dj-jwt-auth 1.2.0__tar.gz → 1.3.0__tar.gz

{dj-jwt-auth-1.2.0 → dj-jwt-auth-1.3.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dj-jwt-auth
-Version: 1.2.0
+Version: 1.3.0
 Summary: A Django package for JSON Web Token validation and verification. Using PyJWT.
 Home-page: https://www.example.com/
 Author: Konstantin Seleznev
@@ -21,23 +21,22 @@ Classifier: Topic :: Internet :: WWW/HTTP
 Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content
 Requires-Python: >=3.8
 Description-Content-Type: text/markdown
-Requires-Dist: Django>=3.0
-Requires-Dist: pyjwt>=2.5.0
-Requires-Dist: requests>=2.28.1
-Requires-Dist: cryptography>=36.0.2
 
 # Django-JWT
 
 This is a package to verify and validate JSON Web Tokens (JWT) in Django.
 
 ### Installation
-1. Install the package using pip.
+1. Install the package using pip:
+```bash
+    pip install dj-jwt-auth
+```
 
 2. Add "django_jwt" to your INSTALLED_APPS setting like this::
 ```
     INSTALLED_APPS = [
         ...
-        'django_jwt',
+        "django_jwt",
     ]
 ```
 
@@ -45,33 +44,39 @@ This is a package to verify and validate JSON Web Tokens (JWT) in Django.
 ```
     MIDDLEWARE = [
         ...
-        'django_jwt.middleware.JWTAuthMiddleware',
+        "django_jwt.middleware.JWTAuthMiddleware",
     ]
 ```
 
 ### Configuration:
 Required variables:
-- OIDC_CERTS_URL - certificate endpoint, like `https://keyCloak/realms/h/.well-known/openid-configuration`
-
+- OIDC_CONFIG_ROUTES - dict of "algorithm": "config_url". Required for using JWTAuthMiddleware. Example: 
+```
+   OIDC_CONFIG_ROUTES = {
+       "RS256": "https://keyCloak/realms/h/.well-known/openid-configuration",
+       "HS256": "https://keyCloak/realms/h/.well-known/openid-configuration",
+   } 
+```
 Optional variables:
 - OIDC_AUDIENCE - by default ["account", "broker"]
+
 User retated variables:
 - OIDC_USER_UPDATE - if True, user model will be updated from userinfo endpoint if MODIFIED date has changed, by default True
 - OIDC_USER_MODIFIED_FIELD - user model field to store last modified date, by default `modified_timestamp`
 - OIDC_TOKEN_MODIFIED_FIELD - access token field to store last modified date, by default `updated_at`
-- OIDC_USER_UID - User model' unique identifier, by default `kc_id`
+- OIDC_USER_UID - User model" unique identifier, by default `kc_id`
 - OIDC_USER_MAPPING - mapping between JWT claims and user model fields, by default:
 ```
     OIDC_USER_MAPPING = {
-        'first_name': 'first_name',
-        'last_name': 'last_name',
-        'username': 'username',
+        "first_name": "first_name",
+        "last_name": "last_name",
+        "username": "username",
     }
 ```
 - OIDC_USER_DEFAULTS - default values for user model fields, by default:
 ```
     OIDC_USER_DEFAULTS = {
-        'is_active': True,
+        "is_active": True,
     }
 ```
 
