divio / django-simple-sso Goto Github PK
View Code? Open in Web Editor NEWLicense: Other
License: Other
Given that Django 1.7 is no longer supported, I think the action here is to change the README to update the supported version.
The migrations do not work due to a bug in Django 1.7 with the error:
ProgrammingError: (1146, "Table 'your project.sso_server_consumer' doesn't exist")
This is because the default value for private_key on the Consumer model is being calculated, even though Django should be ignoring defaults. The default value in this case is from the SecretKeyGenerator, which queries the database to see if the generated key already exists. Because we are in the migration to create the table, the table isn't there and we get the error.
Newer versions of Django will only get the default value if it is needed
as captioned
django.contrib.admin.sites.AlreadyRegistered: The model Consumer is already registered with 'sso_server.ConsumerAdmin'.
Hello, I have tried to apply this package, however I have not been successful. I understand the expiration message. But I don't understand why it happens. That is, if I try to log in before 5 seconds.
I appreciate if you can guide me
Should server/client project must be change lots of code for use sso packge,such as login/auth? Have any second develop documents?thx.
Example project with two client, one SSO server
I am trying to set up an authentication system using django-simple-sso
. I have followed the Implementation
steps mentioned in the readme file. Additionally, I have created a login page for authentication at the django-simple-sso Server.
Python - 3.5.3
Database - sqlite
OSX - 10.13.4
Django==2.0.5
django-simple-sso==0.13.2
from django.contrib import admin
from django.urls import path, include
from simple_sso.sso_server.server import Server
sso_server = Server()
urlpatterns = [
path('', include('app.urls')),
path('admin/', admin.site.urls),
path('server/', include(sso_server.get_urls())),
]
INSTALLED_APPS = [
...
'simple_sso.sso_server',
]
from django.urls import path
from app import views
urlpatterns = [
path('login/', views.login, name='login'),
path('logout/', views.logout, name='logout'),
]
from django.shortcuts import render
from django.http import HttpResponseRedirect
from django.contrib.auth import login, logout
from app.forms import LoginForm
def login_view(request):
if request.user.is_authenticated:
next = request.GET.get('next')
return HttpResponseRedirect(next)
else:
form = LoginForm(request.POST or None)
if request.POST and form.is_valid():
user = form.login(request)
if user:
login(request, user)
next = request.GET.get('next')
return HttpResponseRedirect(next)
return render(request, 'login.html', {'login_form': form})
def logout_view(request):
if request.user.is_authenticated:
logout(request)
return HttpResponseRedirect('/')
Client credentials are created as mentioned in the Implementation
steps.
Server application is run on port http://localhost:8000
from django.conf import settings
from django.contrib import admin
from django.urls import path, include
from simple_sso.sso_client.client import Client
sso_client = Client(settings.SIMPLE_SSO_SERVER, settings.SIMPLE_SSO_KEY, settings.SIMPLE_SSO_SECRET)
urlpatterns = [
path('admin/', admin.site.urls),
path('client/', include(sso_client.get_urls())),
]
...
SIMPLE_SSO_SECRET='secret_key'
SIMPLE_SSO_KEY='public_key'
SIMPLE_SSO_SERVER='http://localhost:8000/server/'
Client application is run on port http://localhost:8001
When I access the client application url http://localhost:8001/client/
http://localhost:8000/server/
http://localhost:8000/login//?next=%2Fserver%2Fauthorize%2F%3Ftoken%3Dsometoken
and when I enter the correct username and password, login happens successfullyhttp://localhost:8000/server/authorize/?token=sometoken
and verification request happens http://localhost:8000/server/verify/
and I receive the following error:Traceback (most recent call last):
File "/Users/jagadesh/.virtualenvs/sso_testing/lib/python3.5/site-packages/django/core/handlers/exception.py", line 35, in inner
response = get_response(request)
File "/Users/jagadesh/.virtualenvs/sso_testing/lib/python3.5/site-packages/django/core/handlers/base.py", line 128, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/Users/jagadesh/.virtualenvs/sso_testing/lib/python3.5/site-packages/django/core/handlers/base.py", line 126, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/Users/jagadesh/.virtualenvs/sso_testing/lib/python3.5/site-packages/django/views/generic/base.py", line 69, in view
return self.dispatch(request, *args, **kwargs)
File "/Users/jagadesh/.virtualenvs/sso_testing/lib/python3.5/site-packages/django/views/generic/base.py", line 89, in dispatch
