CERFIG/sirh
1
0
Fork 0
Code Issues 2 Pull Requests 4 Actions Packages Projects Releases Wiki Activity

Ajout type contrat

Browse Source
This commit is contained in:
fatima
2026-04-29 11:52:03 +02:00
parent 375549cb30
commit 1c0e4c3048
10530 changed files with 1842149 additions and 158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
venv/lib/python3.12/site-packages/django_simple_sso-1.3.0.dist-info/INSTALLER Normal file
View File

@@ -0,0 +1 @@
pip

24
venv/lib/python3.12/site-packages/django_simple_sso-1.3.0.dist-info/LICENSE Normal file
View File

@@ -0,0 +1,24 @@
Copyright (c) 2011, Jonas Obrist
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
* Neither the name of Jonas Obrist nor the
names of its contributors may be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL JONAS OBRIST BE LIABLE FOR ANY
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

254
venv/lib/python3.12/site-packages/django_simple_sso-1.3.0.dist-info/METADATA Normal file
View File

@@ -0,0 +1,254 @@
Metadata-Version: 2.1
Name: django-simple-sso
Version: 1.3.0
Summary: Simple SSO for Django
Home-page: http://github.com/aldryn/django-simple-sso
Author: Divio AG
Author-email: info@divio.com
License: BSD-3-Clause
Classifier: Development Status :: 5 - Production/Stable
Classifier: Environment :: Web Environment
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: BSD License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Framework :: Django
Classifier: Framework :: Django :: 2.2
Classifier: Framework :: Django :: 3.0
Classifier: Framework :: Django :: 3.1
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content
Classifier: Topic :: Software Development
Classifier: Topic :: Software Development :: Libraries
License-File: LICENSE
Requires-Dist: Django >=2.2
Requires-Dist: itsdangerous <1.0.0
Requires-Dist: requests
=================
django-simple-sso
=================
|pypi| |build| |coverage|
Documentation
=============
See ``REQUIREMENTS`` in the `setup.py <https://github.com/divio/django-simple-sso/blob/master/setup.py>`_
file for additional dependencies:
|python| |django|
Django Simple SSO Specification (DRAFT)
=======================================
Terminology
***********
Server
------
The server is a Django website that holds all the user information and
authenticates users.
Client
------
The client is a Django website that provides login via SSO using the **Server**.
It does not hold any user information.
Key
---
A unique key identifying a **Client**. This key can be made public.
Secret
------
A secret key shared between the **Server** and a single **Client**. This secret
should never be shared with anyone other than the **Server** and **Client** and
must not be transferred unencrypted.
Workflow
********
* User wants to log into a **Client** by clicking a "Login" button. The
initially requested URL can be passed using the ``next`` GET parameter.
* The **Client**'s Python code does a HTTP request to the **Server** to request a
authentication token, this is called the **Request Token Request**.
* The **Server** returns a **Request Token**.
* The **Client** redirects the User to a view on the **Server** using the
**Request Token**, this is the **Authorization Request**.
* If the user is not logged in the the **Server**, they are prompted to log in.
* The user is redirected to the **Client** including the **Request Token** and a
**Auth Token**, this is the ``Authentication Request``.
* The **Client**'s Python code does a HTTP request to the **Server** to verify the
**Auth Token**, this is called the **Auth Token Verification Request**.
* If the **Auth Token** is valid, the **Server** returns a serialized Django User
object.
* The **Client** logs the user in using the Django User received from the **Server**.
Requests
********
General
-------
All requests have a ``signature`` and ``key`` parameter, see **Security**.
Request Token Request
---------------------
* Client: Python
* Target: **Server**
* Method: GET
* Extra Parameters: None
* Responses:
* ``200``: Everything went fine, the body of the response is a url encoded
query string containing with the ``request_token`` key holding the
**Request Token** as well as the ``signature``.
* ``400``: Bad request (missing GET parameters)
