remove oidc from OAuth2, add dedicated OIDC provider
This commit is contained in:
parent
75ced59451
commit
23d277eaf1
54
passbook/core/templates/base/skeleton_login.html
Normal file
54
passbook/core/templates/base/skeleton_login.html
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
{% load static %}
|
||||||
|
{% load i18n %}
|
||||||
|
{% load utils %}
|
||||||
|
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en" class="layout-pf layout-pf-fixed transitions">
|
||||||
|
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
|
<title>
|
||||||
|
{% block title %}
|
||||||
|
{% title %}
|
||||||
|
{% endblock %}
|
||||||
|
</title>
|
||||||
|
<link rel="icon" type="image/png" href="{% static 'img/logo.png' %}">
|
||||||
|
<link rel="shortcut icon" type="image/png" href="{% static 'img/logo.png' %}">
|
||||||
|
<link rel="stylesheet" type="text/css" href="{% static 'css/patternfly.min.css' %}">
|
||||||
|
<link rel="stylesheet" type="text/css" href="{% static 'css/patternfly-additions.min.css' %}">
|
||||||
|
<link rel="stylesheet" type="text/css" href="{% static 'css/passbook.css' %}">
|
||||||
|
<style>
|
||||||
|
.login-pf {
|
||||||
|
background-attachment: fixed;
|
||||||
|
scroll-behavior: smooth;
|
||||||
|
background-size: cover;
|
||||||
|
}
|
||||||
|
</style>
|
||||||
|
{% block head %}
|
||||||
|
{% endblock %}
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body class="login-pf">
|
||||||
|
{% if 'impersonate_id' in request.session %}
|
||||||
|
<div class="experimental-pf-bar">
|
||||||
|
<span id="experimentalBar" class="experimental-pf-text">
|
||||||
|
{% blocktrans with user=user %}You're currently impersonating {{ user }}.{% endblocktrans %}
|
||||||
|
<a href="?__unimpersonate=True" id="acceptMessage">{% trans 'Stop impersonation' %}</a>
|
||||||
|
</span>
|
||||||
|
</div>
|
||||||
|
{% endif %}
|
||||||
|
{% block body %}
|
||||||
|
{% endblock %}
|
||||||
|
<script src="{% static 'js/jquery.min.js' %}"></script>
|
||||||
|
<script src="{% static 'js/bootstrap.min.js' %}"></script>
|
||||||
|
<script src="{% static 'js/patternfly.min.js' %}"></script>
|
||||||
|
<script src="{% static 'js/passbook.js' %}"></script>
|
||||||
|
{% block scripts %}
|
||||||
|
{% endblock %}
|
||||||
|
<div class="modals">
|
||||||
|
{% include 'partials/about_modal.html' %}
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
|
||||||
|
</html>
|
|
@ -1,4 +1,4 @@
|
||||||
{% extends 'base/skeleton.html' %}
|
{% extends 'base/skeleton_login.html' %}
|
||||||
|
|
||||||
{% load static %}
|
{% load static %}
|
||||||
{% load i18n %}
|
{% load i18n %}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
"""passbook OAuth2 IDP Forms"""
|
"""passbook OAuth2 Provider Forms"""
|
||||||
|
|
||||||
from django import forms
|
from django import forms
|
||||||
|
|
||||||
|
|
|
@ -25,8 +25,6 @@ class OAuth2Provider(Provider, AbstractApplication):
|
||||||
reverse('passbook_oauth_provider:token')),
|
reverse('passbook_oauth_provider:token')),
|
||||||
'userinfo_url': request.build_absolute_uri(
|
'userinfo_url': request.build_absolute_uri(
|
||||||
reverse('passbook_api:openid')),
|
reverse('passbook_api:openid')),
|
||||||
'openid_url': request.build_absolute_uri(
|
|
||||||
reverse('passbook_oauth_provider:openid-discovery'))
|
|
||||||
}
|
}
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
|
@ -31,15 +31,6 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
<hr>
|
|
||||||
<form class="form-horizontal">
|
|
||||||
