search

snok / django-auth-adfs

A Django authentication backend for Microsoft ADFS and AzureAD
http://django-auth-adfs.readthedocs.io/
BSD 2-Clause "Simplified" License
270 stars 100 forks source link

Django Auth ADFS across a Proxy #217

Closed srPuebla closed 1 year ago

srPuebla commented 2 years ago

Hi,

It would be nice to configure ADFS with a proxy. Something similar to this below:

# checkout the documentation for more settings
AUTH_ADFS = {
    "SERVER": "adfs.yourcompany.com",
    "CLIENT_ID": "your-configured-client-id",
    "HTTP_PROXY": "http://proxy01.example.com:9090",
    "HTTPS_PROXY": "https://proxy01.example.com:9090"
    ...
}

Yeah, you can configure variables "HTTP_PROXY" and "HTTPS_PROXY" like environ variables, but then, all requests that you perform go with this proxy.

Could you help me?

Thanks!

JonasKs commented 2 years ago

Hi,

I'm happy to review PRs.
Did you look at #145 and previous issues? Might be possible to do this through nginx too, not sure.

srPuebla commented 2 years ago

Hi,

I'm happy to review PRs. Did you look at #145 and previous issues? Might be possible to do this through nginx too, not sure.

Hi JonasKs,

Is not the same issue, cause issue talks about "reverse proxy" and i say a http_proxy. Is not the same that i refer.

For example, you can make a "curl" behind a proxy, this way:

-x, --proxy <[protocol://][user:password@]proxyhost[:port]>

     Use the specified HTTP proxy. 
     If the port number is not specified, it is assumed at port 1080.

In python, when you use request:

import requests
proxies = {'http': 'http://proxy.test.example.com:3128','https': 'https://proxy.test.example.com:3128'}
session = requests.session()
session.proxies = proxies
session.get("http://www.example.com")   # Here the proxies will also be automatically used because we have attached those to the session object, so no need to pass separately in each call

In your code is easy to change. In the config.py

In the line 192 you have the "self.session". You can load proxy if it is defined in django_settings

For example:

self.session = requests.Session()
adapter = requests.adapters.HTTPAdapter(max_retries=retry)
self.session.mount('https://', adapter)
self.session.verify = settings.CA_BUNDLE

#Comment Proxy. On the class Settings, you have to load PROXY_HTTP and PROXY_HTTPS variables
if "PROXY" in _settings:
    proxies = {'http': _settings.PROXY_HTTP,'https': _settings.PROXY_HTTPS}
    self.session.proxies = proxies

You can configure ADFS settings like this:

AUTH_ADFS = {
    "SERVER": "adfs.yourcompany.com",
    "CLIENT_ID": "your-configured-client-id",
    "PROXY":{
        "PROXY_HTTP": "http://proxy01.example.com:9090",
        "PROXY_HTTPS": "https://proxy01.example.com:9090"
    }
    ...
}

It would be nice implement on the library.

Regards

JonasKs commented 2 years ago

I see. Thank you for the good explanation!

I'm happy to review a PR. 😊

sondrelg commented 1 year ago

Closing this, as it seems it's not being worked on. Feel free to re-open if that's wrong :slightly_smiling_face: