Contributors mailing list archives
Azure AD authentication Advice auth_oauth.by
Open for Small Business, Graeme Gellatly
My alternative is to simply copy the oauth module and make edits, changing endpoints etc, but when I tried it didn't work so any advice on the steps to do this would be appreciated.
Similarly in main.py, it queries the response, sets some fields and call res_user.auth_oauth. The Odoo module does very little in the way of preventing hacks and replay attacks. Doesn't verify signatures, audience, expiries etc or send randomised state information for validation. Is there anyway to neatly inherit and override functions in main.py? The strange thing is that I copied the original and called it auth_auth2 in my hacking. It isn't installed, but that file gets called rather than my copy.
The query string sent in auth_oauth is different. It requires different key value pairs, for example a nonce is required, and the token type is 'id_token'. It is very much an openid_connect workflow (not like auth_openid which really should be deprecated).
The ORM side is not too difficult, just a few extra fields and function overrides however the problems start with the web side.
However with some relatively minor hacking of the auth_ouath module it works, however now I want to turn that into a module which extends auth_oauth.
Hi all,My context here is v7, but should apply to all versions. We use Office 365 which is backed by the free version of AzureAD. It supports multiple oauth2 authentication flows, but not the one in the auth_oauth module (it does but its quite a lot stricter so the implementation doesn't work and its overkill).
Or else any other alternatives.
Any resulting module will be published.