juanifioren / django-oidc-provider

OpenID Connect and OAuth2 provider implementation for Djangonauts.
http://django-oidc-provider.readthedocs.org
MIT License
425 stars 239 forks source link

what are the admin credentials in the docker container? #154

Closed dtenenba closed 7 years ago

dtenenba commented 7 years ago

I ran the example project in docker according to https://github.com/juanifioren/django-oidc-provider/tree/v0.4.x/example_project#using-docker and then went to http://localhost:8000/ and clicked on "Create Your Clients". I then get prompted for a username and password and I have no idea what to enter. Can this be documented?

juanifioren commented 7 years ago

Yes @dtenenba, my fault. Please in your terminal run python manage.py createsuperuser and use that credentials.

dtenenba commented 7 years ago

That works. As a newbie to OIDC though it's unclear what to do next in the 'add client' screen. It would be great if the example included a sample client that we could use in conjunction with this identity provider to prove that it works. Is there a particular rp implementation that you recommend for testing?

juanifioren commented 7 years ago

Here you have an easy way to test it.

http://django-oidc-provider.readthedocs.io/en/v0.4.x/sections/examples.html#pure-js-client-using-implicit-flow

You can serve the example html using python -m SimpleHTTPServer 8001.

dtenenba commented 7 years ago

Thanks. Had some problems doing that. Here are the steps I did and the results:

First I created a new RSA key in the docker container:

python manage.py creatersakey

Then in my OP, I created a new client:

Then I cloned the implicit client:

git clone https://github.com/GluuFederation/openid-implicit-client.git
cd openid-implicit-client

Then I made the following edits, where the value for client_id comes from the django admin:

diff --git a/implicit-test.html b/implicit-test.html
index d53ea8c..9f58d48 100644
--- a/implicit-test.html
+++ b/implicit-test.html
@@ -10,11 +10,11 @@

         <script>
             var clientInfo = {
-                client_id : '(your-client-id)',
-                redirect_uri : 'https://(hostname)/login-callback.html'
+                client_id : '294534',
+                redirect_uri : 'https://localhost:8001/login-callback.html'
             };
             OIDC.setClientInfo( clientInfo );
-            var providerInfo = OIDC.discover('https://(providername)');
+            var providerInfo = OIDC.discover('http://localhost:8000');
             OIDC.setProviderInfo( providerInfo );
             OIDC.storeInfo(providerInfo, clientInfo);
             // Remove State and Nonce from previous session

Then I started the implicit client as follows:

python -m SimpleHTTPClient 8001

And I went to http://localhost:8001/implicit-test.html and clicked the Authenticate button, and I got this:

OpenID Provider Example
 Admin
 Logout
Redirect URI Error
The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).

This happens whether the Redirect URI of the client is set to http://localhost:3000 or http://localhost:8001 (the 3000 in your doc page seems wrong in any case; can you correct that?).

Would be great if the document could give very detailed step by step instructions. Thank you!

dtenenba commented 7 years ago

After following your example page exactly, things work fine. The only change I needed to make was to do

python -m SimpleHTTPServer 3000

instead of

python -m SimpleHTTPServer 8001

Thanks.