Skip to content
OAuth2 profile provider implementation for IITB
Python HTML JavaScript CSS Other
Branch: master
Clone or download
Pull request Compare This branch is 28 commits ahead, 3 commits behind DheerendraRathor:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
account
application
core
internal
logs
requirements
resources
scripts
sso
static
templates
user_resource
widget
.dockerignore
.gitignore
.isort.cfg
.landscape.yml
.travis.yml
Dockerfile
INSTALLATION.md
LICENSE
README.md
contributors.md
gunicorn_conf.py
httpd.conf
manage.py
requirements.txt

README.md

OAuth2 Provider/Proxy for LDAP/OAuth2

This application usage the standard OAuth2.0 flow described in RFC 6749

Detailed documentation is present at: https://gymkhana.iitb.ac.in/sso/doc/

Special Feature

  • Selective Permissions option for users (like facebook)
  • Atomic Permissions for fields

URLs:

All URLs are from base of application URL. (i.e. assuming application is installed at '/')

  • Application Registration /oauth/applications/
  • Authorization /oauth/authorize/
  • Get Access Token /oauth/token/
  • Revoke Token /oauth/revoke_token/

Scopes:

  • basic: Know who you are on SSO
  • profile: Your first name and last name
  • picture: Profile Picture
  • ldap: Your ldap username and email
  • phone: Your contact number including additional numbers
  • insti_address: Your address inside institute
  • program: Your roll number, department, course, joining year and graduation year
  • secondary_emails: Your alternate emails
  • send_mail: Send you mail on behalf of application

User Resources:

  • /user/api/user/: Get basic information corresponding to basic scope
  • /user/api/user/?fields=field1,field2: Get additional information corresponding to field1 and field2. See available fields below

Fields:

Field Name: Required Scopes

  • first_name: profile
  • last_name: profile
  • profile_picture: profile picture
  • username: ldap
  • email: ldap
  • mobile: phone
  • roll_number: program
  • contacts: phone
  • insti_address: insti_address
  • program: program
  • secondary_emails: secondary_emails
You can’t perform that action at this time.