python-social-auth / social-docs Goto Github PK
View Code? Open in Web Editor NEWPython Social Auth - Docs
License: BSD 3-Clause "New" or "Revised" License
Python Social Auth - Docs
License: BSD 3-Clause "New" or "Revised" License
Facebook backend documentation doesn't mention the authentication backend package name and missing the step about adding it to AUTHENTICATION_BACKENDS
in settings.py
.
It seems this repository (python-social-auth/social-docs) just has the same CONTRIBUTING.md
as the other python-social-auth/* repos. But some of the stuff in there makes little or no sense for a pure documentation repository in general or sometimes makes little or no sense for this specific repository.
How to contribute
I like to encourage you to contribute to the repository.
This should be as easy as possible for you but there are a few things
to consider when contributing. The following guidelines for
contribution should be followed if you want to submit a pull request.How to prepare
- You need a GitHub account
โ Well, that's a given. Let's leave that in.
- Submit an issue ticket
for your issue if there is no one yet.
- Describe the issue and include steps to reproduce if it's a bug.
- Ensure to mention the earliest version that you know is affected.
๐ค Does this make sense for documentation? Issue tickets might be warranted for documentation changes that need some discussion first, or that the one who brings up the issue can't or doesn't want to fix themselves. Otherwise, I'd say a PR should suffice.
๐ด For documentation bugs "steps to reproduce" will only sometimes be meaningful, I think.
- If you are able and want to fix this, fork the repository on GitHub
โ Sounds good.
Make Changes
- In your forked repository, create a topic branch for your upcoming
patch. (e.g.feature/new-backend
orbug/auth-fails
)
- Usually this is based on the
master
branch.- Create a branch based on master
git branch bug/auth-fails master
then checkout the new branch withgit checkout bug/auth-fails
.
Please avoid working directly on themaster
branch.
๐ While this makes sense per-se, unfortunately GitHub doesn't allow users to choose meaningful branch names when they don't clone the repo to their local machine and don't explicitly fork the repo on GitHub first and only then edit a file online in their fork:
If one attempts to edit a file on the original repo (without having write access) GitHub will implicitly fork it and automatically create a branch named patch-1
(or some other number if there already was a fork and that branch name was already taken).
- Make commits of logical units and describe them properly.
โ Makes sense if "of logical units" refers to a somewhat atomic set of changes. (The changes themselves could be distributed over several units of the repo if they need to be made together to make sense.)
- Make sure you stick to PEP8
coding style that is used already.
๐ค Is this about code examples in the documentation? Otherwise it doesn't make much sense in a repo mainly consisting of MarkDown, HTML and CSS files.
- If possible, submit tests to your patch / new feature so it can be tested easily.
- Assure nothing is broken by running all the tests.
๐ด As far as I can see, this repo contains no tests.
- Add a meaningful entry to the
CHANGELOG.md
document.
๐ค Maybe this should be limited to notable changes. Documentation repositories are bound to get lots of contributions that just fix typos, grammar, etc.
[...]
docs/configuration/django.rst at line 235 states:
Exception processing is disabled if **any** of this settings is defined with a True value:
But having DEBUG=True
and by setting e.g. SOCIAL_AUTH_RAISE_EXCEPTIONS = False
, it is enabled.
Relevant code point:
social_django/middleware.py, line 56:
strategy.setting('RAISE_EXCEPTIONS', settings.DEBUG)
(If RAISE_EXCEPTIONS
is set (even to False), it is taken.)
Documentation should reflect this.
A backend for Patreon OAuth2 support exists, but is undocumented. I believe I have a fix, and will fire a PR shortly.
Documentation exists for Auth0 which is supported in the code as a backend: https://github.com/python-social-auth/social-core/blob/master/social_core/backends/auth0.py
Describe what happens instead and why is it an issue.
No documentation exits for Auth0 Backend in the expected location (or any location): https://github.com/python-social-auth/social-docs/blob/master/docs/backends/index.rst
Flagging this as an issue for anyone looking for inspiration for documentation improvement pull requests.
I've come across this problem when trying to use intersphinx.
The module index doesn't exist and there is no link from the documentation to the source code.
While the use cases in the documentation are useful to get the user going I think it lacks a connection to the code.
At least for me (I think this is the third issue I open in two weeks and the other two were posted mainly for lack of knowledge on this library) a documentation connected to the code would be interesting. Even for you (@omab), because a better understanding of the library leads to better and more contributions.
Hello,
I configured our tool to authenticate with Okta via SAML . If I log in from our tool with SAML it functions correctly and takes me to Okta to sign in, then allows me into tool after authenticating. However, If I initiate the process from Okta by clicking the app I setup, it doesn't work. I see "ERROR social u''. in the log . Would you know what would causes this error? This is not an issue with Okta as I reviewed this with their support.
Thanks
Hi there,
I'm trying to use shopify to get token from a store.
