2014-11-21 18:29:59 +01:00
|
|
|
authentic2-auth-msp
|
|
|
|
===================
|
2013-10-18 14:59:51 +02:00
|
|
|
|
2014-11-21 18:29:59 +01:00
|
|
|
Authentic2 plugin to authenticate against *mon.service-public.fr* the french
|
|
|
|
citizen portal.
|
2013-10-11 17:33:20 +02:00
|
|
|
|
|
|
|
Installation
|
|
|
|
============
|
|
|
|
|
2014-11-21 18:29:59 +01:00
|
|
|
- Install with `pip install authentic2-auth-msp`
|
|
|
|
- Add `A2_MSP_ENABLED = True` to your `local_settings.py` file
|
|
|
|
- Define the needed parameters::
|
2013-10-11 17:33:20 +02:00
|
|
|
|
|
|
|
MSP_CLIENT_ID = 'id assigned by DIMAP'
|
|
|
|
MSP_CLIENT_SECRET = 'secret assigned by DIMAP'
|
|
|
|
MSP_CLIENT_CERTIFICATE = ('/my-path/my-certificate.crt', '/my-path/my-certificate.key')
|
|
|
|
MSP_VERIFY_CERTIFICATE = False
|
|
|
|
|
2014-11-21 18:29:59 +01:00
|
|
|
Test
|
|
|
|
====
|
|
|
|
|
|
|
|
When testing agains the test platform of mon.service-public.fr you must change
|
|
|
|
the default endpoints URL in your `local_settings.py` file::
|
2013-10-11 17:33:20 +02:00
|
|
|
You must plug the application views in your urls.py file by adding this
|
|
|
|
content::
|
|
|
|
|
2014-11-21 18:29:59 +01:00
|
|
|
MSP_AUTHORIZE_URL = 'https://mon.service-public.fr/apis/app/oauth/authorize'
|
2014-12-12 13:26:01 +01:00
|
|
|
MSP_TOKEN_URL = 'https://mon.service-public.fr:2443/apis/app/oauth/token'
|
|
|
|
MSP_API_URL = 'https://mon.service-public.fr:2443/apis/'
|
2013-10-18 14:59:51 +02:00
|
|
|
|
|
|
|
MSP Gateway
|
|
|
|
===========
|
|
|
|
|
2014-11-21 18:29:59 +01:00
|
|
|
If you want to use the OAuth2 proxy to share the access to MSP apis, you must
|
|
|
|
user a shared cache backend: through memcached, redis or the ORM. For
|
|
|
|
example if you have a memcached installed just add the following fragment to
|
|
|
|
your settings::
|
|
|
|
|
|
|
|
CACHES = {
|
|
|
|
'default': {
|
|
|
|
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
|
|
|
|
'LOCATION': '127.0.0.1:11211',
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
If you want a specific cache backend for the MSP plugin, use the `msp` name
|
|
|
|
for your cache instead of `default`.
|
2013-10-18 14:59:51 +02:00
|
|
|
The msp application also provides an OAuth2 gateway to MSP. To configure it your
|
|
|
|
just need to provider a list of client_id, client_secret pairs in your
|
|
|
|
settings, like that::
|
|
|
|
|
|
|
|
MSP_CLIENT_CREDENTIALS = (('client_id1', 'client_secret1'),)
|
|
|
|
|
2014-11-21 18:29:59 +01:00
|
|
|
The following URL are provided:
|
|
|
|
|
|
|
|
- /msp/authorize : like the authorize URL of MSP
|
|
|
|
- /msp/access_token : like the access_token URL of MSP
|
|
|
|
- /msp/documents/ : like the document list REST API endpoint of MSP
|
|
|
|
- /msp/documents/<id>/ : like the document retrieval REST API endpoint of MSP
|
|
|
|
|
2013-10-18 14:59:51 +02:00
|
|
|
|