{ "info": { "author": "Nathan Van Gheem", "author_email": "vangheem@gmail.com", "bugtrack_url": null, "classifiers": [], "description": "guillotina_hydraidp\n===================\n\nThis addon aims to provide an identity provider through guillotina\nfor hydra.\n\nIt also implements the login and consent flow for hydra.\n\n\nEndpoints:\n\n - GET /@users\n - POST /@users {'id', 'username', 'password', 'phone', 'email', 'data', 'allowed_scopes'}\n - DELETE /@users/{userid}\n - GET /@users/{userid}\n - GET /@hydra-login\n - POST /@hydra-login\n - GET /@hydra-consent\n - POST /@hydra-consent\n - POST /@hydra-join\n - GET /@hydra-user\n - PATCH /@hydra-user\n\nConfiguring\n-----------\n\nConfiguration depends on your frontend login implementation. Using an application\nthat renders html and can be the auth endpoint as well makes the flow more simple.\n\nSee the angular app example in the repo and integration test flow to see how\nit can work.\n\nTests require a hydra instance to be running with the following configuration:\n\n - OAUTH2_ISSUER_URL=http://localhost:4444\n - OAUTH2_CONSENT_URL=http://localhost:8080/@hydra-consent\n - OAUTH2_LOGIN_URL=http://localhost:8080/@hydra-login\n - DATABASE_URL=postgres://hydra:secret@postgresd:5432/hydra?sslmode=disable\n - SYSTEM_SECRET=youReallyNeedToChangeThis\n - OAUTH2_SHARE_ERROR_DEBUG=1\n - OIDC_SUBJECT_TYPES_SUPPORTED=public,pairwise\n - OIDC_SUBJECT_TYPE_PAIRWISE_SALT=youReallyNeedToChangeThis\n\n\nThen you need to configure guillotina::\n\n auth_providers:\n hydra:\n configuration:\n client_id: auth-code-client\n client_secret: secret\n base_url: http://localhost:4444/\n authorize_url: http://localhost:4444/oauth2/auth\n access_token_url: http://localhost:4444/oauth2/token\n state: true\n scope: openid offline\n hydra:\n db:\n dsn: postgres://hydra:secret@localhost:5432/hydra\n pool_size: 20\n # hydra admin url should be internal, protected!\n admin_url: http://localhost:4445/\n allow_registration: false\n recaptcha_private_key: null\n recaptcha_public_key: null\n\n\nTo add an oauth client to hydra::\n\n curl -XPUT http://localhost:4445/clients/auth-code-client -d '{\n \"client_id\": \"auth-code-client\",\n \"client_name\": \"\",\n \"redirect_uris\": [\n \"http://localhost:8080/@callback/hydra\"\n ],\n \"grant_types\": [\n \"authorization_code\",\n \"refresh_token\"\n ],\n \"response_types\": [\n \"code\",\n \"id_token\"\n ],\n \"scope\": \"openid offline\",\n \"owner\": \"\",\n \"policy_uri\": \"\",\n \"allowed_cors_origins\": [],\n \"tos_uri\": \"\",\n \"client_uri\": \"\",\n \"logo_uri\": \"\",\n \"contacts\": [],\n \"client_secret_expires_at\": 0,\n \"subject_type\": \"public\",\n \"jwks\": {\n \"keys\": null\n },\n \"token_endpoint_auth_method\": \"client_secret_post\",\n \"userinfo_signed_response_alg\": \"none\"\n }'\n\n\nSee https://github.com/guillotinaweb/guillotina_hydraidp/blob/master/integration_tests.py\nfor an example on using the flow.\n\n\nThis is just the API implementation. You will still need to implement the frontend!\n\n\nScope format\n------------\n\nUse scopes to grant access to guillotina containers.\n\nThe format of scopes is: `[container id]:[type]:[value]`.\n\nFor example, to give the user access to container `cms` as a user, the scope would be `cms:role:guillotina.Member`\n\nOther examples:\n- `cms:role:guillotina.Reader`\n- `cms:permission:guillotina.AccessContent`\n\n\nDevelop Frontend\n----------------\n\nStart persistent layers::\n\n docker-compose up redis postgres hydra-migrate hydra hydra-proxy\n\nStart idp::\n\n virtualenv .