papermerge icon indicating copy to clipboard operation
papermerge copied to clipboard
verified publisher icon ciur

[Feature] OIDC authentication

Open francescocarzaniga opened this issue 5 years ago • 3 comments

I saw there is a plan to implement LDAP authentication, and the current PR does a great job at abstracting the backend including immutable users. Using it and something like mozilla-django-oidc it should be relatively straightforward to implement OIDC as well. Group management should also work exactly the same as LDAP.

francescocarzaniga avatar Oct 10 '20 18:10 francescocarzaniga

Would it be possible to sponsor this?

schiederme avatar Oct 10 '20 19:10 schiederme

In general, I would go as far as to say that almost any external authentication system can be added - but as extra plugin. So just to make it clear, that we speak here about - a plugin (a.k.a app) for Papermerge to support OIDC authentication. Plugins/apps can be easily removed/add so that main application stays light.

Would it be possible to sponsor this?

@schiederme, give me 2 weeks to evaluate the impact/complexity of solution and I will come back with an answer.

ciur avatar Oct 11 '20 09:10 ciur

@ciur If I can make a suggestion, python-social-auth and its pipelines especially would be the best solution.

francescocarzaniga avatar Oct 11 '20 11:10 francescocarzaniga