GSoC 2019 idea: pas.plugins.membrane

Couple months ago I created the pas.plugins.membrane, which aims to create and manage membrane users that are generated from ACL users, and OpenID, OAuth, OAuth2 and Saml2 identities.

Repository: https://github.com/JamaicanDevelopers/pas.plugins.membrane

I am currently using this addon on Jamaican Developers Community website.

The add-on allows users to register as a membrane content or profile upon successfully logging into the Plone site, e.g. ACL users without a membrane profile will be promoted to complete their profile (membrane content). This is also done for OpenID, OAuth, OAuth2 and Saml2 identities.

Current implemented features

  • Set which login redirector you wish to use. e.g. pas.plugins.authomatic or saml2, otherwise all login redirector with the normal Plone login form will be shown on the login page

  • Allow the embedding of external login views on the login page with the login form via viewlets.

  • Ability to disable the overriding and redirection from the login page by pas.plugins.authomatic and other external logins

  • Map automatic acl_user identities to membrane users

  • Map acl_users to membrane users

TODOs

  • Map new OpenID, OAuth, OAuth2 and Saml2 identities to the existing membrane / acl user. I think the pas.plugins.authomatic does this for ACL users, but it wasn't working for me.
  • An interface to manage the various identities
  • Write integration tests
  • Documentation

Benefits

  • Provides single page for various SSO mechanism while keeping the login form intact.
  • Manages the various user identities
  • Bridging the gap between authentication/authorization and membership
  • Manage membrane profiles

Knowledge and Skills requirement

  • Python
  • Understanding of Plone's Pluggable Authentication Service

Related to The challenge, User as Content and OAuth2 Login Integration and Plone As a Service (PAaS)

1 Like

Oh... in addition, the pas.plugins.membrane actually aims to help manage users that are created via the pas.plugins.authomatic and other pas packages. I will try and do a quick video of this.

Plone Foundation Code of Conduct