I'm trying to configure a SAML Authentication with Azure in a Flask web service.
Is the first time I'm doing this and I'm bit lost.
I'm trying to use the 'SAML_METADA_URL' provided in AZURE but I don't know what to configure in python side.
In Azure seems to be all setup, the app was added, have the client ID and CLIENT SECRET, ETC.
Anyone knows a good and specific tutorial for this?
Thanks in advance
You can refer to the SAML-enabled Python application guide, which explains how to use PySAML2 to add Okta support (via SAML) to an application written in Python, And refer to the steps for implementing a SAML SP in Python/Flask.
In addition, OneLogin also provides a SAML Python toolkit, I believe it will also be helpful to you here.
Related
I'm trying to obtain a Azure Maps Token using a Azure Function based on the following documentation.
How to secure a single-page web application with non-interactive sign-in
Does anyone know how to create a Azure Maps Client using .NET similar to this?
AzureMapsManagement client library for JavaScript
They just released a .NET client library yesterday. You can find it here: https://github.com/Azure/azure-sdk-for-net/tree/main/sdk/maps
For example, if you wanted to use the search API, you would authenticate
in a similar manner to the JavaScript client library:
AzureKeyCredential credential = new AzureKeyCredential("<My Subscription Key>");
MapsSearchClient client = new MapsSearchClient(credential);
Here is some documentation on this client library: https://learn.microsoft.com/en-us/azure/azure-maps/how-to-dev-guide-csharp-sdk
For token base authentication you can use the Azure.Core.TokenCredential class. A good article on the different ways to do this can be found here: https://www.rahulpnath.com/blog/defaultazurecredential-from-azure-sdk/ (not putting code in stackoverflow as there are a lot of different ways depending on your scenario).
I would like to develop a system that can help any developer to create an application based to my API.
My problem is authentication.
I have see (for example) as work google with your services; I would like create an system of oauth (private) such as google (concept) that an developer, after sign to my portal, get APP ID and APP SECRET.
When developer self create these credentials, can use for call API based to https.
My API are developed by nodejs and express system.
I say which way is more stable for create an system robust for this scenario.
Thanks for any support. Any idea is appreciate
You can try http://passportjs.org/, it can work as a middleware with express.
I want to create a simple backend application in node that can query AAD to get a list of OUs or Groups. My application needs this type of information to create groups of users in our system. I'm having trouble getting started here. I found this example which is in DotNet which does a Daemon server flow. I've found these informative links:
https://azure.microsoft.com/en-us/documentation/articles/active-directory-authentication-scenarios/#daemon-or-server-application-to-web-api
Basically I want to be able to make a backend request using certificate based authentication without any user involvement. I'm assuming an adminsitrator will need to allow my application to make this request through some authorization flow. I'm looking for a simple step-by-step guide to get this going along with some sample NodeJS code. Something similar to this example: https://github.com/Azure-Samples/active-directory-dotnet-daemon-certificate-credential
Assuming I don't have a windows machine will I need to somehow run Powershell commandsfrom some sort of mono emulator on my Linux servers?
I figured out how to get the basic certificate flow working. It's not well documented, however if you look at the tests/client-credentials.js in the source code for adal-node, you will see some examples.
If you're using Azure App Service web apps, you can follow this guide to integrate AAD with your application: https://azure.microsoft.com/en-us/documentation/articles/app-service-mobile-how-to-configure-active-directory-authentication/
Once you have that, auth will be enabled for your app and you can configure the AAD app in the portal. See this blog post for more details: http://blogs.technet.com/b/ad/archive/2014/12/18/azure-active-directory-now-with-group-claims-and-application-roles.aspx
To integrate with node.js, see this example for details:
https://github.com/Azure-Samples/active-directory-node-webapi
Once you have that, switch to using cert auth similar to the example you provided. Also you shouldn't need powershell. For more information on how AAD works see: https://azure.microsoft.com/en-us/documentation/articles/active-directory-authentication-scenarios/
I've been searching high and low for an example of using an Azure API App with authentication with a javascript client. Specifically I am interested in how something like an Angularjs app can authenticate with an Azure API app.
The closest I've got is this example http://azure.microsoft.com/en-us/documentation/articles/app-service-api-javascript-client/
but unfortunately this does not use authentication.
Given many users with be using SPA applications with Azure API Apps I would think there will be a lot of demand for this.
Does anyone have any pointers?
http://azure.microsoft.com/en-us/documentation/articles/app-service-api-dotnet-consume/#authenticated-call-from-a-windows-desktop-application shows how to authenticate for scenarios where we don't yet have an SDK. You should be able to follow the same steps from a JavaScript client. Hope that helps!
Thanks,
Mohit
I have wrote an web service that returns the scheduler from a given student. I must now secure the web service, because the data are confidential.
It's a rest web service using jersey.
My idea is to exchange token, like OAuth or similar. I searched on the web and can't found a library that implements oAuth with helpful examples.
Can anyone provide me examples that uses a OAuth library for securing an web service ?
Check out the Jersey OAuth lab we presented at this year's JavaOne: http://java.net/projects/jersey/downloads/download/oauth_lab.zip
Note the instructions on how to set up the environment to be able to run the lab is in an appendix at the end of the lab guide.