{ "info": { "author": "Collin Stedman", "author_email": "zkronion+djsaml@gmail.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 5 - Production/Stable", "Framework :: Django :: 1.10", "Framework :: Django :: 1.11", "Framework :: Django :: 1.5", "Framework :: Django :: 1.6", "Framework :: Django :: 1.7", "Framework :: Django :: 1.8", "Framework :: Django :: 1.9", "Intended Audience :: Developers", "License :: OSI Approved :: Apache Software License", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.6", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Topic :: Software Development :: Libraries :: Python Modules" ], "description": "===================================================\nSimple and Configurable Django SAML2 Authentication\n===================================================\n\n.. image:: https://img.shields.io/pypi/pyversions/django-saml2-auth-plus.svg\n :target: https://pypi.python.org/pypi/django-saml2-auth-plus\n\n.. image:: https://img.shields.io/pypi/v/django-saml2-auth-plus.svg\n :target: https://pypi.python.org/pypi/django-saml2-auth-plus\n\nThis project aims to provide a dead simple way to integrate SAML2\nAuthentication into your Django powered app. It is a fork of Fang Li's django-saml2-auth\nwith additional configuration options. Try it now, and get rid of the\ncomplicated configuration of SAML.\n\nAny SAML2 based SSO(Single-Sign-On) identity provider with dynamic metadata\nconfiguration is supported by this Django plugin, for example Okta.\n\nSupports Django >= 1.9.\n\nDonate\n======\n\nWe accept your donations by clicking the awesome |star| instead of any physical transfer.\n\n.. |star| image:: https://img.shields.io/github/stars/kronion/django-saml2-auth.svg?style=social&label=Star&maxAge=86400\n\n\n\nDependencies\n============\n\nThis plugin is compatible with Django 1.6/1.7/1.8/1.9/1.10/1.11. The `pysaml2` Python\nmodule is required.\n\n\n\nInstall\n=======\n\nYou can install this plugin via `pip`:\n\n.. code-block:: bash\n\n # pip install django_saml2_auth_plus\n\nor from source:\n\n.. code-block:: bash\n\n # git clone https://github.com/kronion/django-saml2-auth-plus\n # cd django-saml2-auth\n # python setup.py install\n\nxmlsec is also required by pysaml2:\n\n.. code-block:: bash\n\n # yum install xmlsec1\n // or\n # apt-get install xmlsec1\n\n\nWhat does this plugin do?\n=========================\n\nThis plugin takes over Django's login page and redirect the user to a SAML2\nSSO authentication service. Once the user is logged in and redirected back,\nthe plugin will check if the user is already in the system. If not, the user\nwill be created using Django's default UserModel, otherwise the user will be\nredirected to their last visited page.\n\n\n\nHow to use?\n===========\n\n#. Import the views module in your root urls.py\n\n .. code-block:: python\n\n import django_saml2_auth.views\n\n#. Override the default login page in the root urls.py file, by adding these\n lines **BEFORE** any `urlpatterns`:\n\n .. code-block:: python\n\n # These are the SAML2 related URLs. You can change \"^saml2_auth/\" regex to\n # any path you want, like \"^sso_auth/\", \"^sso_login/\", etc. (required)\n url(r'^saml2_auth/', include('django_saml2_auth.urls')),\n\n # The following line will replace the default user login with SAML2 (optional)\n # If you want to specific the after-login-redirect-URL, use parameter \"?next=/the/path/you/want\"\n # with this view.\n url(r'^accounts/login/$', django_saml2_auth.views.signin),\n\n # The following line will replace the admin login with SAML2 (optional)\n # If you want to specific the after-login-redirect-URL, use parameter \"?next=/the/path/you/want\"\n # with this view.\n url(r'^admin/login/$', django_saml2_auth.views.signin),\n\n#. Add 'django_saml2_auth' to INSTALLED_APPS\n\n .. code-block:: python\n\n INSTALLED_APPS = [\n '...',\n 'django_saml2_auth',\n ]\n\n#. In settings.py, add the SAML2 related configuration.\n\n Please note, the only required setting is **METADATA_AUTO_CONF_URL**.\n The following block shows all required and optional configuration settings\n and their default values.