search

python-social-auth / social-app-django

Python Social Auth - Application - Django
BSD 3-Clause "New" or "Revised" License
1.98k stars 372 forks source link

Multiple backend of the same type or DB driven settings #374

Open vahidkowsari opened 2 years ago

vahidkowsari commented 2 years ago

Hi,

This is just a general question as to how to use this library. We have started using this library for our application and using keycloak, OIDC and Okta configurations. We are a multitenant platform that needs to have multiple OIDC client apps each integrated into our system with each using different ID providers authoenticating the users which drop into users with different roles and organizations in our system.

The way I understand it is that currently thse OAUTH2 apps are to be configured in the django settings. I have looked into developing our own strategy and part ways thru that but also realize that in order to return settings for each of those backends additional work needs to be done. In addition the default PSA endpoints dont take any parameters for the backend so you could only have that backend once in the system.

Is what I am describing possible to do? Are there any genernal platform implementations of PSA with django that can do this?

Thanks

digismack commented 2 years ago

Hello! Yes, this is 100% possible to do. At work we use a DynamoDB table to store configuration objects for various customers. We can then call those configurations up by customer id and generate whatever links are needed to send the user over to the IdP. I'm not aware of any general platform implementations of this, but it is for sure possible with a little elbow grease.

vahidkowsari commented 2 years ago

Great Thanks @digismack, Do you have some general suggestion on how to do this? I think we are mainly overriridng our own strategy to read the backends and their config and turn those into settings for PSA. Is that you did?

digismack commented 2 years ago

Great Thanks @digismack, Do you have some general suggestion on how to do this? I think we are mainly overriridng our own strategy to read the backends and their config and turn those into settings for PSA. Is that you did?

Yep! Customizing your applications Strategy class, particularly overriding the get_setting method, is a good way to supplant the default settings-based lookup in the Django sample app with your own custom configuration management.

ShaheedHaque commented 1 year ago

See what I did on StackOverflow. I hope that helps...OTOH, I am not an expert, so I may done done something terribly wrong...

johnnymetz commented 1 year ago

Any tips on overriding the strategy for a single backend? I see the SOCIAL_AUTH_STRATEGY but that appears to override the strategy for all backends.