| 3 |
3 |
==================
|
| 4 |
4 |
|
| 5 |
5 |
Authentic2 plugin to authenticate against *France Connect* the french
|
| 6 |
|
citizen and entreprise SSO.
|
|
6 |
citizen and enterprise SSO.
|
| 7 |
7 |
|
| 8 |
8 |
Installation
|
| 9 |
9 |
============
|
| ... | ... | |
| 20 |
20 |
A2_FC_CLIENT_SECRET = 'secret assigned by DISIC'
|
| 21 |
21 |
A2_FC_VERIFY_CERTIFICATE = False # True for production
|
| 22 |
22 |
|
| 23 |
|
A2_FC_CREATE = True set the plugin in provisionning mode. If a sub is unknown,
|
| 24 |
|
a user is created instead of asking authentication.
|
|
23 |
A2_FC_CREATE = True sets the plugin in provisioning mode. If a sub is unknown,
|
|
24 |
a user is created instead of asking for authentication.
|
| 25 |
25 |
|
| 26 |
|
When the create mode is enabled, the link for unlinking is hidden on the
|
| 27 |
|
profile frontend. This is due to the not yet implemented need of asking
|
| 28 |
|
the user credentiels when unlinking a user created without any other credential
|
| 29 |
|
that the authentication delegation. Unlinking meaning, loosing access to this
|
|
26 |
When the create mode is enabled, the link for account unlinking is hidden on
|
|
27 |
the profile frontend. This is due to the not yet implemented need for asking
|
|
28 |
the user credentials when unlinking a user created without any other credential
|
|
29 |
than the authentication delegation. Unlinking meaning, loosing access to this
|
| 30 |
30 |
account at the end of the current session. To enable unlinking when create is
|
| 31 |
|
unabled use A2_FC_ENABLE_UNLINK_WHEN_CREATE = True.
|
|
31 |
enabled use A2_FC_ENABLE_UNLINK_WHEN_CREATE = True.
|
| 32 |
32 |
|
| 33 |
|
A2_FC_LOGOUT_WHEN_UNLINK = True is using to trigger a logout toward the OP
|
|
33 |
A2_FC_LOGOUT_WHEN_UNLINK = True is used to trigger a logout toward the OP
|
| 34 |
34 |
after unlinking.
|
| 35 |
35 |
|
| 36 |
36 |
Platforms
|
| ... | ... | |
| 47 |
47 |
Data Providers
|
| 48 |
48 |
==============
|
| 49 |
49 |
|
| 50 |
|
You can define data provider endpoints with the following dictionnary :
|
|
50 |
You can define data provider endpoints with the following dictionary :
|
| 51 |
51 |
|
| 52 |
52 |
A2_FC_FD_LIST = {
|
| 53 |
53 |
'revenu_fiscal_de_reference': [
|
| ... | ... | |
| 64 |
64 |
|
| 65 |
65 |
fc/callback/?next=%2F&fd_scopes=revenu_fiscal_de_reference scolarite
|
| 66 |
66 |
|
| 67 |
|
The data received is recorded in the session with a dictionnary named `fc-data`
|
|
67 |
The data received is recorded in the session with a dictionary named `fc-data`
|
| 68 |
68 |
with scopes as keys and lists of data as values. A data is a tuple
|
| 69 |
69 |
FD name and data content.
|
| 70 |
70 |
|
| ... | ... | |
| 78 |
78 |
=================
|
| 79 |
79 |
|
| 80 |
80 |
You can map France Connect attributes to Authentic2 attributes through the
|
| 81 |
|
setting A2_FC_USER_INFO_MAPPINGS. A2_FC_USER_INFO_MAPPINGS is a dictionnary
|
| 82 |
|
whose keys are authentic2's attribute names and value can be France Connect
|
| 83 |
|
attribute names or dictionnary with the following keys:
|
|
81 |
setting A2_FC_USER_INFO_MAPPINGS. A2_FC_USER_INFO_MAPPINGS is a dictionary
|
|
82 |
whose keys are authentic2's attribute names and values can be France Connect
|
|
83 |
attribute names or dictionary with the following keys:
|
| 84 |
84 |
|
| 85 |
85 |
- `value` : a static value which will be assigned to the authentic2 attribute,
|
| 86 |
86 |
can be any Python value,
|
| ... | ... | |
| 90 |
90 |
communes to their name,
|
| 91 |
91 |
- @insee-countries@ : translate the value using mapping from INSEE code of
|
| 92 |
92 |
countries to their name,
|
| 93 |
|
- @simple@ : lookup the value using the dictionnary in @translation_simple@.
|
| 94 |
|
- `compute`: compute a value using a known function, only known function for now
|
| 95 |
|
is @today@ which returns @datetime.date.today()@.
|
|
93 |
- @simple@ : lookup the value using the dictionary in @translation_simple@.
|
|
94 |
- `compute`: compute a value using a known function, the only known function
|
|
95 |
for now is @today@ which returns @datetime.date.today()@.
|
| 96 |
96 |
- `verified`: set the verified flag on the value.
|
| 97 |
97 |
|
| 98 |
|
Exemple:
|
|
98 |
Example:
|
| 99 |
99 |
|
| 100 |
100 |
A2_FC_USER_INFO_MAPPINGS = {
|
| 101 |
101 |
'first_name': 'given_name',
|
| 102 |
|
-
|