Microsoft Azure¶
Links¶
OpenID Connect¶
Is used by the login app. See OpenID Connect for more information.
Register application¶
Register your application:
Add a Redirect URI (don’t forget to append a /):
You can update the redirect URL by selecting Redirect URIs in the application overview:
Warning
You will need to append a / to the Redirect URI
(e.g. http://localhost:8000/oidc/callback/).
Tip
For more information, see examples of callback urls in mozilla-django-oidc,
Settings¶
The login app requires a .private file containing the following:
set -x OIDC_OP_AUTHORIZATION_ENDPOINT "https://login.microsoftonline.com/fcee251/oauth2/v2.0/authorize"
set -x OIDC_OP_TOKEN_ENDPOINT "https://login.microsoftonline.com/fcee251/oauth2/v2.0/token"
set -x OIDC_RP_CLIENT_ID "36ad9"
set -x OIDC_RP_CLIENT_SECRET "aead6"
set -x OIDC_OP_JWKS_ENDPOINT "https://login.microsoftonline.com/common/discovery/v2.0/keys"
set -x OIDC_RP_SIGN_ALGO "RS256"
set -x OIDC_USE_NONCE False
# used by 'login/management/commands/demo_data_login_oidc.py'
set -x KB_TEST_EMAIL_FOR_OIDC "patrick@kbsoftware.co.uk"
set -x KB_TEST_EMAIL_USERNAME "pkimber"
The Application ID (OIDC_RP_CLIENT_ID) is on the Overview page:
The OIDC_OP_AUTHORIZATION_ENDPOINT and OIDC_OP_TOKEN_ENDPOINT endpoints
are found by clicking on Endpoints
Create a secret in Certificates and secrets (OIDC_RP_CLIENT_SECRET):
To get the OIDC_OP_JWKS_ENDPOINT and OIDC_RP_SIGN_ALGO
browse to:
https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration
Tip
I found this information in the Fetch the OpenID Connect metadata document…
ssh¶
If your ssh connections are timing out, then add the following to your
~/.ssh/config file:
Host www.hatherleigh.info
ServerAliveInterval 120
ServerAliveCountMax 4
Tip
Replace Host as appropriate.