forked from OCA/server-auth
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
6 changed files
with
129 additions
and
101 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -17,13 +17,13 @@ Authentication OpenID Connect | |
| :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html | ||
| :alt: License: AGPL-3 | ||
| .. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github | ||
| :target: https://github.com/OCA/server-auth/tree/17.0/auth_oidc | ||
| :target: https://github.com/OCA/server-auth/tree/18.0/auth_oidc | ||
| :alt: OCA/server-auth | ||
| .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png | ||
| :target: https://translation.odoo-community.org/projects/server-auth-17-0/server-auth-17-0-auth_oidc | ||
| :target: https://translation.odoo-community.org/projects/server-auth-18-0/server-auth-18-0-auth_oidc | ||
| :alt: Translate me on Weblate | ||
| .. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png | ||
| :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=17.0 | ||
| :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=18.0 | ||
| :alt: Try me on Runboat | ||
|
|
||
| |badge1| |badge2| |badge3| |badge4| |badge5| | ||
|
|
@@ -75,18 +75,18 @@ Single tenant provider limits the access to user of your tenant, while | |
| Multitenants allow access for all AzureAD users, so user of foreign | ||
| companies can use their AzureAD login without an guest account. | ||
|
|
||
| - Provider Name: Azure AD Single Tenant | ||
| - Client ID: Application (client) id | ||
| - Client Secret: Client secret | ||
| - Allowed: yes | ||
| - Provider Name: Azure AD Single Tenant | ||
| - Client ID: Application (client) id | ||
| - Client Secret: Client secret | ||
| - Allowed: yes | ||
|
|
||
| or | ||
|
|
||
| - Provider Name: Azure AD Multitenant | ||
| - Client ID: Application (client) id | ||
| - Client Secret: Client secret | ||
| - Allowed: yes | ||
| - replace {tenant_id} in urls with your Azure tenant id | ||
| - Provider Name: Azure AD Multitenant | ||
| - Client ID: Application (client) id | ||
| - Client Secret: Client secret | ||
| - Allowed: yes | ||
| - replace {tenant_id} in urls with your Azure tenant id | ||
|
|
||
| |image2| | ||
|
|
||
|
|
@@ -106,26 +106,26 @@ In Keycloak: | |
|
|
||
| In Odoo, create a new Oauth Provider with the following parameters: | ||
|
|
||
| - Provider name: Keycloak (or any name you like that identify your | ||
| keycloak provider) | ||
| - Auth Flow: OpenID Connect (authorization code flow) | ||
| - Client ID: the same Client ID you entered when configuring the client | ||
| in Keycloak | ||
| - Client Secret: found in keycloak on the client Credentials tab | ||
| - Allowed: yes | ||
| - Body: the link text to appear on the login page, such as Login with | ||
| Keycloak | ||
| - Scope: openid email | ||
| - Authentication URL: The "authorization_endpoint" URL found in the | ||
| OpenID Endpoint Configuration of your Keycloak realm | ||
| - Token URL: The "token_endpoint" URL found in the OpenID Endpoint | ||
| Configuration of your Keycloak realm | ||
| - JWKS URL: The "jwks_uri" URL found in the OpenID Endpoint | ||
| Configuration of your Keycloak realm | ||
|
|
||
| .. |image| image:: https://raw.githubusercontent.com/OCA/server-auth/17.0/auth_oidc/static/description/oauth-microsoft_azure-api_permissions.png | ||
| .. |image1| image:: https://raw.githubusercontent.com/OCA/server-auth/17.0/auth_oidc/static/description/oauth-microsoft_azure-optional_claims.png | ||
| .. |image2| image:: https://raw.githubusercontent.com/OCA/server-auth/17.0/auth_oidc/static/description/odoo-azure_ad_multitenant.png | ||
| - Provider name: Keycloak (or any name you like that identify your | ||
| keycloak provider) | ||
| - Auth Flow: OpenID Connect (authorization code flow) | ||
| - Client ID: the same Client ID you entered when configuring the client | ||
| in Keycloak | ||
| - Client Secret: found in keycloak on the client Credentials tab | ||
| - Allowed: yes | ||
| - Body: the link text to appear on the login page, such as Login with | ||
| Keycloak | ||
| - Scope: openid email | ||
| - Authentication URL: The "authorization_endpoint" URL found in the | ||
| OpenID Endpoint Configuration of your Keycloak realm | ||
| - Token URL: The "token_endpoint" URL found in the OpenID Endpoint | ||
| Configuration of your Keycloak realm | ||