\n\n .. code-block:: python\n\n SAML2_AUTH = {\n # Required setting\n 'METADATA_AUTO_CONF_URL': '[The auto(dynamic) metadata configuration URL of SAML2]',\n\n # Optional settings below\n 'DEFAULT_NEXT_URL': '/admin', # Custom target redirect URL after the user get logged in. Default to /admin if not set. This setting will be overwritten if you have parameter ?next= specificed in the login URL.\n 'NEW_USER_PROFILE': {\n 'USER_GROUPS': [], # The default group name when a new user logs in\n 'ACTIVE_STATUS': True, # The default active status for new users\n 'STAFF_STATUS': True, # The staff status for new users\n 'SUPERUSER_STATUS': False, # The superuser status for new users\n },\n 'ATTRIBUTES_MAP': { # Change Email/UserName/FirstName/LastName to corresponding SAML2 userprofile attributes.\n 'email': 'Email',\n 'username': 'UserName',\n 'first_name': 'FirstName',\n 'last_name': 'LastName',\n },\n 'TRIGGER': {\n 'CREATE_USER': 'path.to.your.new.user.hook.method',\n 'BEFORE_LOGIN': 'path.to.your.login.hook.method',\n },\n 'ASSERTION_URL': 'https://mysite.com', # Custom URL to validate incoming SAML requests against\n 'ENTITY_ID': 'https://mysite.com/saml2_auth/acs/', # Populates the Issuer element in authn request\n 'NAME_ID_FORMAT': FormatString, # Sets the Format property of authn NameIDPolicy element\n }\n\n#. In your SAML2 SSO identity provider, set the Single-sign-on URL and Audience\n URI(SP Entity ID) to http://your-domain/saml2_auth/acs/\n\n\nExplanation\n-----------\n\n**METADATA_AUTO_CONF_URL** Auto SAML2 metadata configuration URL\n\n**NEW_USER_PROFILE** Default settings for newly created users\n\n**ATTRIBUTES_MAP** Mapping of Django user attributes to SAML2 user attributes\n\n**TRIGGER** Hooks to trigger additional actions during user login and creation\nflows. These TRIGGER hooks are strings containing a `dotted module name `_\nwhich point to a method to be called. The referenced method should accept a\nsingle argument which is a dictionary of attributes and values sent by the\nidentity provider, representing the user's identity.\n\n**TRIGGER.CREATE_USER** A method to be called upon new user creation. This\nmethod will be called before the new user is logged in and after the user's\nrecord is created. This method should accept ONE parameter of user dict.\n\n**TRIGGER.BEFORE_LOGIN** A method to be called when an existing user logs in.\nThis method will be called before the user is logged in and after user\nattributes are returned by the SAML2 identity provider. This method should accept ONE parameter of user dict.\n\n**ASSERTION_URL** A URL to validate incoming SAML responses against. By default,\ndjango-saml2-auth will validate the SAML response's Service Provider address\nagainst the actual HTTP request's host and scheme. If this value is set, it\nwill validate against ASSERTION_URL instead - perfect for when django running\nbehind a reverse proxy.\n\n**ENTITY_ID** The optional entity ID string to be passed in the 'Issuer' element of authn request, if required by the IDP.\n\n**NAME_ID_FORMAT** Set to the string 'None', to exclude sending the 'Format' property of the 'NameIDPolicy' element in authn requests.\nDefault value if not specified is 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'.\n\nCustomize\n=========\n\nThe default permission `denied` page and user `welcome` page can be\noverridden.\n\nTo override these pages put a template named 'django_saml2_auth/welcome.html'\nor 'django_saml2_auth/denied.html' in your project's template folder.\n\nIf a 'django_saml2_auth/welcome.html' template exists, that page will be shown\nto the user upon login instead of the user being redirected to the previous\nvisited page. This welcome page can contain some first-visit notes and welcome\nwords. The `Django user object `_\nis available within the template as the `user` template variable.\n\nTo enable a logout page, add the following lines to urls.py, before any\n`urlpatterns`:\n\n.. code-block:: python\n\n # The following line will replace the default user logout with the signout page (optional)\n url(r'^accounts/logout/$', django_saml2_auth.views.signout),\n\n # The following line will replace the default admin user logout with the signout page (optional)\n url(r'^admin/logout/$', django_saml2_auth.views.signout),\n\nTo override the built in signout page put a template named\n'django_saml2_auth/signout.html' in your project's template folder.