DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:oauth

This is an old revision of the document!


oAuth Plugin

Compatible with DokuWiki

Hrun, Detritus

plugin Allow users to login through various oAuth1 and oAuth2 compatible authentication providers

Last updated on
2015-10-14
Provides
Auth, Action
Repository
Source

This extension has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues.

Similar to authgoogle, evesso, fedauth, sfauth

Tagged with authentication, oauth

Needed for oauthauthsch, oauthazure, oauthcognito, oauthdrkserver, oauthfacebook, oauthgeneric, oauthgithub, oauthgoogle, oauthkeycloak, oauthosm, oauthwechange

sponsored by Linuxhotel The development of this plugin has been sponsored by Linuxhotel.

Installation

A CosmoCode Plugin

Install the plugin using the Plugin Manager and the download URL above, which points to latest version of the plugin. Refer to Plugins on how to install plugins manually.

After setup, you have to select oauth in the authtype config option.

2014-05-05a Ponder Stibbons release

:!: Please note: this plugin requires two small bugfixes in the Ponder Stibbons release:

Configuration

The plugin currently supports the following auth providers:

  • Facebook
  • Google+
  • Yahoo
  • Github

More can easily be added (see development section below)

To be able to use one of those providers you need to create an “Application” at the authentication provider's developer website. The URLs to those are linked in the configuration manager.

The setup of these “Applications” differs between the different providers, but there are a few things you generally need to provide to create one:

  • a name (eg. “DokuWiki login”)
  • a redirect or callback URI - the value you need to provide here can be seen in the config manager
  • sometimes you need to select the type of data an application may access. Here you need to make sure email addresses and user names are allowed
  • often you can add more info like a company logo, description and so on

Once the application is set up it will display a “key” and a “secret”. These have to be set up in the configuration manager. Once done the service can be used for login.

Google specific

Do not forget to fill informations into “APIs & auth / Consent screen”. If you don't, the client authentification request will display “Error, no application name”.

User Management

This plugin sits on top of the usual authplain authentication mechanism. Password based logins will continue to work and users can still register directly at your wiki, unless you configure it otherwise.

However, the plugin introduces one limitation: email addresses have to be unique for each user. When you're switching from authplain to oauth make sure existing users have unique email addresses!

oAuth service association in user profile When a new user logs in through one of the configured oAuth providers a standard user entry is created and associated with the oAuth provider. Additional providers can be enabled in the user's profile (Associations are simple group memberships).

Users can login through any of the services enabled in their profile - for that to work, their email address configured in DokuWiki must match with the primary address known to the service.

Please note: this plugin will never support login via Twitter because Twitter doesn't give access to the user's email address.

Development

This plugin comes with a few predefined services. In the backend it uses the Lusitanian PHPoAuthLib which supports many more services. However each service needs it's own Adapter class which implements the specific API calls to request user data over an oAuth authenticated connection.

Pull Requests for implementing more public services are welcome!

This plugin can easily integrate with your own service. A “Generic” backend class allows for easy configuration of endpoints. However the actual API call for fetching user data still needs to be implemented. The plugin comes with an example Adapter class called “Doorkeeper” which implements oAuth against the demo setup of the Ruby oAuth library Doorkeeper.

To implement your own service, simply copy the Doorkeeper class and adjust the implementation and add the right config values to your config.

Change Log

plugin/oauth.1444921084.txt.gz · Last modified: 2015-10-15 16:58 by andi

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki