Software Heritage - Authentication

swh-auth is a set of utility libraries related to user authentication in applications and services based on the use of Keycloak and OpenID Connect.

Keycloak is an open source software enabling single sign-on (SSO) with identity and access management.

OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, widely used in modern web applications and services.

swh-auth notably offers the following features:

• the swh.auth.keycloak.KeycloakOpenIDConnect class to ease the interaction with a Keycloak server

• a pytest plugin with the keycloak_oidc fixture to mock Keycloak responses in unit tests

• generic backends, views and middlewares to easily plug OpenID Connect authentication in any Django or Django REST framework application

Reference Documentation

• Command-line interface
  • swh auth
• Django components
  • OIDC User model
  • Authentication backends
  • Login / logout views
  • Middlewares
  • Minimal application example
• swh.auth package
  • swh.auth.django package
  • swh.auth.starlette package
  • swh.auth.cli module
  • swh.auth.keycloak module
  • swh.auth.pytest_plugin module
  • swh.auth.utils module