@@ -80,14 +85,39 @@ User retated variables:
     OIDC_USER_ON_CREATE = None
     OIDC_USER_ON_UPDATE = None
 ```
-- OIDC_CONFIG_ROUTES - dict of 'algorithm': 'config_url', by default is empty. If filled will be used instead of OIDC_CERTS_URL
+These functions should accept two arguments: user and request.
+
+### Admin panel integration:
+To integrate admin panel with OIDC, add OIDC_ADMIN_ISSUER and OIDC_ADMIN_CLIENT_ID to settings.
+- OIDC_ADMIN_ISSUER - required for admin-panel access through OIDC. Example: 
 ```
-   OIDC_CONFIG_ROUTES = {
-       'RS256': 'https://keyCloak/realms/h/.well-known/openid-configuration',
-       'HS256': 'https://keyCloak/realms/h/.well-known/openid-configuration',
-   } 
+    OIDC_ADMIN_ISSUER = "https://keyCloak/realms/h/.well-known/openid-configuration"
 ```
-These functions should accept two arguments: user and request.
+- OIDC_ADMIN_CLIENT_ID - by default "complete-anatomy"
+To mapping roles to admin panel permissions, use OIDC_ADMIN_ROLES. Example:
+```python
+from django_jwt.user import ROLE
+
+OIDC_ADMIN_ROLES = [
+    ROLE(
+        name="admin",  # name from token
+        is_superuser=True,
+    ),
+    ROLE(
+        name="staff",
+        groups=["LMS (Full)", "Organizations (Full)", "Customer Support (Full)"],
+        permissions=["Can add user"],
+    ),
+]
+```
+And add login view to urls.py:
+```python
+urlpatterns = [
+    path("admin/", include("django_jwt.urls")),
+    ...
+]
+```
+Login URL will be available at `/admin/oidc/`.
 
 ### Testing:
 Run command `python runtests.py` to run tests.

dj-jwt-auth-1.3.0/README.md

@@ -0,0 +1,99 @@
+# Django-JWT
+
+This is a package to verify and validate JSON Web Tokens (JWT) in Django.
+
+### Installation
+1. Install the package using pip:
+```bash
+    pip install dj-jwt-auth
+```
+
+2. Add "django_jwt" to your INSTALLED_APPS setting like this::
+```
+    INSTALLED_APPS = [
+        ...
+        "django_jwt",
+    ]
+```
+
+3. Add "django_jwt.middleware.JWTAuthMiddleware" to your MIDDLEWARE setting like this::
+```
+    MIDDLEWARE = [
+        ...
+        "django_jwt.middleware.JWTAuthMiddleware",
+    ]
+```
+
+### Configuration:
+Required variables:
+- OIDC_CONFIG_ROUTES - dict of "algorithm": "config_url". Required for using JWTAuthMiddleware. Example: 
+```
+   OIDC_CONFIG_ROUTES = {
+       "RS256": "https://keyCloak/realms/h/.well-known/openid-configuration",
+       "HS256": "https://keyCloak/realms/h/.well-known/openid-configuration",
+   } 
+```
+Optional variables:
+- OIDC_AUDIENCE - by default ["account", "broker"]
+
+User retated variables:
+- OIDC_USER_UPDATE - if True, user model will be updated from userinfo endpoint if MODIFIED date has changed, by default True
+- OIDC_USER_MODIFIED_FIELD - user model field to store last modified date, by default `modified_timestamp`
+- OIDC_TOKEN_MODIFIED_FIELD - access token field to store last modified date, by default `updated_at`
+- OIDC_USER_UID - User model" unique identifier, by default `kc_id`
+- OIDC_USER_MAPPING - mapping between JWT claims and user model fields, by default:
+```
+    OIDC_USER_MAPPING = {
+        "first_name": "first_name",
+        "last_name": "last_name",
+        "username": "username",
+    }
+```
+- OIDC_USER_DEFAULTS - default values for user model fields, by default:
+```
+    OIDC_USER_DEFAULTS = {
+        "is_active": True,
+    }
+```
+
+- OIDC_USER_ON_CREATE and OIDC_USER_ON_UPDATE - functions to be called on user creation and update, by default:
+```
+    OIDC_USER_ON_CREATE = None
+    OIDC_USER_ON_UPDATE = None
+```
+These functions should accept two arguments: user and request.
+
+### Admin panel integration:
+To integrate admin panel with OIDC, add OIDC_ADMIN_ISSUER and OIDC_ADMIN_CLIENT_ID to settings.
+- OIDC_ADMIN_ISSUER - required for admin-panel access through OIDC. Example: 
+```
+    OIDC_ADMIN_ISSUER = "https://keyCloak/realms/h/.well-known/openid-configuration"
+```
+- OIDC_ADMIN_CLIENT_ID - by default "complete-anatomy"
+To mapping roles to admin panel permissions, use OIDC_ADMIN_ROLES. Example:
+```python
+from django_jwt.user import ROLE
+
+OIDC_ADMIN_ROLES = [
+    ROLE(
+        name="admin",  # name from token
+        is_superuser=True,
+    ),
+    ROLE(
+        name="staff",
+        groups=["LMS (Full)", "Organizations (Full)", "Customer Support (Full)"],
+        permissions=["Can add user"],
+    ),
+]
+```
+And add login view to urls.py:
+```python
+urlpatterns = [