\n source bin/activate\n g -c config-pg.yaml\n\nStart ngapp::\n\n cd loginapp\n ng serve\n\nOpen browser::\n\n http://localhost:4200\n\n\n1.0.3 (2018-10-27)\n------------------\n\n- Adding events\n [bloodbare]\n\n\n1.0.2 (2018-10-25)\n------------------\n\n- Join RSA pub key\n [bloodbare]\n\n\n1.0.1 (2018-10-22)\n------------------\n\n- be able to work as a regular login endpoint\n [vangheem]\n\n- provide angular login app\n [bloodbare]\n\n\n1.0.0 (2018-10-09)\n------------------\n\n- initial", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "", "keywords": "", "license": "", "maintainer": "", "maintainer_email": "", "name": "guillotina-hydraidp", "package_url": "https://pypi.org/project/guillotina-hydraidp/", "platform": "", "project_url": "https://pypi.org/project/guillotina-hydraidp/", "project_urls": null, "release_url": "https://pypi.org/project/guillotina-hydraidp/1.0.3/", "requires_dist": null, "requires_python": "", "summary": "Guillotina based identity provider for hydra", "version": "1.0.3" }, "last_serial": 4421810, "releases": { "1.0.0": [ { "comment_text": "", "digests": { "md5": "473d593a33ffa0808559e902876d88a9", "sha256": "3a2aa9395c22d88f49b23b532985e588cb5e9920f042c0b16966bb9e57ed4680" }, "downloads": -1, "filename": "guillotina_hydraidp-1.0.0.tar.gz", "has_sig": false, "md5_digest": "473d593a33ffa0808559e902876d88a9", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 9716, "upload_time": "2018-10-09T14:58:07", "url": "https://files.pythonhosted.org/packages/2c/e1/ab9fa9a34407ad2c3fbed2fd696988da7ae3d717ea21b2bdc26ad66ef81a/guillotina_hydraidp-1.0.0.tar.gz" } ], "1.0.1": [ { "comment_text": "", "digests": { "md5": "4c85d1a02d278c538450c9da2a3ad5db", "sha256": "85b9529a967042b32a95552d810d627586b3d9b565619390e18788a7069612a4" }, "downloads": -1, "filename": "guillotina_hydraidp-1.0.1.tar.gz", "has_sig": false, "md5_digest": "4c85d1a02d278c538450c9da2a3ad5db", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 231771, "upload_time": "2018-10-22T20:17:27", "url": "https://files.pythonhosted.org/packages/ff/13/4e171363d27d12fc2c422cca8340ce43a600d860a28e3a37736531ee0d0d/guillotina_hydraidp-1.0.1.tar.gz" } ], "1.0.2": [ { "comment_text": "", "digests": { "md5": "fd51228fe1a6b83733885130e1deb1a7", "sha256": "df82cab70f7ad868651f93d9e68421bcf203a8faed8b3f5d6b4ce6944d28a4cb" }, "downloads": -1, "filename": "guillotina_hydraidp-1.0.2.tar.gz", "has_sig": false, "md5_digest": "fd51228fe1a6b83733885130e1deb1a7", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 14648, "upload_time": "2018-10-25T12:09:14", "url": "https://files.pythonhosted.org/packages/2b/b5/6c2d3ec1a39794ca0bed6bb21be9a4dd75749a91ea924228293f30250ecb/guillotina_hydraidp-1.0.2.tar.gz" } ], "1.0.3": [ { "comment_text": "", "digests": { "md5": "7db874460b18c1e34dd9d002d4a62c25", "sha256": "0d1194ae32ee085bf62d487dfabb51439b83ec7d95fa324f84377d8e2e2e2afb" }, "downloads": -1, "filename": "guillotina_hydraidp-1.0.3.tar.gz", "has_sig": false, "md5_digest": "7db874460b18c1e34dd9d002d4a62c25", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15032, "upload_time": "2018-10-27T10:59:47", "url": "https://files.pythonhosted.org/packages/a0/f8/b20f02fc6c0fd299de930a8ef7b35c5c01dcf8365f2ca5a838bbf065e227/guillotina_hydraidp-1.0.3.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "7db874460b18c1e34dd9d002d4a62c25", "sha256": "0d1194ae32ee085bf62d487dfabb51439b83ec7d95fa324f84377d8e2e2e2afb" }, "downloads": -1, "filename": "guillotina_hydraidp-1.0.3.tar.gz", "has_sig": false, "md5_digest": "7db874460b18c1e34dd9d002d4a62c25", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15032, "upload_time": "2018-10-27T10:59:47", "url": "https://files.pythonhosted.org/packages/a0/f8/b20f02fc6c0fd299de930a8ef7b35c5c01dcf8365f2ca5a838bbf065e227/guillotina_hydraidp-1.0.3.tar.gz" } ] }