-
-
Notifications
You must be signed in to change notification settings - Fork 481
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ability to declare OAuth provider #820
Conversation
I'd particularly value any opinions on how best to make AuthProviders pluggable. Bokeh allows defining a module alongside the app which provides the auth provider but I'd prefer a cleaner way of providing one. |
Cool. I don't have an immediate ideas about making it pluggable. |
Would it work to use namespace plugins, similar to what Intake does (https://github.com/intake/intake/blob/master/intake/source/discovery.py#L271)? Something like this might work: panel_oauth_login_handlers = dict('github': GithubLoginHandler)
import panel_oauth
for _, modname, ispkg in pkgutil.iter_modules(panel_oauth.__path__):
plugin_path = f'panel_oauth.{modname}'
plugin_module = importlib.import_module(plugin_path)
for name, cls in inspect.getmembers(plugin_module, inspect.isclass):
if issubclass(cls, tornado.web.RequestHandler):
panel_oauth_login_handlers[modname] = cls
class OAuthProvider(AuthProvider):
...
@property
def login_handler(self):
return panel_oauth_login_handlers.get(config.oauth_provider) This would require that the AuthProvider plugins would need to be packaged and installed, which is maybe not as simple as you were hoping for. |
FYI I'm not very knowledgable in this. But one of the next steps for me would be to find out how to have users securely sign on via LDAP, Azure AD or SSO. I'm able to do LDAP with django applications. The other methods I've not tried yet. Hope the methods are or can be supported. Would be great if there was some kind of docs, examples or tutorials on this. |
And in the end I would like to be able to build a single page application. But with different "pages" in (like awesome-panel.org has a gallery of apps). Some of these pages everybody can have access to. And others are restricted by AD Groups. I.e. there could be multiple AD groups giving access to different "pages" and data in the application. |
f10edc7
to
cb5243e
Compare
I am so much looking forward to this. And it’s a unique feature. No other Python Analytics web framework provides this in the free, open source version I believe. |
Codecov Report
@@ Coverage Diff @@
## master #820 +/- ##
==========================================
- Coverage 87.78% 86.57% -1.21%
==========================================
Files 135 138 +3
Lines 14930 15711 +781
==========================================
+ Hits 13106 13602 +496
- Misses 1824 2109 +285
Continue to review full report at Codecov.
|
@MarcSkovMadsen If you get a chance it would be fabulous if you could go through the new docs I've added here and do some testing. I'm going to merge this PR due to shorter term deadlines but this definitely needs some Q&A and actual unit tests before release. |
Adds a number of inbuilt OAuth providers to Panel which you can activate via the config and eventually by supplying options to
panel serve
.panel serve
e.g. given an app like this:
You can run it with:
or:
and get something like:
Cc: @ceball @sdc50 @jbednar