This is an old revision of the document!
Table of Contents
oAuth Plugin
Compatible with DokuWiki
Hrun, Detritus, Frusterick Manners
This extension has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues.
Similar to authgoogle, evesso, fedauth, sfauth
Needed for oauthauthsch, oauthazure, oauthcognito, oauthdrkserver, oauthfacebook, oauthgeneric, oauthgithub, oauthgoogle, oauthkeycloak, oauthosm, oauthwechange
The development of this plugin has been sponsored by Linuxhotel.
Installation
Search and install the plugin using the Extension Manager. Refer to Plugins on how to install plugins manually.
After setup, you have to select oauth
in the authtype config option.
2014-05-05a Ponder Stibbons release
Please note: this plugin requires two small bugfixes in the Ponder Stibbons release:
Configuration
The plugin currently supports the following auth providers:
- Facebook
- Google+
- Yahoo
- Github
- Auth0
- Dataporten
More can easily be added (see development section below)
To be able to use one of those providers you need to create an “Application” at the authentication provider's developer website. The URLs to those are linked in the configuration manager.
The setup of these “Applications” differs between the different providers, but there are a few things you generally need to provide to create one:
- a name (eg. “DokuWiki login”)
- a redirect or callback URI - the value you need to provide here can be seen in the config manager
- sometimes you need to select the type of data an application may access. Here you need to make sure email addresses and user names are allowed
- often you can add more info like a company logo, description and so on
Once the application is set up it will display a “key” and a “secret”. These have to be set up in the configuration manager. Once done the service can be used for login.
Google specific
Do not forget to fill informations into “APIs & auth / Consent screen”. If you don't, the client authentification request will display “Error, no application name”.
User Management
This plugin sits on top of the usual authplain authentication mechanism. Password based logins will continue to work and users can still register directly at your wiki, unless you configure it otherwise.
However, the plugin introduces one limitation: email addresses have to be unique for each user. When you're switching from authplain
to oauth
make sure existing users have unique email addresses!
When a new user logs in through one of the configured oAuth providers a standard user entry is created and associated with the oAuth provider. Additional providers can be enabled in the user's profile (Associations are simple group memberships).
Users can login through any of the services enabled in their profile - for that to work, their email address configured in DokuWiki must match with the primary address known to the service.
Please note: this plugin will never support login via Twitter because Twitter doesn't give access to the user's email address.
There is Oryzone/PHPoAuthUserData project, which provides an additional abstraction layer on the top of PHPoAuthLib used in the plugin. It can also extract email information from Twitter oAuth.
Andreas, could you please review the possibility to use it in the plugin? PHPoAuthUserData also has fresh and actual Facebook API implementation, and it should fix Facebook oauth issues as well. — Kibi 2018-01-18 18:22
Development
This plugin comes with a few predefined services. In the backend it uses the Lusitanian PHPoAuthLib which supports many more services. However each service needs it's own Adapter class which implements the specific API calls to request user data over an oAuth authenticated connection.
Pull Requests for implementing more public services are welcome!
This plugin can easily integrate with your own service. A “Generic” backend class allows for easy configuration of endpoints. However the actual API call for fetching user data still needs to be implemented. The plugin comes with an example Adapter class called “Doorkeeper” which implements oAuth against the demo setup of the Ruby oAuth library Doorkeeper.
To implement your own service, simply copy the Doorkeeper class and adjust the implementation and add the right config values to your config.
Change Log
- Version upped (2024-03-05 23:51)
- automatic style fixes and new workflows (2024-03-05 09:36)
- Merge pull request #144 from dokuwiki-translate/lang_update_812_17070… (2024-03-05 09:17)
- translation update (2024-02-04 06:45)
- Version upped (2023-04-12 23:51)
- Merge pull request #140 from glensc/git-attributes (2023-04-12 08:58)
- Setup .gitattributes file (2023-04-10 09:11)
- Merge pull request #139 from dokuwiki-translate/lang_update_601_16801… (2023-03-29 19:05)