Skip to content

JorgenWP/assignment-4

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
templates
templates
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
app.py
app.py
 
 
dockerfile
dockerfile
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

OpenID Authentication

This is a simple flask app that demonstrates how to use OpenID authentication. The app also demonstrates how to deploy it using docker and how to make use of certificates to enable HTTPS encryption.

Table of Contents

How to run

It is possible to both run the app directly using python or using docker. But first, you will need to set up the environment variables. To do this, you can create a .env file in the root of the project and add the following variables:

CLIENT_ID=<>        # Create an app registration in the Azure portal
CLIENT_SECRET=<>    # Create a secret in the Azure portal
AUTHORITY=https://login.microsoftonline.com/<Directory (tenant) ID> # From the Azure portal

SESSION_SECRET=<> # This can be any random string

SCOPES=User.Read User.ReadWrite User.ReadBasic.All
REDIRECT_URI=http://localhost:5000/getAToken

Running the app using python

  1. Set up a python virtual environment and activate it

    python3 -m venv .venv
source .venv/bin/activate

  2. Install the dependencies

    pip install -r requirements.txt

  3. Run the flask app

    flask run --debug --host=localhost --port=5000

Running the app using docker

  1. Build the docker image

    docker build -t <docker-image-name> .

  2. Run the docker container

    Note: This approach will result in an error due to the dockerfile configuration. The error is due to the fact that the app is trying to use HTTPS and the certificates are not present in the container. To fix this, you can either remove the HTTPS configuration from the dockerfile or add the certificates before staring the container.

    docker run -p 5000:80 <docker-image-name>

Removing the HTTPS configuration from the dockerfile

To remove the HTTPS configuration from the dockerfile, you can simply edit the last line of the dockerfile from this:

CMD ["flask", "run", "--port", "443", "--cert", "/etc/letsencrypt/live/jpe130.x310.net/fullchain.pem", "--key", "/etc/letsencrypt/live/jpe130.x310.net/privkey.pem"]

Into this:

CMD ["flask", "run", "--port", "80"]

Certificates

The certificates used in this project are delivered by Let's Encrypt. The certificates are used to enable HTTPS encryption in the app and are automaticaly renewd. The certificates are not included in the repository, so you will need to generate your own certificates. To generate the certificates, you can use the certbot tool.

Setting up certbot

To set up certbot using docker on a machine running ubuntu 20 or later, you can follow the instructions on this page.

About

INF-2310 Computer Security, Assignment 4 - OpenID Authentication

jpe130.x310.net/

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages