ansible/awx

Display SAML login icon for /api/login page

Open

#12905 opened on Sep 19, 2022

View on GitHub
 (8 comments) (3 reactions) (1 assignee)Python (13,071 stars) (3,333 forks)batch import
Hacktoberfestcommunitycomponent:apigood first issuetype:enhancement

Description

Please confirm the following

  • I agree to follow this project's code of conduct.
  • I have checked the current issues for duplicates.
  • I understand that AWX is open source software provided for free and that I might not receive a timely response.

Feature type

Enhancement to Existing Feature

Feature Summary

When requesting an authorization-code at /api/o/authorize, users can't use SAML to login.

image

I see 2 possible feature enhancement to correct that :

  1. Display an SAML login button on that page
  2. Redirect to web UI login page, then redirect to /api/o/authorize

Select the relevant components

  • UI
  • API
  • Docs
  • Collection
  • CLI
  • Other

Steps to reproduce

  • Add an SAML provider in AWX settings.
  • Make sure to logout from AWX.
  • Go to /api/o/authorize route, it redirects you to /api/login/?next=/api/o/authorize/

Current results

Users are only able to login with username + password.

Sugested feature result

Users should be able to login via SAML.

Additional information

No response

Contributor guide

Tech stack
pythondjango
Domain
apifrontend
Issue type
feature
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
3
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
half day
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
blocked
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
clear
Prerequisites
Django OAuth toolkitSAML authentication
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
40
Research direction
Examine the login template at '/api/login' and the existing OAuth authorization endpoint. Look for how SAML authentication is handled in the AWX Django app, possibly in the views or authentication backends. Determine if adding a SAML button requires modifying the template or the authentication flow. Review comments in issue #12905 for any suggested approaches.