<div class="form-group">
|
|
||||||
<label class="col-sm-3 control-label">{% trans 'OpenID Configuration URL' %}</label>
|
|
||||||
<div class="col-sm-9">
|
|
||||||
<input type="text"class="form-control" readonly value="{{ openid_url }}">
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</form>
|
|
||||||
</div>
|
</div>
|
||||||
<div class="modal-footer">
|
<div class="modal-footer">
|
||||||
<button type="button" class="btn btn-primary" data-dismiss="modal">{% trans 'Close' %}</button>
|
<button type="button" class="btn btn-primary" data-dismiss="modal">{% trans 'Close' %}</button>
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
from django.urls import path
|
from django.urls import path
|
||||||
from oauth2_provider import views
|
from oauth2_provider import views
|
||||||
|
|
||||||
from passbook.oauth_provider.views import oauth2, openid
|
from passbook.oauth_provider.views import oauth2
|
||||||
|
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
# Custom OAuth 2 Authorize View
|
# Custom OAuth 2 Authorize View
|
||||||
|
@ -17,9 +17,4 @@ urlpatterns = [
|
||||||
path("token/", views.TokenView.as_view(), name="token"),
|
path("token/", views.TokenView.as_view(), name="token"),
|
||||||
path("revoke_token/", views.RevokeTokenView.as_view(), name="revoke-token"),
|
path("revoke_token/", views.RevokeTokenView.as_view(), name="revoke-token"),
|
||||||
path("introspect/", views.IntrospectTokenView.as_view(), name="introspect"),
|
path("introspect/", views.IntrospectTokenView.as_view(), name="introspect"),
|
||||||
# OpenID-Connect Discovery
|
|
||||||
path('.well-known/openid-configuration', openid.OpenIDConfigurationView.as_view(),
|
|
||||||
name='openid-discovery'),
|
|
||||||
path('.well-known/jwks.json', openid.JSONWebKeyView.as_view(),
|
|
||||||
name='openid-jwks'),
|
|
||||||
]
|
]
|
||||||
|
|
|
@ -57,10 +57,10 @@ class PassbookAuthorizationView(AccessMixin, AuthorizationView):
|
||||||
provider.save()
|
provider.save()
|
||||||
self._application = application
|
self._application = application
|
||||||
# Check permissions
|
# Check permissions
|
||||||
passing, policy_meaages = self.user_has_access(self._application, request.user)
|
passing, policy_messages = self.user_has_access(self._application, request.user)
|
||||||
if not passing:
|
if not passing:
|
||||||
for policy_meaage in policy_meaages:
|
for policy_message in policy_messages:
|
||||||
messages.error(request, policy_meaage)
|
messages.error(request, policy_message)
|
||||||
return redirect('passbook_oauth_provider:oauth2-permission-denied')
|
return redirect('passbook_oauth_provider:oauth2-permission-denied')
|
||||||
# Some clients don't pass response_type, so we default to code
|
# Some clients don't pass response_type, so we default to code
|
||||||
if 'response_type' not in request.GET:
|
if 'response_type' not in request.GET:
|
||||||
|
|
|
@ -1,35 +0,0 @@
|
||||||
"""passbook oauth provider OpenID Views"""
|
|
||||||
|
|
||||||
from django.http import HttpRequest, JsonResponse
|
|
||||||
from django.shortcuts import reverse
|
|
||||||
from django.views.generic import View
|
|
||||||
|
|
||||||
|
|
||||||
class OpenIDConfigurationView(View):
|
|
||||||
"""Return OpenID Configuration"""
|
|
||||||
|
|
||||||
def get_issuer_url(self, request):
|
|
||||||
"""Get correct issuer URL"""
|
|
||||||
full_url = request.build_absolute_uri(reverse('passbook_oauth_provider:openid-discovery'))
|
|
||||||
return full_url.replace(".well-known/openid-configuration", "")
|