+    path("admin/", include("django_jwt.urls")),
+    ...
+]
+```
+Login URL will be available at `/admin/oidc/`.
+
+### Testing:
+Run command `python runtests.py` to run tests.

{dj-jwt-auth-1.2.0 → dj-jwt-auth-1.3.0}/dj_jwt_auth.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dj-jwt-auth
-Version: 1.2.0
+Version: 1.3.0
 Summary: A Django package for JSON Web Token validation and verification. Using PyJWT.
 Home-page: https://www.example.com/
 Author: Konstantin Seleznev
@@ -21,23 +21,22 @@ Classifier: Topic :: Internet :: WWW/HTTP
 Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content
 Requires-Python: >=3.8
 Description-Content-Type: text/markdown
-Requires-Dist: Django>=3.0
-Requires-Dist: pyjwt>=2.5.0
-Requires-Dist: requests>=2.28.1
-Requires-Dist: cryptography>=36.0.2
 
 # Django-JWT
 
 This is a package to verify and validate JSON Web Tokens (JWT) in Django.
 
 ### Installation
-1. Install the package using pip.
+1. Install the package using pip:
+```bash
+    pip install dj-jwt-auth
+```
 
 2. Add "django_jwt" to your INSTALLED_APPS setting like this::
 ```
     INSTALLED_APPS = [
         ...
-        'django_jwt',
+        "django_jwt",
     ]
 ```
 
@@ -45,33 +44,39 @@ This is a package to verify and validate JSON Web Tokens (JWT) in Django.
 ```
     MIDDLEWARE = [
         ...
-        'django_jwt.middleware.JWTAuthMiddleware',
+        "django_jwt.middleware.JWTAuthMiddleware",
     ]
 ```
 
 ### Configuration:
 Required variables:
-- OIDC_CERTS_URL - certificate endpoint, like `https://keyCloak/realms/h/.well-known/openid-configuration`
-
+- OIDC_CONFIG_ROUTES - dict of "algorithm": "config_url". Required for using JWTAuthMiddleware. Example: 
+```
+   OIDC_CONFIG_ROUTES = {
+       "RS256": "https://keyCloak/realms/h/.well-known/openid-configuration",
+       "HS256": "https://keyCloak/realms/h/.well-known/openid-configuration",
+   } 
+```
 Optional variables:
 - OIDC_AUDIENCE - by default ["account", "broker"]
+
 User retated variables:
 - OIDC_USER_UPDATE - if True, user model will be updated from userinfo endpoint if MODIFIED date has changed, by default True
 - OIDC_USER_MODIFIED_FIELD - user model field to store last modified date, by default `modified_timestamp`
 - OIDC_TOKEN_MODIFIED_FIELD - access token field to store last modified date, by default `updated_at`
-- OIDC_USER_UID - User model' unique identifier, by default `kc_id`
+- OIDC_USER_UID - User model" unique identifier, by default `kc_id`
 - OIDC_USER_MAPPING - mapping between JWT claims and user model fields, by default:
 ```
     OIDC_USER_MAPPING = {
-        'first_name': 'first_name',
-        'last_name': 'last_name',
-        'username': 'username',
+        "first_name": "first_name",
+        "last_name": "last_name",
+        "username": "username",
     }
 ```
 - OIDC_USER_DEFAULTS - default values for user model fields, by default:
 ```
     OIDC_USER_DEFAULTS = {
-        'is_active': True,
+        "is_active": True,
     }
 ```
 
@@ -80,14 +85,39 @@ User retated variables:
     OIDC_USER_ON_CREATE = None
     OIDC_USER_ON_UPDATE = None
 ```
-- OIDC_CONFIG_ROUTES - dict of 'algorithm': 'config_url', by default is empty. If filled will be used instead of OIDC_CERTS_URL
+These functions should accept two arguments: user and request.
+
+### Admin panel integration:
+To integrate admin panel with OIDC, add OIDC_ADMIN_ISSUER and OIDC_ADMIN_CLIENT_ID to settings.
+- OIDC_ADMIN_ISSUER - required for admin-panel access through OIDC. Example: 
 ```
-   OIDC_CONFIG_ROUTES = {
-       'RS256': 'https://keyCloak/realms/h/.well-known/openid-configuration',
-       'HS256': 'https://keyCloak/realms/h/.well-known/openid-configuration',
-   } 
+    OIDC_ADMIN_ISSUER = "https://keyCloak/realms/h/.well-known/openid-configuration"
 ```
-These functions should accept two arguments: user and request.
+- OIDC_ADMIN_CLIENT_ID - by default "complete-anatomy"
+To mapping roles to admin panel permissions, use OIDC_ADMIN_ROLES. Example:
+```python
+from django_jwt.user import ROLE
+
+OIDC_ADMIN_ROLES = [
+    ROLE(
+        name="admin",  # name from token
+        is_superuser=True,
+    ),
+    ROLE(
+        name="staff",
+        groups=["LMS (Full)", "Organizations (Full)", "Customer Support (Full)"],
+        permissions=["Can add user"],
+    ),
+]
+```
+And add login view to urls.py:
+```python
+urlpatterns = [
+    path("admin/", include("django_jwt.urls")),
+    ...
+]
+```
+Login URL will be available at `/admin/oidc/`.
 
