Support Python 3 [Blocked by OpenID bug]

[adam-thomas]

It would be excellent if django-admin-sso supported both Python 2 and 3. This pull request should do that. It's been functionally tested on a locally deployed Python 3 Django project (as well as in Travis on a variety of Django and Python distributions) and seems to do the job.

[frog32]

Can you please remove commit 3cff62f, this is somehow obsolete since i have added the coveralls badge.

[adam-thomas]

@frog32 done!

[adam-thomas]

@frog32 makes sense, thanks - fixed :)

[adam-thomas]

Bad news: This is blocked by https://github.com/openid/python-openid/issues/17.

• Attempting to use the 'Log in with SSO' link produces this error.
• The stack trace looks like this.
• There is a hotfix that involves setting SESSION_SERIALIZER to the PickleSerializer used by default by Django versions < 1.6, but that has a known security hole.
• More seriously, this may also mean that django-admin-sso itself has the same security hole when running on Django < 1.6, which won't crash, but (it appears) only because it uses the PickleSerializer.

I will leave the branch intact in case the OpenID issue is fixed; I've left a comment there reporting that we've encountered this problem.

[frog32]

PickleSerializer only is a security hole if you use cookie session backend and even then you need the secret key of you django installation to exploit it. I agree that it's not a good idea to rely on PickleSerializer and needs to change as soon as possible.

[matthiask]

Shouldn't this pull request be closed now that django-admin-sso uses OAuth2, not OpenID anyway?

[meshy]

Shouldn't this pull request be closed now that django-admin-sso uses OAuth2, not OpenID anyway?

Perhaps this is no longer blocked by OpenID, but the need for Python 3 support still stands.

[adam-thomas]

Closing this since the replacement fork at https://github.com/matthiask/django-admin-sso supports Python 3.

[matthiask]

Thanks!