Social Authentication
Overview
OpenCVE supports Social Authentication through the powerful Django Allauth library, which provides a wide array of supported providers. Any provider listed on the Django Allauth Providers Page is also available in OpenCVE.
To enable this functionality, a few additional steps are required within OpenCVE, but once these are complete, you can follow the official Django Allauth documentation to add further providers.
Configuration
To set up Social Authentication on OpenCVE, you'll need to configure some information in the settings.py
file.
INSTALLED_APPS
: Add the applications required for the providers.SOCIALACCOUNT_PROVIDERS
: Configure each provider, as outlined on the Allauth site.STATICFILES_DIRS
: Point to the directory where icon images are stored for login and registration interfaces.
Example Configuration
In this example, we’ll configure Google and LinkedIn authentication by adding the appropriate applications in INSTALLED_APPS
:
# opencve/conf/settings.py
...
INSTALLED_APPS.extend([
"allauth.socialaccount.providers.google",
"allauth.socialaccount.providers.openid_connect",
])
Next, configure the providers as specified in the official Django Allauth documentation. For example:
# opencve/conf/settings.py
...
SOCIALACCOUNT_PROVIDERS = {
"google": {
"VERIFIED_EMAIL": True,
"APPS": [
{
"provider_id": "google",
"client_id": "xxxx",
"secret": "yyyy",
"key": "",
"settings": {
"scope": [
"profile",
"email",
],
"auth_params": {
"access_type": "online",
},
"oauth_pkce_enabled": True
},
},
]
},
"openid_connect": {
"VERIFIED_EMAIL": True,
"APPS": [
{
"provider_id": "linkedin",
"name": "LinkedIn",
"client_id": "xxxx",
"secret": "yyyy",
"settings": {
"server_url": "https://www.linkedin.com/oauth",
},
}
]
}
}
Warning
Make sure to replace the secrets with your actual values
At this stage, SSO (Single Sign-On) should work correctly. However, you may notice that icons are not displayed properly.
Note
Social application icons are not included in the OpenCVE source code, it’s up to the user to add them manually.
To properly display icons, configure the STATICFILES_DIRS
setting to specify the location for the custom icons:
# opencve/conf/settings.py
...
STATICFILES_DIRS.append("/opt/opencve/custom_static")
The icon file names are based on the provider_id
keys in SOCIALACCOUNT_PROVIDERS
. For instance, here we should have google.png
and linkedin.png
within an img/icons
directory structure:
$ tree /opt/opencve/custom_static
/opt/opencve/custom_static
└── img
└── icons
├── google.png
└── linkedin.png
Now, the icons should appear correctly on both the login and registration screens: