OpenID Connect authentication provider for Sentry
Project description
An SSO provider for Sentry which enables OpenID Connect Apps authentication.
This is a fork of sentry-auth-google.
Why fork, instead of adapting sentry-auth-google to work with every OpenID Connect provider?
The maintainer has different ideas with sentry-auth-google. See:
Install
$ pip install sentry-auth-oidc
Example Setup for Google
Start by creating a project in the Google Developers Console.
In the Authorized redirect URIs add the SSO endpoint for your installation:
https://sentry.example.com/auth/sso/
Naturally other providers, that are supporting OpenID-Connect can also be used (like GitLab).
Finally, obtain the API keys and the well-known account URL and plug them into your sentry.conf.py:
OIDC_CLIENT_ID = ""
OIDC_CLIENT_SECRET = ""
OIDC_SCOPE = "openid email"
OIDC_DOMAIN = "https://accounts.google.com" # e.g. for Google
The OIDC_DOMAIN defines where the OIDC configuration is going to be pulled from. Basically it specifies the OIDC server and adds the path .well-known/openid-configuration to it. That’s where different endpoint paths can be found.
Detailed information can be found in the ProviderConfig specification.
You can also define OIDC_ISSUER to change the default provider name in the UI, even when the OIDC_DOMAIN is set.
If your provider doesn’t support the OIDC_DOMAIN, then you have to set these required endpoints by yourself (autorization_endpoint, token_endpoint, userinfo_endpoint, issuer).
OIDC_AUTHORIZATION_ENDPOINT = "https://accounts.google.com/o/oauth2/v2/auth" # e.g. for Google
OIDC_TOKEN_ENDPOINT = "https://www.googleapis.com/oauth2/v4/token" # e.g. for Google
OIDC_USERINFO_ENDPOINT = "https://www.googleapis.com/oauth2/v3/userinfo" # e.g. for Google
OIDC_ISSUER = "Google"
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for sentry-auth-oidc-cxg-3.0.3.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 876a5a2938ab9c965f5aa8693d812176f8f5340293553123fc289cea76fbed27 |
|
MD5 | ee5bfd841800db32b375b95b760cb178 |
|
BLAKE2b-256 | 1ab322b982742e8691b44a3d00fdaa76e38f12e9b17d1b0a105310b4017a3856 |
Hashes for sentry_auth_oidc_cxg-3.0.3-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | f94dec88d7a07637738187e5c6ad3b2dac4728bfa35bfdfa6ea6f81c829697ff |
|
MD5 | b066db5d44b789b5b11134708b4fff35 |
|
BLAKE2b-256 | d363184cd5af6805c427f5d287ec227036eb1344741998c760bb7d02c8f618ea |