Okta_CLIENT_ID='0xxxxx' Okta_CLIENT_SECRET="xxxxx" ## import required modules try: import json except ImportError: from gluon.contrib import simplejson as json from gluon.contrib.login_methods.oauth20_account import OAuthAccount
## extend the OAUthAccount class class OktaAccount(OAuthAccount): # """OAuth impl for FaceBook""" AUTH_URL="https://keller.okta.com/oauth2/default/v1/authorize"; TOKEN_URL="https://keller.okta.com/oauth2/default/v1/token"; def __init__(self): OAuthAccount.__init__(self, None, Okta_CLIENT_ID, Okta_CLIENT_SECRET, self.AUTH_URL, self.TOKEN_URL, scope='openid profile email', state="okta", display='popup') def get_user(self): if not self.accessToken(): return None #global token token= None token=self.accessToken() print (token) from okta_jwt.jwt import validate_token issuer="https://keller.okta.com/oauth2/default"; audience="api://default" if token != None: profile=validate_token(token, issuer, audience, Okta_CLIENT_ID) #print (profile) if profile['sub']: username = profile['sub'] email = profile['sub'] else: self.session.token = None if profile['sub']: return dict(first_name = profile['firstname'], last_name = profile['lastname'], username = username, email = '%s' %(email)) def logout_new(self, next="/"): #self.session.token = None redirect('https://keller.okta.com/oauth2/default/v1/logout?id_token_hint=' +token+'&post_logout_redirect_uri='+' http://130.61.243.125:8000/OktaWF/default/index') session.renew(clear_session=True) session.forget(response) return next auth.settings.login_form=OktaAccount() On Wed, Mar 11, 2020 at 4:01 PM António Ramos <ramstei...@gmail.com> wrote: > Thank you Kevin , please share... > > > Em qua., 11 de mar. de 2020 às 14:53, Kevin Keller <keller...@gmail.com> > escreveu: > >> Looks nice enough, though it is missing an easy way to configure scopes >> and claims. >> >> It dont see it anywhere in their free account actually. >> >> I would probably rather advice to go with Auth0 or Okta. >> >> I work for Okta so that is why I have integrated web2py with Okta in a >> sample app. >> I can send you the configuration and they have a free edition too for >> 1000 users per month just like >> DID and you can easily configure claims and scopes. >> >> If you do not trust me on this go with Auth0, they can also help with >> claims and scopes and I think >> its free for 1000 users too, but Auth0 requires to do some scripting to >> configure your scopes on the Auth0 web client. >> >> So I think Okta is easier, but its just my 2 cents of course. >> >> >> >> >> On Wed, Mar 11, 2020 at 2:02 PM António Ramos <ramstei...@gmail.com> >> wrote: >> >>> DID <https://did.app/> is an Identity Provider, that authenticates >>> users by verifying access to either an email address or securely stored >>> private key. >>> >>> This gives users the ability to sign in with a single click without >>> being tracked by the social login providers. >>> >>> It gives developers the ability to offer a modern authentication without >>> having to handle validating signatures, recovering accounts from lost >>> devices or verifying user email addresses. >>> >>> >>> >>> https://did.app/ >>> >>> >>> regards >>> >>> -- >>> Resources: >>> - http://web2py.com >>> - http://web2py.com/book (Documentation) >>> - http://github.com/web2py/web2py (Source code) >>> - https://code.google.com/p/web2py/issues/list (Report Issues) >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "web2py-users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to web2py+unsubscr...@googlegroups.com. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/web2py/CAEM0BxO8Gv%2BcJY-o_WXFEkEBMEFRA-WiPknUASOR7gXGzrKvAw%40mail.gmail.com >>> <https://groups.google.com/d/msgid/web2py/CAEM0BxO8Gv%2BcJY-o_WXFEkEBMEFRA-WiPknUASOR7gXGzrKvAw%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> Resources: >> - http://web2py.com >> - http://web2py.com/book (Documentation) >> - http://github.com/web2py/web2py (Source code) >> - https://code.google.com/p/web2py/issues/list (Report Issues) >> --- >> You received this message because you are subscribed to the Google Groups >> "web2py-users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to web2py+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/web2py/CADHCKLSOTzGdYe8UV7J%3DC4Pq_BU7ia61Z%2BHbJH2ryj%2BWTxS6ig%40mail.gmail.com >> <https://groups.google.com/d/msgid/web2py/CADHCKLSOTzGdYe8UV7J%3DC4Pq_BU7ia61Z%2BHbJH2ryj%2BWTxS6ig%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- > Resources: > - http://web2py.com > - http://web2py.com/book (Documentation) > - http://github.com/web2py/web2py (Source code) > - https://code.google.com/p/web2py/issues/list (Report Issues) > --- > You received this message because you are subscribed to the Google Groups > "web2py-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to web2py+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/web2py/CAEM0BxNOiKMR1W3F21v-2AWNB0RYDm%2B%2BQNGD1dn%2BTXXbhMMr9Q%40mail.gmail.com > <https://groups.google.com/d/msgid/web2py/CAEM0BxNOiKMR1W3F21v-2AWNB0RYDm%2B%2BQNGD1dn%2BTXXbhMMr9Q%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/web2py/CADHCKLShkDghG3Ggd9-AMLv_Nksk4hyPNOPGAHv9kUggi4Y6xw%40mail.gmail.com.
