Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OIDC/Auth2 integration #2649

Open
wants to merge 8 commits into
base: feature/keycloak-oidc
Choose a base branch
from
Open

OIDC/Auth2 integration #2649

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
3e8ce49
Bump debugpy from 1.8.5 to 1.8.6 in /requirements/partial (#2648)
dependabot[bot] Sep 26, 2024
8ac3dd3
change imports to os_authlib
boehlke Sep 24, 2024
8b3b009
Cleanup saml and auth service based code
boehlke Sep 25, 2024
8abec7b
cleanup
boehlke Sep 25, 2024
54c3b2c
Use pip-auth libraries code directly from local source
boehlke Sep 25, 2024
27594ea
Implement back-channel logout endpoint
boehlke Sep 27, 2024
48ad18f
Change build scripts so that fullstack feature use-case (wiring own l…
boehlke Oct 14, 2024
f374182
Add stages for normal dev deps and fullstack dep resolution (local)
boehlke Oct 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 8 additions & 2 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,13 @@ run-dev-otel run-bash-otel: | start-dev-otel run-dev-attach-otel
# Build standalone development container (not usable inside the docker container)

build-dev:
docker build --file=dev/Dockerfile.dev . --tag=openslides-backend-dev
docker build --file=dev/Dockerfile.dev . --target development --tag=openslides-backend-dev

build-dev-fullstack:
DOCKER_BUILDKIT=1 docker build --file=dev/Dockerfile.dev . --target development-fullstack \
--build-context pipauth=../openslides-auth-service/libraries/pip-auth \
--build-context datastore=../openslides-datastore-service \
--tag=openslides-backend-dev-fullstack

rebuild-dev:
docker build --file=dev/Dockerfile.dev . --tag=openslides-backend-dev --no-cache
docker build --file=dev/Dockerfile.dev . --target development --tag=openslides-backend-dev --no-cache
20 changes: 15 additions & 5 deletions dev/Dockerfile.dev
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,9 @@
FROM python:3.10.13-slim-bookworm
FROM python:3.10.13-slim-bookworm as base

RUN apt-get update && apt-get install --yes make git curl ncat vim bash-completion mime-support gcc libpq-dev libmagic1

WORKDIR /app

COPY requirements/ requirements/
ARG REQUIREMENTS_FILE=requirements_development.txt
RUN . requirements/export_service_commits.sh && pip install --no-cache-dir --requirement requirements/$REQUIREMENTS_FILE

COPY dev/.bashrc .
COPY dev/cleanup.sh .

Expand Down Expand Up @@ -42,3 +38,17 @@ ENV DEFAULT_FROM_EMAIL [email protected]
STOPSIGNAL SIGKILL
ENTRYPOINT ["./entrypoint.sh"]
CMD exec python -m debugpy --listen 0.0.0.0:5678 openslides_backend

FROM base as development

COPY requirements/ requirements/
ARG REQUIREMENTS_FILE=requirements_development.txt
RUN . requirements/export_service_commits.sh && pip install --no-cache-dir --requirement requirements/$REQUIREMENTS_FILE

FROM base as development-fullstack

COPY --from=pipauth / /pip-auth
COPY --from=datastore / /openslides-datastore-service
COPY requirements/ requirements/
ARG REQUIREMENTS_FILE=requirements_development_fullstack.txt
RUN pip install --no-cache-dir --requirement requirements/$REQUIREMENTS_FILE
1 change: 0 additions & 1 deletion docs/Actions-Overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,6 @@ A more general format description see in [Action-Service](https://github.com/Ope
- [user.toggle_presence_by_number](actions/user.toggle_presence_by_number.md)
- [user.update](actions/user.update.md)
- [user.update_self](actions/user.update_self.md)
- [user.save_saml_account](actions/user.save_saml_account.md)
- [meeting_user.create](actions/meeting_user.create.md)
- [meeting_user.update](actions/meeting_user.update.md)
- [meeting_user.delete](actions/meeting_user.delete.md)
Expand Down
25 changes: 0 additions & 25 deletions openslides_backend/action/actions/organization/update.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@
from ...mixins.send_email_mixin import EmailCheckMixin, EmailSenderCheckMixin
from ...util.default_schema import DefaultSchema
from ...util.register import register_action
from ..user.save_saml_account import allowed_user_fields
from ..user.update import UserUpdate


Expand Down Expand Up @@ -48,36 +47,12 @@ class OrganizationUpdate(
"limit_of_meetings",
"limit_of_users",
"url",
"saml_enabled",
"saml_login_button_text",
"saml_attr_mapping",
"saml_metadata_idp",
"saml_metadata_sp",
"saml_private_key",
)

model = Organization()
saml_props = {
field: {**optional_str_schema, "max_length": 256}
for field in allowed_user_fields
}
saml_props["meeting"] = {
"type": ["object", "null"],
"properties": {
field: {**optional_str_schema, "max_length": 256}
for field in ("external_id", "external_group_id")
},
"additionalProperties": False,
}
schema = DefaultSchema(Organization()).get_update_schema(
optional_properties=group_A_fields + group_B_fields,
additional_optional_fields={
"saml_attr_mapping": {
"type": ["object", "null"],
"properties": saml_props,
"required": ["saml_id"],
"additionalProperties": False,
},
},
Comment on lines 55 to 56
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If it is going to be empty, you can delete the additional_optional_fields attribute.

)
check_email_field = "users_email_replyto"
Expand Down
7 changes: 0 additions & 7 deletions openslides_backend/action/actions/user/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,17 +4,10 @@
assign_meetings,
create,
delete,
forget_password,
forget_password_confirm,
generate_new_password,
merge_together,
participant_import,
participant_json_upload,
reset_password_to_default,
save_saml_account,
send_invitation_email,
set_password,
set_password_self,
set_present,
toggle_presence_by_number,
update,
Expand Down
2 changes: 0 additions & 2 deletions openslides_backend/action/actions/user/create.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@
from ...util.typing import ActionResultElement
from ..meeting_user.mixin import CheckLockOutPermissionMixin
from .create_update_permissions_mixin import CreateUpdatePermissionsMixin
from .password_mixins import SetPasswordMixin
from .user_mixins import LimitOfUserMixin, UserMixin, UsernameMixin, check_gender_helper


Expand All @@ -25,7 +24,6 @@ class UserCreate(
EmailCheckMixin,
CreateAction,
CreateUpdatePermissionsMixin,
SetPasswordMixin,
LimitOfUserMixin,
UsernameMixin,
CheckLockOutPermissionMixin,
Expand Down
119 changes: 0 additions & 119 deletions openslides_backend/action/actions/user/forget_password.py
View file
Open in desktop

This file was deleted.

63 changes: 0 additions & 63 deletions openslides_backend/action/actions/user/forget_password_confirm.py
View file
Open in desktop

This file was deleted.

39 changes: 0 additions & 39 deletions openslides_backend/action/actions/user/generate_new_password.py
View file
Open in desktop

This file was deleted.

Loading
Loading