FSFE Community Database Authentication Server https://id.fsfe.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Reinhard Müller d469f0d714 LANG=C.UTF-8 not necessary under Alpine Linux 5 days ago
fsfe_cd_auth Update to latest version of pyoidc 1 week ago
swagger_docs Remove all code related to changing username and password 8 months ago
test Update to latest version of pyoidc 1 week ago
.dockerignore Change deployment to install as root and run as non-root 9 months ago
.drone.yml LANG=C.UTF-8 not necessary under Alpine Linux 5 days ago
.env Remove unused configuration parameters 8 months ago
.gitignore Add .coverage to .gitignore 9 months ago
Dockerfile Add another dependency for pyoidc 1 week ago
LICENSE Add and update license headers 9 months ago
MANIFEST.in Change name of Python module to fsfe_cd_auth for consistency 9 months ago
Makefile Use stock python image for quality checks 1 week ago
Pipfile Update to latest version of pyoidc 1 week ago
Pipfile.lock Update to latest version of pyoidc 1 week ago
README.md Remove unused configuration parameters 8 months ago
playbook.yml Clean up and improve logging 2 months ago
setup.cfg Don't be afraid of pytest warnings :-) 8 months ago
setup.py Fix name of test directory after rename 9 months ago

README.md

FSFE Community Database Authentication Server

The OpenID Connect Provider for the FSFE Community Database, visible through https://id.fsfe.org/

Introduction

fsfe-cd-auth does e-mail and password verification of users, with connections to fsfe-cd-back and FSFE’s LDAP server. It authenticates users and provides a signed ticket in response, which can be used to access fsfe-cd-front.

Secrets

The following secrets are managed in drone:

ssh_key SSH private key to log into lund.fsfeurope.org Matching public key must be registered at lund.fsfeurope.org:/root/.ssh/authorized_keys
oidcp_password Password for basic authentication at https://id.fsfe.org Must match the secrets with the same name for fsfe-cd-back and fsfe-cd-front
jwt_secret Shared secret for signed JSON Web Tokens used for authentication Must match the secrets with the same name for fsfe-cd-back and fsfe-cd-front
client_salt Salt for the generation of Subject IDs Can be arbitarily assigned, but should remain constant over server rebuilds