Versatile identity management server
Go to file
Mikaël Ates 1443bfc769 Remove title from profile frontend. 2016-03-16 16:03:06 +01:00
debian Fix FranceConnect name in debian control file. 2016-02-23 18:19:01 +01:00
src/authentic2_auth_fc Remove title from profile frontend. 2016-03-16 16:03:06 +01:00
.gitignore Refactorize application to make it an authentic2 plugin (2/2) 2014-11-06 21:35:04 +01:00
COPYING Rename MSP plugin as FC plugin 2015-05-27 18:07:23 +02:00
MANIFEST.in Add svg image format in MANIFEST. 2016-02-23 16:28:44 +01:00
README Update README. 2016-02-23 15:38:21 +01:00
setup.py Add svg image format in data package (bis). 2016-02-23 18:18:13 +01:00

README

==================
authentic2-auth-fc
==================

Authentic2 plugin to authenticate against *France Connect* the french
citizen and entreprise SSO.

Installation
============

Install with `pip install authentic2-auth-fc`

Settings
========

Add `A2_FC_ENABLE = True` to your `local_settings.py` file
Define the needed parameters::

   A2_FC_CLIENT_ID = 'id assigned by DISIC'
   A2_FC_CLIENT_SECRET = 'secret assigned by DISIC'
   A2_FC_VERIFY_CERTIFICATE = False # True for production

A2_FC_CREATE = True set the plugin in provisionning mode. If a sub is unknown,
a user is created instead of asking authentication.

When the create mode is enabled, the link for unlinking is hidden on the
profile frontend. This is due to the not yet implemented need of asking
the user credentiels when unlinking a user created without any other credential
that the authentication delegation. Unlinking meaning, loosing access to this
account at the end of the current session. To enable unlinking when create is
unabled use A2_FC_ENABLE_UNLINK_WHEN_CREATE = True.

A2_FC_LOGOUT_WHEN_UNLINK = True is using to trigger a logout toward the OP
after unlinking.

Platforms
=========

When testing against another platform than FranceConnect you must change
the default endpoints URL in your `local_settings.py` file::

   A2_FC_AUTHORIZE_URL = 'https://fcp.integ01.dev-franceconnect.fr/api/v1/authorize'
   A2_FC_TOKEN_URL = 'https://fcp.integ01.dev-franceconnect.fr/api/v1/token'
   A2_FC_USERINFO_URL = 'https://fcp.integ01.dev-franceconnect.fr/api/v1/userinfo'
   A2_FC_LOGOUT_URL = 'https://fcp.integ01.dev-franceconnect.fr/api/v1/logout'

Data Providers
==============

You can define data provider endpoints with the following dictionnary :

A2_FC_FD_LIST = {
    'revenu_fiscal_de_reference': [
        {
            'name': 'OpenDataSoft',
            'url': 'https://datafranceconnect.opendatasoft.com/api/records/1.0/search',
            'query_dic': {'dataset': 'guichet-des-bretons', },
        },
    ],
}

Data is requested using the login or link endpoint view giving space delimited
scopes in the `fd_scopes` get parameter :

    fc/callback/?next=%2F&fd_scopes=revenu_fiscal_de_reference scolarite

The data received is recorded in the session with a dictionnary named `fc-data`
with scopes as keys and lists of data as values. A data is a tuple
FD name and data content.

fc_data_dic = {
    scope_name = [
        [FD_name, data],
    ],
}