matthiask / django-admin-sso Goto Github PK
View Code? Open in Web Editor NEWThis project forked from frog32/django-admin-sso
Single Sign On solution Django's admin using Google OAuth2
License: BSD 3-Clause "New" or "Revised" License
This project forked from frog32/django-admin-sso
Single Sign On solution Django's admin using Google OAuth2
License: BSD 3-Clause "New" or "Revised" License
I have to create one assignment of every user I want to give access to the admin. I might have several such users. And doing this every time is not feasible.
Ideally what I would want is:
Is there a way to achieve something like this using this package?
I tested this package with keycloak as the identity provider.
The problem is that keycloak will not return the id_token
unless "scope": "openid",
.
Is the package focusing mainly on google or are other providers welcome?
I am wondering if it's possible to extend the assignment functionality to be more generic and support the automatic match of a given SSO email to a local model field.
My current problem:
This is doable but not very effective. If instead of having to create one of each every time, I could just quickly create one (the user) - it would be half the work!
For this it would be interesting to extend the current Remote User -> Local User rule to define a field from the User model instead of a specific username. Is this currently possible / something possible to implement?
default_app_config
is set in django-admin-sso/admin_sso/__init__.py
, but is marked for deprecation:
RemovedInDjango41Warning: 'admin_sso' defines default_app_config = 'admin_sso.apps.AdminSSOConfig'. Django now detects this configuration automatically. You can remove default_app_config.
Might be worth conditionally setting it, like is done here, to suppress the warning!
If I open up a page in the admin and am not logged in, I get redirected to the login page, with the next
url parameter set to the original page I was trying to reach. However, after completing SSO I am just redirected to the admin index page instead of the "next" url that I was originally trying to reach. Is this intended?
When will a new version of this library be released?
It seems like the changes in 696a8a5 were implemented to remove the imported functions that were deprecated in Django 4.0, and if it's now reached compatibility, it would be great to have a new release!
We are testing changes to our ingress controller and now we are not able to support having the SECURE_SSL_REDIRECT = True in Django. As such all redirects need to be https. I'm seeing that the URL constructed for the redirect being passed to Google is http. Looking to see if there is a way to have that URI constructed as https.
It would be nice to be able to display an error message to the user on the login form if their attempted SSO login failed for one reason or another. Currently on any failure the browser is redirected back to the admin index page.
I was initially going to try subclassing the included Auth backend and adding a message via the Django messages framework, but authenticate()
doesn't receive a request
which is required for messages to work.
I could implement my own end
view and add error messages at the various failure points, but I'd prefer not to own that much of the OAuth logic in my app.
Perhaps making end
a class-based view where users can subclass and provide error messages via the view's attributes would work. Or adding additional settings for error messages that the existing end
view uses would also work. Though I'm not sure if you want this lib tied to Django's messaging framework or not.
Happy to put together a PR if you would like this functionality.
oauth2client is deprecated, see https://pypi.org/project/oauth2client/
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.