ADFS Authentication for Django
==============================
.. image:: https://readthedocs.org/projects/django-auth-adfs/badge/?version=latest
:target: http://django-auth-adfs.readthedocs.io/en/latest/?badge=latest
:alt: Documentation Status
.. image:: https://img.shields.io/pypi/v/django-auth-adfs.svg
:target: https://pypi.python.org/pypi/django-auth-adfs
.. image:: https://img.shields.io/pypi/pyversions/django-auth-adfs.svg
:target: https://pypi.python.org/pypi/django-auth-adfs#downloads
.. image:: https://img.shields.io/pypi/djversions/django-auth-adfs.svg
:target: https://pypi.python.org/pypi/django-auth-adfs
.. image:: https://codecov.io/github/snok/django-auth-adfs/coverage.svg?branch=master
:target: https://codecov.io/github/snok/django-auth-adfs?branch=master
A Django authentication backend for Microsoft ADFS and Azure AD
* Free software: BSD License
* Homepage: https://github.com/snok/django-auth-adfs
* Documentation: http://django-auth-adfs.readthedocs.io/
Features
--------
* Integrates Django with Active Directory on Windows 2012 R2, 2016 or Azure AD in the cloud.
* Provides seamless single sign on (SSO) for your Django project on intranet environments.
* Auto creates users and adds them to Django groups based on info received from ADFS.
* Django Rest Framework (DRF) integration: Authenticate against your API with an ADFS access token.
Installation
------------
Python package::
pip install django-auth-adfs
In your project's ``settings.py`` add these settings.
.. code-block:: python
AUTHENTICATION_BACKENDS = (
...
'django_auth_adfs.backend.AdfsAuthCodeBackend',
...
)
INSTALLED_APPS = (
...
# Needed for the ADFS redirect URI to function
'django_auth_adfs',
...
# checkout the documentation for more settings
AUTH_ADFS = {
"SERVER": "adfs.yourcompany.com",
"CLIENT_ID": "your-configured-client-id",
"RELYING_PARTY_ID": "your-adfs-RPT-name",
# Make sure to read the documentation about the AUDIENCE setting
# when you configured the identifier as a URL!
"AUDIENCE": "microsoft:identityserver:your-RelyingPartyTrust-identifier",
"CA_BUNDLE": "/path/to/ca-bundle.pem",
"CLAIM_MAPPING": {"first_name": "given_name",
"last_name": "family_name",
"email": "email"},
}
# Configure django to redirect users to the right URL for login
LOGIN_URL = "django_auth_adfs:login"
LOGIN_REDIRECT_URL = "/"
########################
# OPTIONAL SETTINGS
########################
MIDDLEWARE = (
...
# With this you can force a user to login without using
# the LoginRequiredMixin on every view class
#
# You can specify URLs for which login is not enforced by
# specifying them in the LOGIN_EXEMPT_URLS setting.
'django_auth_adfs.middleware.LoginRequiredMiddleware',
)
In your project's ``urls.py`` add these paths:
.. code-block:: python
urlpatterns = [
...
path('oauth2/', include('django_auth_adfs.urls')),
]
This will add these paths to Django:
* ``/oauth2/login`` where users are redirected to, to initiate the login with ADFS.
* ``/oauth2/login_no_sso`` where users are redirected to, to initiate the login with ADFS but forcing a login screen.
* ``/oauth2/callback`` where ADFS redirects back to after login. So make sure you set the redirect URI on ADFS to this.
* ``/oauth2/logout`` which logs out the user from both Django and ADFS.
Below is sample Django template code to use these paths depending if
you'd like to use GET or POST requests. Logging out was deprecated in
`Django 4.1 <https://docs.djangoproject.com/en/5.1/releases/4.1/#features-deprecated-in-4-1>`_.
- Using GET requests:
.. code-block:: html
<a href="{% url 'django_auth_adfs:logout' %}">Logout</a>
<a href="{% url 'django_auth_adfs:login' %}">Login</a>
<a href="{% url 'django_auth_adfs:login-no-sso' %}">Login (no SSO)</a>
- Using POST requests:
.. code-block:: html+django
<form method="post" action="{% url 'django_auth_adfs:logout' %}">
{% csrf_token %}
<button type="submit">Logout</button>
</form>
<form method="post" action="{% url 'django_auth_adfs:login' %}">
{% csrf_token %}
<input type="hidden" name="next" value="{{ next }}">
<button type="submit">Login</button>
</form>
<form method="post" action="{% url 'django_auth_adfs:login-no-sso' %}">
{% csrf_token %}
<input type="hidden" name="next" value="{{ next }}">
<button type="submit">Login (no SSO)</button>
</form>
Contributing
------------
Contributions to the code are more then welcome.