|
||||||
|
|
||||||
def get(self, request: HttpRequest):
|
|
||||||
"""Get Response conform to https://openid.net/specs/openid-connect-discovery-1_0.html"""
|
|
||||||
return JsonResponse({
|
|
||||||
'issuer': self.get_issuer_url(request),
|
|
||||||
'authorization_endpoint': request.build_absolute_uri(
|
|
||||||
reverse('passbook_oauth_provider:oauth2-authorize')),
|
|
||||||
'token_endpoint': request.build_absolute_uri(reverse('passbook_oauth_provider:token')),
|
|
||||||
"jwks_uri": request.build_absolute_uri(reverse('passbook_oauth_provider:openid-jwks')),
|
|
||||||
"scopes_supported": [
|
|
||||||
"openid",
|
|
||||||
],
|
|
||||||
})
|
|
||||||
|
|
||||||
|
|
||||||
class JSONWebKeyView(View):
|
|
||||||
"""JSON Web Key View"""
|
|
||||||
|
|
||||||
def get(self, request: HttpRequest):
|
|
||||||
"""JSON Webkeys are not implemented yet, hence return an empty object"""
|
|
||||||
return JsonResponse({})
|
|
0
passbook/oidc_provider/__init__.py
Normal file
0
passbook/oidc_provider/__init__.py
Normal file
27
passbook/oidc_provider/apps.py
Normal file
27
passbook/oidc_provider/apps.py
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
"""passbook auth oidc provider app config"""
|
||||||
|
from logging import getLogger
|
||||||
|
|
||||||
|
from django.apps import AppConfig
|
||||||
|
from django.urls import include, path
|
||||||
|
|
||||||
|
LOGGER = getLogger(__name__)
|
||||||
|
|
||||||
|
class PassbookOIDCProviderConfig(AppConfig):
|
||||||
|
"""passbook auth oidc provider app config"""
|
||||||
|
|
||||||
|
name = 'passbook.oidc_provider'
|
||||||
|
label = 'passbook_oidc_provider'
|
||||||
|
verbose_name = 'passbook OIDC Provider'
|
||||||
|
|
||||||
|
def ready(self):
|
||||||
|
from Cryptodome.PublicKey import RSA
|
||||||
|
from oidc_provider.models import RSAKey
|
||||||
|
if not RSAKey.objects.exists():
|
||||||
|
key = RSA.generate(2048)
|
||||||
|
rsakey = RSAKey(key=key.exportKey('PEM').decode('utf8'))
|
||||||
|
rsakey.save()
|
||||||
|
LOGGER.info("Created key")
|
||||||
|
from passbook.root import urls
|
||||||
|
urls.urlpatterns.append(
|
||||||
|
path('application/oidc/', include('oidc_provider.urls', namespace='oidc_provider')),
|
||||||
|
)
|
38
passbook/oidc_provider/forms.py
Normal file
38
passbook/oidc_provider/forms.py
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
"""passbook OIDC IDP Forms"""
|
||||||
|
|
||||||
|
from django import forms
|
||||||
|
from oauth2_provider.generators import (generate_client_id,
|
||||||
|
generate_client_secret)
|
||||||
|
from oidc_provider.models import Client
|
||||||
|
|
||||||
|
from passbook.oidc_provider.models import OpenIDProvider
|
||||||
|
|
||||||
|
|
||||||
|
class OIDCProviderForm(forms.ModelForm):
|
||||||
|
"""OpenID Client form"""
|
||||||
|
|
||||||
|
def __init__(self, *args, **kwargs):
|
||||||
|
# Correctly load data from 1:1 rel
|
||||||
|
if 'instance' in kwargs:
|
||||||
|
kwargs['instance'] = kwargs['instance'].oidc_client
|
||||||
|
super().__init__(*args, **kwargs)
|
||||||
|
self.fields['client_id'].initial = generate_client_id()
|
||||||
|
self.fields['client_secret'].initial = generate_client_secret()
|
||||||
|
|
||||||
|
def save(self, *args, **kwargs):
|
||||||
|
response = super().save(*args, **kwargs)
|
||||||
|
# Check if openidprovider class instance exists
|
||||||
|
if not OpenIDProvider.objects.filter(oidc_client=self.instance).exists():
|
||||||
|
OpenIDProvider.objects.create(oidc_client=self.instance)
|
||||||
|
return response
