Skip to content

Commit

Permalink
merged in changes from upstream.
Browse files Browse the repository at this point in the history
  • Loading branch information
kdallege committed Jan 19, 2024
2 parents ef43d9a + 977c80f commit 5c9d080
Show file tree
Hide file tree
Showing 39 changed files with 601 additions and 219 deletions.
1 change: 1 addition & 0 deletions .github/FUNDING.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
github: juanifioren
26 changes: 26 additions & 0 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
name: Django Tests CI

on:
push:
branches: ["master", "develop"]
pull_request:
branches: ["develop"]

jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: |
3.8
3.9
3.10
3.11
- name: Install tox
run: |
python -m pip install --upgrade pip
pip install tox
- name: Run tox
run: tox
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,4 @@ docs/_build/
.python-version
.vscode
.pytest_cache/
.coverage*
24 changes: 24 additions & 0 deletions .readthedocs.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# Read the Docs configuration file for Sphinx projects
# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details

# Required
version: 2

# Set the OS, Python version and other tools you might need
build:
os: ubuntu-22.04
tools:
python: "3.10"

# Build documentation in the "docs/" directory with Sphinx
sphinx:
configuration: docs/conf.py

# Optionally build your docs in additional formats such as PDF and ePub
formats:
- pdf

# Python requirements required to build your documentation
python:
install:
- requirements: docs/requirements.txt
22 changes: 0 additions & 22 deletions .travis.yml

This file was deleted.

6 changes: 3 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
# Django OpenID Connect Provider

[![Python Versions](https://img.shields.io/pypi/pyversions/django-oidc-provider.svg)](https://pypi.python.org/pypi/django-oidc-provider)
[![Django Versions](https://img.shields.io/badge/Django-3.2%20%7C%204.2-green)](https://pypi.python.org/pypi/django-oidc-provider)
[![PyPI Versions](https://img.shields.io/pypi/v/django-oidc-provider.svg)](https://pypi.python.org/pypi/django-oidc-provider)
[![Documentation Status](https://readthedocs.org/projects/django-oidc-provider/badge/?version=master)](http://django-oidc-provider.readthedocs.io/)
[![Travis](https://travis-ci.org/juanifioren/django-oidc-provider.svg?branch=master)](https://travis-ci.org/juanifioren/django-oidc-provider)

## About OpenID

Expand All @@ -13,8 +13,8 @@ OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, whic

`django-oidc-provider` can help you providing out of the box all the endpoints, data and logic needed to add OpenID Connect (and OAuth2) capabilities to your Django projects.

Support for Python 3 and 2. Also latest versions of django.
Support for Python 3 and latest versions of django.

[Read documentation for more info.](http://django-oidc-provider.readthedocs.org/)

[Do you want to contribute? Please read this.](http://django-oidc-provider.readthedocs.io/en/latest/sections/contribute.html)
[Do you want to contribute? Please read this.](http://django-oidc-provider.readthedocs.io/en/master/sections/contribute.html)
6 changes: 3 additions & 3 deletions docs/conf.py
Original file line number Diff line number Diff line change
Expand Up @@ -45,17 +45,17 @@

# General information about the project.
project = u'django-oidc-provider'
copyright = u'2016, Juan Ignacio Fiorentino'
copyright = u'2023, Juan Ignacio Fiorentino'
author = u'Juan Ignacio Fiorentino'

# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
# built documents.
#
# The short X.Y version.
version = u'0.5'
version = u'0.8'
# The full version, including alpha/beta/rc tags.
release = u'0.5.x'
release = u'0.8.0'

# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
Expand Down
2 changes: 2 additions & 0 deletions docs/requirements.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
sphinx
sphinx_rtd_theme
30 changes: 30 additions & 0 deletions docs/sections/changelog.rst
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,36 @@ All notable changes to this project will be documented in this file.
Unreleased
==========


0.8.2
=====

*2023-12-15*

* Added: Discovery endpoint response caching. Introducing OIDC_DISCOVERY_CACHE_ENABLE.
* Fixed: ResponseType data migration.
* Fixed: correctly verify PKCE secret in token endpoint.

0.8.1
=====

*2023-10-22*

* Changed: create_token and create_code are now methods on base classes to enable customization.
* Changed: extract "is consent skip allowed" decision from the view to the endpoint.
* Fixed: race condition in authorization code, parallel requests may reuse same token.

0.8.0
=====

*2023-05-05*

* Changed: now supporting latest versions of Django.
* Changed: drop support for Python 2 and Django lower than 3.2.
* Added: scope on token and introspection endpoints.
* Changed: Use static instead of deprecated staticfiles template tag.
* Fixed: example in docs for translatable scopes (ugettext).

0.7.0
=====

Expand Down
14 changes: 7 additions & 7 deletions docs/sections/contribute.rst
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,10 @@ We love contributions, so please feel free to fix bugs, improve things, provide

* Create an issue and explain your feature/bugfix.
* Wait collaborators comments.
* Fork the project and create new branch from `develop`.
* Fork the project and create new branch from ``develop``.
* Make your feature addition or bug fix.
* Add tests and documentation if needed.
* Create pull request for the issue to the `develop` branch.
* Create pull request for the issue to the ``develop`` branch.
* Wait collaborators reviews.

Running Tests
Expand All @@ -21,18 +21,18 @@ Use `tox <https://pypi.python.org/pypi/tox>`_ for running tests in each of the e
# Run all tests.
$ tox

# Run with Python 3.5 and Django 2.0.
$ tox -e py35-django20
# Run with Python 3.11 and Django 4.2.
$ tox -e py311-django42

# Run single test file on specific environment.
$ tox -e py35-django20 tests/cases/test_authorize_endpoint.py
$ tox -e py311-django42 -- tests/cases/test_authorize_endpoint.py

We also use `travis <https://travis-ci.org/juanifioren/django-oidc-provider/>`_ to automatically test every commit to the project.
We use `Github Actions <https://github.com/juanifioren/django-oidc-provider/actions>`_ to automatically test every commit to the project.

