API Authentication with Open ID Connect

Gilbert Hawkins Winja — Wed, 09 Oct 2024 21:39:25 +0000

I recently was working on a take home assessment for a junior role in API development, which required to implement Authentication using OpenID Connect (OIDC). There are lots of tutorials that try to explain authentication protocols and how they differentiate from each other. Well, this is not one of those, as Nate Barbettini did a good job already.

In this article, I share how to implement a simple OIDC authentication in Django using mozilla-django-oidc. mozilla-django-oidc docs is really good and easy to follow for a simple setup. Before we continue you'll need to set up your identity provider (IdP). An IdP is where users authenticate from to access your application such as Google. Download the metadata.json file which will contain the required values for our settings file that we will transfer to the .env file.

Project Setup (Make sure to have virtual environment activated).

 pip install Django, mozilla-django-oidc
 django-admin startproject oidc .

Open the settings file and add the following

# Add 'mozilla_django_oidc' to INSTALLED_APPS
INSTALLED_APPS = (
    # ...
    'django.contrib.auth',
    'mozilla_django_oidc',  # Load after auth
    # ...
)

# Add 'mozilla_django_oidc' authentication backend
AUTHENTICATION_BACKENDS = (
    'mozilla_django_oidc.auth.OIDCAuthenticationBackend',
    # ...
)
OIDC_RP_IDP_SIGN_KEY = "RS256"
OIDC_OP_JWKS_ENDPOINT = os.environ['OIDC_OP_JWKS_ENDPOINT']
OIDC_RP_CLIENT_ID = os.environ['OIDC_RP_CLIENT_ID']
OIDC_RP_CLIENT_SECRET = os.environ['OIDC_RP_CLIENT_SECRET']
OIDC_OP_AUTHORIZATION_ENDPOINT = "<URL of the OIDC OP authorization endpoint>"
OIDC_OP_TOKEN_ENDPOINT = "<URL of the OIDC OP token endpoint>"
OIDC_OP_USER_ENDPOINT = "<URL of the OIDC OP userinfo endpoint>"
LOGIN_REDIRECT_URL = "<URL path to redirect to after login>"
LOGOUT_REDIRECT_URL = "<URL path to redirect to after logout>"

If you read the mozilla-django-oidc docs (#RTFM), you probably saw the callback url path: /oidc/callback. Add these to your IdP settings for now, but can later update the same for production environment.
Update the urls.py file to include the oidc urls from mozilla. This is necessary for the callback, logout, and authentication paths.

# File urls.py 
from django.urls import path

urlpatterns = [
    # ...
    path('oidc/', include('mozilla_django_oidc.urls')),
    # ...
]

With these simple setup, your project is ready with OIDC. Start the server and navigate to the localhost:8000/oidc/authenticate/ This will redirect you to a Google login screen (check the url, you notice its no longer localhost). Successful login will redirect back to localhost. mozilla-django-oidc will create a new User object using a hash of your email as the username. This behavior can be configured as explained in its docs.
To logout, visit the endpoint oidc/logout/ which will terminate the user session.

mozilla-django-oidc makes it easy to implement and understand how openID works in a simple way. To understand how to implement this for a REST API and a React Frontend, and how the whole flow works, try and clone the minicommerce project and run the project.

Hope this helps to start out using openID

You need to understand networking as a SWE!

Gilbert Hawkins Winja — Tue, 31 Oct 2023 20:28:26 +0000

Networking is among the key beginner fundamentals necessary if considering a breakthrough in any software engineering related role. From the various protocols to understanding how the internet works, you cannot ignore Networking. The internet is the biggest network ever, and since most software communicate or interact with their users through the internet, it is essential to have core understanding of core networking concepts.
The tech world and roles are so versatile and with new technology such as cloud cropping up, they are set to increase. Most of these roles require core understanding of networking concepts which define how communication happens across the internet. Below I share some key concepts of networking you need to understand critically well:

1. Protocols

A network is only but an interconnection of computers that can communicate to each other, but it does not define how this happens. Protocols are the set of rules that govern communication over a network. A lot of protocols exist for different purposes. Some of the common ones include TCP, UDP, IP, FTP, and HTTP among many others.

2. OSI (Open Systems Interconnection) model

It is impossible to discuss networking without mentioning the OSI model. The OSI is a conceptual framework that standardizes telecommunication into seven distinct layers with different functionality. Understanding what happens at each layer is critical for designing robust systems whether hardware or software.

3. IP addressing And Domain Name Server (DNS)

IP address is the unique identifier that makes networking possible. Every device connected to a network is identified using its IP address or a domain name. Domain names are also unique and are resolved using a DNS. A famous interview question is to describe what happens when you enter a URL in a browser. It is a great high-level demonstration of how the internet works using IPs and domain names.

Networking is very broad with so much to learn including the various devices, routing, and network managements. With the advent of cloud technology and container orchestration, understanding core network fundamentals is critical in resolving a lot of issues. As a beginner software engineer looking to break into tech, irrespective of the role, whether cloud architect, DevOps, or Machine Learning, mastering networking is a necessity.

Forem: Gilbert Hawkins Winja

API Authentication with Open ID Connect

You need to understand networking as a SWE!

1. Protocols

2. OSI (Open Systems Interconnection) model

3. IP addressing And Domain Name Server (DNS)