Extension:OAuth2 Client

From mediawiki.org
MediaWiki extensions manual
OAuth2 Client
Release status: stable
Implementation User identity , Special page
Description Act as a client to any OAuth2 server.
Latest version 0.5 (2023-02-26)
MediaWiki >=1.25
Database changes No
License GNU Lesser General Public License 3.0
Example starmadepedia.net

  • $wgOAuth2Client

The OAuth2 Client extension allows your users the ability to login to your wiki using any third-party site supporting OAuth2, like Google, Facebook, GitHub, SoundCloud.

This extension uses The PHP League's OAuth 2.0 Client library.


The following instructions require Composer to install:

  1. Clone extension:
    cd extensions
    git clone https://github.com/United-Earth-Team/MW-OAuth2Client.git
  2. Fetch OAuth2 Client submodule:
    cd MW-OAuth2Client
    git submodule update --init
  3. Install submodule with Composer:
    cd vendors/oauth2-client
    composer install
  4. Add the following code to the bottom of your "LocalSettings.php":
    wfLoadExtension( 'MW-OAuth2Client' );
  5. Configure as required.

Yes Done - Navigate to Special:Version on your wiki to verify that the extension is successfully installed.


Required settings to be added to "LocalSettings.php"
$wgOAuth2Client['client']['id']     = ''; // The client ID assigned to you by the provider
$wgOAuth2Client['client']['secret'] = ''; // The client secret assigned to you by the provider

$wgOAuth2Client['configuration']['authorize_endpoint']     = ''; // Authorization URL
$wgOAuth2Client['configuration']['access_token_endpoint']  = ''; // Token URL
$wgOAuth2Client['configuration']['api_endpoint']           = ''; // URL to fetch user JSON
$wgOAuth2Client['configuration']['redirect_uri']           = ''; // URL for OAuth2 server to redirect to

$wgOAuth2Client['configuration']['username'] = 'username'; // JSON path to username
$wgOAuth2Client['configuration']['email'] = 'email'; // JSON path to email

$wgOAuth2Client['configuration']['scopes'] = 'openid email profile'; //Permissions

The Redirect URI for your wiki should be:

Optional further configuration
$wgOAuth2Client['configuration']['http_bearer_token'] = 'Bearer'; // Token to use in HTTP Authentication
$wgOAuth2Client['configuration']['query_parameter_token'] = 'auth_token'; // query parameter to use

$wgOAuth2Client['configuration']['service_name'] = 'Citizen Registry'; // the name of your service
$wgOAuth2Client['configuration']['service_login_link_text'] = 'Login with StarMade'; // the text of the login link
Popup Window

To use a popup window to login to the external OAuth2 server, copy the JS from modal.js to the MediaWiki:Common.js page on your wiki.

Private Wikis

To support private wikis, you need to whitelist the special pages the extension adds in "LocalSettings.php":

$wgWhitelistRead = ['Special:OAuth2Client', 'Special:OAuth2Client/redirect'];

See also[edit]