return handler(request, *args, **kwargs)
File "/Users/jagadesh/.virtualenvs/sso_testing/lib/python3.5/site-packages/simple_sso/sso_client/client.py", line 59, in get
user = self.client.get_user(access_token)
File "/Users/jagadesh/.virtualenvs/sso_testing/lib/python3.5/site-packages/simple_sso/sso_client/client.py", line 110, in get_user
user_data = self.consumer.consume(url, data)
File "/Users/jagadesh/.virtualenvs/sso_testing/lib/python3.5/site-packages/webservices/models.py", line 55, in consume
body = self.send_request(url, data=signed_data, headers=headers)
File "/Users/jagadesh/.virtualenvs/sso_testing/lib/python3.5/site-packages/webservices/sync.py", line 13, in send_request
self.raise_for_status(response.status_code, response.content)
File "/Users/jagadesh/.virtualenvs/sso_testing/lib/python3.5/site-packages/webservices/models.py", line 67, in raise_for_status
raise BadRequest(message)
webservices.exceptions.BadRequest: b'Failed to process the request'
[03/May/2018 14:57:59] "GET /client/authenticate/?access_token=IlIzVkcxcjNuak1uRjIxUDE3V0JCTkp2cVdXbGFoNkJidmxqczYwZ3Qycmx0TnF3Q3ZUMmZHcjJ2NWFRV3BscVQi.Dcy09w.ga7zSLKJ4jnbsHUGEaVUB-5m6IM&next=%2F HTTP/1.1" 500 91586
P.S: The Implementation steps along with an example would have been more helpful.
I tested the token request from the client to the server, and it passed easily. When I jump from the service side to the client side, it is normally directly passed and does not need to be verified. Has it been implemented, and how can I operate it?
My SSO server is behind an nginx reverse proxy with SSL enabled(self signed). My SSO clients are failing with this error.
Max retries exceeded with url: /server/request-token/ (Caused by SSLErILED] certificate verify failed: self signed certificate (_ssl.c:1076)')))
What can I do to make this connection possible? How can I pass certificate when I call SSO server?
Dears,
when I try to connect from app1/client to app0/server, I got from the server the error:
Reverse for 'login' not found. 'login' is not a valid view function or pattern name.
It comes from
"server.py", line 93, in handle_unauthenticated_user
url = '%s?%s' % (reverse(self.server.auth_view_name), urlencode([('next', next)]))
I tried to create a login view in the server with no results (same error).
what can I do?
thanks in advance!
Hey there, it's me again!
I came up with this idea due to some discussion on our project regarding application specific user permission handling for new users.
Let me explain the motivation:
There could be a /propagate
route on the sso-clients, which takes a request from the sso-server, checks it's authenticity and integrity and then populates the user table with the received data. This would be some kind of shortcut to the regular new-user-adding-on-client-routine, but not having the user logged in. It's only for having a new user written into the client's database before a first login. This gives the admins time to configure needed settings/permissions for this new user.
@GaretJax
@FinalAngel
Are there any concerns from your side regarding this idea, before I start implementing and creating a PullRequest? Thanks for your replies in advance, guys!
TBD
With the default server configuration, the content type for the responses returned by eg RequestTokenProvider
is the default (text/html). This seems to be a limitation of provider_for_django()
in webservices
On my setup the responses are being mangled by django-htmlmin middleware and I get the error BadTimeSignature, Signature '5gq7ILVLZ5a1TGGhaqFnilRKQw4</body></html>' does not match.
If the content type was text/plain there wouldn't be a problem.
There's a bunch of ways I can work around this for now but it would be good if the content type was set correctly.
new to use django, and when i read about django, the django version is 1.10.
I noticed the project first commit time is 5 years ago, then the django version must very low,
I think It's a very good idea to add Install.txt about how to add this app into django project.
After installing the django-simple-sso and running "python manage.py migrate", this error occurs and I couldn't figure its solution out. Can anyone help me out on this.
while self.get_model().objects.filter(**{self.field: key}).exists():
TypeError: manager_method() keywords must be strings
Hi,
I am really sorry to use this platform for asking this.
Could do you provide example source code for reference.
As per example "https://micropyramid.com/blog/django-single-sign-on-sso-to-multiple-applications/"
given here i am unable to run django-admin dbshell to create keys.