Improve Documentation
=====================

We use `Sphinx <http://www.sphinx-doc.org/>`_ for generate this documentation. I you want to add or modify something just:
We use `Sphinx <http://www.sphinx-doc.org/>`_ to generate this documentation. If you want to add or modify something just:

* Install Sphinx (``pip install sphinx``) and the auto-build tool (``pip install sphinx-autobuild``).
* Move inside the docs folder. ``cd docs/``
Expand Down
21 changes: 8 additions & 13 deletions docs/sections/installation.rst
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ Installation
Requirements
============

* Python: ``2.7`` ``3.4`` ``3.5`` ``3.6``
* Django: ``1.8`` ``1.9`` ``1.10`` ``1.11`` ``2.0``
* Python: ``3.8`` ``3.9`` ``3.10`` ``3.11``
* Django: ``3.2`` ``4.2``

Quick Installation
==================
Expand All @@ -20,24 +20,19 @@ Install the package using pip::

Add it to your apps in your project's django settings::

INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
INSTALLED_APPS = [
# ...
'oidc_provider',
# ...
)
]

Include our urls to your project's ``urls.py``::

urlpatterns = patterns('',
urlpatterns = [
# ...
url(r'^openid/', include('oidc_provider.urls', namespace='oidc_provider')),
path('openid/', include('oidc_provider.urls', namespace='oidc_provider')),
# ...
)
]

Run the migrations and generate a server RSA key::

Expand Down
2 changes: 1 addition & 1 deletion docs/sections/relyingparties.rst
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Properties
* ``client_type``: Values are ``confidential`` and ``public``.
* ``client_id``: Client unique identifier.
* ``client_secret``: Client secret for confidential applications.
* ``response_types``: The flows and associated ```response_type``` values that can be used by the client.
* ``response_types``: The flows and associated ``response_type`` values that can be used by the client.
* ``jwt_alg``: Clients can choose which algorithm will be used to sign id_tokens. Values are ``HS256`` and ``RS256``.
* ``date_created``: Date automatically added when created.
* ``redirect_uris``: List of redirect URIs.
Expand Down
2 changes: 1 addition & 1 deletion docs/sections/scopesclaims.rst
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ Somewhere in your Django ``settings.py``::

Inside your oidc_provider_settings.py file add the following class::

from django.utils.translation import gettext as _
from django.utils.translation import ugettext_lazy as _
from oidc_provider.lib.claims import ScopeClaims

class CustomScopeClaims(ScopeClaims):
Expand Down
25 changes: 25 additions & 0 deletions docs/sections/settings.rst
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,20 @@ OPTIONAL. ``int``. Code object expiration after been delivered.

Expressed in seconds. Default is ``60*10``.

OIDC_DISCOVERY_CACHE_ENABLE
===========================

OPTIONAL. ``bool``. Enable caching the response on the discovery endpoint, by using default cache. Cache key will be a combination of site URL and types supported by the provider, changing any of these will invalidate stored value.

Default is ``False``.

OIDC_DISCOVERY_CACHE_EXPIRE
===========================

OPTIONAL. ``int``. Discovery endpoint cache expiration time expressed in seconds.

Expressed in seconds. Default is ``60*10``.

OIDC_EXTRA_SCOPE_CLAIMS
=======================

Expand Down Expand Up @@ -234,3 +248,14 @@ Default is::
See the :ref:`templates` section.

The templates that are not specified here will use the default ones.

OIDC_INTROSPECTION_RESPONSE_SCOPE_ENABLE
==========================================

OPTIONAL ``bool``

A flag which toggles whether the scope is returned with successful response on introspection request.

Must be ``True`` to include ``scope`` into the successful response

Default is ``False``.
10 changes: 5 additions & 5 deletions example/app/urls.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,9 @@


urlpatterns = [
re_path(r'^$', TemplateView.as_view(template_name='home.html'), name='home'),
re_path(r'^accounts/login/$', auth_views.LoginView.as_view(template_name='login.html'), name='login'),
re_path(r'^accounts/logout/$', auth_views.LogoutView.as_view(next_page='/'), name='logout'),
re_path(r'^', include('oidc_provider.urls', namespace='oidc_provider')),
re_path(r'^admin/', admin.site.urls),
url(r'^$', TemplateView.as_view(template_name='home.html'), name='home'),
url(r'^accounts/login/$', auth_views.LoginView.as_view(template_name='login.html'), name='login'), # noqa
url(r'^accounts/logout/$', auth_views.LogoutView.as_view(next_page='/'), name='logout'),
url(r'^', include('oidc_provider.urls', namespace='oidc_provider')),
url(r'^admin/', admin.site.urls),
]
4 changes: 4 additions & 0 deletions oidc_provider/admin.py
Original file line number Diff line number Diff line change
Expand Up @@ -75,13 +75,17 @@ class ClientAdmin(admin.ModelAdmin):
@admin.register(Code)
class CodeAdmin(admin.ModelAdmin):

raw_id_fields = ['user']

def has_add_permission(self, request):
return False


@admin.register(Token)
class TokenAdmin(admin.ModelAdmin):

raw_id_fields = ['user']

def has_add_permission(self, request):
return False

Expand Down
Loading

0 comments on commit 5c9d080

Please sign in to comment.