Message7660
We are getting a number of visits to roundup issue tracker from github. It would be nice
to implement login with github used on the old BPO tracker here.
https://github.com/psf/bpo-tracker-cpython/blob/master/extensions/oic_login.py
(not sure why it's named oic_login and not oidc_login but...) which calls the
oic_return action from:
https://github.com/psf/bpo-tracker-cpython/blob/master/extensions/openid_login.py
As part of the getting the code working:
0) code currently written in python2, needs to be py2/py3 compatable
1) providers should be configurable in extensions/config.ini file.
maybe under the [oic_providers] tag. This replaces PROVIDER_URL_MAP in the code.
2) other config settings should be available in the same file.
3) There are hardcoded constants for PROVIDER_GITHUB and PROVIDER_GOOGLE that
are sprinkled though the code. Can this be abstracted so that the provider can be
defined in the [oic_providers] and the key is used to perform table lookups
for new providers defined by additions to a table in the class using init.py.
so rather than:
# Github does not support dynamically resolving OpenID configuration.
if provider_name == PROVIDER_GITHUB:
self.scopes = ['user:email', 'read:user']
client.provider_info = {
'authorization_endpoint': 'https://github.com/login/oauth/authorize',
'token_endpoint': 'https://github.com/login/oauth/access_token',
}
client.handle_provider_config(client.provider_info, 'GitHub')
else:
client.provider_info = client.provider_config(provider)
we get something like:
if provider_name in self.config.scopes:
self.scopes = self.config.scopes[provider_name]
if provider_name in self.config.provider_info: # dynamic config not supported
client.provider_info = self.config.provider_info[provider_name]
client.handle_provider_config(client.provider_info, 'GitHub')
else: # key is not defined because we can do dynamic config
client.provider_info = client.provider_config(provider)
where self.config provides the table to perform lookups of config params
and will be changeable by at least init.py or possibly in extensions/config.ini.
I am not sure how far to push #2. Setting providers should be done in config.ini
especially if they are able to do dynamic config. How far config for providers
that need additional config settings should be configurable in config.ini is open.
In theory we can define all the settings for self.config.provider_info in the same
way as the logging module. But that is really a pain and confusing as config.ini is not
really set up to define a random data structure.
I expect the required libraries to already be on the platform since this worked for b.p.o.
We would also need to get an oauth key as well from github. Probably should come from the
roundup-tracker org.
Good learning experience for somebody interested in OIDC, OIC |
|
Date |
User |
Action |
Args |
2022-11-13 16:25:50 | rouilj | set | recipients:
+ rouilj |
2022-11-13 16:25:50 | rouilj | set | messageid: <1668356750.36.0.571194689296.issue2551239@roundup.psfhosted.org> |
2022-11-13 16:25:50 | rouilj | link | issue2551239 messages |
2022-11-13 16:25:50 | rouilj | create | |
|