django: Add OIDC Bearer Token authentication backend for DRF views
Add a generic Django REST Framework authentication backend enabling to authenticate a user using Keycloak and OpenID Connect bearer tokens.
The backend can be easily plugged into a DRF application by:
-
adding
"swh.auth.django.backends.OIDCBearerTokenAuthentication"to theREST_FRAMEWORK["DEFAULT_AUTHENTICATION_CLASSES"]django setting. -
configuring Keycloak URL, realm and client by adding
SWH_AUTH_SERVER_URL,SWH_AUTH_REALM_NAMEandSWH_AUTH_CLIENT_IDin django settings
Users will then be able to perform authenticated Web API calls by sending their refresh token in HTTP Authorization headers.
That diff basically moves code and tests from swh-web with slight
changes to make the backend generic.
Related to swh-web#3150 (closed)
Depends on !18 (closed)
Migrated from D5366 (view on Phabricator)