Metadata-Version: 2.4
Name: django-helseid
Version: 1.0.2
Summary: A Django app for HelseID authentication.
Project-URL: Homepage, https://github.com/haakontk/django-helseid
Project-URL: Source, https://github.com/haakontk/django-helseid
Project-URL: Bug Tracker, https://github.com/haakontk/django-helseid/issues
Project-URL: Changelog, https://github.com/haakontk/django-helseid/blob/main/CHANGELOG.md
Author-email: Håkon Kiær <haakonkiaer@gmail.com>
License: MIT
License-File: LICENSE
Keywords: authentication,django,helseid,norwegian-health,oauth2,openid-connect
Classifier: Development Status :: 3 - Alpha
Classifier: Framework :: Django :: 6.0
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Programming Language :: Python :: 3.14
Classifier: Topic :: Security
Requires-Python: >=3.12
Requires-Dist: django>=6.0
Requires-Dist: requests-oauth2client>=1.8.0
Requires-Dist: requests>=2.32.5
Description-Content-Type: text/markdown

# django-helseid

[![CI](https://github.com/haakontk/django-helseid/actions/workflows/ci.yml/badge.svg)](https://github.com/haakontk/django-helseid/actions/workflows/ci.yml)

Django application for authenticating users with HelseID

## Installation

**⚠️ WARNING: This project is currently under development and is NOT production-ready. It is intended for demonstration and testing purposes only. Do not use in a production environment without thorough security review and further development. ⚠️**

**Requirements:** Python 3.12+, Django 6.0+

1. Install the package:
   ```bash
   pip install django-helseid
   ```
   Or locally for development:
   ```bash
   uv pip install -e .
   ```

2. Add `helseid` to your `INSTALLED_APPS` in `settings.py`:
   ```python
   INSTALLED_APPS = [
       ...
       'helseid',
   ]
   ```

3. Add the authentication backend:
   ```python
   AUTHENTICATION_BACKENDS = [
       'django.contrib.auth.backends.ModelBackend',
       'helseid.backends.HelseIDBackend',
   ]
   ```

4. Configure `HELSEID` settings:
   ```python
   HELSEID = {
       'CLIENT_ID': 'your-client-id',
       'CLIENT_SECRET': { ... },  # JWK dict (private key)
       'SCOPE': ['openid', 'profile', ...],
       'ENVIRONMENT': 'production',  # 'test' or 'production'
   }
   ```
   `ENVIRONMENT` sets the HelseID server URL and JWT audience automatically:
   - `'test'` → `https://helseid-sts.test.nhn.no`
   - `'production'` → `https://helseid-sts.nhn.no`

   For non-standard deployments you can override the URL explicitly instead:
   ```python
   HELSEID = {
       ...
       'SERVER_METADATA_URL': 'https://helseid-sts.nhn.no/.well-known/openid-configuration',
   }
   ```

5. Include the URL configuration in your `urls.py`:
   ```python
   from django.urls import path, include

   urlpatterns = [
       ...
       path('', include('helseid.urls')),
   ]
   ```
   This registers the following routes:
   - `GET /login/` — initiates the HelseID authentication flow
   - `GET /authorize/` — handles the OAuth2 callback
   - `GET /logout/` — clears the local session
