Extension:OAuth2 Client
 | This extension is incompatible with MediaWiki 1.42 or any later release! You are advised against using this extension on a live site. MediaWiki developers are invited to pledge their efforts to updating this extension to make it compatible with MediaWiki 1.43 by replacing the {{Incompatible}} template with {{Incompatible|version=1.42|pledge=~~~~}}. |
 Release status: stable |
|
|---|---|
| Implementation | User identity, Special page |
| Description | Act as a client to any OAuth2 server. |
| Author(s) | |
| Latest version | 0.5 (2023-02-26) |
| MediaWiki | >=1.25 |
| Database changes | No |
| License | GNU Lesser General Public License 3.0 |
| Download | Download release Note: README |
| Example | starmadepedia.net |
|
|
|
The OAuth2 Client extension allows your users the ability to login to your wiki using any third-party site supporting OAuth2, like Google, Facebook, GitHub, SoundCloud.
This extension uses The PHP League's OAuth 2.0 Client library.
Installation
[edit]The following instructions require Composer to install:
- Clone extension:
cd extensions git clone https://github.com/United-Earth-Team/MW-OAuth2Client.git
- Fetch OAuth2 Client submodule:
cd MW-OAuth2Client git submodule update --init
- Install submodule with Composer:
cd vendors/oauth2-client composer install
- Add the following code to the bottom of your "LocalSettings.php":
wfLoadExtension( 'MW-OAuth2Client' );
- Configure as required.
Done - Navigate to Special:Version on your wiki to verify that the extension is successfully installed.
Configuration
[edit]- Required settings to be added to "LocalSettings.php"
$wgOAuth2Client['client']['id'] = ''; // The client ID assigned to you by the provider
$wgOAuth2Client['client']['secret'] = ''; // The client secret assigned to you by the provider
$wgOAuth2Client['configuration']['authorize_endpoint'] = ''; // Authorization URL
$wgOAuth2Client['configuration']['access_token_endpoint'] = ''; // Token URL
$wgOAuth2Client['configuration']['api_endpoint'] = ''; // URL to fetch user JSON
$wgOAuth2Client['configuration']['redirect_uri'] = ''; // URL for OAuth2 server to redirect to
$wgOAuth2Client['configuration']['username'] = 'username'; // JSON path to username
$wgOAuth2Client['configuration']['email'] = 'email'; // JSON path to email
$wgOAuth2Client['configuration']['scopes'] = 'openid email profile'; //Permissions
The Redirect URI for your wiki should be:
http://your.wiki.domain/path/to/wiki/Special:OAuth2Client/callback
- Optional further configuration
$wgOAuth2Client['configuration']['http_bearer_token'] = 'Bearer'; // Token to use in HTTP Authentication
$wgOAuth2Client['configuration']['query_parameter_token'] = 'auth_token'; // query parameter to use
$wgOAuth2Client['configuration']['service_name'] = 'Citizen Registry'; // the name of your service
$wgOAuth2Client['configuration']['service_login_link_text'] = 'Login with StarMade'; // the text of the login link
- Popup Window
To use a popup window to login to the external OAuth2 server, copy the JS from modal.js to the MediaWiki:Common.js page on your wiki.
- Private Wikis
To support private wikis, you need to whitelist the special pages the extension adds in "LocalSettings.php":
$wgWhitelistRead = ['Special:OAuth2Client', 'Special:OAuth2Client/redirect'];