Skip to main content
Help us improve PyPI by participating in user testing. All experience levels needed!

Provides OAuth2/ OpenID login for Plone using Authomatic.

Project description

https://travis-ci.org/collective/pas.plugins.authomatic.svg?branch=master https://coveralls.io/repos/collective/pas.plugins.authomatic/badge.svg?branch=master&service=github

Login with OAuth2/ OpenId by integrating Authomatic in Plone

pas.plugins.authomatic

Features

Provides OAuth2 and OpenID login capability for Plone:

It integrates the awesome Authomatic package in Plone

Authomatic is a framework agnostic library for Python web applications with a minimalistic but powerful interface which simplifies authentication of users by third party providers like Facebook or Twitter through standards like OAuth and OpenID.

by Author Peter Hudec on Authomatic website

It has out of the box support for:

OAuth 1.0a providers
Bitbucket, Flickr, Meetup, Plurk, Twitter, Tumblr, UbuntuOne, Vimeo, Xero, Xing and Yahoo.
OAuth 2.0 providers
Amazon, Behance, Bitly, Cosm, DeviantART, Eventbrite, Facebook, Foursquare, GitHub, Google, LinkedIn, PayPal, Reddit, Viadeo, VK, WindowsLive, Yammer and Yandex.
OpenID
python-openid and Google App Engine based OpenID.

Documentation

  • This package will create a view called authomatic-handler where you can login with different providers

  • The view can be used as well to add an identity from a provider to an existing account

  • The provider is choosen in the URL so if you call /authomatic-handler/PROVIDER you will use PROVIDER to login

  • You can set the JSON configuration of the plugin in the Controlpanel @@authomatic-controlpanel (linked under users)

  • Example JSON configuration (first level key is the PROVIDER:

    {
        "github": {
            "display": {
                "title": "Github",
                "cssclasses": {
                    "button": "plone-btn plone-btn-default",
                    "icon": "glypicon glyphicon-github"
                },
                "as_form": false
            },
            "propertymap": {
                "email": "email",
                "link": "home_page",
                "location": "location",
                "name": "fullname"
            },
            "class_": "authomatic.providers.oauth2.GitHub",
            "consumer_key": "5c4901d141e736f114a7",
            "consumer_secret": "d4692ca3c0ab6cc1f8b28d3ccb1ea15b61e7ef5c",
            "access_headers": {
                "User-Agent": "Plone Authomatic Plugin"
            }
        },
    }
    

Installation

Install pas.plugins.authomatic by adding it to your buildout:

[buildout]

 ...

 eggs =
     pas.plugins.authomatic

and then running “bin/buildout”.

Start Plone and activate the plugin in the addons control-panel.

Go to the Authomatic controlpanel (security section) and configure the plugin.

Configuration parameters for the different authorization are provided as JSON text in there. JSON is used because of flexibility. Details at Authomatics provider section.

There are some differences in configuration:

  • the value of "class_" has to be a string, which is then resolved as a dotted path.
  • each provider can get an optional entry display with sub-enties such as:
    • title which is used in the templates instead of the section name.
    • iconclasses which is applied in the templates to an span.
    • buttonclasses which is applied in the templates to the button.
    • as_form (true/false) which renders a form for OpenId providers.
  • each provider can get an optional entry propertymap. It is a mapping from authomatic/provider user properties to plone user properties, like "fullname": "name",. Look at each providers documentation which properties are available.

Source Code and Contributions

If you want to help with the development (improvement, update, bug-fixing, …) of pas.plugins.authomatic this is a great idea!

You can clone it or get access to the github-collective and work directly on the project. Please do larger changes on a branch and submit a Pull Request.

Maintainer of pas.plugins.authomatic is Jens Klein. We appreciate any contribution and if a release is needed to be done on pypi, please just contact one of us.

Development

There must be an python binary available in system path pointing to Python 2.7. Also you need to have all installed to develop with Plone (see http://docs.plone.org/) then:

  • Plone 4: $ bootstrap-4.3.x.sh
  • Plone 5: $ bootstrap-5.0.x.sh

License

The project is licensed under the GPLv2.

Contributors

Changelog

1.0b1 (2017-11-20)

  • Slighly beautify login modal. [jensens]
  • Fix #33” Page does not exist Control Settings. [jensens]
  • Fix #31: Link is broken to JSON configuration documentation in help text. [jensens]
  • Fix #28: After uninstall plone.external_login_url is still registered and the login broken. [jensens]
  • Support for Plone 5.1 tested (worked, ust control-panel icon needed some tweak). Buildout configuration for 5.1 added. [jensens]
  • Install: Hide non-valid profiles at install form. [jensens]
  • Additional checks to ensure to never have an empty/None key stored. [jensens]
  • Fix #27: Update user data after login. [jensens]
  • Fix filter users bug in enumerateUsers plugin where it was always returning all the users. [sneridagh]
  • fix typo and wording of login message [tkimnguyen]

1.0a7 (2016-02-15)

  • Workaround for None users. [sneridagh]

1.0a6 (2016-01-11)

  • Fix #21: When you logout and then login again, a new user is created. [jensens]

1.0a5 (2015-12-04)

  • Fix: #18 “Provider Login” option for “Generator for Plone User ID” seems broken [jensens]
  • Fix: Title indicates if an identity is added [jensens]
  • Fix: Correct usage of plone.protect [jensens]

1.0a4 (2015-11-20)

  • Added german translation [jensens]
  • Restored Plone 4 compatibility [keul]
  • Added italian translation [keul]
  • Proper uninstall [keul]

1.0a3 (2015-11-15)

  • Refactor authomatic-handler to enable adding identities. [jensens]
  • Fix: use secret from settings as secret for Authomatic. [jensens]
  • Renamed view authomatic-login to authomatic-handler, because this view will be used to add an identity too (url must be registered on provider side sometimes and we want to do this only once). [jensens]

1.0a2 (2015-11-14)

  • Minimal validation of JSON. [jensens]
  • Make the whole remember procedure a safeWrite if called from login view. We can not pass a authenticator token here, because of redirects and expected return urls . [jensens]
  • Allow selection of user id generator strategy. [jensens]
  • Allow multiple services for one user. This changes a lot behind the scenes. [jensens]
  • Use authomatic.core.User attributes instead of raw provider data. closes #9 [ericof]

1.0a1 (2015-10-28)

  • Initial release.

Project details


Release history Release notifications

This version
History Node

1.0b1

History Node

1.0a7

History Node

1.0a6

History Node

1.0a5

History Node

1.0a4

History Node

1.0a3

History Node

1.0a2

History Node

1.0a1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
pas.plugins.authomatic-1.0b1.tar.gz (46.1 kB) Copy SHA256 hash SHA256 Source None Nov 20, 2017

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page