For more details have a look at the ``CONTRIBUTING.rst`` file.
Raw data
{
"_id": null,
"home_page": "https://github.com/snok/django-auth-adfs",
"name": "django-auth-adfs",
"maintainer": "Jonas Kr\u00fcger Svensson",
"docs_url": null,
"requires_python": "<4.0,>=3.9",
"maintainer_email": "jonas-ks@hotmail.com",
"keywords": "django, authentication, adfs, azure, ad, oauth2",
"author": "Joris Beckers",
"author_email": "joris.beckers@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/dd/cf/5bac48dc59e2591906369c396d5c6dde551aa93b2da7547e6ea33d3a770e/django_auth_adfs-1.15.0.tar.gz",
"platform": null,
"description": "ADFS Authentication for Django\n==============================\n\n.. image:: https://readthedocs.org/projects/django-auth-adfs/badge/?version=latest\n :target: http://django-auth-adfs.readthedocs.io/en/latest/?badge=latest\n :alt: Documentation Status\n.. image:: https://img.shields.io/pypi/v/django-auth-adfs.svg\n :target: https://pypi.python.org/pypi/django-auth-adfs\n.. image:: https://img.shields.io/pypi/pyversions/django-auth-adfs.svg\n :target: https://pypi.python.org/pypi/django-auth-adfs#downloads\n.. image:: https://img.shields.io/pypi/djversions/django-auth-adfs.svg\n :target: https://pypi.python.org/pypi/django-auth-adfs\n.. image:: https://codecov.io/github/snok/django-auth-adfs/coverage.svg?branch=master\n :target: https://codecov.io/github/snok/django-auth-adfs?branch=master\n\nA Django authentication backend for Microsoft ADFS and Azure AD\n\n* Free software: BSD License\n* Homepage: https://github.com/snok/django-auth-adfs\n* Documentation: http://django-auth-adfs.readthedocs.io/\n\nFeatures\n--------\n\n* Integrates Django with Active Directory on Windows 2012 R2, 2016 or Azure AD in the cloud.\n* Provides seamless single sign on (SSO) for your Django project on intranet environments.\n* Auto creates users and adds them to Django groups based on info received from ADFS.\n* Django Rest Framework (DRF) integration: Authenticate against your API with an ADFS access token.\n\nInstallation\n------------\n\nPython package::\n\n pip install django-auth-adfs\n\nIn your project's ``settings.py`` add these settings.\n\n.. code-block:: python\n\n AUTHENTICATION_BACKENDS = (\n ...\n 'django_auth_adfs.backend.AdfsAuthCodeBackend',\n ...\n )\n\n INSTALLED_APPS = (\n ...\n # Needed for the ADFS redirect URI to function\n 'django_auth_adfs',\n ...\n\n # checkout the documentation for more settings\n AUTH_ADFS = {\n \"SERVER\": \"adfs.yourcompany.com\",\n \"CLIENT_ID\": \"your-configured-client-id\",\n \"RELYING_PARTY_ID\": \"your-adfs-RPT-name\",\n # Make sure to read the documentation about the AUDIENCE setting\n # when you configured the identifier as a URL!\n \"AUDIENCE\": \"microsoft:identityserver:your-RelyingPartyTrust-identifier\",\n \"CA_BUNDLE\": \"/path/to/ca-bundle.pem\",\n \"CLAIM_MAPPING\": {\"first_name\": \"given_name\",\n \"last_name\": \"family_name\",\n \"email\": \"email\"},\n }\n\n # Configure django to redirect users to the right URL for login\n LOGIN_URL = \"django_auth_adfs:login\"\n LOGIN_REDIRECT_URL = \"/\"\n\n ########################\n # OPTIONAL SETTINGS\n ########################\n\n MIDDLEWARE = (\n ...\n # With this you can force a user to login without using\n # the LoginRequiredMixin on every view class\n #\n # You can specify URLs for which login is not enforced by\n # specifying them in the LOGIN_EXEMPT_URLS setting.\n 'django_auth_adfs.middleware.LoginRequiredMiddleware',\n )\n\nIn your project's ``urls.py`` add these paths:\n\n.. code-block:: python\n\n urlpatterns = [\n ...\n path('oauth2/', include('django_auth_adfs.urls')),\n ]\n\nThis will add these paths to Django:\n\n* ``/oauth2/login`` where users are redirected to, to initiate the login with ADFS.