add section on OIDC client setup to README

a238920f · jackie / Andrea Ida Malkah Klaura · b4e7a088 · a238920f
Commit a238920f authored 3 years ago by jackie / Andrea Ida Malkah Klaura
--- a/README.rst
+++ b/README.rst
@@ -92,3 +92,25 @@ with the credentials you have chosen in the ``createsuperuser`` command.
 If you are using some placeholder credentials, make sure to change your password
 by visiting http://127.0.0.1:8000/admin/auth/user/1/password/
+Configuring OpenID Connect clients
+----------------------------------
+To make AuRa usable, you have to set up OpenID Connect (OIDC) clients for the
+*dashboard* and *tank*, so they can make authenticated requests on behalf of
+the user against the *steering* API.
+To do so, you can either visit the Django admin interface and create an RSA key
+as well as two clients, or do so programmatically by running::
+    (python)$ python manage.py creatersakey
+    (python)$ python manage.py create_oidc_client dashboard public -r "id_token token" -u https://aura-test.o94.at/oidc_callback.html -u https://aura-test.o94.at/oidc_callback_silentRenew.html -p https://aura-test.o94.at/
+    (python)$ python manage.py create_oidc_client tank confidential -r "code" -u https://aura-test.o94.at/tank/auth/oidc/callback
+In these examples you will have to *https://aura-test.o94.at* and
+*https://aura-test.o94.at/tank_with* with wherever *dashboard* and *tank* are
+running in your setup. In a local development environment this might be
+something like *http://localhost:8080* and *http://localhost:4000* respectively.
+The client id and in case of the tank also the client secret are then needed for
+the configuration of those components.