django-simple-sso is a simple SSO app for Django.
The server is a Django website that holds all the user information and authenticates users.
The server is a Django website that provides login via SSO using the Server. It does not hold any user information.
A unique key identifying a Client. This key can be made public.
A secret key shared between the Server and a single Client. This secret should never be shared with anyone other than the Server and Client and must not be transferred unencrypted.
1. User wants to log into a Client by clicking a "Login" button. The initially requested URL can be passed using the next GET parameter.
2. The Client's Python code does a HTTP request to the Server to request a authentication token, this is called the Request Token Request.
3. The Server returns a Request Token.
4. The Client redirects the User to a view on the Server using the Request Token, this is the Authorization Request.
5. If the user is not logged in the the Server, they are prompted to log in.
6. The user is redirected to the Client including the Request Token and a Auth Token, this is the Authentication Request.
7. The Client's Python code does a HTTP request to the Server to verify the Auth Token, this is called the Auth Token Verification Request.
8. If the Auth Token is valid, the Server returns a serialized Django User object.
9. The Client logs the user in using the Django User recieved from the Server.