a829726be8
* Log create_uri_response exceptions to logger.exception * Support grant type password - basics * Add tests for Resource Owner Password Credentials Flow * Password Grant -Response according to specification * Better tests for errors, disable grant type password by default * Add documentation for grant type password * User authentication failure to return 403 * Add id_token to response * skipping consent only works for confidential clients * fix URI fragment example not working URL `http://localhost:8100/#/auth/callback/` * OIDC_POST_END_SESSION_HOOK + tests * Explicit function naming * Remove print statements * No need for semicolons, this is Python * Update CHANGELOG.md * fixed logger message * Improved `exp` value calculation * rename OIDC_POST_END_SESSION_HOOK to OIDC_AFTER_END_SESSION_HOOK * added docs for OIDC_AFTER_END_SESSION_HOOK * Replaces `LOGIN_URL` with `OIDC_LOGIN_URL` so users can use a different login path for their oidc requests. * Adds a setting variable for custom template paths * Updates documentation * Fixed bad try/except/finally block * Adds test for OIDC_TEMPLATES settings * Determine value for op_browser_state from session_key or default * Do not use cookie for browser_state. It may not yet be there * Add docs on new setting OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY * Fix compatibility for older versions of Django * solved merging typo for missing @property
50 lines
1.9 KiB
ReStructuredText
50 lines
1.9 KiB
ReStructuredText
Welcome to Django OIDC Provider Documentation!
|
|
==============================================
|
|
|
|
This tiny (but powerful!) package can help you providing out of the box all the endpoints, data and logic needed to add OpenID Connect capabilities to your Django projects. And as a side effect a fair implementation of OAuth2.0 too. Covers Authorization Code, Implicit and Hybrid flows.
|
|
|
|
Also implements the following specifications:
|
|
|
|
* `OpenID Connect Discovery 1.0 <https://openid.net/specs/openid-connect-discovery-1_0.html>`_
|
|
* `OpenID Connect Session Management 1.0 <https://openid.net/specs/openid-connect-session-1_0.html>`_
|
|
* `OAuth 2.0 for Native Apps <https://tools.ietf.org/html/draft-ietf-oauth-native-apps-01>`_
|
|
* `OAuth 2.0 Resource Owner Password Credentials Grant <https://tools.ietf.org/html/rfc6749#section-4.3>`_
|
|
* `Proof Key for Code Exchange by OAuth Public Clients <https://tools.ietf.org/html/rfc7636>`_
|
|
|
|
--------------------------------------------------------------------------------
|
|
|
|
Before getting started there are some important things that you should know:
|
|
|
|
* Despite that implementation MUST support TLS. You can make request without using SSL. There is no control on that.
|
|
* Supports only for requesting Claims using Scope values.
|
|
* If you enable the Resource Owner Password Credentials Grant, you MUST implement protection against brute force attacks on the token endpoint
|
|
|
|
--------------------------------------------------------------------------------
|
|
|
|
Contents:
|
|
|
|
.. toctree::
|
|
:maxdepth: 2
|
|
|
|
sections/installation
|
|
sections/relyingparties
|
|
sections/serverkeys
|
|
sections/templates
|
|
sections/scopesclaims
|
|
sections/userconsent
|
|
sections/oauth2
|
|
sections/accesstokens
|
|
sections/sessionmanagement
|
|
sections/settings
|
|
sections/signals
|
|
sections/examples
|
|
sections/contribute
|
|
..
|
|
|
|
Indices and tables
|
|
==================
|
|
|
|
* :ref:`genindex`
|
|
* :ref:`modindex`
|
|
* :ref:`search`
|