I've deployed a Python & Django Application in IBM Cloud Foundry and trying to integrate APP-ID for SSO. I received the OIDC provider information from the metadata provided from the APP-ID. But my question is how do I integrate the APP-ID with DJANGO APPLICATION for a Successful integration of SSO?
Here is an example of how flask application, can be used but is there an example or process of how a Django application is done?
https://dzone.com/articles/securing-your-python-app-with-openid-connect-oidc-1
For this integration, I tried to use below links for OIDC client in Django App and IBM APP-ID information for integration but no luck.
APP-ID: https://dzone.com/articles/securing-your-python-app-with-openid-connect-oidc-1
OIDC: https://django-oidc-rp.readthedocs.io/en/stable/getting_started.html
The DZone article on the Python app with OIDC refers to this IBM Cloud solution tutorial. The tutorial discusses the use of IBM Cloud App ID for the Python Flask app and provides the code in this GitHub repository. Take a look at how the Flask OIDC module is initialized:
# Configure access to App ID service for the OpenID Connect client
appID_clientinfo=ClientMetadata(client_id=appIDInfo['clientId'],client_secret=appIDInfo['secret'])
appID_config = ProviderConfiguration(issuer=appIDInfo['oauthServerUrl'],client_metadata=appID_clientinfo)
The code uses OIDC discovery for the actual setup. It requires only the clientID and secret as well as the URI. Aren't those exactly the properties you are asked for in the second article you linked to?
I'm using mozilla-django-oidc. The setup is well documented:
https://mozilla-django-oidc.readthedocs.io/en/stable/installation.html#quick-start
It looks quite similar to django-oidc-rp from a quick glance, but mozilla-django-oidc seems to be a bit more active on github and works for me.
Related
Hello We made our own Gitlab installation on our server. I installed Readthedocs Local in the link below. In order to connect our accounts on gitlab with readthedocs, I was asked to make the following settings from the gitlab section in the readthedocs document.
https://readthedocs.org/
https://dev.readthedocs.io/en/latest/install.html
But interestingly, even though I set the settings on our own server gitlab.local, by default django goes to gitlab.com when I connect to gitlab via devthedocs.org. However, it should connect to gitlab.local on my server, how can I fix this problem?
On page 34 of this document here
https://readthedocs.org/projects/django-allauth/downloads/pdf/latest/
"The GitLab provider works by default with https://gitlab.com. It allows you to connect to your private GitLab
server and use GitLab as an OAuth2 authentication provider as described in GitLab docs at http://doc.gitlab.com/
ce/integration/oauth_provider.html"
I need your support in this matter.
Thank you very much.
Configure the applications on GitHub, Bitbucket, and GitLab. For each of these, the callback URI is http://devthedocs.org/accounts//login/callback/ where is one of github, gitlab, or bitbucket_oauth2. When setup, you will be given a “Client ID” (also called an “Application ID” or just “Key”) and a “Secret”.
Take the “Client ID” and “Secret” for each service and enter it in your local Django admin at: http://devthedocs.org/admin/socialaccount/socialapp/. Make sure to apply it to the “Site”.
So we've completed the implementation of the google calendar integration in our pre-production application.
Now, we need to submit the Oauth app for verification and I had a few questions:
Can we create the demo app in our pre-production application or does it need to be created in the production application? [the issue with recording video in production app is that we can't deploy the feature to production app until the Oauth app is verified by Google as we don't want users to see an unusable feature. ]
If we have both mobile app and web app where we've integrated the Oauth app, do we need to create demo videos in both apps or can we just create video using either mobile or web app?
We're using the same Oauth app(that we're going to submit for verification) for our pre-production environments as well right now. Is this a valid practice?
I have been working with Azure's web app service using Resource Manager to deploy a Django app. It has been working in fits and starts. I really like the auto-deployment from GitHub but I have been frustrated by the ability to work with the underlying machine. There is a "Console" tool through the Azure portal but it has limited functionality and when there is an internal server error on my app, I can't find the server output log.
Can someone share insight into how to view the server logs?
Azure web apps have a number of logs however, the applications logs provided out of the box only support Asp.Net applications. That being said there is an article about django on web apps and how to store and view its logs here.
What'll you'll have to do, as described in the link, is to setup the django application to store its logs on the azure file system. Another option is to setup the django application to email the devs but the better option is to store the logs on the file system properly.
WSO2 experts
I downloaded the WSO2 AppFactory, but couldn't login into the web console with admin/admin. Has the default password changed?
Regards,
Terry
Please try with the following credentials
Username:admin#admin.com
password:admin
If you just tried with a downloaded 'binary' set-up of WSO2 App Factory; this will only allow you to log in to the Carbon admin console of the App Factory (If you just clicked on and visited the URL, that was printed on the server console). This Carbon admin console does not have any App Factory specific functionality which you might expect [WSO2 Carbon is the underlying platform which is used by all of the WSO2 products].
Since App Factory runs having few other servers alongside (such as WSO2 AS, WSO2 ELB, Jenkins, Redmine etc) this set up that you are running will not provide the same User interfaces or functionality which you have observed within the setup provided with https://appfactorypreview.wso2.com/samlsso .
I just thought to leave this answer, because; you would get disappointed after spending your time expecting the same Application (User Interfaces) available with the online setup (which I have mentioned with the hyperlink) by running the binary setup(wso2appfactory-1.0.0.zip) that you have downloaded from the WSO2 Web site.
I am currently creating a web app using Grails implementing Multi Tenant Single DB plugin. The plugin allows me to have multiple tenants on a single db using a tenantID to differentiate between tenants. The plugin detects witch tenant will deal the current request that is made on my app by resolving using different domains/subdomains for each tenant.
For example:
Tenant 1 = companyA.myapp.com
Tenant 2 = companyB.myapp.com
On my local machine running Grails development mode I was able to implement the different hosts by changing my /etc/hosts and each tenant would have their own subdomain.
I am currently interested in using cloud foundry as my cloud platform but when I deploy my app to cloud foundry it is already using my app name as the subdomain for cloud foundry.
For example:
- myapp.cloudfoundry.com
Is it possible to change or control the domain name resolver in
cloud foundry?
Does anybody know how to handle multi-tenant subdomains as explained above in cloud foundry? Probably provide the steps in implementing this using cloud foundry?
What is the best approach to implement this using cloud foundry?
My App is using Grails 2.0.4 and Multi Tenant Single DB plugin 0.8.2.
Thanks
Unfortunately the current beta version CloudFoundry does not allow modification of the cloudfoundry subdomain. The plan is to have the GA towards the end of this year with a private preview of the version of the site available sooner in the fall. At that time you could be able to customize the subdomain.
Therefore you might need to change a little in your TenantResolver to only check the subdomain that varies.
To implement your requirement, did you try installing the grails cf plugin? If not you can start from here.
If you are using cli, installing the plugin just needs command in your project workspace:
grails install-plugin cloud-foundry
When your app is ready for deployment, push it to cloudfoundry:
grails cf-push
Note that you will have to have your cf credentials configured in the grails config file.
After that you can map multiple URLs you want using:
grails cf-map user1.yourapp.cloudfoundry.com
If you have already known about vmc which is the client command line interface for cf, you can see the urls mapped with your app by
vmc apps
If not you can refer to the installation guide to start if you would like to do that.
If you are using STS/eclipse, things will be even easier. First you need to have grails-support extension as well as the cloud foundry integration installed. For detailed docs of the cf integration please refer here.
After your app is deployed, right click the project and choose "Grails Tools" -> "Open Grails Command Prompt". This will enable you to have same grails cf plugin commands as the CLI does.
Hope this can help your move forward in the cloudfoundry world. Let me know if you have more questions.
Thanks,
William