Skip to content
Used for implementing OIDC with the UW IdP
Python HTML Dockerfile
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
examples/kubernetes
templates
.dockerignore
.env-tmp
.gitignore
Dockerfile
README.md
app.py
requirements.txt
settings.py
tmp

README.md

Python OIDC with UW IdP

This project implements the OIDC Certified RP Python module pyoidc for server based Python Flask applications using Flask-pyoidc.

Setup - Running Locally Docker

  1. Choose a domain that you will use, it should look like this and be also registered with the IdP as a redirect URL ... http://[your domain]/redirect_uri.
  2. Add 127.0.0.1 [your domain] to /etc/hosts
  3. Copy .env-tmp to .env and add real values making sure SERVER_NAME matches [your domain].
  4. docker build -t oidc-python:latest .
  5. docker run --env-file .env -p 80:8000 oidc-python
  6. Open http://[your domain]

Setup - Running in Minikube

  1. Install and start minikube, make sure your context is minikube kubectl config current-context

  2. Tell minikube to use your local docker eval $(minikube docker-env)

  3. Build the image docker build -t oidc-python:latest .

  4. Create a kubernetes secret.

    echo "actual client id" > OIDC_CLIENT
    echo "actual client secret" > OIDC_SECRET
    echo "actual flask session key" > SECRET_KEY
    kubectl create secret generic oidc-python --from-file=./OIDC_SECRET --from-file=./OIDC_CLIENT --from-file=./SECRET_KEY
    
  5. Create a service.yml and deployment.yml using /examples/kubernetes

  6. Apply the yml kubectl apply -f ./examples/kubernetes/

  7. Make a request to /, you should not get a 404 curl $(minikube service oidc-python --url)

  8. You can also load this in the browser by getting the url minikube service oidc-python --url and then add to your /etc/hosts file that url:port like [url:port] [your domain].

Setup - Running in Kubernetes

  1. Configure docker to use gcloud gcloud auth configure-docker

  2. Tag and push

    docker build -t gcr.io/uwit-mci-iam/oidc-python:1.0.0 .
    docker push gcr.io/uwit-mci-iam/oidc-python:1.0.0
    
  3. Use deployment and service located at https://github.com/UWIT-IAM/gcp-k8/tree/master/dev/oidc-python

You can’t perform that action at this time.