openedx / auth-backends Goto Github PK
View Code? Open in Web Editor NEWCustom authentication backends and views for edX services
License: GNU Affero General Public License v3.0
auth-backends's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
prembasumatary simrangoyal open-craft wejie e-ducation dlozanonavas jawayria mraarif samnanglaor irtazaakram ashajyothi-r arbrandes codewithemad ts-tech-repoauth-backends's Issues
Add Support for True Multi-tenancy
We currently use the same OAuth credentials for all tenants on our IDAs. This works because the auth service (LMS) is not truly multi-tenant. Just because LMS is not truly multi-tenant doesn't mean our IDAs cannot be.
Most of the IDAs use the Django sites framework coupled with a custom model (e.g. SiteConfiguration). We should properly codify this implementation in https://github.com/edx/edx-django-extensions. Once that is done, we can create a new strategy that is multi-tenant-aware.
If we ever get to the point of separating users, we should explore a new storage backend as well as discussed in omab/python-social-auth#552.
Test auth-backends on Python 3.11
This repository is a depedency of edx-platform and needs to be upgraded to Python 3.11 before
the Readwood release is cut (mid-April).
- Requirements are compiled with Python 3.8
- Tests are run on Python 3.8 and 3.11
- (Optional) Tests are also run with 3.12 and passing or 3.12 issues are ticketed.
- Classifiers in setup.py setup.cfg or pyproject.toml indicate Python 3.11 support
- A new version is release to PyPI
- A PR is merged to edx-platform to use the new version
Property name 'full_name' should be spelled 'fullname' without underscores
Hello,
I believe there is a spelling error at the file auth_backends/backends.py, line 12
I think it should be written 'fullname' without underscores, and not 'full_name'.
This is used for mapping the claims provided in the JWT returned by the OAuth authorization code grant flow, but the name 'full_name' is not recognized at the 'registration' part of the pipeline, which in turn leaves the corresponding registration field empty, making it impossible to proceed with a SSO without the user confirming the registration form (in the case it's the first time a user gets registered in by means of third party SSO).
Changing it into 'fullname' makes this work.
Tested using a production environment using the "auth_backends.backends.EdXOAuth2" backend used for SSO of LMS with a custom OAuth2 identity provider.
I don't know if it was the original purpose, but I found this implementation to be very useful to be used for SSO with a generic third party OAuth2 Identity Provider implemented in house (not one of those well known public providers already listed in python-social-auth).
Config redirect to login in edx site?
Hi,
I'm trying to configure my Django app to authenticate the users with an Open Edx installation thought OAuth2, but I can't get the app to redirect to the OAuth login, it just show me this url: http://127.0.0.1:8000/login/edx-oidc/?next=/
My settings:
INSTALLED_APPS = [
'home',
'social_django',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'social_django.middleware.SocialAuthExceptionMiddleware', # <--
]
ROOT_URLCONF = 'login.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [
# os.path.join(BASE_DIR,'home/templates')
],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
'social_django.context_processors.backends',
'social_django.context_processors.login_redirect',
],
},
},
]
WSGI_APPLICATION = 'login.wsgi.application'
# Database
# https://docs.djangoproject.com/en/2.0/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
}
}
# Password validation
# https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
# https://docs.djangoproject.com/en/2.0/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/2.0/howto/static-files/
STATIC_URL = '/static/'
#Some other dependencies
AUTHENTICATION_BACKENDS = (
'auth_backends.backends.EdXOAuth2',
# 'auth_backends.backends.EdXOpenIdConnect',
'django.contrib.auth.backends.ModelBackend',
)
LOGIN_URL = '/login/'
# EDX OAuth2 config
SOCIAL_AUTH_EDX_OAUTH2_KEY = '<client_id>'
SOCIAL_AUTH_EDX_OAUTH2_SECRET = '<client_secret>'
SOCIAL_AUTH_EDX_OAUTH2_ENDPOINT = 'https://<openedxapp>/oauth2/access_token'
SOCIAL_AUTH_STRATEGY = 'auth_backends.strategies.EdxDjangoStrategy'Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.