mon.service-public.fr authentication for Authentic2
This repository has been archived on 2023-02-21. You can view files and clone it, but cannot push or open issues or pull requests.
Go to file
Christophe Siraut 5a547207af debian: bump debhelper compatibility level (#32260) 2019-04-19 15:11:35 +02:00
debian debian: bump debhelper compatibility level (#32260) 2019-04-19 15:11:35 +02:00
src/authentic2_auth_msp style: let "connect with msp" block size down 2015-11-16 16:37:53 +01:00
.gitignore Refactorize application to make it an authentic2 plugin (2/2) 2014-11-06 21:35:04 +01:00
COPYING Refactorize application to make it an authentic2 plugin (1/2) 2014-11-06 21:16:51 +01:00
MANIFEST.in Refactorize application to make it an authentic2 plugin (2/2) 2014-11-06 21:35:04 +01:00
README Fix MSP production URL in the README file 2014-12-12 13:26:01 +01:00
setup.py setup.py: fix compile_translations command 2015-10-27 17:40:49 +01:00

README

authentic2-auth-msp
===================

Authentic2 plugin to authenticate against *mon.service-public.fr* the french
citizen portal.

Installation
============

- Install with `pip install authentic2-auth-msp`
- Add `A2_MSP_ENABLED = True` to your `local_settings.py` file
- Define the needed parameters::

   MSP_CLIENT_ID = 'id assigned by DIMAP'
   MSP_CLIENT_SECRET = 'secret assigned by DIMAP'
   MSP_CLIENT_CERTIFICATE = ('/my-path/my-certificate.crt', '/my-path/my-certificate.key')
   MSP_VERIFY_CERTIFICATE = False

Test
====

When testing agains the test platform of mon.service-public.fr you must change
the default endpoints URL in your `local_settings.py` file::
You must plug the application views in your urls.py file by adding this
content::

   MSP_AUTHORIZE_URL = 'https://mon.service-public.fr/apis/app/oauth/authorize'
   MSP_TOKEN_URL = 'https://mon.service-public.fr:2443/apis/app/oauth/token'
   MSP_API_URL = 'https://mon.service-public.fr:2443/apis/'

MSP Gateway
===========

If you want to use the OAuth2 proxy to share the access to MSP apis, you must
user a shared cache backend: through memcached, redis or the ORM.  For
example if you have a memcached installed just add the following fragment to
your settings::

  CACHES = {
      'default': {
          'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
          'LOCATION': '127.0.0.1:11211',
      }
  }

If you want a specific cache backend for the MSP plugin, use the `msp` name
for your cache instead of `default`.
The msp application also provides an OAuth2 gateway to MSP. To configure it your
just need to provider a list of client_id, client_secret pairs in your
settings, like that::

    MSP_CLIENT_CREDENTIALS = (('client_id1', 'client_secret1'),)

The following URL are provided:

- /msp/authorize : like the authorize URL of MSP
- /msp/access_token : like the access_token URL of MSP
- /msp/documents/ : like the document list REST API endpoint of MSP
- /msp/documents/<id>/ : like the document retrieval REST API endpoint of MSP