django-oidc-provider
django-oidc-provider copied to clipboard
juanifioren
Add support for Django Rest Framework
The idea is to have both django-oidc-provider and djangorestframework working on a same project providing Authentication with OpenID Connect and Authorization with OAuth2.
Any help is welcomed.
what do You want exactly ? I have made own modification to rest framework to verify (check signature) and login user being send by token. Is this what You want to achieve ?
I was thinking doing something like django-rest-framework-oauth does but using oidc_provider.models.Client and the token endpoint. What you've done in your case?.
No problem, I'm using djangorestframework-jwt with django-redis and python-redis-lock . First package I'm using as basic with some customizations. Other only for locking (only one thread should ask for new token).
Basically when my microservice receive token, validates it and it's signature, then creates (if not exists) user with username from token (I'm customizing username as hashids)
Maybe using pull request I will show You some code samples ?
I can create a branch but I think this should be another project like restframework-oidc-auth
I've been using code like this for oauth2 based auth and this library, I believe JWT auth implementation may have the same core idea, but slightly more complex. If it's helpful to anyone then it's good.
I hope in some time such auth backends will be included in this library, who knows.
Is there any WIP for this ? I can't seem to find any libraries that provide this functionality, with the exception of https://github.com/ByteInternet/drf-oidc-auth..
Nice to hear people pushing this. I'll consider this on next features. Srry for delay.
@juanifioren trying to find out if I need to implement this my self, or if there is a library in place that I can use, as I need it for a project now. The functionality I need is basically figuring out if a token received from frontend is valid for the current service (by using JWT, or token introspection based on provided auth). Are you aware of any libraries that are currently implementing this?
@latusaki when I start this issue I think something like this: https://gist.github.com/koriaf/907d1e16068d1a04056eedf736a203f5
(by koriaf)
This is what I am using on a backend service, to verify Auth tokens received are valid. Tokens can be reference or JWT. They are generated by an external service.
Code based off https://github.com/ByteInternet/drf-oidc-auth, but is adapted to work without users.
https://gist.github.com/latusaki/0f015643d55c2481bb7acd023c4203e3
Have made some minor corrections since... do you want me to make a PR with the above Auth class? Any comments ?
@latusaki Please! would be great. I could help with documentation and tests.
Ok, will be sometime within a week 👍 Will probably need some corrections to make things more generic, as I have been developing against an in-house OIDC server.
Might be a while before I do it properly as I am short on time, but have started here: https://github.com/latusaki/django-oidc-provider
Will look to integrate the existing claims classes etc properly.