 ### Testing:
 Run command `python runtests.py` to run tests.

dj-jwt-auth-1.3.0/django_jwt/exceptions.py

@@ -0,0 +1,10 @@
+class ConfigException(Exception):
+    """Base class for exceptions in this module."""
+
+    pass
+
+
+class BadRequestException(Exception):
+    """Base class for exceptions in this module."""
+
+    pass

{dj-jwt-auth-1.2.0 → dj-jwt-auth-1.3.0}/django_jwt/settings.py

@@ -39,3 +39,9 @@ OIDC_CONFIG_ROUTES = getattr(settings, "OIDC_CONFIG_ROUTES", None)
 OIDC_ADMIN_ISSUER = getattr(settings, "OIDC_ADMIN_ISSUER", None)
 OIDC_ADMIN_CLIENT_ID = getattr(settings, "OIDC_ADMIN_CLIENT_ID", "complete-anatomy")
 OIDC_ADMIN_SCOPE = getattr(settings, "OIDC_ADMIN_SCOPE", "openid")
+OIDC_ADMIN_ROLES = getattr(settings, "OIDC_ADMIN_ROLES", [])
+
+for role in OIDC_ADMIN_ROLES:
+    from django_jwt.user import ROLE
+
+    assert isinstance(role, ROLE), f"Role must be a namedtuple, got {type(role)}"

{dj-jwt-auth-1.2.0 → dj-jwt-auth-1.3.0}/django_jwt/user.py

@@ -1,8 +1,11 @@
+from collections import namedtuple
 from datetime import datetime
+from functools import cache
 from logging import getLogger
 
 import pytz
 from django.contrib.auth import get_user_model
+from django.contrib.auth.models import Group, Permission
 from django.http.request import HttpRequest
 
 from django_jwt import settings
@@ -12,6 +15,7 @@ utc = pytz.UTC
 log = getLogger(__name__)
 
 model = get_user_model()
+ROLE = namedtuple("Role", ["name", "is_superuser", "groups", "permissions"], defaults=["", False, [], []])
 
 
 class UserHandler:
@@ -100,3 +104,45 @@ class UserHandler:
                 return self._get_by_email()
             except model.DoesNotExist:
                 return self._create_new_user()
+
+
+class RoleHandler:
+    """
+    Process user roles and permissions from access token.
+    Token be like:
+    ...
+    "resource_access": {
+        "complete_anatomy": {
+            "roles": [
+                "admin"
+            ]
+        }
+    },
+    """
+
+    @property
+    def roles(self) -> dict:
+        return {role.name: role for role in settings.OIDC_ADMIN_ROLES}
+
+    @cache
+    def get_permissions(self, role_name: str) -> Permission:
+        return Permission.objects.filter(codename__in=self.roles[role_name].permissions)
+
+    @cache
+    def get_groups(self, role_name: str) -> Group:
+        return Group.objects.filter(name__in=self.roles[role_name].groups)
+
+    def apply(self, user: model, access_token: dict):
+        token_roles = access_token.get("resource_access", {}).get(settings.OIDC_ADMIN_CLIENT_ID, {}).get("roles", [])
+        for role_name in token_roles:
+            if role_name in self.roles:
+                role = self.roles[role_name]
+                user.groups.add(*self.get_groups(role_name))
+                user.user_permissions.add(*self.get_permissions(role_name))
+                if role.is_superuser != user.is_superuser:
+                    user.is_superuser = role.is_superuser
+                    user.save(update_fields=["is_superuser"])
+                break
+
+
+role_handler = RoleHandler()

