Skip to content

OIDC PR#2 --- organization login using OIDC

Placeholder Ihsan Ullah requested to merge oidc_2 into develop

@ mention of reviewers`

@cjh1`

A brief description of the purpose of the changes contained in this PR.

Now codabench admin can register organizations for OIDC authentication. Users can then use those organizations to login with their organization credentials

Issues this PR resolves

How to test

To test this PR, you need OIDC server.

OIDC_Server setup

  1. Unzip this OIDC_Server django app OIDC_Server.zip
  2. go to this directory
cd OIDC_Server
  1. build the docker image from the Dockerfile
docker build -t oidc .

Codabench

  1. Add the following to docker compose yaml file
  #-----------------------------------------------
  #   OIDC Server
  #-----------------------------------------------
  oidc:
    image: oidc
    command: bash -c "cd /app/ && python manage.py runserver 0.0.0.0:9100"  
    ports:
      - 9100:9100
    stdin_open: true
    tty: true
    logging:
      options:
        max-size: "20k"
        max-file: "10"
  1. Start codabench server
docker-compose up -d

OIDC client

  1. Open this URL in your browser
http://0.0.0.0:9100/
  1. Login using these credentials
username: ihsan
password: Ihsan123
Screenshot 2024-03-17 at 12 41 48 AM
  1. Open admin interface
http://0.0.0.0:9100/admin/
Screenshot 2024-03-17 at 12 42 43 AM
  1. Create a client by adding the following details
  • Name: Paris-Saclay
  • Response types: code(Authentication Code Flow)
  • Redirect URIs: http://localhost/oidc/complete/1/

Once you click save, you will be able to get client ID and client Secret

Codabench

  1. Open admin interface
http://localhost/admin/
  1. Create a new Auth Organization in Auth_organizations
Screenshot 2024-03-17 at 12 47 59 AM Input the following information (use the client id and client secret from previous step) Screenshot 2024-03-17 at 12 49 30 AM
  1. Now open login page:
http://localhost/accounts/login/

You will see Login with Pari-Saclay button. Accept terms and conditions and click the button to authenticate with Paris-Saclay server.

  1. Reset password reset your password and then login using both OIDC login and regular login

Checklist

  • Code review by me
  • Hand tested by me
  • I'm proud of my work
  • Code review by reviewer
  • Hand tested by reviewer
  • CircleCi tests are passing
  • Ready to merge

Merge request reports