[GeoNode-devel] Adding Oauth2 client support and other remote logins

Alessio Fabiani alessio.fabiani at geo-solutions.it
Mon Nov 20 00:49:40 PST 2017


+1 here. Also in the past there were a lot of interest already in having
GeoNode capable of log-int through external OAuth2 services, thus acting as
OAuth2 client other than OAuth2 provider as you mentioned above.

Regards,

Alessio Fabiani

==
GeoServer Professional Services from the experts! Visit http://goo.gl/it488V
for more information.
==

Ing. Alessio Fabiani

@alfa7691
Founder/Technical Lead


GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
Italy
phone: +39 0584 962313
fax:     +39 0584 1660272
mob:   +39 331 6233686

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility  for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

On Fri, Nov 17, 2017 at 5:38 PM, Ricardo Garcia Silva <
ricardo.silva at geo-solutions.it> wrote:

> Hello all, and sorry for this long post ;)
>
> TL; DR - We want to add Oauth2 client support to geonode and are
> interested in feedback from the community. This will involve retiring the
> geonode-user-accounts project though.
>
>
> I'm currently working on a geonode-related project where there is a
> requirement to offer users the ability to login by connecting with their
> linkedin and facebook accounts. In order to make this possible we are
> integrating Oauth2 client support in geonode.
>
> This seems like a nice addition to geonode and we are interested in
> contributing it back to official geonode.
>
>
> The current implementation plan consists in integrating the
> django-allauth[1] project with geonode. This is a django app that
> implements a complete authentication solution for django projects.
> It manages both local and remote (social account) authentication flows and
> provides lots of interesting features that are common when dealing with
> user authentication, such as signup/register/verify email/reset password
> etc.
> It also comes with baked in support for 20+ remote social account
> providers, including linkedin, facebook, google and most well known sites.
>
> geonode is currently managing its auth-related features by using the
> geonode-user-accounts[2] project, which is a fork of
> pinax/django-user-accounts, under geonode's umbrella.
> It provides already most auth flows described above. However, it lacks
> integration with social accounts.
> django-allauth, on the other hand, provides a unified solution to both
> local and remote authentication flows. As such we're planning to retire the
> geonode-user-accounts project, by replacing it with django-allauth plus
> some custom stuff. The goal is to keep all current features and enhance
> them with remote auth support.
>
> There seem to be two interesting features that geonode-user-accounts
> offers that do not currently exist in django-allauth:
>
> 1) Send invitations to get new users to join a geonode instance - We're
> hoping to also bring integration for the django-invitations[3] app in order
> to cover this.
> 2) Approve/reject a new user's registration - the plan here is to port
> this functionality from geonode-user-accounts to geonode core, by making
> use of the extensibility features of django-allauth
>
>
> We're interested in getting feedback from geonode's developer community,
> in order to verify if:
>
> - This feature is deemed useful and there is interest in having it in core
> geonode;
> - Maybe someone has already some experience implementing Oauth clients
> with geonode and/or using django-allauth?
> - Does the current plan sound reasonable, even if it means replacing
> geonode-user-accounts?
>
>
> Biggest advantages seem to be:
>
> - geonode becomes easier to use by new users, who can reuse their already
> existing social accounts in order to gain access to the platform;
> - retiring geonode-user-accounts means a lower maintenance burden on
> geonode devs, since there is less code to oversee;
> - both django-allauth and django-notifications seem like healthy projects
> with clean code and good test coverage
>
>
> We should have an initial implementation to PR by next week. Regardless,
> we're interested in getting some community feedback ;)
>
>
> Best regards
>
>
> [1] - https://www.intenct.nl/projects/django-allauth/
> [2] - https://github.com/GeoNode/geonode-user-accounts
> [3] - https://github.com/bee-keeper/django-invitations
>
>
> --
> Regards,
> Ricardo Silva
> ==
> GeoServer Professional Services from the experts!
> Visit http://goo.gl/it488V for more information.
> ==
> Ricardo Silva
> Senior Software Engineer
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> 55054  Massarosa (LU)
> Italy
> phone: +39 0584 962313
> fax:      +39 0584 1660272
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate.
> Il loro utilizzo è consentito esclusivamente al destinatario del
> messaggio, per le finalità indicate nel messaggio stesso. Qualora
> riceviate questo messaggio senza esserne il destinatario, Vi preghiamo
> cortesemente di darcene notizia via e-mail e di procedere alla
> distruzione del messaggio stesso, cancellandolo dal Vostro sistema.
> Conservare il messaggio stesso, divulgarlo anche in parte,
> distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità
> diverse, costituisce comportamento contrario ai principi dettati dal
> D.Lgs. 196/2003.
>
> The information in this message and/or attachments, is intended solely
> for the attention and use of the named addressee(s) and may be
> confidential or proprietary in nature or covered by the provisions of
> privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New
> Data Protection Code). Any use not in accord with its purpose, any
> disclosure, reproduction, copying, distribution, or either
> dissemination, either whole or partial, is strictly forbidden except
> previous formal approval of the named addressee(s). If you are not the
> intended recipient, please contact immediately the sender by
> telephone, fax or e-mail and delete the information in this message
> that has been received in error. The sender does not give any warranty
> or accept liability as the content, accuracy or completeness of sent
> messages and accepts no responsibility  for changes made after they
> were sent or for other risks which arise as a result of e-mail
> transmission, viruses, etc.
>
> _______________________________________________
> geonode-devel mailing list
> geonode-devel at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/geonode-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20171120/d146566f/attachment.html>


More information about the geonode-devel mailing list