This is a bridge providing SCIM 2.0 REST API, that can be deployed on a SSSD client and queries the user identities from the SSSD id provider.
Enroll the host as an IPA client:
ipa-client-install --domain ipa.test --realm IPA.TEST --principal admin --password Secret123 -UThe previous step creates a [domain/ipa.test] section in /etc/sssd/sssd.conf but sssd.conf needs to be customized in order to return additional attributes.
The following script modifies sssd.conf:
cd $IPA_TUURA/src/install
python prepare_sssd.pyAlternatively, auto-enroll the host by providing the required integration domain fields at the SCIM user storage plugin configuration in keycloak.
Create and activate a python virtual env
python3 -m venv --system-site-packages ipatuura-env
source ipatuura-env/bin/activateInstall the requirements
pip install -r $IPA_TUURA/src/install/requirements.txtApply migrations
cd $IPA_TUURA/src/ipa-tuura
python manage.py migrateCreate the djangoadmin user and start the ipa-tuura server
Note: do not use "admin" name as it conflicts with IPA "admin" user
python manage.py createsuperuser
python manage.py runserverIf connecting from another system, update the ALLOWED_HOSTS line root/settings.py
ALLOWED_HOSTS = ['192.168.122.221', 'localhost', '127.0.0.1']as well as the NETLOC from SCIM_SERVICE_PROVIDER settings:
SCIM_SERVICE_PROVIDER = {
'NETLOC': 'localhost',
...and replace localhost by the IP address or hostname where the service is deployed. This way,
the /ServiceProviderConfig endpoint will return the location of the app implementing the SCIM
api.
Finally, run the following to have django listen on all interfaces:
python manage.py runserver 0.0.0.0:8000This project uses Sphinx as a documentation generator. Follow these steps to build the documentation:
cd $IPA_TUURA/doc/
make venv
make htmlThe generated documentation will be available at $IPA_TUURA/doc/_build/html/ folder.