django oidc provider
Project description
django-oidc-op
A Django implementation of an OIDC Provider/OAuth2 AS on top of jwtconnect.io. This project is based on IdentityPython oidc-op. Please consult the official oidc-op documentation for any further information about its features and capabilities.
To configure a standard OIDC Provider you have to edit the oidcop configuration file.
See django-oidc-op/oidc_provider/tests/example/example/settings.py
and django-oidc-op/oidc_provider/tests/example/example/oidc_provider_settings.py
to get in.
Run the example demo
git clone https://github.com/peppelinux/django-oidc-op.git
cd django-oidc-op
pip install -r requirements.txt
cd example
./manage.py createsuperuser
bash run.sh
Example Relying-Party
You can use JWTConnect-Python-OidcRP as follow:
cd JWTConnect-Python-OidcRP/example
RP_LOGFILE_NAME="./flrp.django.log" python3 -m flask_rp.wsgi ../django-oidc-op/example/data/oidc_rp/conf.django.yaml
You can also use a scripted RP handler on top of oidc-rp
python3 snippets/rp_handler.py -c oidc_provider/tests/oidc_rp/conf.json -u test -p testami18 -iss django_provider
Configuration
This project relyies interely on behaviour and features provided by oidcop, to get an exaustive integration in Django it adopts the following customizations.
oidc_provider_settings.py
In the example project it handles all the oidcop configurations. I think it's more cleaner but feel free to adapt in your preferred schema.
Settings
OIDCOP_CONFIG
is a python dictionary that contains the oidcop configuration.OIDC_URL_PREFIX
, eg:oidcop/
if present will be used as url path in all the oidcop endpoints, except for.well-known/openid-configuration
. In the example project I put this parameter inoidc_provider_settings
, default is''
.
UserInfo endpoint
Claims to be released are configured in op.server_info.user_info
(in oidc_provider_settings.py
).
The attributes release and user authentication mechanism rely on classes implemented in oidc_op/users.py
.
Configuration Example:
"userinfo": {
"class": "oidc_provider.users.UserInfo",
"kwargs": {
# map claims to django user attributes here:
"claims_map": {
"phone_number": "telephone",
"family_name": "last_name",
"given_name": "first_name",
"email": "email",
"verified_email": "email",
"gender": "gender",
"birthdate": "get_oidc_birthdate",
"updated_at": "get_oidc_lastlogin"
}
}
}
Developers'
Running tests
running tests
./manage.py test oidc_provider
coverage
coverage erase
coverage run manage.py test oidc_provider
coverage report -m
Author
- Giuseppe De Marco
Gallery
Relying-Party
Session management and token preview
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file oidc_provider-2.1.1.tar.gz
.
File metadata
- Download URL: oidc_provider-2.1.1.tar.gz
- Upload date:
- Size: 2.5 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.26.0 setuptools/45.2.0 requests-toolbelt/0.9.1 tqdm/4.49.0 CPython/3.8.10
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2b3b237504c3bb746834f4d7efb10d6e33c32116c149ba718c2c41de74b5042a |
|
MD5 | 09711bcafc308b8f58779d748980a313 |
|
BLAKE2b-256 | a88daeb1925f2ddc015ff617001dfc20b6e75a83f5fc1d0d1bcc31016585a8f7 |