kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update docs.

Browse source
This commit is contained in:
Ignacio Fiorentino 2016-04-08 16:56:20 -03:00
parent e97c32acd1
commit c39a81e5f9
5 changed files with 51 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
docs/conf.py
View file

@ -53,9 +53,9 @@ author = u'Juan Ignacio Fiorentino'
# built documents. # built documents.
# #
# The short X.Y version. # The short X.Y version.
version = u'0.2' version = u'0.3'
# The full version, including alpha/beta/rc tags. # The full version, including alpha/beta/rc tags.
release = u'0.2.5' release = u'0.3.x'
# The language for content autogenerated by Sphinx. Refer to documentation # The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages. # for a list of supported languages.

BIN
docs/images/client_creation.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 50 KiB

7
docs/index.rst
View file

@ -3,6 +3,11 @@ Welcome to Django OIDC Provider Documentation!
Django OIDC Provider can help you providing out of the box all the endpoints, data and logic needed to add OpenID Connect capabilities to your Django projects. And as a side effect a fair implementation of OAuth2.0 too. Django OIDC Provider can help you providing out of the box all the endpoints, data and logic needed to add OpenID Connect capabilities to your Django projects. And as a side effect a fair implementation of OAuth2.0 too.
Also implements the following specifications:
* `OAuth 2.0 for Native Apps <https://tools.ietf.org/html/draft-ietf-oauth-native-apps-01>`_
* `Proof Key for Code Exchange by OAuth Public Clients <https://tools.ietf.org/html/rfc7636>`_
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Before getting started there are some important things that you should know: Before getting started there are some important things that you should know:
@ -19,7 +24,7 @@ Contents:
:maxdepth: 2 :maxdepth: 2
sections/installation sections/installation
sections/clients sections/relyingparties
sections/serverkeys sections/serverkeys
sections/templates sections/templates
sections/claims sections/claims

24
docs/sections/clients.rst
View file

@ -1,24 +0,0 @@
.. _clients:
Clients
#######
Also known as Relying Parties (RP). User and client creation it's up to you. This is because is out of the scope in the core implementation of OIDC.
So, there are different ways to create your Clients. By displaying a HTML form or maybe if you have internal thrusted Clients you can create them programatically.
`Read more about client creation from OAuth2 spec <http://tools.ietf.org/html/rfc6749#section-2>`_
For your users, the tipical situation is that you provide them a login and a registration page.
If you want to test the provider without getting to deep into this topics you can:
Create a user with ``python manage.py createsuperuser`` and clients using Django admin:
.. image:: http://i64.tinypic.com/2dsfgoy.png
:align: center
Or also you can create a client programmatically with Django shell ``python manage.py shell``::
>>> from oidc_provider.models import Client
>>> c = Client(name='Some Client', client_id='123', client_secret='456', response_type='code', redirect_uris=['http://example.com/'])
>>> c.save()

43
docs/sections/relyingparties.rst Normal file
View file

@ -0,0 +1,43 @@
.. _relyingparties:
Relying Parties
###############
Relying Parties (RP) creation it's up to you. This is because is out of the scope in the core implementation of OIDC.
So, there are different ways to create your Clients (RP). By displaying a HTML form or maybe if you have internal thrusted Clients you can create them programatically.
OAuth defines two client types, based on their ability to maintain the confidentiality of their client credentials:
* ``confidential``: Clients capable of maintaining the confidentiality of their credentials (e.g., client implemented on a secure server with restricted access to the client credentials).
* ``public``: Clients incapable of maintaining the confidentiality of their credentials (e.g., clients executing on the device used by the resource owner, such as an installed native application or a web browser-based application), and incapable of secure client authentication via any other means.
Using the admin
===============
We suggest you to use Django admin to easily manage your clients:
.. image:: ../images/client_creation.png
:align: center
For re-generating ``client_secret``, when you are in the Client editing view, select "Client type" to be ``public``. Then after saving, select back to be ``confidential`` and save again.
Custom view
===========
If for some reason you need to create your own view to manage them, you can grab the form class that the admin makes use of. Located in ``oidc_provider.admin.ClientForm``.
Some built-in logic that comes with it:
* Automatic ``client_id`` and ``client_secret`` generation.
* Empty ``client_secret`` when ``client_type`` is equal to ``public``.
Programmatically
================
You can create a Client programmatically with Django shell ``python manage.py shell``::
>>> from oidc_provider.models import Client
>>> c = Client(name='Some Client', client_id='123', client_secret='456', response_type='code', redirect_uris=['http://example.com/'])
>>> c.save()
`Read more about client creation from OAuth2 spec <http://tools.ietf.org/html/rfc6749#section-2>`_