Extension:GoogleLogin/fr

L'extension GoogleLogin permet aux utilisateurs wiki de se connecter avec leur compte Google. L'extension utilise l'API Google pour demander à Google les informations de base du profil (tel que l'identifiant du compte, le nom complet et l'adresse courriel).

Prérequis
Pour utiliser cette extension vous devez avoir au moins :


 * MediaWiki 1.27+
 * MySQL (pas de prise en charge de PostgreSQL ni de SQLite pour l'instant !)
 * PHP 5.5+
 * Accès développeur Google
 * API Credentials pour Webapplication (Client ID et Client Secret)
 * Pouvoir exécuter

Configuration
Assurez-vous que tous les paramètres se trouvent sous la directive « require_once » (nécessaire une fois) ajoutée pour cette extension. Sinon tout paramètre personnalisé sera remis à sa valeur par défaut, comme indiqué ici : Topic:Si6ituq6hmxb07xm

L'extension fournit deux variables de configuration pour mettre le Client ID et le Client Secret (vous obtenez cette paire dans la console développeur Google, en enlevant '<' et '>').

Déclarations dans la console développeur de Google
To use this extension you need a Google developer account and access to the developer console. This is a simple (a very simple!) step-by-step guide (use Step 1 of the official step-by-step example with these settings):


 * 1) Open Google developer console
 * 2) Read and accept the terms of service
 * 3) Create your first project
 * 4) Go to APIS & AUTH
 * 5) Go to Credentials
 * 6) In Section OAuth click Create new Client ID
 * 7) Select as Web application as APPLICATION TYPE, as Authorized JavaScript origins type in your domain name (no wildcards and directories allowed!)
 * 8) Type in your Authorized redirect URI like this example:
 * If your domain is example.com and you have installed MediaWiki in Root of your domain, the redirect URI is as follows: http://example.com/index.php/Special:GoogleLoginReturn
 * 1) Click create and copy the Client ID and Client Secret to the configuration variables in LocalSettings.php

"Special:GoogleLoginReturn" ou (en allemand par exemple) "Spezial:GoogleLoginReturn"
The allowed redirect URI in Google developer console must be in the content language. So, if your wiki has german as the content language, then use. If you used the wrong language, all authentication requests will fail with the error code redirect uri mismatch.

Debogage
Normally, you can see the error message on all generic error pages. Sometimes there are Internal Errors, called Exceptions. In this case, please add with value true in LocalSettings.php to see the complete Exception message. For a support request, please provide always the lines of the Exception.

Utilisation sur un wiki privé
If you have set your Wiki to private with

you have to whitelist the "Special:GoogleLoginReturn" page, so that anonymous users can access the callback URL after being redirected from the authentication provider. You can do this by adding the following line to your LocalSettings.php:

Administer allowed domains on-wiki
GoogleLogin provides a feature to restrict the login with Google to specific E-Mail address domains (such as gmail.com, googlemail.com or every other (own) domain). This feature is especially interesting for companies, who use their own domain names with Google Apps. The list of domains, which are allowed to login with Google, are managed in an array in the LocalSettings.php (the  configuration option). Since version 0.4.0, GoogleLogin also provides a way to manage the list of allowed domains on the wiki itself. The allowed domains are saved in the database when this feature is enabled and can be change (remove/add) through a graphical user interface (a special page) or through the MediaWiki API.

Note: The list of allowed domains can not be managed in LocalSettings.php anymore, once the administration of the domains in the database is enabled.

To enable the feature to manage the allowed domains in the database, just set the  configuration variable to   in your LocalSettings.php. You also want to assign the new  user right to one group you're a member of (please keep in mind, that all users with this user right are allowed to change the list of allowed domains, so consider to add this right to an administrator-level group only!). An example configuration could look like:

You now need to run the  script again, so that the necessary database changes are applied to your database. After the update process is completed, you can navigate to the special page  on your wiki. You'll get a page where you can add new domains, which are allowed to login with their Google account and you can remove them, once they was added.

Mise à jour à partir de la 0.3.1 ou plus ancienne
With version 0.4.0, GoogleLogin implements a PrimaryAuthenticationProvider for the new authentication system of MediaWiki (called AuthManager). This makes it easier for the development of GoogleLogin and you can configure a lot more things in a standard way. However, upgrading from an older version of GoogleLogin may take some more time and effort as with upgrades in the past, as some configuration options in GoogleLogin were removed in the update (and mostly replaced by configurations of AuthManager). In the following sections you'll find some instructions about how you can configure your wiki to achieve the same goal as with the removed configuration options.

$wgGLShowCreateReason
Supprimé sans être remplacé.

$wgGLShowKeepLogin
Supprimé sans être remplacé (la case à cocher Me laisser connecté (Keep me logged in) s'applique maintenant à toutes les méthodes d'authentification, y compris GoogleLogin).

$wgGLAllowAccountCreation
The whole account creation and login process is managed and covered by AuthManager. This means, if you don't want, that your users can create wiki accounts, you should disable it in your LocalSettings.php:

Currently, that would mean, that no one can create an account anymore (including GoogleLogin). There's also, which tracks the process of a login -> signup -> login workflow, where an account creation with a link provider (such as GoogleLogin) with a disabled account creation should be covered.

$wgGLReplaceMWLogin
You should simply remove any other authentication provider in your LocalSettings.php:

GoogleLogin will automatically setup itself for AuthManager, so you don't need to do any further steps.

$wgGLForceKeepLogin
Obsolète, voir.

$wgGLAPIKey
This configuration option still exists, but it's now used for more than just the Special:ManageGoogleLogin special page. It's now used to get the name of a user on Special:RemoveCredentials to make it easier to the user to identify the correct Google account (instead of just showing the Google ID). If the key isn't correct or isn't supplied, GoogleLogin will show the Google ID only. For a good user experience, it's highly suggested to supply this api key now.

$wgGLShowRight
Removed without replacement as the login and signup forms are now fully handled by AuthManager. If you still want to show the Login with Google at the right side of the login form, you should create a new extension (and probably share it with us ;)) which hooks into the form generation and accomplishes the form manipulation.

$wgGLNeedsConfirmEmail
Supprimé sans être remplacé.

Client PHP de l'API Google
This Extension uses the Google API PHP Client (included in versions before 0.2.1), distributed under the Apache 2.0 License. The Client can be downloaded from GitHub.

updatePublicSuffixArray.php
The  maintenance script downloads a list of domain names which are valid to be used in the world. This is required in order for GoogleLogin to allow subdomains of a specific email domain when you've restricted the login with GoogleLogin for specific domains. Nécessaire que si  vaut false (valeur par défaut).