OIDCProvider#
- class gafaelfawr.providers.oidc.OIDCProvider(*, config, verifier, user_info_service, http_client, logger)#
Bases:
ProviderAuthenticate a user with GitHub.
- Parameters:
config (
OIDCConfig) – OpenID Connect authentication provider configuration.verifier (
OIDCTokenVerifier) – JWT token verifier for OpenID Connect tokens.user_info_service (
OIDCUserInfoService) – Service for retrieving user metadata like UID.http_client (
AsyncClient) – Session to use to make HTTP requests.logger (
BoundLogger) – Logger for any log messages.
Methods Summary
create_user_info(code, state, session)Given the code from a successful authentication, get a token.
get_redirect_url(state)Get the login URL to which to redirect the user.
logout(session)User logout callback.
Methods Documentation
- async create_user_info(code, state, session)#
Given the code from a successful authentication, get a token.
- Parameters:
- Returns:
The user information corresponding to that authentication.
- Return type:
- Raises:
FirestoreError – Raised if retrieving or assigning a UID from Firestore failed.
LDAPError – Raised if Gafaelfawr was configured to get user groups, username, or numeric UID from LDAP, but the attempt failed due to some error.
OIDCError – Raised if the OpenID Connect provider responded with an error to a request or the group membership in the resulting token was not valid.
httpx.HTTPError – An HTTP client error occurred trying to talk to the authentication provider.
- get_redirect_url(state)#
Get the login URL to which to redirect the user.