{"id":18520944,"url":"https://github.com/zms-publishing/products.zmspluggableauthservice","last_synced_at":"2025-05-14T17:35:09.134Z","repository":{"id":114000268,"uuid":"283594259","full_name":"zms-publishing/Products.zmsPluggableAuthService","owner":"zms-publishing","description":null,"archived":false,"fork":false,"pushed_at":"2025-03-26T16:14:14.000Z","size":93,"stargazers_count":0,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-26T16:30:17.413Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zms-publishing.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-07-29T20:17:59.000Z","updated_at":"2025-03-26T16:14:18.000Z","dependencies_parsed_at":null,"dependency_job_id":"e291bd3f-1a64-4cbc-a937-d000312af4b0","html_url":"https://github.com/zms-publishing/Products.zmsPluggableAuthService","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zms-publishing%2FProducts.zmsPluggableAuthService","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zms-publishing%2FProducts.zmsPluggableAuthService/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zms-publishing%2FProducts.zmsPluggableAuthService/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zms-publishing%2FProducts.zmsPluggableAuthService/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zms-publishing","download_url":"https://codeload.github.com/zms-publishing/Products.zmsPluggableAuthService/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254194826,"owners_count":22030431,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T17:23:35.471Z","updated_at":"2025-05-14T17:35:09.089Z","avatar_url":"https://github.com/zms-publishing.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ZMS PluggableAuthService Adapter\nThe ZMS adapter for [Zope's Pluggable Authentication Service, PAS](https://github.com/zopefoundation/Products.PluggableAuthService) delivers four adapters each providing specific API functions of the  PAS authentication process:\n1. *ZMS PAS Cookie Auth Helper*: containing a login form and the auth cookie name\n2. *ZMS PAS Role Plugin*: containing the API methods authenticateCredentialsImpl and enumerateUsersImpl for connection external user repositories\n3. *ZMS PAS User Plugin*: containing the API method getRolesForPrincipalImpl\n3. *ZMS PAS SSO Plugin*: processing an [OpenID-Connect (OIDC)](https://en.wikipedia.org/wiki/OpenID#OpenID_Connect_(OIDC)) conformant http header for several authentication steps (credential extraction, authentication etc.)\n\n\n## SSO Plugin: Using OIDC conformant Single-Sign-On\n\n### Prerequisites\n* *itsdangerous*: Various helpers to pass data to untrusted environments and to get it back safe and sound. Data is cryptographically signed to ensure that a token has not been tampered with.\n   https://pypi.org/project/itsdangerous/\n\n### Zope Object's Properties\nName | Value | Description\n--- | --- | ---\nHeader\u0026nbsp;Name | `HTTP_X_AUTH_RESULT` | the name of the HTTP-header containing the OIDC auth-result\nSecret\u0026nbsp;Key | `******************` | the secret key used to decrypt the auth-result using the _itsdangerous_-module\nLogin\u0026nbsp;Path | `http://zms.hosting/auth/login` | the path for redirection from challenge to SSO login.\nLogin\u0026nbsp;Pattern | `https?:\\/\\/(.*)\\/manage` | the pattern of original url for redirection from challenge to SSO login.\nCame\u0026nbsp;From | `came_from` | the name of the request-parameter containing the original url the request came from\nUser\u0026nbsp;ID Attributes | `user_id,sub` | the name(s) of the http header payload fields representing the user id. \n*Optional\\*:* `roles_attr` | `roles_attr` | the name of the http header payload field representing a list of roles. \n\n \\* *The ZMS PluggableAuthService SSO Plugin is able to extract the user roles; for this a new attribute named \"roles_attr\" (string type) must be added manually to the property list*\n\n## License\nCopyright (c) 2000-2023 SNTL Publishing \u003chttps://www.sntl-publishing.com\u003e, Berlin. \nCode released under the _GNU General Public License v3 \u003chttp://www.gnu.org/licenses/gpl.html\u003e_ license.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzms-publishing%2Fproducts.zmspluggableauthservice","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzms-publishing%2Fproducts.zmspluggableauthservice","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzms-publishing%2Fproducts.zmspluggableauthservice/lists"}