\n* ``/oauth2/login_no_sso`` where users are redirected to, to initiate the login with ADFS but forcing a login screen.\n* ``/oauth2/callback`` where ADFS redirects back to after login. So make sure you set the redirect URI on ADFS to this.\n* ``/oauth2/logout`` which logs out the user from both Django and ADFS.\n\nBelow is sample Django template code to use these paths depending if\nyou'd like to use GET or POST requests. Logging out was deprecated in\n`Django 4.1 <https://docs.djangoproject.com/en/5.1/releases/4.1/#features-deprecated-in-4-1>`_.\n\n- Using GET requests:\n\n .. code-block:: html\n\n <a href=\"{% url 'django_auth_adfs:logout' %}\">Logout</a>\n <a href=\"{% url 'django_auth_adfs:login' %}\">Login</a>\n <a href=\"{% url 'django_auth_adfs:login-no-sso' %}\">Login (no SSO)</a>\n\n- Using POST requests:\n\n .. code-block:: html+django\n\n <form method=\"post\" action=\"{% url 'django_auth_adfs:logout' %}\">\n {% csrf_token %}\n <button type=\"submit\">Logout</button>\n </form>\n <form method=\"post\" action=\"{% url 'django_auth_adfs:login' %}\">\n {% csrf_token %}\n <input type=\"hidden\" name=\"next\" value=\"{{ next }}\">\n <button type=\"submit\">Login</button>\n </form>\n <form method=\"post\" action=\"{% url 'django_auth_adfs:login-no-sso' %}\">\n {% csrf_token %}\n <input type=\"hidden\" name=\"next\" value=\"{{ next }}\">\n <button type=\"submit\">Login (no SSO)</button>\n </form>\n\nContributing\n------------\nContributions to the code are more then welcome.\nFor more details have a look at the ``CONTRIBUTING.rst`` file.\n",
"bugtrack_url": null,
"license": "BSD-1-Clause",
"summary": "A Django authentication backend for Microsoft ADFS and AzureAD",
"version": "1.15.0",
"project_urls": {
"Documentation": "https://django-auth-adfs.readthedocs.io/en/latest",
"Homepage": "https://github.com/snok/django-auth-adfs",
"Repository": "https://github.com/snok/django-auth-adfs"
},
"split_keywords": [
"django",
" authentication",
" adfs",
" azure",
" ad",
" oauth2"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "44ce248a107937af0031defc375cb04fdd6548a497e050349df32cf2daaaeac9",
"md5": "de79ab90eb300b838154bcce812365be",
"sha256": "89facca20469de0a002e878921457e0aebc962f8881db223ad052e2bbce56d20"
},
"downloads": -1,
"filename": "django_auth_adfs-1.15.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "de79ab90eb300b838154bcce812365be",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.9",
"size": 19421,
"upload_time": "2025-01-15T15:56:04",
"upload_time_iso_8601": "2025-01-15T15:56:04.403256Z",
"url": "https://files.pythonhosted.org/packages/44/ce/248a107937af0031defc375cb04fdd6548a497e050349df32cf2daaaeac9/django_auth_adfs-1.15.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "ddcf5bac48dc59e2591906369c396d5c6dde551aa93b2da7547e6ea33d3a770e",
"md5": "105c61e1abbca688162d24a84756e426",
"sha256": "453495b45fe9d554e4bad060ec7a7890fc541428a9c69b82e15653b0f1cd0f3a"
},
"downloads": -1,
"filename": "django_auth_adfs-1.15.0.tar.gz",
"has_sig": false,
"md5_digest": "105c61e1abbca688162d24a84756e426",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.9",
"size": 16830,
"upload_time": "2025-01-15T15:56:06",
"upload_time_iso_8601": "2025-01-15T15:56:06.515607Z",
"url": "https://files.pythonhosted.org/packages/dd/cf/5bac48dc59e2591906369c396d5c6dde551aa93b2da7547e6ea33d3a770e/django_auth_adfs-1.15.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-01-15 15:56:06",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "snok",
"github_project": "django-auth-adfs",
"travis_ci": false,
"coveralls": true,
"github_actions": true,
"lcname": "django-auth-adfs"
}
JSON