{dj-jwt-auth-1.2.0 → dj-jwt-auth-1.3.0}/django_jwt/views.py

@@ -15,9 +15,9 @@ from requests.exceptions import HTTPError
 
 from django_jwt import settings as jwt_settings
 from django_jwt.config import config
-from django_jwt.exceptions import ConfigException
+from django_jwt.exceptions import BadRequestException, ConfigException
 from django_jwt.pkce import PKCESecret
-from django_jwt.user import UserHandler
+from django_jwt.user import UserHandler, role_handler
 from django_jwt.utils import get_access_token, oidc_handler
 
 log = getLogger(__name__)
@@ -36,6 +36,8 @@ class AbsView(View):
             return HttpResponse(status=exc.response.status_code, content=exc.response.text)
         except ConfigException as exc:
             return HttpResponse(content=str(exc), status=500)
+        except BadRequestException as exc:
+            return HttpResponse(content=str(exc), status=400)
         except Exception:
             return redirect("start_oidc_auth")
 
@@ -61,6 +63,7 @@ class StartOIDCAuthView(AbsView):
             "nonce": random_nonce,
         }
         cache.set(state, str(pkce_secret), timeout=600)
+        log.info(f"OIDC Admin login: {authorization_endpoint}?{urlencode(params)}")
         return redirect(f"{authorization_endpoint}?{urlencode(params)}")
 
 
@@ -70,15 +73,18 @@ class ReceiveRedirectView(AbsView):
         state = request.GET.get("state")
         if not code or not state:
             log.warning(f"No code or state in the request {request.GET}")
-            return redirect("start_oidc_auth")
+            raise BadRequestException("No code or state in the request")
 
         redirect_uri = request.build_absolute_uri(reverse("receive_redirect_view"))
         if state := cache.get(state):
             token = get_access_token(code, redirect_uri, state)
             data = oidc_handler.decode_token(token)
             user = UserHandler(data, request, token).get_user()
-            if user and user.is_staff:
-                log.info(f"OIDC Admin login: {user}", extra={"data": data})
-                login(request, user, backend=settings.DEFAULT_AUTHENTICATION_BACKEND)
-                return redirect("admin:index")
-        return redirect("start_oidc_auth")
+            log.info(f"OIDC Admin login: {user}", extra={"data": data})
+            role_handler.apply(user, data)
+            if not user.is_staff:
+                raise BadRequestException("User is not staff")
+            login(request, user, backend=settings.DEFAULT_AUTHENTICATION_BACKEND)
+            return redirect("admin:index")
+
+        raise BadRequestException("No PKCE secret found in cache")

{dj-jwt-auth-1.2.0 → dj-jwt-auth-1.3.0}/setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = dj-jwt-auth
-version = 1.2.0
+version = 1.3.0
 description = A Django package for JSON Web Token validation and verification. Using PyJWT.
 long_description = file: README.md
 url = https://www.example.com/

{dj-jwt-auth-1.2.0 → dj-jwt-auth-1.3.0}/tests/test.py

@@ -2,12 +2,14 @@ from http import HTTPStatus
 from unittest.mock import Mock, patch
 
 from django.contrib.auth import get_user_model
+from django.contrib.auth.models import Group, Permission
 from django.test import TestCase
 from django.urls import reverse
 from jwt.api_jwt import ExpiredSignatureError
 
 from django_jwt import settings
 from django_jwt.middleware import JWTAuthMiddleware
+from django_jwt.user import ROLE, role_handler
 
 access_token_payload = {
     "sub": "12345",
@@ -102,13 +104,6 @@ class OIDCHandlerTest(TestCase):
         # fields are updated if they are changed in KeyCloak
         self.assertUserWithPayload()
 
-    # def test_roles(self, decode_token):
-    #     """User has admin and staff roles"""
-    #     decode_token.return_value["realm_access"]["roles"] = ["admin", "staff"]
-    #     self.middleware.process_request(self.request)
-    #     self.assertTrue(self.request.user.is_staff)
-    #     self.assertTrue(self.request.user.is_superuser)
-
     def test_profile_info(self, *_):
         """User has profile info"""
 
