60 lines
1.9 KiB
Plaintext
60 lines
1.9 KiB
Plaintext
authentic2-auth-fc
|
|
===================
|
|
|
|
Authentic2 plugin to authenticate against *France Connect* the french
|
|
citizen and entreprise SSO.
|
|
|
|
Installation
|
|
============
|
|
|
|
- Install with `pip install authentic2-auth-fc`
|
|
- Add `A2_FC_ENABLED = True` to your `local_settings.py` file
|
|
- Define the needed parameters::
|
|
|
|
FC_CLIENT_ID = 'id assigned by DISIC'
|
|
FC_CLIENT_SECRET = 'secret assigned by DISIC'
|
|
FC_VERIFY_CERTIFICATE = False # True for production
|
|
|
|
Platforms
|
|
=========
|
|
|
|
When testing against another platform of France Connect you must change
|
|
the default endpoints URL in your `local_settings.py` file::
|
|
|
|
FC_AUTHORIZE_URL = 'https://fcp.integ01.dev-franceconnect.fr/api/v1/authorize'
|
|
FC_TOKEN_URL = 'https://fcp.integ01.dev-franceconnect.fr/api/v1/token'
|
|
FC_USERINFO_URL = 'https://fcp.integ01.dev-franceconnect.fr/api/v1/userinfo'
|
|
FC_LOGOUT_URL = 'https://fcp.integ01.dev-franceconnect.fr/api/v1/logout'
|
|
|
|
FC Gateway
|
|
===========
|
|
|
|
If you want to use the OAuth2 proxy to share the access to a FC data
|
|
provider, you must user a shared cache backend: through memcached, redis
|
|
or the ORM. For example if you have a memcached installed just add the
|
|
following fragment to your settings::
|
|
|
|
CACHES = {
|
|
'default': {
|
|
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
|
|
'LOCATION': '127.0.0.1:11211',
|
|
}
|
|
}
|
|
|
|
If you want a specific cache backend for the FC plugin, use the `fc` name
|
|
for your cache instead of `default`.
|
|
The fc application also provides an OAuth2 gateway to FC. To configure it your
|
|
just need to provider a list of client_id, client_secret pairs in your
|
|
settings, like that::
|
|
|
|
FC_CLIENT_CREDENTIALS = (('client_id1', 'client_secret1'),)
|
|
|
|
The following URL are provided:
|
|
|
|
- /fc/authorize : like the authorize URL of FC
|
|
- /fc/access_token : like the access_token URL of FC
|
|
- /fc/documents/ : like the document list REST API endpoint of FC
|
|
- /fc/documents/<id>/ : like the document retrieval REST API endpoint of FC
|
|
|
|
|