kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
808 commits 1 branch 0 tags 2.4 MiB
Python 96.1%
HTML 3.8%
Go to file
Tuomas Suutari 5165312d01 Use stored user consent for public clients too (#189) 
When using Implicit Flow, it should be OK to use the stored user consent
even if the client is public.  The redirect uri checks should make sure
that the stored consent of another client cannot be misused to get a
consent to a site that is not related to the client.

It is also important to support this, since public clients using
Implicit Flow do not have a refresh token to update their access tokens,
so only way to keep their login session open is by issuing authorization
requests from an iframe with the "prompt=none" parameter (which does not
work without the previously stored consent).  See the following links
for more info and examples on how to renew the access token with SPAs:

https://auth0.com/docs/api-auth/tutorials/silent-authentication#refresh-expired-tokens

https://damienbod.com/2017/06/02/

https://github.com/IdentityServer/IdentityServer3/issues/719#issuecomment-230145034
2017-07-07 13:18:36 +02:00
docs Merge develop to v0.5.x (#179) 2017-05-05 05:19:57 +02:00
example_project Adds per-client consent customization 2017-04-11 13:16:06 -07:00
oidc_provider Use stored user consent for public clients too (#189) 2017-07-07 13:18:36 +02:00
.gitignore Add tests for at_hash 2016-08-08 11:24:07 -06:00
.travis.yml added python 3.6 and django 1.11 2017-05-08 16:25:44 +02:00
CHANGELOG.md Bump version v0.5.1. 2017-05-18 23:49:06 -03:00
LICENSE Bump version v0.4.3. 2016-11-02 12:28:39 -03:00
MANIFEST.in Fix translations handling 2016-11-24 13:09:19 +01:00
README.md Update README.md 2016-12-02 12:27:08 -03:00
runtests.py Allow test suite specification 2016-08-11 16:19:10 -06:00
setup.py Merge pull request #176 from qedsoftware/develop 2017-05-18 23:57:10 -03:00
tox.ini added TOX for Django 1.11 and PYthon 3.6 2017-05-05 05:43:39 +02:00

README.md

Django OIDC Provider

Python Versions PyPI Versions Documentation Status Travis

About OpenID

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, which allows computing clients to verify the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user in an interoperable and REST-like manner. Like Google for example.

About the package

django-oidc-provider can help you providing out of the box all the endpoints, data and logic needed to add OpenID Connect capabilities to your Django projects.

Support for Python 3 and 2. Also latest versions of django.

Read docs for more info.

Contributing

Join us! we love contributions, so please feel free to fix bugs, improve things, provide documentation. You SHOULD follow this steps:

  • Fork the project.
  • Make your feature addition or bug fix.
  • Add tests for it inside oidc_provider/tests. Then run all and ensure everything is OK (read docs for how to test in all envs).
  • Send pull request to the develop branch.