\n\nIf your SAML2 identity provider uses user attribute names other than the\ndefaults listed in the `settings.py` `ATTRIBUTES_MAP`, update them in\n`settings.py`.\n\n\nFor Okta Users\n==============\n\nI created this plugin originally for Okta.\n\nThe METADATA_AUTO_CONF_URL needed in `settings.py` can be found in the Okta\nweb UI by navigating to the SAML2 app's `Sign On` tab, in the Settings box.\nYou should see :\n\n`Identity Provider metadata is available if this application supports dynamic configuration.`\n\nThe `Identity Provider metadata` link is the METADATA_AUTO_CONF_URL.\n\n\nHow to Contribute\n=================\n\n#. Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.\n#. Fork `the repository`_ on GitHub to start making your changes to the **master** branch (or branch off of it).\n#. Write a test which shows that the bug was fixed or that the feature works as expected.\n#. Send a pull request and bug the maintainer until it gets merged and published. :) Make sure to add yourself to AUTHORS_.\n\n.. _`the repository`: http://github.com/kronion/django-saml2-auth-plus\n.. _AUTHORS: https://github.com/kronion/django-saml2-auth-plus/blob/master/AUTHORS.rst\n\n\nRelease Log\n===========\n\n1.0.0: Fork from django-saml2-auth and deploy to PyPI.\n\n\n", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/kronion/django-saml2-auth", "keywords": "Simple Configurable Django SAML2 SSO Authentication Plus", "license": "Apache 2.0", "maintainer": "", "maintainer_email": "", "name": "django-saml2-auth-plus", "package_url": "https://pypi.org/project/django-saml2-auth-plus/", "platform": "", "project_url": "https://pypi.org/project/django-saml2-auth-plus/", "project_urls": { "Homepage": "https://github.com/kronion/django-saml2-auth" }, "release_url": "https://pypi.org/project/django-saml2-auth-plus/1.0.0/", "requires_dist": [ "pysaml2 (==4.5.0)" ], "requires_python": "", "summary": "Simple and Configurable Django SAML2 Authentication. Easily integrate with SAML2 SSO identity providers like Okta", "version": "1.0.0" }, "last_serial": 4131142, "releases": { "1.0.0": [ { "comment_text": "", "digests": { "md5": "b21398f19c3eb1e9959786b62cf53b4b", "sha256": "8d91622f30335d7761ea5c3dc59ead581c59da47fd60817d988f6fdf21707c83" }, "downloads": -1, "filename": "django_saml2_auth_plus-1.0.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "b21398f19c3eb1e9959786b62cf53b4b", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 14148, "upload_time": "2018-08-03T05:04:48", "url": "https://files.pythonhosted.org/packages/7b/d2/b84ff1672d805cb6655452c1edb1de7af9c4ac8388a5a95ec655efd7a020/django_saml2_auth_plus-1.0.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "a7543f7d325752b097e4a741f0930722", "sha256": "0f3beee90c36e61292e4f1e4c9fa2d69857a8035a43c36ee7b8b7f4bde09a168" }, "downloads": -1, "filename": "django_saml2_auth_plus-1.0.0.tar.gz", "has_sig": false, "md5_digest": "a7543f7d325752b097e4a741f0930722", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 9019, "upload_time": "2018-08-03T05:04:49", "url": "https://files.pythonhosted.org/packages/0c/44/43ad46e694bba787c84c39c293cf9fe8a74b4f0fe46018a7cfdbc20b3f11/django_saml2_auth_plus-1.0.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "b21398f19c3eb1e9959786b62cf53b4b", "sha256": "8d91622f30335d7761ea5c3dc59ead581c59da47fd60817d988f6fdf21707c83" }, "downloads": -1, "filename": "django_saml2_auth_plus-1.0.0-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "b21398f19c3eb1e9959786b62cf53b4b", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 14148, "upload_time": "2018-08-03T05:04:48", "url": "https://files.pythonhosted.org/packages/7b/d2/b84ff1672d805cb6655452c1edb1de7af9c4ac8388a5a95ec655efd7a020/django_saml2_auth_plus-1.0.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "a7543f7d325752b097e4a741f0930722", "sha256": "0f3beee90c36e61292e4f1e4c9fa2d69857a8035a43c36ee7b8b7f4bde09a168" }, "downloads": -1, "filename": "django_saml2_auth_plus-1.0.0.tar.gz", "has_sig": false, "md5_digest": "a7543f7d325752b097e4a741f0930722", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 9019, "upload_time": "2018-08-03T05:04:49", "url": "https://files.pythonhosted.org/packages/0c/44/43ad46e694bba787c84c39c293cf9fe8a74b4f0fe46018a7cfdbc20b3f11/django_saml2_auth_plus-1.0.0.tar.gz" } ] }