@@ -140,3 +135,47 @@ class OIDCHandlerTest(TestCase):
         User.objects.create(kc_id="1234", first_name="", last_name="", username="")
         self.middleware.process_request(self.request)
         self.assertEqual(self.request.user.username, "on_update")
+
+
+class RolesTest(TestCase):
+    def setUp(self) -> None:
+        self.user = User.objects.create(username="user")
+        settings.OIDC_ADMIN_ROLES = [
+            ROLE(
+                name="admin",
+                is_superuser=True,
+            ),
+            ROLE(
+                name="staff",
+                groups=["staff group"],
+                permissions=["add_user", "change_user", "delete_user"],
+            ),
+        ]
+        self.group = Group.objects.create(name="staff group")
+        self.permission = Permission.objects.get(name="Can add user")
+        self.access_token = {"resource_access": {settings.OIDC_ADMIN_CLIENT_ID: {"roles": ["staff"]}}}
+
+    def test_staff_role(self):
+        self.access_token["resource_access"][settings.OIDC_ADMIN_CLIENT_ID]["roles"] = ["staff"]
+        role_handler.apply(self.user, self.access_token)
+        self.assertTrue(self.user.groups.filter(name="staff group").exists())
+        self.assertTrue(self.user.user_permissions.filter(codename="add_user").exists())
+        self.assertFalse(self.user.is_superuser)
+
+    def test_admin_role(self):
+        self.access_token["resource_access"][settings.OIDC_ADMIN_CLIENT_ID]["roles"] = ["admin"]
+        role_handler.apply(self.user, self.access_token)
+        self.assertTrue(self.user.is_superuser)
+
+    def test_apply_staff_then_admin_role(self):
+        self.access_token["resource_access"][settings.OIDC_ADMIN_CLIENT_ID]["roles"] = ["staff"]
+        role_handler.apply(self.user, self.access_token)
+        self.assertFalse(self.user.is_superuser)
+        self.assertTrue(self.user.groups.filter(name="staff group").exists())
+        self.assertTrue(self.user.user_permissions.filter(codename="add_user").exists())
+
+        self.access_token["resource_access"][settings.OIDC_ADMIN_CLIENT_ID]["roles"] = ["admin"]
+        role_handler.apply(self.user, self.access_token)
+        self.assertTrue(self.user.is_superuser)
+        self.assertTrue(self.user.groups.filter(name="staff group").exists())
+        self.assertTrue(self.user.user_permissions.filter(codename="add_user").exists())

dj-jwt-auth-1.2.0/README.md

@@ -1,65 +0,0 @@
-# Django-JWT
-
-This is a package to verify and validate JSON Web Tokens (JWT) in Django.
-
-### Installation
-1. Install the package using pip.
-
-2. Add "django_jwt" to your INSTALLED_APPS setting like this::
-```
-    INSTALLED_APPS = [
-        ...
-        'django_jwt',
-    ]
-```
-
-3. Add "django_jwt.middleware.JWTAuthMiddleware" to your MIDDLEWARE setting like this::
-```
-    MIDDLEWARE = [
-        ...
-        'django_jwt.middleware.JWTAuthMiddleware',
-    ]
-```
-
-### Configuration:
-Required variables:
-- OIDC_CERTS_URL - certificate endpoint, like `https://keyCloak/realms/h/.well-known/openid-configuration`
-
-Optional variables:
-- OIDC_AUDIENCE - by default ["account", "broker"]
-User retated variables:
-- OIDC_USER_UPDATE - if True, user model will be updated from userinfo endpoint if MODIFIED date has changed, by default True
-- OIDC_USER_MODIFIED_FIELD - user model field to store last modified date, by default `modified_timestamp`
-- OIDC_TOKEN_MODIFIED_FIELD - access token field to store last modified date, by default `updated_at`
-- OIDC_USER_UID - User model' unique identifier, by default `kc_id`
-- OIDC_USER_MAPPING - mapping between JWT claims and user model fields, by default:
-```
-    OIDC_USER_MAPPING = {
-        'first_name': 'first_name',
-        'last_name': 'last_name',
-        'username': 'username',
-    }
-```
-- OIDC_USER_DEFAULTS - default values for user model fields, by default:
-```
-    OIDC_USER_DEFAULTS = {
-        'is_active': True,
-    }
-```
-
-- OIDC_USER_ON_CREATE and OIDC_USER_ON_UPDATE - functions to be called on user creation and update, by default:
-```
-    OIDC_USER_ON_CREATE = None
-    OIDC_USER_ON_UPDATE = None
-```
-- OIDC_CONFIG_ROUTES - dict of 'algorithm': 'config_url', by default is empty. If filled will be used instead of OIDC_CERTS_URL
-```
-   OIDC_CONFIG_ROUTES = {
-       'RS256': 'https://keyCloak/realms/h/.well-known/openid-configuration',
-       'HS256': 'https://keyCloak/realms/h/.well-known/openid-configuration',
-   } 
-```
-These functions should accept two arguments: user and request.
-
-### Testing:
-Run command `python runtests.py` to run tests.

dj-jwt-auth-1.2.0/django_jwt/exceptions.py

@@ -1,4 +0,0 @@
-class ConfigException(Exception):
-    """Base class for exceptions in this module."""
-
-    pass