AuthUserFederated
Questions answered by this recipe
How can I add "login with google" or "Login with OpenID" options to my PMWiki?
Description
OpenID and OAuth authentication extension for AuthUser.
This recipe adds two new directives:
- (:google_loginbox:) and
- (:openid_loginbox:)
Former being a shorthand for using Google's open id service @ "https://www.google.com/accounts/o8/id".
Notes
Not compatible with AuthUserOpenId as this is a new version.
Uses Mewp's LightOpenID class (http://gitorious.org/lightopenid) for communication with OpenID providers.
New Installation Process
1. Copy the files authuserfederated.php an openid.php from the release zip to the cookbook directory.
2. edit your local/farmconfig.php or local/config.php file just before line including authuser.php to add the following line
include_once("$FarmD/cookbook/authuserfederated/authuserfederated.php"); // Must be included before authuser
3. Add following lines to your wiki's page SiteAdmin.AuthUser
google://module openid://module
4. Modify your wiki's Site.AuthForm Page to include (suit to your needs):
(:if enabled BadOpenID:)* $[OpenID identifier not recognized] (:google_loginbox:) (:openid_loginbox:)\\
5. Modify you wiki's Site.PageActions (and other similar locations) to add
(:if authid:)
%item rel=nofollow class=logout accesskey="$[ak_logout]"%'' [-[[{*$FullName}?action=logout | $[Logout] ]]-]''
6. Set your permissions as you wish
7. Test the authentication schemes.
Upgrade from 2010 version instructions
1. Copy the files authuserfederated.php an openid.php from the release zip to the cookbook directory.
2. Delete the old authuserfederated folder
3. Update your wiki's Site.AuthForm Page to include and suit to your needs):
(:if enabled BadOpenID:)* $[OpenID identifier not recognized]
4. Modify you wiki's Site.PageActions (and other similar locations) to add
(:if authid:)
%item rel=nofollow class=logout accesskey="$[ak_logout]"%'' [-[[{*$FullName}?action=logout | $[Logout] ]]-]''
Changing the Author value to a unique value
If you require a unique Author id (which is a good idea if you are using id for edit and admin rights) you'll want to do something other than use First and Last name. If you expect emails to be unique, you can reformat the contact email to a unique id by replacing:
if(!empty($attr['namePerson/first']) && !empty($attr['namePerson/last'])){
$_POST['authid'] = $attr['namePerson/first'].$attr['namePerson/last'];
}
with this:
if(!empty($attr['contact/email'])) {
$auth_contact = $attr['contact/email'];
$_POST['authid'] = str_replace("@", ".at.", $auth_contact);
}
Release notes
- 2010-06-28 highly experimental first release (Note: Old Version for reference purposes authuserfederated_20100628.zipΔ )
- 2012-Nov-03 Major Update: (Note: Old Version for reference purposes authuserfederated_20121103.zipΔ )
- Updated OpenID.php to latest version (as of publication date)
- Fixed many issues preventing authentication
- Added cleaning up of URL when finished
- Added a global var when OpenID fails (e.g. with improper URL)
- 2018-02-08 Minor Update: authuserfederated_20180208.zipΔ by wizzwizz4
- Fixed preg_replace() /e error message
- ~~Fixed malformed form HTML~~ This is not a fix!
See also
Contributors
Comments
See discussion at AuthUserFederated-Talk
User notes +1: If you use, used or reviewed this recipe, you can add your name. These statistics appear in the Cookbook listings and will help newcomers browsing through the wiki.