A Django authentication backend for Microsoft ADFS
Project description
A Django authentication backend for Microsoft ADFS
Free software: BSD License
Documentation: http://django-auth-adfs.readthedocs.org/
Features
Let’s your django users login through Microsoft ADFS by using OAuth2.
Provides seamless single sign-on on intranet environments.
Automatically creates users upon receiving a valid access token from ADFS.
Adds users to groups upon signin
Installation
Python package:
pip install django-auth-adfs
In your project’s settings.py
AUTHENTICATION_BACKENDS = (
...
'django_auth_adfs.backend.AdfsBackend',
...
)
INSTALLED_APPS = (
...
# Needed for the ADFS redirect URI to function
'django_auth_adfs',
...
# checkout config.py for more settings
AUTH_ADFS = {
"ADFS_SERVER": "adfs.yourcompany.com",
"ADFS_CLIENT_ID": "your-configured-client-id",
"ADFS_RESOURCE": "your-adfs-RPT-name",
"ADFS_SIGNING_CERT": "/path/to/adfs-signing-certificate.pem",
# Make sure to read the documentation about the ADFS_AUDIENCE setting
# when you configured the identifier as a URL!
"ADFS_AUDIENCE": "microsoft:identityserver:your-RelyingPartyTrust-identifier",
"ADFS_ISSUER": "http://adfs.yourcompany.com/adfs/services/trust",
"ADFS_CA_BUNDLE": "/path/to/ca-bundle.pem",
"ADFS_CLAIM_MAPPING": {"first_name": "given_name",
"last_name": "family_name",
"email": "email"},
}
########################
# OPTIONAL SETTINGS
########################
TEMPLATES = [
{
...
'OPTIONS': {
'context_processors': [
# Only needed if you want to use the variable ADFS_AUTH_URL in your templates
'django_auth_adfs.context_processors.adfs_url',
...
],
},
},
]
MIDDLEWARE_CLASSES = (
...
# With this you can force a user to login without using
# the @login_required decorator for every view function
#
# You can specify URLs for which login is not forced by
# specifying them in LOGIN_EXEMPT_URLS in setting.py.
# The values in LOGIN_EXEMPT_URLS are interpreted as regular expressions.
#
# The user will get redirected to the url set in the Django setting ``LOGIN_URL``
'django_auth_adfs.middleware.LoginRequiredMiddleware',
)
# There's a view available for automatically redirecting users to the ADFS authorization URL.
# If you set the value of LOGIN_URL like this, along with enabling the middleware,
# users have to take no action themselves for logging on
LOGIN_URL = reverse_lazy('auth_adfs:adfs')In your project’s urls.py
urlpatterns = [
...
# Needed for the redirect URL to function
# The namespace is important and shouldn't be changed
url(r'^oauth2/', include('django_auth_adfs.urls', namespace='auth_adfs')),
...
]The URL you have to configure as the redirect URL in ADFS depends on the url pattern you configure. In the example above you have to make the redirect url in ADFS point to https://yoursite.com/oauth2/login
Contributing
Contributions to the code are more then welcome. For more details have a look at the CONTRIBUTION.rst file.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_auth_adfs-0.0.2-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c858825ea3ed7f97127c65b78946ecae9731fd91e9982e4a6fc7c7c66a9b5053 |
|
| MD5 | de532e7a20e6e9acd29e3a8b6c981f3d |
|
| BLAKE2b-256 | a588defd1f1d02e30092d83e9bbb36b9ae655dd6c8bb82c2bd207799ad8ab7d4 |
