Metadata-Version: 2.1
Name: fab-oidc
Version: 0.0.2
Summary: Flask-AppBuilder SecurityManager for OpenIDConnect
Home-page: https://github.com/ministryofjustice/fab-oidc/
Author: ministryofjustice
Author-email: dev@digital.justice.gov.uk
License: MIT
Platform: any
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Web Environment
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Programming Language :: Python :: 3
Description-Content-Type: text/markdown
Requires-Dist: Flask-AppBuilder (>=1.5.0)
Requires-Dist: Flask-OIDC (>=1.2.0)
Requires-Dist: Flask-Admin (>=1.4.1)

# Flask-AppBuilder SecurityManager for OpenIDConnect

Wrapper for [flask_oidc] that exposes a `SecurityManager` for use with any Flask-AppBuilder app.

It will allow your users to login with OpenIDConnect providers such as Auth0, Okta or Google Apps.

This is roughly inspired by the code in this [stackoverflow](https://stackoverflow.com/a/47787279/44252) answer. (MIT Licenced © [thijsfranck](https://stackoverflow.com/users/8905583/thijsfranck))

## Usage

### Generic

Just override the default security manager in your Flask Appbuilder app.

```python
from fab_oidc.security import OIDCSecurityManager

appbuilder = AppBuilder(app, db.session, security_manager_class=OIDCSecurityManager)
```

### [Airflow]
Airflow provides a hook in the `webserver_config.py` file where you can specify a security manager class.
In `webserver_config.py` import the OIDCSecurityManager and set
```python
from fab_oidc.security import OIDCSecurityManager
...
SECURITY_MANAGER_CLASS = OIDCSecurityManager
```

### [Superset]
Superset works the same way except the config is in a file called `superset_config.py` and the hook is called `CUSTOM_SECURITY_MANAGER`
```python
from fab_oidc.security import OIDCSecurityManager
...
CUSTOM_SECURITY_MANAGER = OIDCSecurityManager
```


## Settings
The settings are the same as the [flask_oidc settings][flask_oidc_settings], so look there for a reference. 

if you're happy with [flask_oidc]'s defaults the only thing you'll really need is something like:

```python
OIDC_CLIENT_SECRETS = '/path/to/client_secret.json'
```

see the [flask_oidc manual client registration][flask_oidc_manual_config] docs for how to generate or write one.

Copyright © 2018 HM Government (Ministry of Justice Digital Services). See LICENSE.txt for further details.


[flask_oidc]: http://flask-oidc.readthedocs.io/en/latest/
[flask_oidc_settings]: http://flask-oidc.readthedocs.io/en/latest/#settings-reference
[flask_oidc_manual_config]: http://flask-oidc.readthedocs.io/en/latest/#manual-client-registration
[Airflow]: https://airflow.apache.org/
[Superset]: https://superset.incubator.apache.org/