If I go to http://127.0.0.1:8000/login/shopify/
I got this error:
Environment:
Request Method: GET
Request URL: http://127.0.0.1:8000/login/shopify/
Django Version: 1.8.5
Python Version: 2.7.14
Installed Applications:
('django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.humanize',
'django.contrib.admin',
'main',
'main.templatetags',
'users',
'questions',
'dashboard',
'tinytests',
'common',
'spike',
'adm',
'social.apps.django_app.default',
'compressor',
'django.contrib.sitemaps',
'djcelery',
'redactor',
'corsheaders')
Installed Middleware:
('django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.cache.UpdateCacheMiddleware',
'htmlmin.middleware.HtmlMinifyMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'main.middleware.AccountNotConfirmedMiddleware',
'main.middleware.NoMailMiddleware',
'main.middleware.UpdateLastActivityMiddleware',
'social.apps.django_app.middleware.SocialAuthExceptionMiddleware',
'django.middleware.cache.FetchFromCacheMiddleware',
'htmlmin.middleware.MarkRequestMiddleware',
'main.middleware.UserUidMiddleware',
'main.middleware.UserHistoryInfo',
'main.middleware.UserReferredMiddleware',
'main.middleware.UserCouponMiddleware')
Traceback:
File "/Users/fraf9/Sites/saldd/ve/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
132. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/Users/fraf9/Sites/saldd/ve/lib/python2.7/site-packages/social/apps/django_app/utils.py" in wrapper
45. return func(request, backend, *args, **kwargs)
File "/Users/fraf9/Sites/saldd/ve/lib/python2.7/site-packages/social/apps/django_app/views.py" in auth
12. return do_auth(request.social_strategy, redirect_name=REDIRECT_FIELD_NAME)
File "/Users/fraf9/Sites/saldd/ve/lib/python2.7/site-packages/social/actions.py" in do_auth
25. return strategy.start()
File "/Users/fraf9/Sites/saldd/ve/lib/python2.7/site-packages/social/strategies/base.py" in start
66. return self.redirect(self.backend.auth_url())
File "/Users/fraf9/Sites/saldd/ve/lib/python2.7/site-packages/social/backends/shopify.py" in auth_url
50. self.data.get('shop').strip(),
Exception Type: AttributeError at /login/shopify/
Exception Value: 'NoneType' object has no attribute 'strip'
If I go to http://127.0.0.1:8000/login/shopify/?shop=myshourl.myshopify.com
unbound method create_permission_url() must be called with Session instance as first argument (got unicode instance instead)
Any ideas?
Let me know,
Thank you very much.
There is no corresponding documentation for backends/microsoft
in social_core, so I made one. #88
This is mostly subjective but just to give a bit of context:
I'm a software engineer with moderate experience in fullstack dev. Very familiar with Flask, a bit of experience with Django.
My goal: Rewriting a project that uses social authentication in Django.
I came across PSA and started trying to get it to work.
It would be awesome to some sort of quickstart guides section for people who would like to add PSA to their projects with little to no friction and get started quickly.
I did get most of my flow working. Here's a list of questions I had trouble finding an answer to and some roadblocks:
client_id
, client_secret
and scope
for the social login provider. I was looking all over the place until I finally checked the python-... docs instead of the ones specifically for the django implementation.SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '<id>'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = '<secret>'
SOCIAL_AUTH_GOOGLE_SCOPE = [
'https://www.googleapis.com/auth/youtube.force-ssl'
]
GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS = {'approval_prompt': 'force'} # force user to accept permissions on auth flow even if given before.
SOCIAL_AUTH_GOOGLE_OAUTH2_LOGIN_REDIRECT_URL = '/login/google-oauth2/' # <----- not sure if this one actually works
LOGIN_REDIRECT_URL = '/'
And it would be crazy awesome if the guide would also walk through testing the auth flow rudimentarily. Meaning: Log in, Revoke access, Log out.
I found this helpful snippet for logging in in a SO article: <a href="{% url "social:begin" "google-oauth2" %}">Sign in with Google</a>
I'm now just missing the equivalent for revoking access to the social provider. I thought <a href="{% url "social:disconnect" "google-oauth2" %}">Revoke access to my YouTube channel</a>
would work, it doesn't.
So then I start looking at the pipelines concept in PSA but I don't really know what changes if I comment out some of the pipelines, how to invoke them etc.
I would gladly create an attempt for this kind of guide on the example of Google authentication if this is something that would be appreciated.
Bottom line: This isn't meant to be negative, I really appreciate what we can do with PSA, I just think the docs could have some additional guides to help get your feet wet and answer some general questions adopters might have. Another question I will still have to look into is for example "How do I get PSA to work with my custom user model? Can I just have my model extend some PSA model?" etc.
The example lints Local variable 'token' is assigned to but never used.
The fix is a simple
param substitution in the request.backend.do_auth
call.
The docs should probably mention that the GoogleOpenId backend no longer works, as https://www.google.com/accounts/o8/id is now 404 (since July 2015, it seems), resulting in an openid.yadis.discover.DiscoveryFailure: HTTP Response status from identity URL host is not 200. Got status 404
exception.
