| Name | sentry-auth-oidc JSON |
| Version |
9.1.0
JSON |
| download |
| home_page | None |
| Summary | OpenID Connect authentication provider for Sentry |
| upload_time | 2025-07-10 15:22:28 |
| maintainer | None |
| docs_url | None |
| author | Max Wittig |
| requires_python | <4.0,>=3.11 |
| license | Apache 2.0 |
| keywords |
|
| VCS |
|
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
OpenIDConnect Auth for Sentry
=============================
An SSO provider for Sentry which enables `OpenID Connect <http://openid.net/connect/>`_ Apps authentication.
This is a fork of `sentry-auth-google <https://github.com/getsentry/sentry-auth-google/>`_.
Why fork, instead of adapting sentry-auth-google to work with every OpenID Connect provider?
--------------------------------------------------------------------------------------------
The maintainer has different ideas with sentry-auth-google. See:
* https://github.com/getsentry/sentry-auth-google/pull/29
* https://github.com/getsentry/sentry/issues/5650
Install
-------
::
$ pip install sentry-auth-oidc
Example Setup for Google
------------------------
Start by `creating a project in the Google Developers Console <https://console.developers.google.com>`_.
In the **Authorized redirect URIs** add the SSO endpoint for your installation::
https://sentry.example.com/auth/sso/
Naturally other providers, that are supporting OpenID-Connect can also be used (like GitLab).
Finally, obtain the API keys and the well-known account URL and plug them into your ``sentry.conf.py``:
.. code-block:: python
OIDC_CLIENT_ID = ""
OIDC_CLIENT_SECRET = ""
OIDC_SCOPE = "openid email"
OIDC_DOMAIN = "https://accounts.google.com" # e.g. for Google
The ``OIDC_DOMAIN`` defines where the OIDC configuration is going to be pulled from.
Basically it specifies the OIDC server and adds the path ``.well-known/openid-configuration`` to it.
That's where different endpoint paths can be found.
Detailed information can be found in the `ProviderConfig <https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig>`_ specification.
You can also define ``OIDC_ISSUER`` to change the default provider name in the UI, even when the ``OIDC_DOMAIN`` is set.
If your provider doesn't support the ``OIDC_DOMAIN``, then you have to set these
required endpoints by yourself (autorization_endpoint, token_endpoint, userinfo_endpoint, issuer).
.. code-block:: python
OIDC_AUTHORIZATION_ENDPOINT = "https://accounts.google.com/o/oauth2/v2/auth" # e.g. for Google
OIDC_TOKEN_ENDPOINT = "https://www.googleapis.com/oauth2/v4/token" # e.g. for Google
OIDC_USERINFO_ENDPOINT = "https://www.googleapis.com/oauth2/v3/userinfo" # e.g. for Google
OIDC_ISSUER = "Google"
Development
-----------
FAQ
~~~~~
- If you are using macOS brew's openssl and you get a psycopg build error such as:
::
ld: library not found for -lssl
Please setup the following environment variables:
.. code-block:: bash
export LDFLAGS="-L/usr/local/opt/openssl/lib"
export CPPFLAGS="-I/usr/local/opt/openssl/include"
Raw data
{
"_id": null,
"home_page": null,
"name": "sentry-auth-oidc",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.11",
"maintainer_email": null,
"keywords": null,
"author": "Max Wittig",
"author_email": "max.wittig@siemens.com",
"download_url": "https://files.pythonhosted.org/packages/1e/b1/edb0507f692c115a8f1bd78eeb3b72a03f991a408f4b744e2ba0085a9bf5/sentry_auth_oidc-9.1.0.tar.gz",
"platform": null,
