Python Django: Accepting JWT
Accepting JWT Tokens from IndustryApps
Configuring your Third-Party Application to accept JWT tokens acquired from IndustryApps
JWT tokens would either be acquired from your Third-Party App’s existing Authentication system or from IndustryApp’s Keycloak authentication configuration.
Handling multiple JWT issuers with Django, Python
In this case, handling multiple JWT issuers for SSO can be configured by utilising django-allauth package (i.e pip install django-allauth).
Inside settings.py add in the required config for allauth, if this has not been added already.
INSTALLED_APPS = [
...
# The following apps are required:
'django.contrib.auth',
'django.contrib.messages',
'django.contrib.sites',
'allauth',
'allauth.account',
'allauth.socialaccount',
# if allauth is already installed, then keycloak as a provider should be added
'allauth.socialaccount.providers.keycloak',
]Django allauth requires the context request processor, inside OPTIONS.
'OPTIONS': {
'context_processors': [
# Already defined Django-related contexts here
# `allauth` needs this from django
'django.template.context_processors.request',
],AUTHENTICATION_BACKENDS inside settings.py should include the following configuration.
AUTHENTICATION_BACKENDS = [
...
# required for login by username in Django admin, regardless of `allauth` config
'django.contrib.auth.backends.ModelBackend',
# `allauth` specific authentication methods, such as login by e-mail etc
'allauth.account.auth_backends.AuthenticationBackend',
...
]
As Django Admin uses the auth contrib application, the SSO can be integrated through the python-social-auth setting defined in the settings.py configuration file.
SOCIALACCOUNT_PROVIDERS = {
'keycloak': {
'KEYCLOAK_URL': "https://iapp-keycloak/auth/realms/iapp-realm",
'KEYCLOAK_REALM': 'IndustryApps'
}
}
Inside urls.py be sure to include the url pattern for allauth.
urlpatterns = [
....
path('accounts/', include('allauth.urls')),
]Last updated