The most recent version of Django-allauth has some nice changes, it's now straightforward to include oidc.

Just include

SOCIALACCOUNT_EMAIL_AUTHENTICATION=True ## This allows existing users to login

MAILMAN_WEB_SOCIAL_AUTH = [ "allauth.socialaccount.providers.openid_connect"]

in settings.py and use the Django admin to configure the socialauth....

While it is _possible_ to add things like

SOCIALACCOUNT_PROVIDERS = { "openid_connect": { "APPS": [ { "provider_id": "mm3", "name": "TheNameThat shows up in the button", "client_id": "configuredID", "secret": "yourOIDCproviderGivesItToYou", "settings": { "server_url": "https://keycloak.wherever.com/realms/yourRealm/.well-known/openid-configurat...", "token_auth_method": "client_secret_basic", }, } ] } }

I think it's preferable to do that within the Django Admin Gui.

Does anybody dare to include this info in the documentation, or are we afraid the next django_allauth breaks things again (this time: Keycloak has been replaced by openid_connect)?

-------- Weitergeleitete Nachricht -------- Betreff: Re: [MM3-users] Re: username Datum: Wed, 13 Sep 2023 07:34:35 +0000 Von: info@joergschulz.de An: Stephen J. Turnbull <turnbull.stephen.fw@u.tsukuba.ac.jp>

Hi, probably you are looking for https://django-allauth.readthedocs.io/en/latest/index.html and https://github.com/lokeish/django-all-auth-and-keycloak-integration but https://github.com/pennersr/django-allauth/commit/ab704687f438c06fd23e72bce2... will be helpful once implemented.

Am 12. September 2023 um 05:54 schrieb "Stephen J. Turnbull" <turnbull.stephen.fw@u.tsukuba.ac.jp <mailto:turnbull.stephen.fw@u.tsukuba.ac.jp?to=%22Stephen%20J.%20Turnbull%22%20%3Cturnbull.stephen.fw%40u.tsukuba.ac.jp%3E>>:

bryan.kartzman@yu.edu writes:

 > Just to let you know, there is a maintained SAML2 plugin available
 > on github (https://github.com/grafana/django-saml2-auth) that I was
 > able to install and get to work with AZURE SSO.

There are multiple ways to solve this problem. My employer wanted a
host-wide solution so they chose Shibboleth.

Some day I'll go out and collect the ones I can find and document them
(in summary form: source site, recency of stable version, recency of
maintenance, etc).

Steve