Skip to content

Jouleworks/django-better-auth-oidc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

51 Commits

django_better_auth_oidc

django_better_auth_oidc

 
 

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

.kateconfig

.kateconfig

 
 

LICENSE

LICENSE

 
 

LICENSE.upstream

LICENSE.upstream

 
 

LICENSE.upstream.bsd

LICENSE.upstream.bsd

 
 

MANIFEST.in

MANIFEST.in

 
 

README.rst

README.rst

 
 

setup.cfg

setup.cfg

 
 

setup.py

setup.py

 
 

Repository files navigation

Django-Better-Auth-OIDC - OpenID Connect authentication support for Django

This is a Django login view that authenticates against an OpenID Connect Authentication Server.

Use it if you own a single Authentication Server that you want to share between multiple apps.

Huh?

This is a fork of the abandoned django-auth-oidc. Original code by the Aiakos team.

What is OpenID Connect?

It's a OAuth2-based standard for authentication in applications.

It can be used for social logins, and for setting up Single Sign-On into multiple services hosted by the same company. In the last case, it somewhat supersedes LDAP, as with OIDC people are entering their credentials only into the views served by the Authentication Server, and not into all the company's applications.

Requirements

Installation

pip install django-better-auth-oidc

settings.py

INSTALLED_APPS += ['django_better_auth_oidc']

urls.py

urlpatterns += [
    path('auth/', include('django_better_auth_oidc.urls')),
]

Configuration

Server Cache Lock

By default, DBAO will only fetch the server info based on a cache lock timer. To disable this feature, use the setting AUTH_SERVER_CACHE_LOCK and set to false.

Authorization Server

App's redirect URI: http(s)://app-domain/auth/done App's post-logout redirect URI: http(s)://app-domain/LOGOUT_REDIRECT_URL (or / if not set)

Authorization Server details

You may specify following settings in the Django settings file:

  • AUTH_SERVER - OpenID Connect Authorization Server URL.
  • AUTH_CLIENT_ID - Client ID received from the Authorization Server
  • AUTH_CLIENT_SECRET - Client secret received from the Authorization Server
  • AUTH_PROTOCOL (optional) - Legacy protocol supported by openid-connect library, for example github or gitlab. See openid-connect's documentation for full list of supported protocols.

Or, alternatively, you may set the AUTH_URL environment variable:

AUTH_URL=(protocol+)http(s)://client_id:client_secret@server/

(Note: ":", "@", "/" and "%" inside client_id and client_secret must be urlquoted.)

Behavior

  • AUTH_SCOPE (default: ['openid']) - list of scopes to request from the auth server
  • AUTH_GET_USER_FUNCTION (default: 'django_auth_oidc:get_user_by_username') - name of a function that takes the user info dict, and returns an user object representing that user; note that it should set the user.backend attribute.

About

No description, website, or topics provided.

Resources

Readme

License

MIT, MIT licenses found

Licenses found

MIT
LICENSE
MIT
LICENSE.upstream
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

v0.1.1 Initial MVP Latest
Jul 20, 2023

Packages

No packages published

Contributors 2

  •  
  •  

Languages