Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OIDC/Auth2 integration #2649

Open
wants to merge 28 commits into
base: feature/keycloak-oidc
Choose a base branch
from
Open

OIDC/Auth2 integration #2649

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
8ac3dd3
change imports to os_authlib
boehlke Sep 24, 2024
8b3b009
Cleanup saml and auth service based code
boehlke Sep 25, 2024
8abec7b
cleanup
boehlke Sep 25, 2024
54c3b2c
Use pip-auth libraries code directly from local source
boehlke Sep 25, 2024
27594ea
Implement back-channel logout endpoint
boehlke Sep 27, 2024
48ad18f
Change build scripts so that fullstack feature use-case (wiring own l…
boehlke Oct 14, 2024
f374182
Add stages for normal dev deps and fullstack dep resolution (local)
boehlke Oct 14, 2024
bd55095
KRY-149 migration script
boehlke Nov 4, 2024
efdc419
Work on deeper authlib integration
boehlke Oct 7, 2024
68549f9
Replace os_authlib with authlib
boehlke Oct 10, 2024
e0687e0
Work on deeper integration of keycloak and dev reviews
boehlke Nov 4, 2024
92bd338
WIP: Work on keycloak service for migration and other features needin…
boehlke Nov 6, 2024
7d0685c
Revert
boehlke Nov 10, 2024
d21d2e2
Scatch implementation of idp migration
boehlke Nov 10, 2024
dca8b9f
Work on actions
boehlke Nov 12, 2024
21b797c
Work on keycloak integration
boehlke Dec 10, 2024
e48e5fc
Re-add actions
boehlke Dec 12, 2024
40c373f
Merge remote-tracking branch 'refs/remotes/source/main' into KRY-149
boehlke Dec 20, 2024
699a693
Work on keycloak authenticator
boehlke Dec 23, 2024
6e1f381
Work on keycloak authenticator
boehlke Jan 8, 2025
115560f
Work on keycloak integration
boehlke Sep 25, 2024
e4e35ba
deactivate migration, merge main
boehlke Jan 10, 2025
daf7c1f
Fix merge bug
boehlke Jan 10, 2025
536cf50
Update fastjsonschema dependency
boehlke Jan 16, 2025
9c1bdff
Merge branch 'refs/heads/src-main'
boehlke Jan 21, 2025
35268e9
Work on keycloak integration
boehlke Jan 30, 2025
1b7aa09
Merge remote-tracking branch 'os/main'
boehlke Jan 30, 2025
e12f121
update migration index
boehlke Feb 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,10 @@ run-dev-otel run-bash-otel: | start-dev-otel run-dev-attach-otel
# Build standalone development container (not usable inside the docker container)

build-dev:
rm -rf pip-auth
cp -r ../openslides-auth-service/libraries/pip-auth pip-auth
docker build --file=dev/Dockerfile.dev . --tag=openslides-backend-dev
rm -rf pip-auth

rebuild-dev:
docker build --file=dev/Dockerfile.dev . --tag=openslides-backend-dev --no-cache
1 change: 1 addition & 0 deletions dev/Dockerfile.dev
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ RUN apt-get update && apt-get install --yes make git curl ncat vim bash-completi
WORKDIR /app

COPY requirements/ requirements/
COPY pip-auth /pip-auth
ARG REQUIREMENTS_FILE=requirements_development.txt
RUN . requirements/export_service_commits.sh && pip install --no-cache-dir --requirement requirements/$REQUIREMENTS_FILE

Expand Down
1 change: 0 additions & 1 deletion docs/Actions-Overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,6 @@ A more general format description see in [Action-Service](https://github.com/Ope
- [user.toggle_presence_by_number](actions/user.toggle_presence_by_number.md)
- [user.update](actions/user.update.md)
- [user.update_self](actions/user.update_self.md)
- [user.save_saml_account](actions/user.save_saml_account.md)
- [meeting_user.create](actions/meeting_user.create.md)
- [meeting_user.update](actions/meeting_user.update.md)
- [meeting_user.delete](actions/meeting_user.delete.md)
Expand Down
25 changes: 0 additions & 25 deletions openslides_backend/action/actions/organization/update.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@
from ...mixins.send_email_mixin import EmailCheckMixin, EmailSenderCheckMixin
from ...util.default_schema import DefaultSchema
from ...util.register import register_action
from ..user.save_saml_account import allowed_user_fields
from ..user.update import UserUpdate


Expand Down Expand Up @@ -48,36 +47,12 @@ class OrganizationUpdate(
"limit_of_meetings",
"limit_of_users",
"url",
"saml_enabled",
"saml_login_button_text",
"saml_attr_mapping",
"saml_metadata_idp",
"saml_metadata_sp",
"saml_private_key",
)

model = Organization()
saml_props = {
field: {**optional_str_schema, "max_length": 256}
for field in allowed_user_fields
}
saml_props["meeting"] = {
"type": ["object", "null"],
"properties": {
field: {**optional_str_schema, "max_length": 256}
for field in ("external_id", "external_group_id")
},
"additionalProperties": False,
}
schema = DefaultSchema(Organization()).get_update_schema(
optional_properties=group_A_fields + group_B_fields,
additional_optional_fields={
"saml_attr_mapping": {
"type": ["object", "null"],
"properties": saml_props,
"required": ["saml_id"],
"additionalProperties": False,
},
},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If it is going to be empty, you can delete the additional_optional_fields attribute.

)
check_email_field = "users_email_replyto"
Expand Down
7 changes: 0 additions & 7 deletions openslides_backend/action/actions/user/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,17 +4,10 @@
assign_meetings,
create,
delete,
forget_password,
forget_password_confirm,
generate_new_password,
merge_together,
participant_import,
participant_json_upload,
reset_password_to_default,
save_saml_account,
send_invitation_email,
set_password,
set_password_self,
set_present,
toggle_presence_by_number,
update,
Expand Down
2 changes: 0 additions & 2 deletions openslides_backend/action/actions/user/create.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@
from ...util.typing import ActionResultElement
from ..meeting_user.mixin import CheckLockOutPermissionMixin
from .create_update_permissions_mixin import CreateUpdatePermissionsMixin
from .password_mixins import SetPasswordMixin
from .user_mixins import LimitOfUserMixin, UserMixin, UsernameMixin, check_gender_helper


Expand All @@ -25,7 +24,6 @@ class UserCreate(
EmailCheckMixin,
CreateAction,
CreateUpdatePermissionsMixin,
SetPasswordMixin,
LimitOfUserMixin,
UsernameMixin,
CheckLockOutPermissionMixin,
Expand Down
119 changes: 0 additions & 119 deletions openslides_backend/action/actions/user/forget_password.py
View file
Open in desktop

This file was deleted.

63 changes: 0 additions & 63 deletions openslides_backend/action/actions/user/forget_password_confirm.py
View file
Open in desktop

This file was deleted.

39 changes: 0 additions & 39 deletions openslides_backend/action/actions/user/generate_new_password.py
View file
Open in desktop

This file was deleted.

51 changes: 0 additions & 51 deletions openslides_backend/action/actions/user/password_mixins.py
View file
Open in desktop

This file was deleted.

Loading
Loading