Skip to content
This repository was archived by the owner on Jun 23, 2023. It is now read-only.
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
# oidc-op

![CI build](https://github.com/IdentityPython/oidc-op/workflows/oidc-op/badge.svg)
![pypi](https://img.shields.io/pypi/v/oidcop.svg)
![License](https://img.shields.io/badge/license-Apache%202-blue.svg)
![Documentation Status](https://readthedocs.org/projects/oidcop/badge/?version=latest)
![Python version](https://img.shields.io/badge/python-3.7%20%7C%203.8%20%7C%203.9-blue.svg)

This project is a Python implementation of an **OIDC Provider** on top of [jwtconnect.io](https://jwtconnect.io/) that shows to you how to 'build' an OP using the classes and functions provided by oidc-op.

If you want to add or replace functionality the official documentation should be able to tell you how.
Expand Down
73 changes: 32 additions & 41 deletions docs/source/contents/conf.rst
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ The issuer ID of the OP, a unique value in URI format.
session params
--------------

Configuration parameters used by session manager
Configuration parameters used by session manager::

"session_params": {
"password": "__password_used_to_encrypt_access_token_sid_value",
Expand All @@ -32,19 +32,26 @@ Configuration parameters used by session manager
}
}
}
},
},


password
########

Encryption key used to encrypt the SessionID (sid) in access_token.
Optional. Encryption key used to encrypt the SessionID (sid) in access_token.
If unset it will be random.


salt
####

Salt, value or filename, used in sub_funcs (pairwise, public) for creating the opaque hash of *sub* claim.
Optional. Salt, value or filename, used in sub_funcs (pairwise, public) for creating the opaque hash of *sub* claim.


sub_funcs
#########

Optional. Functions involved in *sub*ject value creation.

------
add_on
Expand Down Expand Up @@ -149,46 +156,30 @@ An example::
backchannel_logout_session_supported: True
check_session_iframe: https://127.0.0.1:5000/check_session_iframe


-----------
cookie_name
-----------

An example::

"cookie_name": {
"session": "oidc_op",
"register": "oidc_op_rp",
"session_management": "sman"
},

-------------
cookie_dealer
-------------
--------------
cookie_handler
--------------

An example::

"cookie_dealer": {
"class": "oidcop.cookie.CookieDealer",
"kwargs": {
"sign_jwk": {
"filename": "private/cookie_sign_jwk.json",
"type": "OCT",
"kid": "cookie_sign_key_id"
},
"enc_jwk": {
"filename": "private/cookie_enc_jwk.json",
"type": "OCT",
"kid": "cookie_enc_key_id"
},
"default_values": {
"name": "oidc_op",
"domain": "127.0.0.1",
"path": "/",
"max_age": 3600
}
"cookie_handler": {
"class": "oidcop.cookie_handler.CookieHandler",
"kwargs": {
"keys": {
"private_path": f"{OIDC_JWKS_PRIVATE_PATH}/cookie_jwks.json",
"key_defs": [
{"type": "OCT", "use": ["enc"], "kid": "enc"},
{"type": "OCT", "use": ["sig"], "kid": "sig"}
],
"read_only": False
},
"name": {
"session": "oidc_op",
"register": "oidc_op_rp",
"session_management": "sman"
}
}
},
},

--------
endpoint
Expand Down Expand Up @@ -444,7 +435,7 @@ An example::

"template_dir": "templates"

For any further customization of template here an example of what used in django-oidc-op
For any further customization of template here an example of what used in django-oidc-op::

"authentication": {
"user": {
Expand Down
11 changes: 9 additions & 2 deletions setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
import os
import re
import sys

Expand Down Expand Up @@ -43,25 +44,31 @@ def run_tests(self):
version = re.search(r'^__version__\s*=\s*[\'"]([^\'"]*)[\'"]',
fd.read(), re.MULTILINE).group(1)

with open(os.path.join(os.path.dirname(__file__), 'README.md')) as readme:
README = readme.read()

setup(
name="oidcop",
version=version,
description="Python implementation of OIDC Provider",
long_description=README,
long_description_content_type='text/markdown',
author="Roland Hedberg",
author_email="roland@catalogix.se",
license="Apache 2.0",
url='https://github.com/IdentityPython/oidcop',
url='https://github.com/IdentityPython/oidc-op',
package_dir={"": "src"},
packages=["oidcop", 'oidcop/oidc', 'oidcop/authz',
'oidcop/user_authn', 'oidcop/user_info',
'oidcop/oauth2', 'oidcop/oidc/add_on', 'oidcop/oauth2/add_on',
'oidcop/session', 'oidcop/token'],
classifiers=[
"Development Status :: 4 - Beta",
"Development Status :: 5 - Production/Stable",
"License :: OSI Approved :: Apache Software License",
"Programming Language :: Python :: 3.6",
"Programming Language :: Python :: 3.7",
"Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Topic :: Software Development :: Libraries :: Python Modules"],
install_requires=[
"oidcmsg==1.3.2",
Expand Down