django-auth-adfs icon indicating copy to clipboard operation
django-auth-adfs copied to clipboard

Published 20 hours ago verified publisher icon snok

Django Auth ADFS across a Proxy

Open srPuebla opened this issue 2 years ago • 3 comments

Hi,

It would be nice to configure ADFS with a proxy. Something similar to this below:

# checkout the documentation for more settings
AUTH_ADFS = {
    "SERVER": "adfs.yourcompany.com",
    "CLIENT_ID": "your-configured-client-id",
    "HTTP_PROXY": "http://proxy01.example.com:9090",
    "HTTPS_PROXY": "https://proxy01.example.com:9090"
    ...
}

Yeah, you can configure variables "HTTP_PROXY" and "HTTPS_PROXY" like environ variables, but then, all requests that you perform go with this proxy.

Could you help me?

Thanks!

srPuebla avatar Jan 26 '22 13:01 srPuebla

Hi,

I'm happy to review PRs.
Did you look at #145 and previous issues? Might be possible to do this through nginx too, not sure.

JonasKs avatar Jan 28 '22 06:01 JonasKs

Hi,

I'm happy to review PRs. Did you look at #145 and previous issues? Might be possible to do this through nginx too, not sure.

Hi JonasKs,

Is not the same issue, cause issue talks about "reverse proxy" and i say a http_proxy. Is not the same that i refer.

For example, you can make a "curl" behind a proxy, this way:

-x, --proxy <[protocol://][user:password@]proxyhost[:port]>

     Use the specified HTTP proxy. 
     If the port number is not specified, it is assumed at port 1080.

In python, when you use request:

import requests
proxies = {'http': 'http://proxy.test.example.com:3128','https': 'https://proxy.test.example.com:3128'}
session = requests.session()
session.proxies = proxies
session.get("http://www.example.com")   # Here the proxies will also be automatically used because we have attached those to the session object, so no need to pass separately in each call

In your code is easy to change. In the config.py

In the line 192 you have the "self.session". You can load proxy if it is defined in django_settings

For example:

self.session = requests.Session()
adapter = requests.adapters.HTTPAdapter(max_retries=retry)
self.session.mount('https://', adapter)
self.session.verify = settings.CA_BUNDLE

#Comment Proxy. On the class Settings, you have to load PROXY_HTTP and PROXY_HTTPS variables
if "PROXY" in _settings:
    proxies = {'http': _settings.PROXY_HTTP,'https': _settings.PROXY_HTTPS}
    self.session.proxies = proxies

You can configure ADFS settings like this:

AUTH_ADFS = {
    "SERVER": "adfs.yourcompany.com",
    "CLIENT_ID": "your-configured-client-id",
    "PROXY":{
        "PROXY_HTTP": "http://proxy01.example.com:9090",
        "PROXY_HTTPS": "https://proxy01.example.com:9090"
    }
    ...
}

It would be nice implement on the library.

Regards

srPuebla avatar Jan 28 '22 07:01 srPuebla

I see. Thank you for the good explanation!

I'm happy to review a PR. 😊

JonasKs avatar Jan 29 '22 07:01 JonasKs

Closing this, as it seems it's not being worked on. Feel free to re-open if that's wrong :slightly_smiling_face:

sondrelg avatar Dec 07 '22 17:12 sondrelg