Skip to content

segfaulted/django-auth-adfs

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

85 Commits

django_auth_adfs

django_auth_adfs

 
 

docs

docs

 
 

tests

tests

 
 

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

CHANGELOG.rst

CHANGELOG.rst

 
 

CONTRIBUTING.rst

CONTRIBUTING.rst

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

README.rst

README.rst

 
 

manage.py

manage.py

 
 

setup.cfg

setup.cfg

 
 

setup.py

setup.py

 
 

tox.ini

tox.ini

 
 

Repository files navigation

ADFS Authentication for Django

Documentation Status

image

image

image

image

A Django authentication backend for Microsoft ADFS

Features

  • Integrates Django with Active Directory through Microsoft ADFS by using OAuth2.
  • Provides seamless single sign on (SSO) for your Django project on intranet environments.
  • Auto creates users and adds them to Django groups based on info in JWT claims received from ADFS.

Installation

Python package:

pip install django-auth-adfs

In your project's settings.py

AUTHENTICATION_BACKENDS = (
    ...
    'django_auth_adfs.backend.AdfsBackend',
    ...
)

INSTALLED_APPS = (
    ...
    # Needed for the ADFS redirect URI to function
    'django_auth_adfs',
    ...

# checkout config.py for more settings
AUTH_ADFS = {
    "SERVER": "adfs.yourcompany.com",
    "CLIENT_ID": "your-configured-client-id",
    "RESOURCE": "your-adfs-RPT-name",
    # Make sure to read the documentation about the AUDIENCE setting
    # when you configured the identifier as a URL!
    "AUDIENCE": "microsoft:identityserver:your-RelyingPartyTrust-identifier",
    "ISSUER": "http://adfs.yourcompany.com/adfs/services/trust",
    "CA_BUNDLE": "/path/to/ca-bundle.pem",
    "CLAIM_MAPPING": {"first_name": "given_name",
                      "last_name": "family_name",
                      "email": "email"},
    "REDIR_URI": "https://www.yourcompany.com/oauth2/login",
}

########################
# OPTIONAL SETTINGS
########################
TEMPLATES = [
    {
        ...
        'OPTIONS': {
            'context_processors': [
                # Only needed if you want to use the variable ADFS_AUTH_URL in your templates
                'django_auth_adfs.context_processors.adfs_url',
                ...
            ],
        },
    },
]

MIDDLEWARE = (
    ...
    # With this you can force a user to login without using
    # the @login_required decorator for every view function
    #
    # You can specify URLs for which login is not forced by
    # specifying them in LOGIN_EXEMPT_URLS in setting.py.
    # The values in LOGIN_EXEMPT_URLS are interpreted as regular expressions.
    'django_auth_adfs.middleware.LoginRequiredMiddleware',
)

# Or, when using django <1.10
MIDDLEWARE_CLASSES = (
    ...
    'django_auth_adfs.middleware.LoginRequiredMiddleware',
)

In your project's urls.py

urlpatterns = [
    ...
    # Needed for the redirect URL to function
    url(r'^oauth2/', include('django_auth_adfs.urls')),
    # If you're using Django 1.8, this code should be used instead
    url(r'^oauth2/', include('django_auth_adfs.urls', namespace='django_auth_adfs')),
    ...
]

The URL you have to configure as the redirect URL in ADFS depends on the url pattern you configure. In the example above you have to make the redirect url in ADFS point to https://yoursite.com/oauth2/login

Contributing

Contributions to the code are more then welcome. For more details have a look at the CONTRIBUTING.rst file.

About

A Django authentication backend for Microsoft ADFS, Probably looking for https://github.com/jobec/django-auth-adfs

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

9 tags

Packages

No packages published

Languages

  • Python 99.1%
  • HTML 0.9%