* ``403``: Forbidden (invalid signature)
Authorization Request
---------------------
* Client: Browser (User)
* Target: **Server**
* Method: GET
* Extra Parameters:
* ``request_token``
* Responses:
* ``200``: Everything okay, prompt user to log in or continue.
* ``400``: Bad request (missing GET parameter).
* ``403``: Forbidden (invalid **Request Token**).
Authentication Request
----------------------
* Client: Browser (User)
* Target: **Client**
* Method: GET
* Extra Parameters:
* ``request_token``: The **Request Token** returned by the
**Request Token Request**.
* ``auth_token``: The **Auth Token** generated by the **Authorization Request**.
* Responses:
* ``200``: Everything went fine, the user is now logged in.
* ``400``: Bad request (missing GET parameters).
* ``403``: Forbidden (invalid **Request Token**).
Auth Token Verification Request
-------------------------------
* Client: Python
* Target: **Server**
* Method: GET
* Extra Parameters:
* ``auth_token``: The **Auth Token** obtained by the **Authentication Request**.
* Responses:
* ``200``: Everything went fine, the body of the response is a url encoded
query string containing the ``user`` key which is the JSON serialized
representation of the Django user to create as well as the ``signature``.
Security
********
Every request is signed using HMAC-SHA256. The signature is in the ``signature``
parameter. The signature message is the urlencoded, alphabetically ordered
query string. The signature key is the **Secret** of the **Client**. To verify
the signature the ``key`` paramater holding the **key** of the **Client** is
also sent with every request from the **Client** to the **Server**.
Example
-------
GET Request with the GET parameters ``key=bundle123`` and the private key
``secret key``: ``fbf6396d0fc40d563e2be3c861f7eb5a1b821b76c2ac943d40a7a63b288619a9``
The User object
***************
The User object returned by a successful **Auth Token Verification Request**
does not contain all the information about the Django User, in particular, it
does not contain the password.
The user object contains must contain at least the following data:
* ``username``: The unique username of this user.
* ``email``: The email of this user.
* ``first_name``: The first name of this user, this field is required, but may
be empty.
* ``last_name``: The last name of this user, this field is required, but may
be empty.
* ``is_staff``: Can this user access the Django admin on the **Client**?
* ``is_superuser``: Does this user have superuser access to the **Client**?
* ``is_active``: Is the user active?
Implementation
**************
On the server
-------------
* Add ``simple_sso.sso_server`` to ``INSTALLED_APPS``.
* Create an instance (potentially of a subclass) of
``simple_sso.sso_server.server.Server`` and include the return value of the
``get_urls`` method on that instance into your url patterns.
On the client
-------------
* Create a new instance of ``simple_sso.sso_server.models.Consumer`` on the
**Server**.
* Add the ``SIMPLE_SSO_SECRET`` and ``SIMPLE_SSO_KEY`` settings as provided by
the **Server**'s ``simple_sso.sso_server.models.Client`` model.
* Add the ``SIMPLE_SSO_SERVER`` setting which is the absolute URL pointing to
the root where the ``simple_sso.sso_server.urls`` where include on the
**Server**.
* Add the ``simple_sso.sso_client.urls`` patterns somewhere on the client.
Running Tests
*************
You can run tests by executing::
virtualenv env
source env/bin/activate
pip install -r tests/requirements.txt
python setup.py test
.. |pypi| image:: https://badge.fury.io/py/django-simple.sso.svg
:target: http://badge.fury.io/py/django-simple.sso
.. |build| image:: https://travis-ci.org/divio/django-simple.sso.svg?branch=master
:target: https://travis-ci.org/divio/django-simple.sso
.. |coverage| image:: https://codecov.io/gh/divio/django-simple.sso/branch/master/graph/badge.svg
:target: https://codecov.io/gh/divio/django-simple.sso
.. |python| image:: https://img.shields.io/badge/python-3.5+-blue.svg
:target: https://pypi.org/project/django-simple.sso/
.. |django| image:: https://img.shields.io/badge/django-2.2,%203.0,%203.1-blue.svg
:target: https://www.djangoproject.com/