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
model = Client
|
||||||
|
fields = [
|
||||||
|
'name', 'client_type', 'client_id', 'client_secret', 'response_types',
|
||||||
|
'jwt_alg', 'reuse_consent', 'require_consent', '_redirect_uris', '_scope'
|
||||||
|
]
|
||||||
|
# exclude = ['owner', 'website_url', 'terms_url', 'contact_email', 'logo', ]
|
||||||
|
labels = {
|
||||||
|
'client_secret': "Client Secret"
|
||||||
|
}
|
30
passbook/oidc_provider/lib.py
Normal file
30
passbook/oidc_provider/lib.py
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
"""OIDC Permission checking"""
|
||||||
|
from logging import getLogger
|
||||||
|
|
||||||
|
from django.contrib import messages
|
||||||
|
from django.shortcuts import redirect
|
||||||
|
|
||||||
|
from passbook.core.models import Application
|
||||||
|
from passbook.core.policies import PolicyEngine
|
||||||
|
|
||||||
|
LOGGER = getLogger(__name__)
|
||||||
|
|
||||||
|
def check_permissions(request, user, client):
|
||||||
|
"""Check permissions, used for
|
||||||
|
https://django-oidc-provider.readthedocs.io/en/latest/
|
||||||
|
sections/settings.html#oidc-after-userlogin-hook"""
|
||||||
|
try:
|
||||||
|
application = client.openidprovider.application
|
||||||
|
except Application.DoesNotExist:
|
||||||
|
return redirect('passbook_oauth_provider:oauth2-permission-denied')
|
||||||
|
LOGGER.debug("Checking permissions of %s on application %s...", user, application)
|
||||||
|
policy_engine = PolicyEngine(application.policies.all())
|
||||||
|
policy_engine.for_user(user).with_request(request).build()
|
||||||
|
|
||||||
|
# Check permissions
|
||||||
|
passing, policy_messages = policy_engine.result
|
||||||
|
if not passing:
|
||||||
|
for policy_message in policy_messages:
|
||||||
|
messages.error(request, policy_message)
|
||||||
|
return redirect('passbook_oauth_provider:oauth2-permission-denied')
|
||||||
|
return None
|
25
passbook/oidc_provider/migrations/0001_initial.py
Normal file
25
passbook/oidc_provider/migrations/0001_initial.py
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
# Generated by Django 2.2.3 on 2019-07-05 12:16
|
||||||
|
|
||||||
|
import django.db.models.deletion
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
initial = True
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('oidc_provider', '0026_client_multiple_response_types'),
|
||||||
|
('passbook_core', '0024_ssologinpolicy'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.CreateModel(
|
||||||
|
name='OpenIDProvider',
|
||||||
|
fields=[
|
||||||
|
('provider_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='passbook_core.Provider')),
|
||||||
|
('oidc_client', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, to='oidc_provider.Client')),
|
||||||
|
],
|
||||||
|
bases=('passbook_core.provider',),
|
||||||
|
),
|
||||||
|
]
|
0
passbook/oidc_provider/migrations/__init__.py
Normal file
0
passbook/oidc_provider/migrations/__init__.py
Normal file
45
passbook/oidc_provider/models.py
Normal file
45
passbook/oidc_provider/models.py
Normal file
|
@ -0,0 +1,45 @@
|
||||||
|
"""oidc models"""
|
||||||
|
from django.db import models
|
||||||
|
from django.shortcuts import reverse
|
||||||
|
from django.utils.translation import gettext as _
|
||||||
|
from oidc_provider.models import Client
|
||||||
|
|
||||||
|
from passbook.core.models import Provider
|
||||||
|
|
||||||
|
|
||||||
|
class OpenIDProvider(Provider):
|
||||||
|
"""Proxy model for OIDC Client"""
