如何将 Python OpenID Connect 模块与 IBM Cloud App ID 一起使用?
How to use Python OpenID Connect module with IBM Cloud App ID?
我注册了 IBM Cloud App ID to protect access to my cloud application. There is a sample that shows that the service can be used with Python. However, I want to use one of the (standard) OpenID Connect modules. How can I configure, e.g., Flask-pyoidc 以使用 App ID?它需要几个参数,我不确定它们与 App ID 提供的内容有何关系。
provider_config = {
'issuer': 'https://op.example.com',
'authorization_endpoint': 'https://op.example.com/authorize',
'token_endpoint': 'https://op.example.com/token',
'userinfo_endpoint': 'https://op.example.com/userinfo'
}
auth = OIDCAuthentication(provider_configuration_info=provider_config)
这里是 provider_config 的配置方式。
provider_config={
"issuer": "appid-oauth.ng.bluemix.net",
"authorization_endpoint": appIDInfo['oauthServerUrl']+"/authorization",
"token_endpoint": appIDInfo['oauthServerUrl']+"/token",
"userinfo_endpoint": appIDInfo['profilesUrl']+"/api/v1/attributes",
"jwks_uri": appIDInfo['oauthServerUrl']+"/publickeys"
}
appIDInfo 可以从 IBM Cloud 上的 Cloud Foundry 环境获取,也可以使用如下结构手动配置:
"AppID": {
"clientId": "your App ID client Id",
"managementUrl": "https://appid-management.ng.bluemix.net/management/v4/-----tenantID----",
"oauthServerUrl": "https://appid-oauth.ng.bluemix.net/oauth/v3/-----tenantID----",
"profilesUrl": "https://appid-profiles.ng.bluemix.net",
"secret": "the App ID secret",
"tenantId": "-----tenantID----",
"version": 3
}
然后 clientId 和 secret 将用于填充 Flask-pyoidc 所需的 client_info 对象。我有 sample code using Flask-pyoidc with App ID in a GitHub repository。它显示了从配置到使用装饰器保护 Flask 中的应用程序路由的所有步骤。
我注册了 IBM Cloud App ID to protect access to my cloud application. There is a sample that shows that the service can be used with Python. However, I want to use one of the (standard) OpenID Connect modules. How can I configure, e.g., Flask-pyoidc 以使用 App ID?它需要几个参数,我不确定它们与 App ID 提供的内容有何关系。
provider_config = {
'issuer': 'https://op.example.com',
'authorization_endpoint': 'https://op.example.com/authorize',
'token_endpoint': 'https://op.example.com/token',
'userinfo_endpoint': 'https://op.example.com/userinfo'
}
auth = OIDCAuthentication(provider_configuration_info=provider_config)
这里是 provider_config 的配置方式。
provider_config={
"issuer": "appid-oauth.ng.bluemix.net",
"authorization_endpoint": appIDInfo['oauthServerUrl']+"/authorization",
"token_endpoint": appIDInfo['oauthServerUrl']+"/token",
"userinfo_endpoint": appIDInfo['profilesUrl']+"/api/v1/attributes",
"jwks_uri": appIDInfo['oauthServerUrl']+"/publickeys"
}
appIDInfo 可以从 IBM Cloud 上的 Cloud Foundry 环境获取,也可以使用如下结构手动配置:
"AppID": {
"clientId": "your App ID client Id",
"managementUrl": "https://appid-management.ng.bluemix.net/management/v4/-----tenantID----",
"oauthServerUrl": "https://appid-oauth.ng.bluemix.net/oauth/v3/-----tenantID----",
"profilesUrl": "https://appid-profiles.ng.bluemix.net",
"secret": "the App ID secret",
"tenantId": "-----tenantID----",
"version": 3
}
然后 clientId 和 secret 将用于填充 Flask-pyoidc 所需的 client_info 对象。我有 sample code using Flask-pyoidc with App ID in a GitHub repository。它显示了从配置到使用装饰器保护 Flask 中的应用程序路由的所有步骤。