From 25c76aa0a3bee95d4490a163031eabce8e63a158 Mon Sep 17 00:00:00 2001 From: OCA-git-bot Date: Wed, 23 Oct 2024 13:16:41 +0000 Subject: [PATCH] [BOT] post-merge updates --- README.md | 1 + auth_oidc/README.rst | 88 ++++++++++++------------- auth_oidc/static/description/index.html | 13 ++-- setup/_metapackage/pyproject.toml | 3 +- 4 files changed, 55 insertions(+), 50 deletions(-) diff --git a/README.md b/README.md index fcf8fed22f..050a47d4a2 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,7 @@ addon | version | maintainers | summary [auth_api_key](auth_api_key/) | 18.0.1.0.0 | | Authenticate http requests from an API key [auth_api_key_group](auth_api_key_group/) | 18.0.1.0.0 | [![simahawk](https://github.com/simahawk.png?size=30px)](https://github.com/simahawk) | Allow grouping API keys together. Grouping per se does nothing. This feature is supposed to be used by other modules to limit access to services or records based on groups of keys. [auth_api_key_server_env](auth_api_key_server_env/) | 18.0.1.0.0 | | Configure api keys via server env. This can be very useful to avoid mixing your keys between your various environments when restoring databases. All you have to do is to add a new section to your configuration file according to the following convention: +[auth_oidc](auth_oidc/) | 18.0.1.0.0 | [![sbidoul](https://github.com/sbidoul.png?size=30px)](https://github.com/sbidoul) | Allow users to login through OpenID Connect Provider [base_user_empty_password](base_user_empty_password/) | 18.0.1.0.0 | [![grindtildeath](https://github.com/grindtildeath.png?size=30px)](https://github.com/grindtildeath) | Allows to empty password of users [//]: # (end addons) diff --git a/auth_oidc/README.rst b/auth_oidc/README.rst index de5411ac46..0f673d13c0 100644 --- a/auth_oidc/README.rst +++ b/auth_oidc/README.rst @@ -7,7 +7,7 @@ Authentication OpenID Connect !! This file is generated by oca-gen-addon-readme !! !! changes will be overwritten. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - !! source digest: sha256:e65c1c978ca0266a8e54f8121675cbf710359cf407413e35518f670be9c9753f + !! source digest: sha256:cd754fc72d2039d02ab1b8aec98af43fb9543c9a70f2150ab6e482954e4e83d6 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png @@ -75,18 +75,18 @@ Single tenant provider limits the access to user of your tenant, while Multitenants allow access for all AzureAD users, so user of foreign companies can use their AzureAD login without an guest account. -- Provider Name: Azure AD Single Tenant -- Client ID: Application (client) id -- Client Secret: Client secret -- Allowed: yes +- Provider Name: Azure AD Single Tenant +- Client ID: Application (client) id +- Client Secret: Client secret +- Allowed: yes or -- Provider Name: Azure AD Multitenant -- Client ID: Application (client) id -- Client Secret: Client secret -- Allowed: yes -- replace {tenant_id} in urls with your Azure tenant id +- Provider Name: Azure AD Multitenant +- Client ID: Application (client) id +- Client Secret: Client secret +- Allowed: yes +- replace {tenant_id} in urls with your Azure tenant id |image2| @@ -106,22 +106,22 @@ In Keycloak: In Odoo, create a new Oauth Provider with the following parameters: -- Provider name: Keycloak (or any name you like that identify your - keycloak provider) -- Auth Flow: OpenID Connect (authorization code flow) -- Client ID: the same Client ID you entered when configuring the client - in Keycloak -- Client Secret: found in keycloak on the client Credentials tab -- Allowed: yes -- Body: the link text to appear on the login page, such as Login with - Keycloak -- Scope: openid email -- Authentication URL: The "authorization_endpoint" URL found in the - OpenID Endpoint Configuration of your Keycloak realm -- Token URL: The "token_endpoint" URL found in the OpenID Endpoint - Configuration of your Keycloak realm -- JWKS URL: The "jwks_uri" URL found in the OpenID Endpoint - Configuration of your Keycloak realm +- Provider name: Keycloak (or any name you like that identify your + keycloak provider) +- Auth Flow: OpenID Connect (authorization code flow) +- Client ID: the same Client ID you entered when configuring the client + in Keycloak +- Client Secret: found in keycloak on the client Credentials tab +- Allowed: yes +- Body: the link text to appear on the login page, such as Login with + Keycloak +- Scope: openid email +- Authentication URL: The "authorization_endpoint" URL found in the + OpenID Endpoint Configuration of your Keycloak realm +- Token URL: The "token_endpoint" URL found in the OpenID Endpoint + Configuration of your Keycloak realm +- JWKS URL: The "jwks_uri" URL found in the OpenID Endpoint + Configuration of your Keycloak realm .. |image| image:: https://raw.githubusercontent.com/OCA/server-auth/18.0/auth_oidc/static/description/oauth-microsoft_azure-api_permissions.png .. |image1| image:: https://raw.githubusercontent.com/OCA/server-auth/18.0/auth_oidc/static/description/oauth-microsoft_azure-optional_claims.png @@ -135,10 +135,10 @@ On the login page, click on the authentication provider you configured. Known issues / Roadmap ====================== -- When going to the login screen, check for a existing token and do a - direct login without the clicking on the SSO link -- When doing a logout an extra option to also logout at the SSO - provider. +- When going to the login screen, check for a existing token and do a + direct login without the clicking on the SSO link +- When doing a logout an extra option to also logout at the SSO + provider. Changelog ========= @@ -146,52 +146,52 @@ Changelog 18.0.1.0.0 2024-10-09 --------------------- -- Odoo 18 migration +- Odoo 18 migration 17.0.1.0.0 2024-03-20 --------------------- -- Odoo 17 migration +- Odoo 17 migration 16.0.1.1.0 2024-02-28 --------------------- -- Forward port OpenID Connect fixes from 15.0 to 16.0 +- Forward port OpenID Connect fixes from 15.0 to 16.0 16.0.1.0.2 2023-11-16 --------------------- -- Readme link updates +- Readme link updates 16.0.1.0.1 2023-10-09 --------------------- -- Add AzureAD code flow provider +- Add AzureAD code flow provider 16.0.1.0.0 2023-01-27 --------------------- -- Odoo 16 migration +- Odoo 16 migration 15.0.1.0.0 2023-01-06 --------------------- -- Odoo 15 migration +- Odoo 15 migration 14.0.1.0.0 2021-12-10 --------------------- -- Odoo 14 migration +- Odoo 14 migration 13.0.1.0.0 2020-04-10 --------------------- -- Odoo 13 migration, add authorization code flow. +- Odoo 13 migration, add authorization code flow. 10.0.1.0.0 2018-10-05 --------------------- -- Initial implementation +- Initial implementation Bug Tracker =========== @@ -216,10 +216,10 @@ Authors Contributors ------------ -- Alexandre Fayolle -- Stéphane Bidoul -- David Jaen -- Andreas Perhab +- Alexandre Fayolle +- Stéphane Bidoul +- David Jaen +- Andreas Perhab Maintainers ----------- diff --git a/auth_oidc/static/description/index.html b/auth_oidc/static/description/index.html index 7b4f908f30..8af7befc5e 100644 --- a/auth_oidc/static/description/index.html +++ b/auth_oidc/static/description/index.html @@ -8,10 +8,11 @@ /* :Author: David Goodger (goodger@python.org) -:Id: $Id: html4css1.css 8954 2022-01-20 10:10:25Z milde $ +:Id: $Id: html4css1.css 9511 2024-01-13 09:50:07Z milde $ :Copyright: This stylesheet has been placed in the public domain. Default cascading style sheet for the HTML output of Docutils. +Despite the name, some widely supported CSS2 features are used. See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to customize this style sheet. @@ -274,7 +275,7 @@ margin-left: 2em ; margin-right: 2em } -pre.code .ln { color: grey; } /* line numbers */ +pre.code .ln { color: gray; } /* line numbers */ pre.code, code { background-color: #eeeeee } pre.code .comment, code .comment { color: #5C6576 } pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold } @@ -300,7 +301,7 @@ span.pre { white-space: pre } -span.problematic { +span.problematic, pre.problematic { color: red } span.section-subtitle { @@ -366,7 +367,7 @@

Authentication OpenID Connect

!! This file is generated by oca-gen-addon-readme !! !! changes will be overwritten. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -!! source digest: sha256:e65c1c978ca0266a8e54f8121675cbf710359cf407413e35518f670be9c9753f +!! source digest: sha256:cd754fc72d2039d02ab1b8aec98af43fb9543c9a70f2150ab6e482954e4e83d6 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->

Beta License: AGPL-3 OCA/server-auth Translate me on Weblate Try me on Runboat

This module allows users to login through an OpenID Connect provider @@ -589,7 +590,9 @@

Contributors

Maintainers

This module is maintained by the OCA.

-Odoo Community Association + +Odoo Community Association +

OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use.

diff --git a/setup/_metapackage/pyproject.toml b/setup/_metapackage/pyproject.toml index 0acddf920c..c20ce4cca8 100644 --- a/setup/_metapackage/pyproject.toml +++ b/setup/_metapackage/pyproject.toml @@ -1,10 +1,11 @@ [project] name = "odoo-addons-oca-server-auth" -version = "18.0.20241019.1" +version = "18.0.20241023.0" dependencies = [ "odoo-addon-auth_api_key==18.0.*", "odoo-addon-auth_api_key_group==18.0.*", "odoo-addon-auth_api_key_server_env==18.0.*", + "odoo-addon-auth_oidc==18.0.*", "odoo-addon-base_user_empty_password==18.0.*", ] classifiers=[