DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:authgoogle

Google Authentication Plugin

Compatible with DokuWiki

  • 2017-02-19 "Frusterick Manners" unknown
  • 2016-06-26 "Elenor Of Tsort" unknown
  • 2015-08-10 "Detritus" unknown
  • 2014-09-29 "Hrun" yes

plugin Authentication with Google accounts using OAuth 2.0

Last updated on
2014-09-27
Provides
Auth, Action
Repository
Source

Tagged with authentication, google, oauth, sso

Description

Google Authentication Plugin allows to sign in to DokuWiki using OAuth 2.0 protocol provided by Google.

Features

  • Uses OAuth 2.0 protocol provided by Google. Does not ask nor store any passwords;
  • Allows to restrict allowed domains and email accounts;
  • Allows to specify additional user groups for users authenticated with this plugin.

Installation

Before you begin

:!: External requirements: This plugin requires the following additional actions to be done:

Register application at the Google Developer Console

  1. Open Google Developer Console in your browser and log in into your Google Account. If you do not have Google Account yet, it is good time to create one.
  2. Click Create project… (you may see the page like this http://snag.gy/MZaOh.jpg).
  3. Fill new project form, give some name and project ID (see http://snag.gy/Ipmxr.jpg).
    • :!: Google may ask you to confirm you contact phone with SMS or callback. “Evil Corporation” define their own rules. It's up to you to decide :)
  4. Open menu APIs & authCredentials (see http://snag.gy/ZuLfU.jpg)
  5. Form “Create Client ID” will be opened. Fill it:
    • Application type: (required) choose “Web application”;
    • Authorized JavaScript Origins enter your hostname (make sure http or https is the same for both settings). For example:
      http://www.your-domain.com
    • Authorized Redirect URIs enter these lines:
http://www.your-domain.com/doku.php?id=start&do=login
http://www.your-domain.com/start?do=login
http://your-domain.com/doku.php?id=start&do=login
http://your-domain.com/start?do=login
http://www.your-domain.com/doku.php/start?do=login
http://your-domain.com/doku.php/start?do=login

Instead of “your-domain” put your actual hostname where DokuWiki is installed. :!: Note: if your DokuWiki is accesed with HTTPS then enter the URI with https, not http.

  1. Click “Create client ID” button.
  2. Now you have page with all required information for plugin setup. You will need two values from here: Client ID and Client secret.
  3. Open menu APIs & authConsent screen.
  4. Fill “PRODUCT NAME” and e-mail address as well, or you can get this error http://stackoverflow.com/questions/18677244/error-invalid-client-no-application-name.

Plugin installation

  1. Install the plugin using the Plugin Manager and the download URL above, which points to latest version of the plugin. Refer to Plugins on how to install plugins manually.
  2. :!: Go to the Settings page and set the “Authentication backend” to authgoogle.
  3. Save the settings.
    • Note: DokuWiki will log you out after this point. You may log in as Administrator with your old account.

Examples/Usage

Click “Log in” button. Below the main form will appear button “Sign in with Google”. Click it, and browser will open Google authentication page.

Here you can choose Google account for authentication and Google will ask you to approve access to your profile details required for correct logging into DokuWiki. Only name and e-mail is used.

Please note birthdate, sex and time zone are also included in the provided details — it is standard Google behaviour, though these are not used by plugin.

Configuration and Settings

All settings are available on the standard DokuWiki “Settings” page:

  • Allowed email domains: allowed email addresses and/or domains, separated by space. You can allow only certain domains to be used as authentication provider. For example, corporation “Example” has Google Apps for Business and wants only corporate users to login; also allow CEO to use his home email: “*@example.com ceo_home_example@gmail.com”. Default: “*” (all domains, all addresses).
  • GoogleAPI Client ID and GoogleAPI Client Secret: info generated by Google when you register your application (see Installation).
  • Default groups: default groups for new users separated by space. New user will be assigned these groups. May be useful to assign some specific roles for users authenticated with Google. ATTENTION: Overwrites default configuration setting defaultgroup if set. So if you add some group here, probably you want also add default group “user”. Default: (empty)

Development

Credits

This plugin was developed for corporate use and is licensed the same way as DokuWiki itself.

If you want to contribute, please feel free to contact the sponsor. Source code is available at the GitHub (see links above).

Change Log

Known Bugs and Issues

Please report bugs and issues here (with label bug): https://github.com/kettari/authgoogle/issues.

ToDo/Wish List

No TODOs yet. To suggest enhancement please refer here (with label enhancement): https://github.com/kettari/authgoogle/issues.

FAQ

  • Q: I've registered Google Application and installed plugin. Clicking “Sign in with Google” button and nothing happens.
  • A: Change the “Authentication backend” to authgoogle.

Discussion

Please post your questions at the DokuWiki Forum in this topic: https://forum.dokuwiki.org/thread/10314

plugin/authgoogle.txt · Last modified: 2017-09-26 23:13 by 37.132.166.10