Authentication Quick Notes
This page is meant to be temporary. It is to capture various artifacts and notes until they transition to more complete documentation.
+------------------------------------------------------+---------------------------------------------------------------+
| Path | Description |
+======================================================+===============================================================+
| common/djangoapps/third_party_auth | Support for third party authentication |
+------------------------------------------------------+---------------------------------------------------------------+
| lms/djangoapps/oauth2_handler | DEPRECATED. Custom support for OpenID Connect in older DOP |
| | OAuth2 library. | |
+------------------------------------------------------+---------------------------------------------------------------+
| openedx/core/djangoapps/auth_exchange | Support exchange of authentication credentials. |
+------------------------------------------------------+---------------------------------------------------------------+
| openedx/core/djangoapps/external_auth | Handles various modes of external authentication: |
| | (e.g. OpenID, CAS, Shibboleth, MIT) |
+------------------------------------------------------+---------------------------------------------------------------+
| openedx/core/djangoapps/oauth_dispatch | Views to dispatch oauth request processing to |
| | django-oauth2-provider (DOP) or django-oauth-toolkit (DOT). |
| | Includes model RestrictedApplication, listing DOT |
| | applications considered 'restricted' and will only get |
| | expired token/JWT. Includes overridden admin. |
+------------------------------------------------------+---------------------------------------------------------------+
| openedx/core/djangoapps/session_inactivity_timeout | Middleware to auto-expire inactive sessions. |
+------------------------------------------------------+---------------------------------------------------------------+
