Skip to content
Snippets Groups Projects
Select Git revision
  • main default
  • 139-remove-part-of-the-helm-chart-that-is-moved-to-the-dashboard-helmchart
  • 122-admin-logins-should-gain-admin-privileges
  • 116-allow-password-change-without-ssl-public-endpoint-in-startup-job
  • 114-create-development-scripts-for-reverse-proxy-solution
  • 110-enable-hydra-maester
  • 82-pylint-job-broken-2
  • 93-0.2.11
  • master protected
  • update-hydra
  • spike-use-kratos-as-identity-manager
  • merge_master_into_0.2
  • 56-fix-link-in-the-readme
  • 0.2
  • 40-replace-flask-oauth-with-oauthlib-in-test-login_logout
  • 45-update-user-panel-to-fix-jobs
  • 41-make-oauth2-client-data-persistent
  • force-https
  • 42-ldap-support
  • 33-wordpress-sso-admin-login-doesn-t-work
  • 0.8.0
  • 0.7.7
  • 0.7.6
  • 0.7.4
  • 0.7.1
  • 0.5.2
  • 0.5.0
  • 0.4.3
  • 0.4.2
  • 0.4.1
  • 0.4.0
  • 0.2.11
  • 0.2.10
  • 0.2.9
  • 0.2.8
  • 0.2.7
  • 0.2.6
  • 0.2.5
  • 0.2.4
  • 0.2.3
40 results
Compare History
user avatar
authored
Name Last commit Last update
consent_provider
helmchart
login_provider
test
user-panel @ 7d94b3f4
.gitignore
.gitlab-ci.yml
.gitmodules
README.md
docker-compose.yml
README.md

Install

Clone the repo and make sure to also fetch the submodules.

git submodule update --init

Installation should be done via the helm using the helmchart contained in ./helmchart. Make sure to edit the values in ./helmchart/values.yaml according to your needs

Using SSO

To use OpenID Connect or oAuth you need to set up an oAuth Client for every application that needs to authenticate it's users. You can leverage the Hydra Admin API to create oAuth clients. As a starting point, you can have a look at the script provided in test/.

To use SSO, configure your oAuth client (for example nextcloud) and create a new oAuth client object. After your server is running, refer to https://sso.<YOUR.DOMAIN>/.well-known/openid-configuration as a reference on how to configure your openID Connect or oAuth client.

Testing

In order to run tests locally, you can start the environment via docker-compose. Install docker-compose via pip install docker-compose after you insalled docker on your machine. Running docker-compose up --build after that builds and starts all containers. The default configuration works if you are running the setup on your local machine. You need to change the following values in the docker-compose.yml file in case you run the containers on a remote machine:

    environment:
      - URLS_SELF_ISSUER=http://YOUR_SERVER_FQDN:4444/
      - URLS_CONSENT=http://YOUR_SERVER_FQDN:5001/
      - URLS_LOGIN=http://YOUR_SERVER_FQDN:5000/
      - URLS_LOGOUT=http://YOUR_SERVER_FQDN:5000/logout
      - URLS_POST_LOGOUT_REDIRECT=http://YOUR_SERVER_FQDN:5000/

Notice that you need to create users and applications before being able to login. You can use the scripts located in user-panel/utils to create users for testing.

If you don't have a test application yourself, you can use the small OpeinID Connect test application located at test/login_logout/. Instructions on how to run the test application can be found in test/login_logout/README.md.

Also refer to .gitlab-ci.yml to get an idea on how to run all of the tests that are contained in this repository.