Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add keycloak SSO #5711

Merged
merged 19 commits into from
Jan 29, 2025
Merged

Add keycloak SSO #5711

Changes from 1 commit
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
ab86419
Add keycloak SSO
paulbauriegel Nov 22, 2024
8fd3b3b
Merge branch 'refactor/argilla-server/better-oauth2-integration' into…
paulbauriegel Nov 26, 2024
41bf238
Merge branch 'refactor/argilla-server/better-oauth2-integration' into…
frascuchon Dec 2, 2024
03b10e7
chore: Create keycloack backend
frascuchon Dec 2, 2024
7f319d2
Update docs for new backend
paulbauriegel Dec 2, 2024
0da655e
Merge branch 'refactor/argilla-server/better-oauth2-integration' into…
frascuchon Dec 3, 2024
bf2a0f6
feat: Configure role and workspaces from realm access roles
frascuchon Dec 3, 2024
174b9b9
Update User role after login
paulbauriegel Jan 16, 2025
8cddf2f
Update Keycloak Docs w. Mapper
paulbauriegel Jan 16, 2025
a474061
Use always the max rights role from the realm roles
paulbauriegel Jan 16, 2025
a25938e
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Jan 16, 2025
c3c20eb
Add last_name to userinfo.py
paulbauriegel Jan 16, 2025
55c64b3
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Jan 16, 2025
58bb93a
Update oauth2 handler to update workspaces if needed
paulbauriegel Jan 16, 2025
bc1084a
Merge branch 'refactor/argilla-server/better-oauth2-integration' into…
paulbauriegel Jan 22, 2025
7898ebb
Using flag to sync user from oauth info
frascuchon Jan 28, 2025
38ee8b7
Merge branch 'refactor/argilla-server/better-oauth2-integration' into…
frascuchon Jan 28, 2025
42fc36e
Update argilla-server/src/argilla_server/security/authentication/user…
paulbauriegel Jan 28, 2025
8395cb9
Update argilla-server/src/argilla_server/security/authentication/user…
paulbauriegel Jan 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 22 additions & 2 deletions argilla-server/src/argilla_server/security/authentication/oauth2/_backends.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
# limitations under the License.

import os
from typing import Type, Dict, Any
from typing import Type, Dict, Any, Optional

from social_core.backends.oauth import BaseOAuth2
from social_core.backends.open_id_connect import OpenIdConnectAuth
Expand Down Expand Up @@ -48,6 +48,26 @@ class HuggingfaceOpenId(OpenIdConnectAuth):
DEFAULT_SCOPE = ["openid", "profile"]


class KeycloakOpenId(OpenIdConnectAuth):
"""Huggingface OpenID Connect authentication backend."""

name = "keycloak"

def oidc_endpoint(self) -> str:
frascuchon marked this conversation as resolved.
Show resolved Hide resolved
value = super().oidc_endpoint()

if value is None:
from social_core.utils import setting_name

name = setting_name("OIDC_ENDPOINT")
raise ValueError(
"oidc_endpoint needs to be set in the Keycloak configuration. "
f"Please set the {name} environment variable."
)

return value


_SUPPORTED_BACKENDS = {}


Expand All @@ -56,9 +76,9 @@ def load_supported_backends(extra_backends: list = None) -> Dict[str, Type[BaseO

backends = [
"argilla_server.security.authentication.oauth2._backends.HuggingfaceOpenId",
"argilla_server.security.authentication.oauth2._backends.KeycloakOpenId",
"social_core.backends.github.GithubOAuth2",
"social_core.backends.google.GoogleOAuth2",
"social_core.backends.keycloak.KeycloakOAuth2",
]

if extra_backends:
Expand Down