Metadata-Version: 2.1
Name: selfauth
Version: 1.1.1
Summary: Self Street integration with Django for SSO.
Home-page: https://github.com/column-street/selfauth
Author: Felipe Faria
Author-email: felipe@self.st
License: BSD 3-Clause License
Description: 
        
        # Self OpenID Client
        
        Django plugin that replaces the standard Django user model and replaces it with Self Street OpenID integration.
        
        **Note**: This project is open source but currently only being used within Column Street. If you would like to integrate Self logging into your website/app/project please reach out to us so we can discuss. 
        
        ## Use
        
        This package is a thin layer on top of the `mozilla-django-oidc` project, therefore integration is very similar. 
        
        ### 1. Register Application with Self
        
        Either contact an admin, or initiate it via the administrator board in Self.
        
        ### 2. Install Package
        
        ```
        pip install selfauth
        ```
        
        ### 3. Add & Modify Settings
        
        The following settings need to be initialized. Inside your `INSTALLED_APPS` make sure to add `mozilla_django_oidc` and `selfauth` right after `django.contrib.auth`. 
        
        ```python
        INSTALLED_APPS = [
            ...,
            "django.contrib.auth",
            "mozilla_django_oidc",
            "selfauth",
            ...
        ]
        ```
        
        At the end of your settings file you can then add the following:
        
        ```python
        # =======================================================================================================
        # Self Street
        
        # Custom User Model
        # https://docs.djangoproject.com/en/3.1/topics/auth/customizing/#substituting-a-custom-user-model
        # This custom user model is used with the OIDC backend to ensure Self and Meta communicate properly.
        AUTH_USER_MODEL = "selfauth.User"
        
        # Authentication Backend
        # https://docs.djangoproject.com/en/3.1/topics/auth/customizing/#specifying-authentication-backends
        # Must be modified so that the OpenID plugin can automatically create users
        # based on the login of the user from Self. We use a custom authentication so that
        # we take care of user updates and uniqueness.
        AUTHENTICATION_BACKENDS = ("selfauth.auth.SelfAuthenticationBackend",)
        
        # OpenID
        # https://mozilla-django-oidc.readthedocs.io/en/stable/installation.html#choose-the-appropriate-algorithm
        # These are settings related to the OpenID Connect Client.
        
        # Client ID and Secret
        OIDC_RP_CLIENT_ID = ""
        OIDC_RP_CLIENT_SECRET = ""
        
        # Server Endpoints
        OIDC_OP_ENDPOINT = "https://self.st"
        OIDC_OP_JWKS_ENDPOINT = OIDC_OP_ENDPOINT + "/o/jwks/"
        OIDC_OP_AUTHORIZATION_ENDPOINT = OIDC_OP_ENDPOINT+ "/o/authorize/"
        OIDC_OP_TOKEN_ENDPOINT = OIDC_OP_ENDPOINT + "/o/token/"
        OIDC_OP_USER_ENDPOINT = OIDC_OP_ENDPOINT + "/o/userinfo/"
        
        # Scopes
        # https://github.com/mozilla/mozilla-django-oidc/blob/master/mozilla_django_oidc/auth.py#L84
        # These are the default scopes that any OpenID Client with Self has access to. Add any extra if you have. 
        OIDC_RP_SCOPES = "openid profile email"
        
        # Custom Test Page
        # Enables test webpage at self.st/login.
        AUTH_TEST = True
        AUTH_TEST_PATH = "login"
        # =======================================================================================================
        ```
        
        Make sure to modify the following varaibles:
        
        * `OIDC_RP_CLIENT_ID`: Client ID given and generated by Self.
        * `OIDC_RP_CLIENT_SECRET`: Client secret given and generated by Self. Recommended to be passed as an env variable.
        
        ### 4. Create Migrations
        
        ```
        python manage.py makemigrations
        python manage.py migrate
        ```
        
        ### 5. Routes
        
        Logging can be done found via the router `oidc_authentication_init`, and logout via `oidc_logout`. This is defined in the `mozilla-django-oidc` docs [here](https://mozilla-django-oidc.readthedocs.io/en/stable/installation.html#enable-login-and-logout-functionality-in-templates). Make sure to set the routes:
        
        ```python
        from django.urls import path, include
        
        urlpatterns = [
            ...
            path("", include("selfauth.urls")),
        ]
        ```
        
        ### 6. Testing
        
        If you would like to test the framework, enabling the `AUTH_TEST` variable will allow you to access the test page in the `AUTH_TEST_PATH` path. In the case above the test page will be in `http://example.com/login`.
        
Keywords: selfauth
Platform: UNKNOWN
Classifier: Environment :: Web Environment
Classifier: Framework :: Django
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: BSD License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content
Description-Content-Type: text/markdown
