I have successfully created Azure AD authentication using MSAL in the angular application, after that I passed the token to Django and validated the token from the azure.
Now I want to implement the SAML2 in Azure AD authentication.
Using this article https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/saml-toolkit-tutorial, I have created SAML toolkit for Azure AD and got login url, logout url, AD Identifier url and certificate. Using this information, I don't know how to implement Azure AD authentication in angular or python.
I have read lot of article, nothing worked.
This toolkit is simply an application used to test access to an Azure AD Enterprise application using SAML.
From the client-side, you need to add a client-side SAML stack to your code.
On the Azure AD side, you connect this stack to an Enterprise application.
There are comments relating to the ADAL / MSAL libraries. You cannot use these as they rely on OpenID Connect not SAML!
#Shakthifuture
Have you checked this StackOverflow answer part:
SAML Authentication in Angular app Using Azure AD
I have used this library to implement to SAML authentication using Django.
pip install django_saml2_auth
this library supports JWT token and uses Angular or any front-end application with Django
https://github.com/fangli/django-saml2-auth
Related
I have an application created using Django that uses MSAL library to authenticate with Azure AD.
As I understand, MSAL uses OAuth and so far the authentication/authorization works great. Is there a way to implement authentication using SAML instead of OAuth. I came across pysaml2 library but doesn't have sufficient documentation to integrate with Azure AD. Can someone please share your thoughts.
Is there a way to implement authentication using SAML instead of
OAuth.
No it's not possible to use SAML authentication in MSAL library.MSAL does not support SAML. It only supports OAuth / OpenID Connect.
Similar kind of request also raised on StackOverflow and Microsoft Q&A as well you can check for more information
SAML is devloped by the Security Services Technical Committee of OASIS (Organization for the Advancement of Structured Information Standards) not by Microsoft so this might be the reason SAML is not included in MSAL Library.
I'm working with two servers, one a NodeJS app (FeathersJS and Grant for authentication), and the other is a Django app, using django-oauth-toolkit for authentication.
https://github.com/simov/grant
https://pypi.org/project/django-oauth-toolkit/
I am trying to get the NodeJS app to oauth with the python django app, so here is what I have done so far:
Registered Feathers with Django Oauth toolkit -
Configured Feathers/Grant with the following options:
"key": "xxx",
"authorize_url": "https://www.com/o/authorize",
"access_url": "https://www.com/o/token"
But I'm running into an issue where the grant workflow is not receiving the access token, and am stuck at this point. Has anyone tried integrating two apps as such and been successful in this process? I'd appreciate any pointers, suggestions. Thanks!
I am using two social auth libraries in django framework social-auth-app-django and graphql-social-auth. I have successfully implemented the login functionality using these libraries but now I want to introduce a feature in my app to disconnect social account. So according to this documentation (https://python-social-auth.readthedocs.io/en/latest/pipeline.html#disconnection-pipeline) I have added SOCIAL_AUTH_DISCONNECT_PIPELINE but having no idea how can I use this disconnect functionality from my react frontend. I am using React frontend so how can I disconnect social account using rest api?
Can I use firebase with python to do user account creation and logging in and out?
or any other recommendations? I've read but seems like it only uses nodejs
There is an Admin SDK for Python for certain Firebase products, including Firebase Authentication.
The Admin SDK for Firebase is meant to run on servers and in other trusted environments. This means that a process using the Admin SDK has administrative access to all Firebase services. This for example allows you to easily create a new user account with the Python SDK.
But that also means that the Python SDK cannot be used to sign in with Firebase Authentication: after all, the process already runs with administrative privileges.
If you want to use the Python SDK to verify users, you should have the users sign in on the client with one of the regular Firebase Authentication SDKs. Then send the ID token from the client to your server, and use the Python SDK to verify that token.
I have a web server with Django, hosted with Apache server. I would like to configure Google App Engine for the email server. My web server should be able to use Google App Engine, when it makes any email send using EmailMessage or sendmail infrastructure of Google Mail API.
I learnt that by using Remote API, I can access Google App Engine server from my main web server. However, I could not access the Mail APIs supported by Google App Engine.
Is the Remote API strictly for Datastore? If so, can only the DB read from it and no other API calls can?
The example code for the remote APi gives you an interactive console from which you can access any of the modules in your application. I see no requirement that they be only datastore operations.
You may want to use a third-party SMTP relaying service. Here's a list.
Most of them have a simple API that lets you forward your email to their service. That way, you're not bound by the AppEngine's limits. The more reputable ones also take care of headers necessary so your app isn't tagged as a spam sender (which hopefully, it isn't :-)