使用微软身份验证库(MSAL)登录CKAN
项目描述
ckanext-msal
此扩展允许您使用微软身份(Azure AD、Microsoft账户和Azure AD B2C账户)登录用户。它使用Microsoft MSAL库。
它与Microsoft 365账户兼容。但未来情况可能会改变。
要求
与核心CKAN版本的兼容性
| CKAN版本 | 兼容? |
|---|---|
| 2.7及以下 | 不兼容 |
| 2.8 | 不兼容 |
| 2.9 | 不兼容 |
| 2.10.0+ | 兼容 |
安装
要安装ckanext-msal
-
激活您的CKAN虚拟环境,例如
. /usr/lib/ckan/default/bin/activate
-
克隆源并将其安装在虚拟env中
git clone https://github.com/mutantsan/ckanext-msal.git cd ckanext-msal pip install -e . pip install -r requirements.txt
-
将
msal添加到您的CKAN配置文件中的ckan.plugins设置中(默认配置文件位于/etc/ckan/default/ckan.ini)。 -
重启CKAN。例如,如果您在Ubuntu上使用Apache部署了CKAN
sudo service apache2 reload
配置设置
# The application client id. Mandatory option.
ckanext.msal.client_id = 000000-0000-0000-0000-00000000000
# The client secret. Mandatory option.
ckanext.msal.client_secret = 000000-0000-0000-0000-00000000000
# The tenant ID. If it's not provided, the common one for multi-tenant app will be used.
# In this case, the application is not guaranteed to work properly.
# (optional, default: 'common').
ckanext.msal.tenant_id = 000000-0000-0000-0000-00000000000
# The redirect path should be setted up in Azure AD web app config.
# It handles the response from Microsoft.
# (optional, default: "/get_msal_token").
ckanext.msal.redirect_path
# While the session lifespan could be manage only in Azure AD conditional policies panel,
# this option actually implies how often do we send a test request for the Microsoft Graph API
# to check if our Access token is still alive.
# (optional, default: 3600, in seconds).
ckanext.msal.session_lifetime = 3600
# The list of restricted email domains. User won't be able to login under
# an email with those domains (optional, default: None)
ckanext.msal.restrict.domain_list = gmail.com, onmicrosoft.com
# The list of allowed email domains. User won't be able to login under
# any other emails (optional, default: None)
ckanext.msal.restrict.allowed_domain_list = protonmail.com, orgname.onmicrosoft.com
# A message that will be shown to users with a restricted domain
# (optional, default: "Your email domain is restricted. Please, contact site admin.")
ckanext.msal.restrict.error_message
开发者安装
要为开发安装ckanext-msal,激活您的CKAN虚拟环境并执行
git clone https://github.com/mutantsan/ckanext-msal.git
cd ckanext-msal
python setup.py develop
pip install -r dev-requirements.txt
测试
如果您进行了更改,请在合并更改之前确保运行测试。要运行测试,请执行
pytest --ckan-ini=test.ini
许可证
下载文件
下载您平台对应的文件。如果您不确定选择哪个,请了解有关安装包的更多信息。
源代码分发
ckanext-msal-1.5.0.tar.gz (24.9 kB 查看哈希值)
构建分发
ckanext_msal-1.5.0-py3-none-any.whl (26.0 kB 查看哈希值)
关闭
ckanext-msal-1.5.0.tar.gz的哈希值
| 算法 | 哈希摘要 | |
|---|---|---|
| SHA256 | 4a153dc0007a1b9e778104d8e04038474b819df9ac8c6ab9beec61c052ac7102 |
|
| MD5 | 829b5fc07c4ee9197e8a463b97008bdc |
|
| BLAKE2b-256 | 1400a30f375bff84394b5a80679780d9a6b19364599edc4a054c290c0c2061b6 |
关闭
ckanext_msal-1.5.0-py3-none-any.whl的哈希值
| 算法 | 哈希摘要 | |
|---|---|---|
| SHA256 | be27f832087c638e8c15e196c42b2dfa7c4bcdd00a24f51e6a96a69f061f74d0 |
|
| MD5 | 76728604a7b150cbe59b1f3e08a1d2f2 |
|
| BLAKE2b-256 | f30e2b1639897f47ead5f0011edacf5dca19a282f4da1de827249d8c5221838b |
