As investigated here, django-allauth does not need to have a dedicated cern provider anymore, as the OpenID Connect (OIDC) one is sufficient.
This PR adapts the login procedure to OIDC.
Extra steps to be taken after this is merged:
Add extra environment variables (after registering your application on the Application portal):
CERN_SSO_REGISTRATION_CLIENT_ID
CERN_SSO_REGISTRATION_CLIENT_SECRET
Create a new SocialApplication:
Go to /admin.
Delete the existing one (SOCIAL ACCOUNTS -> Social applications).
Create a new one:
Migrate existing SocialAccounts:
python manage.py shell to enter Django's interactive shell.
Run:
from allauth.socialaccount.models import SocialAccount
sa = SocialAccount.objects.filter(provider="cern")
for s in sa:
if 'username' in s.extra_data:
s.uid = s.extra_data["username"]
s.save()
As investigated here,
django-allauthdoes not need to have a dedicatedcernprovider anymore, as the OpenID Connect (OIDC) one is sufficient.This PR adapts the login procedure to OIDC.
Extra steps to be taken after this is merged:
Application portal):CERN_SSO_REGISTRATION_CLIENT_IDCERN_SSO_REGISTRATION_CLIENT_SECRETSocialApplication:/admin.SOCIAL ACCOUNTS->Social applications).SocialAccounts:python manage.py shellto enter Django's interactive shell.