49
venv/lib/python3.12/site-packages/django_simple_sso-1.3.0.dist-info/RECORD Normal file
View File

@@ -0,0 +1,49 @@
django_simple_sso-1.3.0.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4
django_simple_sso-1.3.0.dist-info/LICENSE,sha256=HBvR48ybzx2Wtn27XnOxgGqZMOLjW2M5uuqcqXbTWtI,1486
django_simple_sso-1.3.0.dist-info/METADATA,sha256=PB6p5oK7jf0wTtI86hrU3MC1ud4TB6qr97k0OmtIGiI,8023
django_simple_sso-1.3.0.dist-info/RECORD,,
django_simple_sso-1.3.0.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
django_simple_sso-1.3.0.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
django_simple_sso-1.3.0.dist-info/top_level.txt,sha256=OqDr0ZbVxuRwINVeI6xbKzkpScHICAAEToPe9GO7xvo,17
simple_sso/__init__.py,sha256=zi_LaUT_OsChAtsPXbOeRpQkCohSsOyeXfavQPM0GoE,22
simple_sso/__pycache__/__init__.cpython-312.pyc,,
simple_sso/__pycache__/exceptions.cpython-312.pyc,,
simple_sso/__pycache__/models.cpython-312.pyc,,
simple_sso/__pycache__/utils.cpython-312.pyc,,
simple_sso/exceptions.py,sha256=_eqcKS3DhacC2NPuqyOD1wtY5vA04xRUCvGqdT3f9sU,89
simple_sso/models.py,sha256=jFPFbnLplqIvlPD5vTHeHydQVfwAMmvTwgx4fULAQLE,45
simple_sso/sso_client/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
simple_sso/sso_client/__pycache__/__init__.cpython-312.pyc,,
simple_sso/sso_client/__pycache__/client.cpython-312.pyc,,
simple_sso/sso_client/client.py,sha256=vaATfP9U9hgJrOgeELkbSpcBwcNS4LZQY0p1qpHdAo8,4713
simple_sso/sso_server/__init__.py,sha256=zBoD5ZZ1kQXi0g5GPPICTosel8_WeVi-eXzJ2pUVZOI,66
simple_sso/sso_server/__pycache__/__init__.cpython-312.pyc,,
simple_sso/sso_server/__pycache__/apps.cpython-312.pyc,,
simple_sso/sso_server/__pycache__/models.cpython-312.pyc,,
simple_sso/sso_server/__pycache__/server.cpython-312.pyc,,
simple_sso/sso_server/apps.py,sha256=ziuYUTB-y8QCOiTq4MXJrJcaluLd2WysS3xyIEyF4PU,105
simple_sso/sso_server/migrations/0001_initial.py,sha256=SRYJfZvSCwIyCO4PZEDefsgJcGcDoHW3ozktqYEwpsU,1833
simple_sso/sso_server/migrations/0002_consumer_name_max_length.py,sha256=UqQhiocn--NP7gV0wqJYN3OrFnArg5TH_1iEsn613JQ,343
simple_sso/sso_server/migrations/0003_token_redirect_to_max_length.py,sha256=QKWB8wxwIhVNZRxLaFCcHvzDPGtH4gUhyF4DLt0rcX8,352
simple_sso/sso_server/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
simple_sso/sso_server/migrations/__pycache__/0001_initial.cpython-312.pyc,,
simple_sso/sso_server/migrations/__pycache__/0002_consumer_name_max_length.cpython-312.pyc,,
simple_sso/sso_server/migrations/__pycache__/0003_token_redirect_to_max_length.cpython-312.pyc,,
simple_sso/sso_server/migrations/__pycache__/__init__.cpython-312.pyc,,
simple_sso/sso_server/models.py,sha256=l73SIY1lzWnBb19rOxOk3KXr0o_XNGYWQyydj7J-pyk,2121
simple_sso/sso_server/server.py,sha256=Zq2845IslUA2U_F2JGD_tb0NEs4pWYSv2aSMrhkkfZE,6222
simple_sso/utils.py,sha256=JGYdgbPUiJH1VkZsTh4xfJz-F4ex7cnztk8YtadLfGw,5067
tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
tests/__pycache__/__init__.cpython-312.pyc,,
tests/__pycache__/settings.cpython-312.pyc,,
tests/__pycache__/test_core.cpython-312.pyc,,
tests/__pycache__/test_migrations.cpython-312.pyc,,
tests/__pycache__/urls.cpython-312.pyc,,
tests/settings.py,sha256=jXqJJnJvzV_t5x407yrkCyD427IFZZVrLt79YIXfF0U,2192
tests/test_core.py,sha256=xugH8D3zCsMApJslFLLXZ0KVZMbEqLYxQZmxh4stw2I,7471
tests/test_migrations.py,sha256=fxexL4gvgE7H2cV3yIba89Ik1Y0q0xzVdInTMNbI_Ao,885
tests/urls.py,sha256=u7Fu2RtP44m5ldqGddqtJ-w6Sm7lTBF1hsmr8b9WPr8,747
tests/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
tests/utils/__pycache__/__init__.cpython-312.pyc,,
tests/utils/__pycache__/context_managers.cpython-312.pyc,,
tests/utils/context_managers.py,sha256=Q7C4I3-ZvWwqD6R2f7UYK7A8phdfr7W3vdVsiYlUlxc,1453

0
venv/lib/python3.12/site-packages/django_simple_sso-1.3.0.dist-info/REQUESTED Normal file
View File

5
venv/lib/python3.12/site-packages/django_simple_sso-1.3.0.dist-info/WHEEL Normal file
View File

@@ -0,0 +1,5 @@
Wheel-Version: 1.0
Generator: bdist_wheel (0.42.0)
Root-Is-Purelib: true
Tag: py3-none-any

2
venv/lib/python3.12/site-packages/django_simple_sso-1.3.0.dist-info/top_level.txt Normal file
View File

@@ -0,0 +1,2 @@
simple_sso
tests