gender",
                "birthdate": "get_oidc_birthdate",
                "updated_at": "get_oidc_lastlogin"
            }
        }
      }

Developers'

Running tests

running tests

./manage.py test oidc_provider

coverage

coverage erase
coverage run manage.py test oidc_provider
coverage report -m

Author

  • Giuseppe De Marco

Gallery

Relying-Party

Alt text Alt text

Session management and token preview

Alt text Alt text Alt text

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

oidc_provider-2.0.0.tar.gz (2.5 MB view details)

Uploaded Source

File details

Details for the file oidc_provider-2.0.0.tar.gz.

File metadata

  • Download URL: oidc_provider-2.0.0.tar.gz
  • Upload date:
  • Size: 2.5 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/45.2.0 requests-toolbelt/0.9.1 tqdm/4.49.0 CPython/3.8.5

File hashes

Hashes for oidc_provider-2.0.0.tar.gz
Algorithm Hash digest
SHA256 9ab3c0b73ca84da12ecd5e2858fec050e2eba28c9bedb97e1ed4c596297bcbf2
MD5 744f4ca10cabdca7bb0a56c0aec76731
BLAKE2b-256 5ce7cdd770315c47ae124d4c1f2cb685bbdc17fe3bbd1e12fa4bb8e87d35956d

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page