Files
Lebaud Antoine df03534fb1 wip handle Authorization code flow with Django
Integrate 'mozilla-django-oidc' dependency, to support
Authorization Code flow, which is required by Agent Connect.

Thus, we provide a secure back channel OIDC flow, and return
to the client only a session cookie.

Done:
* Replace JWT authentication by Session based authentication in DRF
* Update Django settings to make OIDC configurations easily editable
* Add 'mozilla-django-oidc' routes to our router
* Implement a custom Django Authentication class to adapt 'mozilla-django-oidc' to our needs

'mozilla-django-oidc' routes added are:
* /authenticate
* /callback (the redirect_uri called back by the Idp)
* /logout

Todo in dedicated PR:
* Configure redis to manage these session cookies
* Test and adjust code if necessary when the session cookie expires
* Test and adjust code if necessary when the user logout
2024-02-15 16:46:16 +01:00
..