[GeoNode-devel] Adding Oauth2 client support and other remote logins

Francesco Bartoli xbartolone at gmail.com
Mon Nov 20 00:55:54 PST 2017


+1 nice plan

Il giorno 20/nov/2017, alle ore 09:49, Alessio Fabiani <alessio.fabiani at geo-solutions.it> ha scritto:

> +1 here. Also in the past there were a lot of interest already in having GeoNode capable of log-int through external OAuth2 services, thus acting as OAuth2 client other than OAuth2 provider as you mentioned above.
> 
> Regards,
> Alessio Fabiani
> ==
> GeoServer Professional Services from the experts! Visit http://goo.gl/it488V for more information.
> ==
> 
> Ing. Alessio Fabiani
> @alfa7691
> Founder/Technical Lead
> 
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> 55054  Massarosa (LU)
> Italy
> phone: +39 0584 962313
> fax:     +39 0584 1660272
> mob:   +39 331 6233686
> 
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
> 
> -------------------------------------------------------
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
> Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.
>  
> The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.
> 
> On Fri, Nov 17, 2017 at 5:38 PM, Ricardo Garcia Silva <ricardo.silva at geo-solutions.it> wrote:
> Hello all, and sorry for this long post ;)
> 
> TL; DR - We want to add Oauth2 client support to geonode and are interested in feedback from the community. This will involve retiring the geonode-user-accounts project though.
> 
> 
> I'm currently working on a geonode-related project where there is a requirement to offer users the ability to login by connecting with their linkedin and facebook accounts. In order to make this possible we are integrating Oauth2 client support in geonode.
> 
> This seems like a nice addition to geonode and we are interested in contributing it back to official geonode.
> 
> 
> The current implementation plan consists in integrating the django-allauth[1] project with geonode. This is a django app that implements a complete authentication solution for django projects.
> It manages both local and remote (social account) authentication flows and provides lots of interesting features that are common when dealing with user authentication, such as signup/register/verify email/reset password etc.
> It also comes with baked in support for 20+ remote social account providers, including linkedin, facebook, google and most well known sites.
> 
> geonode is currently managing its auth-related features by using the geonode-user-accounts[2] project, which is a fork of pinax/django-user-accounts, under geonode's umbrella.
> It provides already most auth flows described above. However, it lacks integration with social accounts.
> django-allauth, on the other hand, provides a unified solution to both local and remote authentication flows. As such we're planning to retire the geonode-user-accounts project, by replacing it with django-allauth plus some custom stuff. The goal is to keep all current features and enhance them with remote auth support.
> 
> There seem to be two interesting features that geonode-user-accounts offers that do not currently exist in django-allauth:
> 
> 1) Send invitations to get new users to join a geonode instance - We're hoping to also bring integration for the django-invitations[3] app in order to cover this.
> 2) Approve/reject a new user's registration - the plan here is to port this functionality from geonode-user-accounts to geonode core, by making use of the extensibility features of django-allauth
> 
> 
> We're interested in getting feedback from geonode's developer community, in order to verify if:
> 
> - This feature is deemed useful and there is interest in having it in core geonode;
> - Maybe someone has already some experience implementing Oauth clients with geonode and/or using django-allauth?
> - Does the current plan sound reasonable, even if it means replacing geonode-user-accounts?
> 
> 
> Biggest advantages seem to be:
> 
> - geonode becomes easier to use by new users, who can reuse their already existing social accounts in order to gain access to the platform;
> - retiring geonode-user-accounts means a lower maintenance burden on geonode devs, since there is less code to oversee;
> - both django-allauth and django-notifications seem like healthy projects with clean code and good test coverage
> 
> 
> We should have an initial implementation to PR by next week. Regardless, we're interested in getting some community feedback ;)
> 
> 
> Best regards
> 
> 
> [1] - https://www.intenct.nl/projects/django-allauth/
> [2] - https://github.com/GeoNode/geonode-user-accounts
> [3] - https://github.com/bee-keeper/django-invitations
> 
> 
> -- 
> Regards,
> Ricardo Silva
> ==
> GeoServer Professional Services from the experts!
> Visit http://goo.gl/it488V for more information.
> ==
> Ricardo Silva
> Senior Software Engineer
> 
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> 55054  Massarosa (LU)
> Italy
> phone: +39 0584 962313
> fax:      +39 0584 1660272
> 
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
> 
> -------------------------------------------------------
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate.
> Il loro utilizzo è consentito esclusivamente al destinatario del
> messaggio, per le finalità indicate nel messaggio stesso. Qualora
> riceviate questo messaggio senza esserne il destinatario, Vi preghiamo
> cortesemente di darcene notizia via e-mail e di procedere alla
> distruzione del messaggio stesso, cancellandolo dal Vostro sistema.
> Conservare il messaggio stesso, divulgarlo anche in parte,
> distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità
> diverse, costituisce comportamento contrario ai principi dettati dal
> D.Lgs. 196/2003.
> 
> The information in this message and/or attachments, is intended solely
> for the attention and use of the named addressee(s) and may be
> confidential or proprietary in nature or covered by the provisions of
> privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New
> Data Protection Code). Any use not in accord with its purpose, any
> disclosure, reproduction, copying, distribution, or either
> dissemination, either whole or partial, is strictly forbidden except
> previous formal approval of the named addressee(s). If you are not the
> intended recipient, please contact immediately the sender by
> telephone, fax or e-mail and delete the information in this message
> that has been received in error. The sender does not give any warranty
> or accept liability as the content, accuracy or completeness of sent
> messages and accepts no responsibility  for changes made after they
> were sent or for other risks which arise as a result of e-mail
> transmission, viruses, etc.
> 
> _______________________________________________
> geonode-devel mailing list
> geonode-devel at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/geonode-devel
> 
> _______________________________________________
> geonode-devel mailing list
> geonode-devel at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/geonode-devel

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20171120/7612f62b/attachment-0001.html>


More information about the geonode-devel mailing list