Closed jjaraalm closed 4 years ago
@jreadey can you test on Azure to make sure there are no issues? I do not have access.
@jjaraalm - I ran into some bugs testing with AD. I put one fix here: https://github.com/HDFGroup/h5pyd/tree/jjaraalm-google_oauth.
Another problem is that the token that gets returned by AD is not json serializable (it includes a timestamp object). I'll look into this.
@jreadey, sure. It looks like AAD also has a 30 day trial, so I'll take a look at it tonight.
On Tue, Apr 7, 2020 at 3:13 AM John Readey notifications@github.com wrote:
@jjaraalm https://github.com/jjaraalm - I ran into some bugs testing with AD. Could you look into these? I can send you my AD config settings via email.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/HDFGroup/h5pyd/pull/81#issuecomment-610217894, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABZYPUD6IL5BAQH6JHPN5BDRLLHDDANCNFSM4L2TWLKQ .
@jjaraalm - ok thanks.
This works for me getting/renewing azure tokens. If you still have errors, let me know. If I get some time I might add tests, although they couldn't be automatic.
This is working for me with AD (and the supporting HSDS update).
@jjaraalm - can you look at the Travis failures? I'm able to do a "pip install google-auth-oauthlib" from a clean Python install, so not sure what the problem could be.
Sure, I can take a look. It looks like travis logs are down right now, at least for me. I'll check back later tonight.
Adds support for Google OpenID tokens in addition to Azure. Requires HSDS support (not implemented yet).
Usage
OpenID configuration is set either via environment variables or via the
api_key
argument. To use Google OpenID you would use the following:where
client_secret
is either the path to aclient_secret.json
file provided by Google or a dict with the equivalent contents.scopes
should be set to an array of access scopes that must (at a minimum) containopenid
.If
openid_provider
is not set onapi_key
, or it is set toazure
, then Azure Active Directory is used to maintain backwards compatibility.Changes
~/.hstokencfg
instead of a single file perapp_id
. If this is undesirable, it can be changed back.