Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC/Auth2 integration #2649

Open
wants to merge 8 commits into
base: feature/keycloak-oidc
Choose a base branch
from
Open

OIDC/Auth2 integration #2649

wants to merge 8 commits into from

Conversation

boehlke
Copy link

@boehlke boehlke commented Sep 27, 2024

This PR contains a POC for a OIDC/oauth2 integration into OpenSlides. The dev setup is based on keycloak.

dependabot bot and others added 6 commits September 26, 2024 06:03
@dependabot
Bump debugpy from 1.8.5 to 1.8.6 in /requirements/partial (OpenSlides…
3e8ce49 
…#2648)

Bumps [debugpy](https://github.com/microsoft/debugpy) from 1.8.5 to 1.8.6.
- [Release notes](https://github.com/microsoft/debugpy/releases)
- [Commits](microsoft/debugpy@v1.8.5...v1.8.6)

---
updated-dependencies:
- dependency-name: debugpy
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@boehlke
change imports to os_authlib
8ac3dd3
@boehlke
Cleanup saml and auth service based code
8b3b009
@boehlke
cleanup
8abec7b
@boehlke
Use pip-auth libraries code directly from local source
54c3b2c
@boehlke
Implement back-channel logout endpoint
27594ea
@boehlke boehlke added feature keycloak-oidc OIDC support for OpenSlides with Keycloak as default IdP labels Sep 27, 2024
luisa-beerboom
luisa-beerboom requested changes Oct 10, 2024
View reviewed changes
Copy link
Member

@luisa-beerboom luisa-beerboom left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Amend the tests for actions that were updated, delete the tests for actions that were deleted.

openslides_backend/action/actions/organization/update.py
Comment on lines 55 to 56
additional_optional_fields={
"saml_attr_mapping": {
"type": ["object", "null"],
"properties": saml_props,
"required": ["saml_id"],
"additionalProperties": False,
},
},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If it is going to be empty, you can delete the additional_optional_fields attribute.

openslides_backend/services/auth/adapter.py
Comment on lines -53 to -59
def create_authorization_token(self, user_id: int, email: str) -> str:
try:
response = self.auth_handler.create_authorization_token(user_id, email)
except AuthenticateException as e:
raise AuthenticationException(e.message)
return response.headers.get(AUTHORIZATION_HEADER, "")

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

openslides_backend/services/auth/interface.py defines the interface for this class, including this method. You should remove the method from that place as well

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@luisa-beerboom luisa-beerboom luisa-beerboom requested changes

Assignees
No one assigned
Labels
feature keycloak-oidc OIDC support for OpenSlides with Keycloak as default IdP
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@boehlke @luisa-beerboom