/
Authentication Quick Notes

Authentication Quick Notes

Owned by Robert Raposa
Last updated: Aug 13, 2018

This page is meant to be temporary. It is to capture various artifacts and notes until they transition to more complete documentation.

+------------------------------------------------------+---------------------------------------------------------------+
| Path                                                 | Description                                                   |
+======================================================+===============================================================+
| common/djangoapps/third_party_auth                   | Support for third party authentication                        |
+------------------------------------------------------+---------------------------------------------------------------+
| lms/djangoapps/oauth2_handler                        | DEPRECATED.  Custom support for OpenID Connect in older DOP   |
|                                                      | OAuth2 library.                                               |                                                                                                                                            |
+------------------------------------------------------+---------------------------------------------------------------+
| openedx/core/djangoapps/auth_exchange                | Support exchange of authentication credentials.               |
+------------------------------------------------------+---------------------------------------------------------------+
| openedx/core/djangoapps/external_auth                | Handles various modes of external authentication:             |
|                                                      | (e.g. OpenID, CAS, Shibboleth, MIT)                           |
+------------------------------------------------------+---------------------------------------------------------------+
| openedx/core/djangoapps/oauth_dispatch               | Views to dispatch oauth request processing to                 |
|                                                      | django-oauth2-provider (DOP) or django-oauth-toolkit (DOT).   |
|                                                      | Includes model RestrictedApplication, listing DOT             |
|                                                      | applications considered 'restricted' and will only get        |
|                                                      | expired token/JWT.  Includes overridden admin.                |
+------------------------------------------------------+---------------------------------------------------------------+
| openedx/core/djangoapps/session_inactivity_timeout   | Middleware to auto-expire inactive sessions.                  |
+------------------------------------------------------+---------------------------------------------------------------+


Related content