Add OAuth2 documentation.

This commit is contained in:
juanifioren 2016-02-18 16:24:31 -03:00
parent fb4e9bd8fe
commit 67c06fad9b
2 changed files with 29 additions and 2 deletions

View file

@ -1,13 +1,12 @@
Welcome to Django OIDC Provider Documentation! Welcome to Django OIDC Provider Documentation!
============================================== ==============================================
Django OIDC Provider can help you providing out of the box all the endpoints, data and logic needed to add OpenID Connect capabilities to your Django projects. Django OIDC Provider can help you providing out of the box all the endpoints, data and logic needed to add OpenID Connect capabilities to your Django projects. And as a side effect a fair implementation of OAuth2.0 too.
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Before getting started there are some important things that you should know: Before getting started there are some important things that you should know:
* Although OpenID was built on top of OAuth2, this isn't an OAuth2 server. Maybe in a future it will be.
* Despite that implementation MUST support TLS. You can make request without using SSL. There is no control on that. * Despite that implementation MUST support TLS. You can make request without using SSL. There is no control on that.
* This cover **Authorization Code Flow** and **Implicit Flow**, NO support for **Hybrid Flow** at this moment. * This cover **Authorization Code Flow** and **Implicit Flow**, NO support for **Hybrid Flow** at this moment.
* Only support for requesting Claims using Scope Values. * Only support for requesting Claims using Scope Values.
@ -24,6 +23,7 @@ Contents:
sections/serverkeys sections/serverkeys
sections/templates sections/templates
sections/claims sections/claims
sections/oauth2
sections/settings sections/settings
sections/contribute sections/contribute
.. ..

27
docs/sections/oauth2.rst Normal file
View file

@ -0,0 +1,27 @@
.. _oauth2:
OAuth2 Server
#############
Because OIDC is a layer on top of the OAuth 2.0 protocol, this package gives you a simple but effective OAuth2 server that you can use not only for logging in your users on multiple platforms, also to protect some resources you want to expose.
Protecting Views
================
Here we are going to protect a view with a scope called ``testscope``::
from django.http import JsonResponse
from django.views.decorators.http import require_http_methods
from oidc_provider.lib.utils.oauth2 import protected_resource_view
@require_http_methods(['GET'])
@protected_resource_view(['testscope'])
def protected_api(request, *args, **kwargs):
dic = {
'protected': 'information',
}
return JsonResponse(dic, status=200)