Integrate SPID for Recipients authentication

globaleaks / GlobaLeaks

GlobaLeaks is free, open source software enabling anyone to easily set up and maintain a secure whistleblowing platform.

https://www.globaleaks.org

Other

1.21k stars 267 forks source link

Integrate SPID for Recipients authentication #2154

Open fpietrosanti opened 6 years ago

fpietrosanti commented 6 years ago

Current behavior Italian Public Administration now rely on SPID for authentication to public services www.spid.gov.it .

Expected behavior This ticket is about implementing SPID into GlobaLeaks for Recipients authenticatin.

Reference post for technical analysis https://forum.italia.it/t/spid-e-webserver-embedded-twisted-python/2180

evilaliv3 commented 3 years ago

I've updated the scope of this old ticket to reflect the vision of the project that do not consider possible to integrate third-party components that could lead to de-anonymization of the user and specifically any pre-authentication of the whistleblower user.