Thanks!
The Django configuration docs shows the following:
SOCIAL_AUTH_PIPELINE = (
'social_core.pipeline.social_auth.social_details',
'social_core.pipeline.social_auth.social_uid',
'social_core.pipeline.social_auth.social_user',
'social_core.pipeline.user.get_username',
'social_core.pipeline.user.create_user',
'social_core.pipeline.social_auth.associate_user',
'social_core.pipeline.social_auth.load_extra_data',
'social_core.pipeline.user.user_details',
'social_core.pipeline.social_auth.associate_by_email',
)
The issue is that create_user
is coming before associate_by_email
. create_user
tries to save a user before associate_by_email
can associate the existing user. This causes a DB error.
I'll create a quick PR to update this, but please let me know if I'm missing something?
Thanks!
Discord is supported: https://github.com/python-social-auth/social-core/blob/master/social_core/backends/discord.py
However, it isn't included in https://github.com/python-social-auth/social-docs/blob/master/docs/backends/index.rst.
When following this paragraph, I get the following deprecation warning on Django 1.10 :
WARNINGS:
?: (1_8.W001) The standalone TEMPLATE_* settings were deprecated in Django 1.8 and the TEMPLATES dictionary takes precedence. You must put the values of the following settings into your default TEMPLATES dict: TEMPLATE_CONTEXT_PROCESSORS.
This is the uptodate version that should be provided :
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'APP_DIRS': True,
'DIRS': [
root('templates'),
],
'OPTIONS': {
'debug': DEBUG,
'context_processors': [
...
'social_django.context_processors.backends',
'social_django.context_processors.login_redirect',
...
],
},
}
]
Thanks all for maintaining this repo!
Just a small suggestion for usability. I keep getting to the docs from the social-auth-app-django repo, and often then want to get to the ecosystem page without Googling. A "fork me on Github" or similar link would be very helpful.
Happy to submit a PR if that's desirable, please let me know!
EDIT: just realized that the link should probably be to the ecosystem page, not "this repo" which would mean the social-docs repo. Changed.
@omab, can you please enable pull request builds on the reathedocs.org? It tests that the documentation builds and provides it for browsing making it easier to review how it will look rendered.
Documentation: https://docs.readthedocs.io/en/latest/pull-requests.html
It can be enabled in the advanced settings: https://readthedocs.org/dashboard/python-social-auth/advanced/
https://python-social-auth.readthedocs.io/en/latest/configuration/django.html#urls-entries
urlpatterns = patterns('',
...
url('', include('social_django.urls', namespace='social'))
...
)
The url()
function was removed in Django's 4.0 release. Old documentation states it was an alias for django.urls.re_path()
, but the empty string route doesn't require regex, so django.urls.path()
would suffice here:
urlpatterns = patterns('',
...
- url('', include('social_django.urls', namespace='social'))
+ path('', include('social_django.urls', namespace='social'))
...
)
I want to restrict authentication to my app to only my company domain which uses Gsuite ( google apps for my domain/ Google work).[ I saw this post on stackoverflow that suggested using the
SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS=["mycompany.com"] ](https://stackoverflow.com/questions/38566799/limit-google-oauth-access-to-one-domain-using-hd-param-django-python-social)
to restrict auth only to mycompany.com domain.
Although using this in my django app, settings.py it clearly works: I wanted to see how this is implemented and what the caveats on this approach are , but cannot see it mentioned in the documentation.
Can someone point me in the direction of how this is implemented or how better to restrict Google Oauth2 to only my domain.
Thanks
Hari
Instead they send an id_token
.
This is supported by social_core
, but not mentioned in the docs.
When trying to use github auth in production it is setting hostname as http://localhost:300/
not the domain the app is using.
I need to access the domain of the request because I host on different websites from the same django server and the login behaves differently depending on which domain makes request
In django views, I can access it by request.META['HTTP_HOST']
Can you please tell me the correct way to do it in a partial pipeline?
Here is my current pipeline.
I have a groupdomain model that stores the verification_methods for a domain
I want it so that if any one of the verification methods is not in the session, then the user gets redirected to enter the required details
@partial
def require_extra_info(strategy, user, uid, details, is_new, *args, **kwargs):
if is_new:
domain = models.GroupDomain.objects.get(domain=request.META['HTTP_HOST'])
for method in domain.verification_methods:
if strategy.session_get(method, None) is None:
current_partial = kwargs.get('current_partial')
# redirect him so he can provide extra info
return redirect(urlresolvers.reverse('additional info', kwargs={'backend': current_partial.backend}))
Storage docs link to nonexistent implementation. I'm about 80% sure these are supposed to point somewhere inside the social-examples repo...
In the doc, there is the mention to use
SOCIAL_AUTH_FACEBOOK_AUTH_EXTRA_ARGUMENTS = {'display': 'touch'}
to have facebook expose the mobile view. With the graphAPI v3.2, this is not valid anymore and produces an unclear error.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.