Sorry again for using this platform.
Thanks
Shehroj Khan
The reason is how the build_user
method is implemented:
def build_user(self, user_data):
try:
user = User.objects.get(username=user_data['username'])
# Here should be an update route, which writes all **user_data into the existing user object
except User.DoesNotExist:
user = User(**user_data)
user.set_unusable_password()
user.save()
return user
The 0002 migration fails with following error:
ERROR Handled exception OperationalError: (1071, 'Specified key was too long; max key length is 767 bytes')
Applying sso_server.0002_consumer_name_max_length...Traceback (most recent call last):
File "/home/www-data/.local/lib/python3.5/site-packages/django/db/backends/utils.py", line 85, in _execute
return self.cursor.execute(sql, params)
File "/home/www-data/.local/lib/python3.5/site-packages/django/db/backends/mysql/base.py", line 71, in execute
return self.cursor.execute(query, args)
File "/usr/lib/python3/dist-packages/MySQLdb/cursors.py", line 226, in execute
self.errorhandler(self, exc, value)
File "/usr/lib/python3/dist-packages/MySQLdb/connections.py", line 36, in defaulterrorhandler
raise errorvalue
File "/usr/lib/python3/dist-packages/MySQLdb/cursors.py", line 217, in execute
res = self._query(query)
File "/usr/lib/python3/dist-packages/MySQLdb/cursors.py", line 378, in _query
rowcount = self._do_query(q)
File "/usr/lib/python3/dist-packages/MySQLdb/cursors.py", line 341, in _do_query
db.query(q)
File "/usr/lib/python3/dist-packages/MySQLdb/connections.py", line 280, in query
_mysql.connection.query(self, query)
_mysql_exceptions.OperationalError: (1071, 'Specified key was too long; max key length is 767 bytes')
Requesting an update on this project. Will there be any support for the django 4.x, The greatest supported version of django is 3.1 and the latest is 4.1
'webservices[server]',
or
'webservices',
It seems that webservices==0.7 uses request.raw_post_data, instead of request.body (django>1.6)
Here's the error on py3, dj1.11, django-simple-sso==0.13.2:
AttributeError at /server/request-token/
'WSGIRequest' object has no attribute 'raw_post_data'
Here some explanation:
https://stackoverflow.com/questions/22368190/django-cant-access-raw-post-data#answer-22368223
Django-simple-sso seems to be incompatible to the django-debug-toolbar project.
An error is thrown in the ddt middleware, once a client application tries to authenticate a user against the server machine, where the ddt is added to the middlewares.
The request body contains the signed json content. Ddt always tries to encode this JSON for further analysis, I guess. Due to the structure of the content like
{"x": "y"}.greatSignature
a JsonDecodeError
is thrown, since this is no proper json.
MIDDLEWARE
list in the settings.py
.a.com:8000: server
a.com:8001: client1
a.com:8002: client2
i logged on client1
when i visit client2, it will go to server to login, then client1 will auto logout
how to fix it?
thanks
Hii,
Not Found: /authorize/
[03/Jun/2020 02:04:01] "GET /authorize/?token=2qCFodOLcTZvQ4Pm3WCOW5MnVz3yscUKXWMefOk27Pb6zawVlGIfTah1Ss3oYLJO HTTP/1.1" 404 2534
def save(self,*args,**kwargs):
ex=False
if self.first_name and self.last_name:
to_slug = slugify(str(self.first_name) + " " + str(self.last_name))
ex = Profile.objects.filter(self=to_slug).exists()
while ex:
to_slug = slugify(to_slug + " " + str(get_random_code()))
ex = Profile.objects.filter(self=to_slug).exists()
else:
to_slug = str(self.user)
self.slug = to_slug
super().save(*args,**kwargs)
can anyone help me with this error,whenever i edit the exisiting profile i always get this error
It seems that a migration file is missing in the package (django-simple-sso==0.13.2, django 1.11, py 3.5)
python manage.py makemigrations --dry-run
venv/lib/python3.5/site-packages/simple_sso/sso_server/migrations/0003_auto_20180405_0822.py
- Alter field private_key on consumer
- Alter field public_key on consumer
- Alter field access_token on token
- Alter field request_token on token
My current backend is on Django (DRF) and front-end is React app, can I use this package with the React?