|
||||||
|
# Since oidc_provider doesn't currently support swappable models
|
||||||
|
# (https://github.com/juanifioren/django-oidc-provider/pull/305)
|
||||||
|
# we have a 1:1 relationship, and update oidc_client when the form is saved.
|
||||||
|
|
||||||
|
oidc_client = models.OneToOneField(Client, on_delete=models.CASCADE)
|
||||||
|
|
||||||
|
form = 'passbook.oidc_provider.forms.OIDCProviderForm'
|
||||||
|
|
||||||
|
@property
|
||||||
|
def name(self):
|
||||||
|
"""Name property for UI"""
|
||||||
|
return self.oidc_client.name
|
||||||
|
|
||||||
|
def __str__(self):
|
||||||
|
return "OpenID Connect Provider %s" % self.oidc_client.__str__()
|
||||||
|
|
||||||
|
def html_setup_urls(self, request):
|
||||||
|
"""return template and context modal with URLs for authorize, token, openid-config, etc"""
|
||||||
|
return "oidc_provider/setup_url_modal.html", {
|
||||||
|
'provider': self,
|
||||||
|
'authorize': request.build_absolute_uri(
|
||||||
|
reverse('oidc_provider:authorize')),
|
||||||
|
'token': request.build_absolute_uri(
|
||||||
|
reverse('oidc_provider:token')),
|
||||||
|
'userinfo': request.build_absolute_uri(
|
||||||
|
reverse('oidc_provider:userinfo')),
|
||||||
|
'provider_info': request.build_absolute_uri(
|
||||||
|
reverse('oidc_provider:provider-info')),
|
||||||
|
}
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
|
||||||
|
verbose_name = _('OpenID Provider')
|
||||||
|
verbose_name_plural = _('OpenID Providers')
|
1
passbook/oidc_provider/requirements.txt
Normal file
1
passbook/oidc_provider/requirements.txt
Normal file
|
@ -0,0 +1 @@
|
||||||
|
django-oidc-provider
|
7
passbook/oidc_provider/settings.py
Normal file
7
passbook/oidc_provider/settings.py
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
"""passbook OIDC Provider"""
|
||||||
|
|
||||||
|
INSTALLED_APPS = [
|
||||||
|
'oidc_provider',
|
||||||
|
]
|
||||||
|
|
||||||
|
OIDC_AFTER_USERLOGIN_HOOK = "passbook.oidc_provider.lib.check_permissions"
|
|
@ -0,0 +1,70 @@
|
||||||
|
{% extends "login/base.html" %}
|
||||||
|
|
||||||
|
{% load utils %}
|
||||||
|
{% load i18n %}
|
||||||
|
|
||||||
|
{% block title %}
|
||||||
|
{% title 'Authorize Application' %}
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
{% block card %}
|
||||||
|
<header class="login-pf-header">
|
||||||
|
<h1>{% trans 'Authorize Application' %}</h1>
|
||||||
|
</header>
|
||||||
|
<form method="POST">
|
||||||
|
{% csrf_token %}
|
||||||
|
{% if not error %}
|
||||||
|
{% csrf_token %}
|
||||||
|
{% for field in form %}
|
||||||
|
{% if field.is_hidden %}
|
||||||
|
{{ field }}
|
||||||
|
{% endif %}
|
||||||
|
{% endfor %}
|
||||||
|
<div class="form-group">
|
||||||
|
<p class="subtitle">
|
||||||
|
{% blocktrans with remote=client.name %}
|
||||||
|
You're about to sign into {{ remote }}
|
||||||
|
{% endblocktrans %}
|
||||||
|
</p>
|
||||||
|
<p>{% trans "Application requires following permissions" %}</p>
|
||||||
|
<ul>
|
||||||
|
{% for scope in scopes %}
|
||||||
|
<li>{{ scope.name }}</li>
|
||||||
|
{% endfor %}
|
||||||
|
</ul>
|
||||||
|
{{ hidden_inputs }}
|
||||||
|
{{ form.errors }}
|
||||||
|
{{ form.non_field_errors }}
|
||||||
|
<p>
|
||||||
|
{% blocktrans with user=user %}
|
||||||
|
You are logged in as {{ user }}. Not you?
