Skip to content

Consolidate scattered SSO code into a dedicated dojo/sso/ package#20

Closed
Maffooch wants to merge 1 commit intodevfrom
sso-clean-up
Closed

Consolidate scattered SSO code into a dedicated dojo/sso/ package#20
Maffooch wants to merge 1 commit intodevfrom
sso-clean-up

Conversation

@Maffooch
Copy link
Copy Markdown
Owner

@Maffooch Maffooch commented Mar 31, 2026
edited
Loading

Description

Code cleanup. SSO-related code (OAuth2, SAML2, OIDC, REMOTE_USER auth) was
previously spread across many shared files. This PR consolidates it into a
single dedicated dojo/sso/ Python package so SSO logic lives in one place
and the surrounding shared files (dojo/urls.py, dojo/user/views.py,
dojo/settings/settings.dist.py, dojo/middleware.py,
dojo/context_processors.py, dojo/templates/dojo/login.html) only retain
small, well-defined seams that hook into dojo/sso/.

No behavior changes — settings names, env-var names, URLs, and template
output are all preserved.

Changes

Files moved into dojo/sso/:

  • dojo/pipeline.pydojo/sso/pipeline.py
  • dojo/remote_user.pydojo/sso/remote_user.py
  • dojo/settings/attribute-maps/dojo/sso/attribute_maps/

Code extracted into new modules under dojo/sso/:

  • CustomSocialAuthExceptionMiddleware from dojo/middleware.pydojo/sso/middleware.py
  • SSO context-processor keys from dojo/context_processors.pydojo/sso/context_processors.py
  • SSO env-var schema, authentication backends, social-auth pipeline, and SAML2
    configuration from dojo/settings/settings.dist.pydojo/sso/settings.py
  • Login-form auto-redirect logic from dojo/user/views.pydojo/sso/views.py
  • SSO login buttons from dojo/templates/dojo/login.htmldojo/sso/templates/dojo/sso_login_buttons.html
  • social_django and djangosaml2 URL routes → dojo/sso/urls.py

Other:

  • .dryrunsecurity.yaml updated to reference new paths
  • unittests/test_remote_user.py and unittests/test_social_auth_failure_handling.py updated for new import paths

Test results

  • unittests/test_remote_user.py exercises the relocated RemoteUserScheme
  • unittests/test_social_auth_failure_handling.py exercises the relocated
    CustomSocialAuthExceptionMiddleware
  • Login view continues to render the classic login form when no SSO providers
    are enabled, and continues to auto-redirect when exactly one is enabled

Documentation

No documentation changes — settings names and behavior are preserved.

Checklist

  • Rebased against latest `dev`
  • Submitted against `dev`
  • Ruff compliant
  • Python 3.13 compliant
  • No model changes (no migration needed)
  • Existing tests updated to cover relocated modules

@Maffooch
Consolidate scattered SSO code into a dedicated dojo/sso/ package
fe5f3e3 
SSO-related code (OAuth2, SAML2, OIDC, REMOTE_USER auth) was spread
across dojo/middleware.py, dojo/context_processors.py,
dojo/settings/settings.dist.py, dojo/user/views.py,
dojo/templates/dojo/login.html, dojo/pipeline.py, dojo/remote_user.py,
and dojo/settings/attribute-maps/. Move all of it into a single
dojo/sso/ package so SSO logic lives in one place.

No behavior change: settings names, URLs, and template output are
preserved.
@Maffooch Maffooch changed the title Sso clean up Consolidate scattered SSO code into a dedicated dojo/sso/ package Apr 27, 2026
@Maffooch Maffooch closed this Apr 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

settings_changes ui unittests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Maffooch