Hi and thanks for putting your library online! I'm looking forward to use it, it looks really nice.
However, I am encountering two different problems on Django 1.10 and python 2.7 / 3.5 . Here is the error I encounter on python 3.5 .
For which versions of Django beyond 1.7 is simple_sso supposed to work?
File "/var/virtualenvs/machinistgrondverzet/lib/python3.5/site-packages/simple_sso/sso_server/models.py", line 7, in
from ..utils import gen_secret_key
File "/var/virtualenvs/machinistgrondverzet/lib/python3.5/site-packages/simple_sso/utils.py", line 7, in
KEY_CHARACTERS = string.letters + string.digits
AttributeError: module 'string' has no attribute 'letters'
Reverse for 'app_list' with arguments '()' and keyword arguments '{'app_label': u'sso_server'}' not found. 1 pattern(s) tried: [u'admin/(?P<app_label>vouchers|pages|redirects|auth|homepage|mezzanine_blocks|blog|forms|conf|formulieren|videos|galleries|sites|begrippen|generic|registration)/$']
Here is the Traceback:
Environment:
Request Method: GET
Request URL: http://test.go2people.nl:9012/admin/
Django Version: 1.10.8
Python Version: 2.7.12
Installed Applications:
(u'mezzanine.boot',
u'django.contrib.auth',
u'django.contrib.contenttypes',
u'django.contrib.redirects',
u'django.contrib.sessions',
u'django.contrib.sites',
u'django.contrib.sitemaps',
u'mezzanine.conf',
u'mezzanine.core',
u'mezzanine.generic',
u'mezzanine.pages',
u'mezzanine.blog',
u'mezzanine.forms',
u'mezzanine.galleries',
u'mezzanine.twitter',
u'crispy_forms',
u'mezzanine_blocks',
u'registration',
u'simple_sso.sso_server',
u'begrippen',
u'formulieren',
u'homepage',
u'videos',
u'vouchers',
u'zoeken',
u'debug_toolbar',
u'compressor',
u'filebrowser_safe',
u'grappelli_safe',
u'django.contrib.admin',
u'django.contrib.staticfiles',
u'django_comments')
Installed Middleware:
(u'django.contrib.sessions.middleware.SessionMiddleware',
u'django.middleware.locale.LocaleMiddleware',
u'django.middleware.common.CommonMiddleware',
u'django.middleware.csrf.CsrfViewMiddleware',
u'django.contrib.auth.middleware.AuthenticationMiddleware',
u'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
u'django.contrib.messages.middleware.MessageMiddleware',
u'django.middleware.clickjacking.XFrameOptionsMiddleware',
u'mezzanine.core.request.CurrentRequestMiddleware',
u'mezzanine.core.middleware.RedirectFallbackMiddleware',
u'mezzanine.core.middleware.TemplateForDeviceMiddleware',
u'mezzanine.core.middleware.TemplateForHostMiddleware',
u'mezzanine.core.middleware.AdminLoginInterfaceSelectorMiddleware',
u'mezzanine.core.middleware.SitePermissionMiddleware',
u'mezzanine.pages.middleware.PageMiddleware',
u'vouchers.middleware.VoucherMiddleware',
u'debug_toolbar.middleware.DebugToolbarMiddleware')
Traceback:
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/core/handlers/exception.py" in inner
42. response = get_response(request)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/core/handlers/base.py" in _legacy_get_response
249. response = self._get_response(request)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/core/handlers/base.py" in _get_response
187. response = self.process_exception_by_middleware(e, request)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/core/handlers/base.py" in _get_response
185. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/contrib/admin/sites.py" in wrapper
229. return self.admin_view(view, cacheable)(*args, **kwargs)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/utils/decorators.py" in _wrapped_view
149. response = view_func(request, *args, **kwargs)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
57. response = view_func(request, *args, **kwargs)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/contrib/admin/sites.py" in inner
211. return view(request, *args, **kwargs)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
57. response = view_func(request, *args, **kwargs)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/contrib/admin/sites.py" in index
468. app_list = self.get_app_list(request)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/contrib/admin/sites.py" in get_app_list