| - JWKS URL: The "jwks_uri" URL found in the OpenID Endpoint | ||
| Configuration of your Keycloak realm | ||
|
|
||
| .. |image| image:: https://raw.githubusercontent.com/OCA/server-auth/18.0/auth_oidc/static/description/oauth-microsoft_azure-api_permissions.png | ||
| .. |image1| image:: https://raw.githubusercontent.com/OCA/server-auth/18.0/auth_oidc/static/description/oauth-microsoft_azure-optional_claims.png | ||
| .. |image2| image:: https://raw.githubusercontent.com/OCA/server-auth/18.0/auth_oidc/static/description/odoo-azure_ad_multitenant.png | ||
|
|
||
| Usage | ||
| ===== | ||
|
|
@@ -135,66 +135,71 @@ On the login page, click on the authentication provider you configured. | |
| Known issues / Roadmap | ||
| ====================== | ||
|
|
||
| - When going to the login screen, check for a existing token and do a | ||
| direct login without the clicking on the SSO link | ||
| - When doing a logout an extra option to also logout at the SSO | ||
| provider. | ||
| - When going to the login screen, check for a existing token and do a | ||
| direct login without the clicking on the SSO link | ||
| - When doing a logout an extra option to also logout at the SSO | ||
| provider. | ||
|
|
||
| Changelog | ||
| ========= | ||
|
|
||
| 18.0.1.0.0 2024-10-09 | ||
| --------------------- | ||
|
|
||
| - Odoo 18 migration | ||
|
|
||
| 17.0.1.0.0 2024-03-20 | ||
| --------------------- | ||
|
|
||
| - Odoo 17 migration | ||
| - Odoo 17 migration | ||
|
|
||
| 16.0.1.1.0 2024-02-28 | ||
| --------------------- | ||
|
|
||
| - Forward port OpenID Connect fixes from 15.0 to 16.0 | ||
| - Forward port OpenID Connect fixes from 15.0 to 16.0 | ||
|
|
||
| 16.0.1.0.2 2023-11-16 | ||
| --------------------- | ||
|
|
||
| - Readme link updates | ||
| - Readme link updates | ||
|
|
||
| 16.0.1.0.1 2023-10-09 | ||
| --------------------- | ||
|
|
||
| - Add AzureAD code flow provider | ||
| - Add AzureAD code flow provider | ||
|
|
||
| 16.0.1.0.0 2023-01-27 | ||
| --------------------- | ||
|
|
||
| - Odoo 16 migration | ||
| - Odoo 16 migration | ||
|
|
||
| 15.0.1.0.0 2023-01-06 | ||
| --------------------- | ||
|
|
||
| - Odoo 15 migration | ||
| - Odoo 15 migration | ||
|
|
||
| 14.0.1.0.0 2021-12-10 | ||
| --------------------- | ||
|
|
||
| - Odoo 14 migration | ||
| - Odoo 14 migration | ||
|
|
||
| 13.0.1.0.0 2020-04-10 | ||
| --------------------- | ||
|
|
||
| - Odoo 13 migration, add authorization code flow. | ||
| - Odoo 13 migration, add authorization code flow. | ||
|
|
||
| 10.0.1.0.0 2018-10-05 | ||
| --------------------- | ||
|
|
||
| - Initial implementation | ||
| - Initial implementation | ||
|
|
||
| Bug Tracker | ||
| =========== | ||
|
|
||
| Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_. | ||
| In case of trouble, please check there if your issue has already been reported. | ||
| If you spotted it first, help us to smash it by providing a detailed and welcomed | ||
| `feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_oidc%0Aversion:%2017.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_. | ||
| `feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_oidc%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_. | ||
|
|
||
| Do not contact contributors directly about support or help with technical issues. | ||
|
|
||
|
|
@@ -211,10 +216,10 @@ Authors | |
| Contributors | ||
| ------------ | ||
|
|
||
| - Alexandre Fayolle <[email protected]> | ||
| - Stéphane Bidoul <[email protected]> | ||
| - David Jaen <[email protected]> | ||
| - Andreas Perhab <[email protected]> | ||
| - Alexandre Fayolle <[email protected]> | ||
| - Stéphane Bidoul <[email protected]> | ||
| - David Jaen <[email protected]> | ||
| - Andreas Perhab <[email protected]> | ||
|
|
||
| Maintainers | ||
| ----------- | ||
|
|
@@ -237,6 +242,6 @@ Current `maintainer <https://odoo-community.org/page/maintainer-role>`__: | |
|
|
||
| |maintainer-sbidoul| | ||
|
|
||
| This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/17.0/auth_oidc>`_ project on GitHub. | ||
| This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/18.0/auth_oidc>`_ project on GitHub. | ||
|
|
||
| You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,7 @@ | ||
| ## 18.0.1.0.0 2024-10-09 | ||
|
|
||
| - Odoo 18 migration | ||
|
|
||
| ## 17.0.1.0.0 2024-03-20 | ||
|
|
||
| - Odoo 17 migration | ||
|
|
||
Oops, something went wrong.