|
||||||
|
{% endblocktrans %}
|
||||||
|
<a href="{% url 'passbook_core:auth-logout' %}">{% trans 'Logout' %}</a>
|
||||||
|
</p>
|
||||||
|
<div class="form-group">
|
||||||
|
<input type="submit" class="btn btn-success btn-disabled btn-lg click-spinner" name="allow" value="{% trans 'Continue' %}">
|
||||||
|
<a href="{% back %}" class="btn btn-default btn-lg">{% trans "Cancel" %}</a>
|
||||||
|
</div>
|
||||||
|
<div class="form-group spinner-hidden hidden">
|
||||||
|
<div class="spinner"></div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{% else %}
|
||||||
|
<div class="login-group">
|
||||||
|
<p class="subtitle">
|
||||||
|
{% blocktrans with err=error.error %}Error: {{ err }}{% endblocktrans %}
|
||||||
|
</p>
|
||||||
|
<p>{{ error.description }}</p>
|
||||||
|
</div>
|
||||||
|
{% endif %}
|
||||||
|
</form>
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
{% block scripts %}
|
||||||
|
<script>
|
||||||
|
$('.click-spinner').on('click', function (e) {
|
||||||
|
$('.spinner-hidden').removeClass('hidden');
|
||||||
|
$(e.target).addClass('disabled');
|
||||||
|
})
|
||||||
|
</script>
|
||||||
|
{% endblock %}
|
|
@ -0,0 +1,49 @@
|
||||||
|
{% load i18n %}
|
||||||
|
|
||||||
|
<button class="btn btn-default btn-sm" data-toggle="modal" data-target="#{{ provider.pk }}">{% trans 'View Setup URLs' %}</button>
|
||||||
|
<div class="modal fade" id="{{ provider.pk }}" tabindex="-1" role="dialog" aria-labelledby="{{ provider.pk }}Label" aria-hidden="true">
|
||||||
|
<div class="modal-dialog">
|
||||||
|
<div class="modal-content">
|
||||||
|
<div class="modal-header">
|
||||||
|
<button type="button" class="close" data-dismiss="modal" aria-hidden="true" aria-label="Close">
|
||||||
|
<span class="pficon pficon-close"></span>
|
||||||
|
</button>
|
||||||
|
<h4 class="modal-title" id="{{ provider.pk }}Label">{% trans 'Setup URLs' %}</h4>
|
||||||
|
</div>
|
||||||
|
<div class="modal-body">
|
||||||
|
<form class="form-horizontal">
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="col-sm-3 control-label">{% trans 'Authorize URL' %}</label>
|
||||||
|
<div class="col-sm-9">
|
||||||
|
<input type="text"class="form-control" readonly value="{{ authorize }}">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="col-sm-3 control-label">{% trans 'Token URL' %}</label>
|
||||||
|
<div class="col-sm-9">
|
||||||
|
<input type="text" class="form-control" readonly value="{{ token }}">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="col-sm-3 control-label">{% trans 'Userinfo Endpoint' %}</label>
|
||||||
|
<div class="col-sm-9">
|
||||||
|
<input type="text" class="form-control" readonly value="{{ userinfo }}">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
<hr>
|
||||||
|
<form class="form-horizontal">
|
||||||
|
<div class="form-group">
|
||||||
|
<label class="col-sm-3 control-label">{% trans 'OpenID Configuration URL' %}</label>
|
||||||
|
<div class="col-sm-9">
|
||||||
|
<input type="text"class="form-control" readonly value="{{ provider_info }}">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
<div class="modal-footer">
|
||||||
|
<button type="button" class="btn btn-primary" data-dismiss="modal">{% trans 'Close' %}</button>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
|
@ -82,6 +82,7 @@ INSTALLED_APPS = [
|
||||||
'passbook.ldap.apps.PassbookLdapConfig',
|
'passbook.ldap.apps.PassbookLdapConfig',
|
||||||
'passbook.oauth_client.apps.PassbookOAuthClientConfig',
|
'passbook.oauth_client.apps.PassbookOAuthClientConfig',
|
||||||
'passbook.oauth_provider.apps.PassbookOAuthProviderConfig',
|
'passbook.oauth_provider.apps.PassbookOAuthProviderConfig',
|
||||||
|
'passbook.oidc_provider.apps.PassbookOIDCProviderConfig',
|
||||||
'passbook.saml_idp.apps.PassbookSAMLIDPConfig',
|
'passbook.saml_idp.apps.PassbookSAMLIDPConfig',
|
||||||
'passbook.otp.apps.PassbookOTPConfig',
|
'passbook.otp.apps.PassbookOTPConfig',
|
||||||
'passbook.captcha_factor.apps.PassbookCaptchaFactorConfig',
|
'passbook.captcha_factor.apps.PassbookCaptchaFactorConfig',
|
||||||
|
|
|
@ -8,3 +8,4 @@
|
||||||
-r passbook/admin/requirements.txt
|
-r passbook/admin/requirements.txt
|
||||||
-r passbook/api/requirements.txt
|
-r passbook/api/requirements.txt
|
||||||
-r passbook/app_gw/requirements.txt
|
-r passbook/app_gw/requirements.txt
|
||||||
|
-r passbook/oidc_provider/requirements.txt
|
||||||
|
|
Reference in a new issue