451. app_dict = self._build_app_dict(request)
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/contrib/admin/sites.py" in _build_app_dict
436. current_app=self.name,
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/urls/base.py" in reverse
91. return force_text(iri_to_uri(resolver._reverse_with_prefix(view, prefix, *args, **kwargs)))
File "/var/virtualenvs/machinistgrondverzet2/local/lib/python2.7/site-packages/django/urls/resolvers.py" in _reverse_with_prefix
392. (lookup_view_s, args, kwargs, len(patterns), patterns)
Exception Type: NoReverseMatch at /admin/
Exception Value: Reverse for 'app_list' with arguments '()' and keyword arguments '{'app_label': u'sso_server'}' not found. 1 pattern(s) tried: [u'admin/(?P<app_label>vouchers|pages|redirects|auth|homepage|mezzanine_blocks|blog|forms|conf|formulieren|videos|galleries|sites|begrippen|generic|registration)/$']
pip freeze
backports.shutil-get-terminal-size==1.0.0
beautifulsoup4==4.6.0
bleach==2.1.2
certifi==2017.11.5
chardet==3.0.4
confusable-homoglyphs==2.0.2
decorator==4.1.2
Django==1.10.8
django-appconf==1.0.2
django-compressor==2.2
django-contrib-comments==1.8.0
django-crispy-forms==1.7.0
django-debug-toolbar==1.9.1
django-registration==2.3
django-simple-sso==0.11
enum34==1.1.6
filebrowser-safe==0.4.7
future==0.16.0
gevent==1.2.2
grappelli-safe==0.4.7
greenlet==0.4.12
gunicorn==19.7.1
html5lib==1.0.1
idna==2.6
ipdb==0.10.3
ipython==5.5.0
ipython-genutils==0.2.0
itsdangerous==0.24
Mezzanine==4.2.3
-e git://github.com/renyi/mezzanine-blocks.git@2983557c03f16625c63954c4e386915a8eb7e549#egg=mezzanine_blocks
oauthlib==2.0.6
pathlib2==2.3.0
pexpect==4.3.1
pickleshare==0.7.4
Pillow==5.0.0
pkg-resources==0.0.0
prompt-toolkit==1.0.15
psycopg2==2.7.3.2
ptyprocess==0.5.2
Pygments==2.2.0
pytz==2017.3
rcssmin==1.0.6
requests==2.18.4
requests-oauthlib==0.8.0
rjsmin==1.0.12
scandir==1.6
simplegeneric==0.8.1
six==1.11.0
sqlparse==0.2.4
traitlets==4.3.2
tzlocal==1.5.1
urllib3==1.22
wcwidth==0.1.7
webencodings==0.5.1
webservices==0.7
xlrd==1.1.0
2yrs after deployment my sso database grown to 16GB. There are tons of old tokens. Some cleaning task would be nice.
Doubts on server:
simple_sso.server.SimpleSSOServer().get_urls()
or
simple_sso.sso_server.SimpleSSOServer().get_urls()
or
simple_sso.sso_server.server.Server().get_urls()
Doubts ou client:
simple_sso.sso_client in the client INSTALLED_APPS?
What about the simple_sso.sso_server.models.Client?
simple_sso.sso_client.client.Client() right?
I am working on implementing Django-Simple-SSO to our python based platform. I am following this blog to implement SSO:
https://medium.com/@MicroPyramid/django-single-sign-on-sso-to-multiple-applications-64637da015f4
This code is the step number 3 on the server side of django-simple-sso.
from simple_sso.sso_server.models import Token, Consumer
Consumer.objects.create(public_key='your_application_public_key', private_key='your_application_private_key', name='your_application_name')
psycopg2.errors.UndefinedTable: relation "sso_server_consumer" does not exist -- this is the error I am getting as soon as I run the above code in django shell. Can someone please help me on how to solve this error?
I have run both makemigrations and migrate commands. But, still getting the same error.
I am able to see the Consumers table in the django-admin page under the heading SSO_SERVER. But, when I click on that Consumers table, I am getting this error page :
ProgrammingError at /admin/sso_server/consumer/ relation "sso_server_consumer" does not exist LINE 1: SELECT COUNT(*) AS "__count" FROM "sso_server_consumer"
And also why is that Token imported? As it was not used anywhere in that sso blog post.
I have asked this question on stackoverflow as well : https://stackoverflow.com/questions/64281534/psycopg2-errors-undefinedtable-relation-sso-server-consumer-does-not-exist
Thank you
How to perform single sign out. When one app raised logout request all the apps should logout.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.