-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
✨(backend) support Authorization Code flow #5
Conversation
Create a realm 'impress' and configure it to support the authorization code flow.
|
GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
---|---|---|---|---|---|
6951547 | Triggered | Generic Password | 1391400 | docker/auth/realm.json | View secret |
🛠 Guidelines to remediate hardcoded secrets
-
Revoke and rotate the secret.
-
If possible, rewrite git history with
git commit --amend
andgit push --force
.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
Integrate 'mozilla-django-oidc' dependency, to support Authorization Code flow, which is required by Agent Connect. Thus, we provide a secure back channel OIDC flow, and return to the client only a session cookie. Done: - Replace JWT authentication by Session based authentication in DRF - Update Django settings to make OIDC configurations easily editable - Add 'mozilla-django-oidc' routes to our router - Implement a custom Django Authentication class to adapt 'mozilla-django-oidc' to our needs 'mozilla-django-oidc' routes added are: - /authenticate - /callback (the redirect_uri called back by the Idp) - /logout
Force login to bypass authorization checks when necessary. Note: Generating a session cookie through OIDC flow is not supported while testing our API.
Found typos and fixed them.
The local deployment of the Production image through docker-compose was failing due to issues in the Django configurations, influenced by Joanie. The bug stemmed from a dependency on a development-specific package (drf-spectacular-sidecar) while attempting to run the application in production mode. Changes Made: - Introduced new Django settings for local demo environments.
Add tests on get_or_create method.
Lint backend tests and sources.
Purpose
Preparing project for staging deployment by adding backend support for Authorization Code Flow in OIDC.
Proposal
mozzila-django-oidc