Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

auth_from_jwt #408

Closed
ayushin opened this issue Aug 20, 2022 · 3 comments
Closed

auth_from_jwt #408

ayushin opened this issue Aug 20, 2022 · 3 comments
Labels
enhancement stale PR/Issue without recent activity, it'll be soon closed automatically.

Comments

@ayushin
Copy link

ayushin commented Aug 20, 2022

Hi,

Now that there is auth_jwt and auth_from_remote_user I wonder why there is not auth_from_jwt that would create a session and sign user in?

I guess I miss something architecture wise? @sbidoul

@sbidoul
Copy link
Member

sbidoul commented Aug 29, 2022

@ayushin auth_jwt has a user_id_strategy that is meant to be extended.

If you need a full Odoo sign in, you may also be interested in auth_oidc for an OpenId Connect implementation.

@ayushin
Copy link
Author

ayushin commented Aug 29, 2022

I saw that thank you! What I need is to sign in user by url redirect from another backend where the user is already authorised without the user knowing it is being signed in again.

I am not an expert with Openid but I believe the flow has to be initiated by the user and there will be some auth screens in between?

For now what I have in mind is to direct user with JWT header pre-set by another backend to some jwt endpoint that would do what auth/session does and redirect it to the final url.

Not sure how user_id_strategy helps me with that? @sbidoul

OCA-git-bot pushed a commit that referenced this issue Sep 11, 2022
….0 port (#408)

* [ADD] possibility to deactivate users not found in ldap while populating

* [IMP] search in ldap for every possibly unknown user to be really sure it
actually is not present there

* [FIX] refactoring mistake

* [IMP] don't use self.query() to be sure to be stopped if any error occurs

* [IMP] remove superfluous check as exceptions are not supressed any more

* [FIX] typo in variable name
[FIX] handle unicode characters in search filter
[FIX] search for user's login, not her name

* [FIX] don't pass user_name as assertion_value

* [FIX] don't deactivate users if we got a non-existent ldap configuration

* [FIX] flake8

* [FIX] more flake8

* [FIX] make form usable

* [FIX] name clash between function and field

* [ADD] test
@github-actions
Copy link

There hasn't been any activity on this issue in the past 6 months, so it has been marked as stale and it will be closed automatically if no further activity occurs in the next 30 days.
If you want this issue to never become stale, please ask a PSC member to apply the "no stale" label.

@github-actions github-actions bot added the stale PR/Issue without recent activity, it'll be soon closed automatically. label Feb 26, 2023
@github-actions github-actions bot closed this as completed Apr 2, 2023
carolinafernandez-tecnativa pushed a commit to Tecnativa/server-auth that referenced this issue Sep 27, 2023
….0 port (OCA#408)

* [ADD] possibility to deactivate users not found in ldap while populating

* [IMP] search in ldap for every possibly unknown user to be really sure it
actually is not present there

* [FIX] refactoring mistake

* [IMP] don't use self.query() to be sure to be stopped if any error occurs

* [IMP] remove superfluous check as exceptions are not supressed any more

* [FIX] typo in variable name
[FIX] handle unicode characters in search filter
[FIX] search for user's login, not her name

* [FIX] don't pass user_name as assertion_value

* [FIX] don't deactivate users if we got a non-existent ldap configuration

* [FIX] flake8

* [FIX] more flake8

* [FIX] make form usable

* [FIX] name clash between function and field

* [ADD] test
ryanc-me pushed a commit to ryanc-me/server-auth that referenced this issue Jul 30, 2024
….0 port (OCA#408)

* [ADD] possibility to deactivate users not found in ldap while populating

* [IMP] search in ldap for every possibly unknown user to be really sure it
actually is not present there

* [FIX] refactoring mistake

* [IMP] don't use self.query() to be sure to be stopped if any error occurs

* [IMP] remove superfluous check as exceptions are not supressed any more

* [FIX] typo in variable name
[FIX] handle unicode characters in search filter
[FIX] search for user's login, not her name

* [FIX] don't pass user_name as assertion_value

* [FIX] don't deactivate users if we got a non-existent ldap configuration

* [FIX] flake8

* [FIX] more flake8

* [FIX] make form usable

* [FIX] name clash between function and field

* [ADD] test
SiesslPhillip pushed a commit to grueneerde/OCA-server-auth that referenced this issue Nov 20, 2024
Syncing from upstream OCA/server-auth (15.0)
ryanc-me pushed a commit to ryanc-me/server-auth that referenced this issue Nov 27, 2024
….0 port (OCA#408)

* [ADD] possibility to deactivate users not found in ldap while populating

* [IMP] search in ldap for every possibly unknown user to be really sure it
actually is not present there

* [FIX] refactoring mistake

* [IMP] don't use self.query() to be sure to be stopped if any error occurs

* [IMP] remove superfluous check as exceptions are not supressed any more

* [FIX] typo in variable name
[FIX] handle unicode characters in search filter
[FIX] search for user's login, not her name

* [FIX] don't pass user_name as assertion_value

* [FIX] don't deactivate users if we got a non-existent ldap configuration

* [FIX] flake8

* [FIX] more flake8

* [FIX] make form usable

* [FIX] name clash between function and field

* [ADD] test
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement stale PR/Issue without recent activity, it'll be soon closed automatically.
Projects
None yet
Development

No branches or pull requests

2 participants