"description": "OpenIDConnect Auth for Sentry\n=============================\n\nAn SSO provider for Sentry which enables `OpenID Connect <http://openid.net/connect/>`_ Apps authentication.\n\nThis is a fork of `sentry-auth-google <https://github.com/getsentry/sentry-auth-google/>`_.\n\nWhy fork, instead of adapting sentry-auth-google to work with every OpenID Connect provider?\n--------------------------------------------------------------------------------------------\nThe maintainer has different ideas with sentry-auth-google. See:\n\n* https://github.com/getsentry/sentry-auth-google/pull/29\n* https://github.com/getsentry/sentry/issues/5650\n\nInstall\n-------\n\n::\n\n $ pip install sentry-auth-oidc\n\nExample Setup for Google\n------------------------\n\nStart by `creating a project in the Google Developers Console <https://console.developers.google.com>`_.\n\nIn the **Authorized redirect URIs** add the SSO endpoint for your installation::\n\n https://sentry.example.com/auth/sso/\n\nNaturally other providers, that are supporting OpenID-Connect can also be used (like GitLab).\n\nFinally, obtain the API keys and the well-known account URL and plug them into your ``sentry.conf.py``:\n\n.. code-block:: python\n\n OIDC_CLIENT_ID = \"\"\n\n OIDC_CLIENT_SECRET = \"\"\n\n OIDC_SCOPE = \"openid email\"\n\n OIDC_DOMAIN = \"https://accounts.google.com\" # e.g. for Google\n\nThe ``OIDC_DOMAIN`` defines where the OIDC configuration is going to be pulled from.\nBasically it specifies the OIDC server and adds the path ``.well-known/openid-configuration`` to it.\nThat's where different endpoint paths can be found.\n\nDetailed information can be found in the `ProviderConfig <https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig>`_ specification.\n\nYou can also define ``OIDC_ISSUER`` to change the default provider name in the UI, even when the ``OIDC_DOMAIN`` is set.\n\nIf your provider doesn't support the ``OIDC_DOMAIN``, then you have to set these\nrequired endpoints by yourself (autorization_endpoint, token_endpoint, userinfo_endpoint, issuer).\n\n.. code-block:: python\n\n OIDC_AUTHORIZATION_ENDPOINT = \"https://accounts.google.com/o/oauth2/v2/auth\" # e.g. for Google\n\n OIDC_TOKEN_ENDPOINT = \"https://www.googleapis.com/oauth2/v4/token\" # e.g. for Google\n\n OIDC_USERINFO_ENDPOINT = \"https://www.googleapis.com/oauth2/v3/userinfo\" # e.g. for Google\n\n OIDC_ISSUER = \"Google\"\n\nDevelopment\n-----------\n\nFAQ\n~~~~~\n\n- If you are using macOS brew's openssl and you get a psycopg build error such as:\n ::\n\n ld: library not found for -lssl\n\n Please setup the following environment variables:\n .. code-block:: bash\n\n export LDFLAGS=\"-L/usr/local/opt/openssl/lib\"\n export CPPFLAGS=\"-I/usr/local/opt/openssl/include\"\n\n",
"bugtrack_url": null,
"license": "Apache 2.0",
"summary": "OpenID Connect authentication provider for Sentry",
"version": "9.1.0",
"project_urls": null,
"split_keywords": [],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "e06b1e9f41b6a7a9e620819c431a569865010e4bbb987397d28edadc342a746e",
"md5": "5205e167ddc74f15a6ff20b3911b4828",
"sha256": "ce45f249898595208961acc74f2c306017541abc2cd8f6e05e185f5cec618bb4"
},
"downloads": -1,
"filename": "sentry_auth_oidc-9.1.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "5205e167ddc74f15a6ff20b3911b4828",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.11",
"size": 11038,
"upload_time": "2025-07-10T15:22:27",
"upload_time_iso_8601": "2025-07-10T15:22:27.284698Z",
"url": "https://files.pythonhosted.org/packages/e0/6b/1e9f41b6a7a9e620819c431a569865010e4bbb987397d28edadc342a746e/sentry_auth_oidc-9.1.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "1eb1edb0507f692c115a8f1bd78eeb3b72a03f991a408f4b744e2ba0085a9bf5",
"md5": "ac09c8af4a8b91107439f49bf04f5e4f",
"sha256": "a2e0dd9be32b6d7d86eb9b483763967a749e8023b40ed36046a081a36985c0d5"
},
"downloads": -1,
"filename": "sentry_auth_oidc-9.1.0.tar.gz",
"has_sig": false,
"md5_digest": "ac09c8af4a8b91107439f49bf04f5e4f",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.11",
"size": 8908,
"upload_time": "2025-07-10T15:22:28",
"upload_time_iso_8601": "2025-07-10T15:22:28.682032Z",
"url": "https://files.pythonhosted.org/packages/1e/b1/edb0507f692c115a8f1bd78eeb3b72a03f991a408f4b744e2ba0085a9bf5/sentry_auth_oidc-9.1.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-10 15:22:28",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "sentry-auth-oidc"
}
