Extension:OAuth2 Client

From MediaWiki.org
Jump to navigation Jump to search
MediaWiki extensions manual
OOjs UI icon advanced.svg
OAuth2 Client
Release status: beta
Implementation User identity , Special page
Description Act as a client to any OAuth2 server.
Latest version 0.4 (2019-08-18)
MediaWiki 1.25+
Database changes No
License GNU Lesser General Public License 3.0
Example starmadepedia.net
  • $wgOAuth2Client
Translate the OAuth2 Client extension if it is available at translatewiki.net
Check usage and version matrix.

The OAuth2 Client extension allows your users the ability to login to your wiki using any third-party site supporting OAuth2, like Google, Facebook, GitHub, SoundCloud.

This extension uses the PHP's League's OAuth 2.0 Client library.


The following instructions require Composer to install:

  1. Clone extension:
    cd extensions
    git clone https://github.com/Schine/MW-OAuth2Client.git
  2. Fetch OAuth2 Client submodule:
    cd MW-OAuth2Client
    git submodule update --init
  3. Install submodule with Composer:
    cd vendors/oauth2-client
    composer install
  4. Add the following code to the bottom of your "LocalSettings.php":
    wfLoadExtension( 'MW-OAuth2Client' );
  5. Configure as required.

Yes Done - Navigate to Special:Version on your wiki to verify that the extension is successfully installed.


Required settings to be added to "LocalSettings.php"
$wgOAuth2Client['client']['id']     = ''; // The client ID assigned to you by the provider
$wgOAuth2Client['client']['secret'] = ''; // The client secret assigned to you by the provider

$wgOAuth2Client['configuration']['authorize_endpoint']     = ''; // Authorization URL
$wgOAuth2Client['configuration']['access_token_endpoint']  = ''; // Token URL
$wgOAuth2Client['configuration']['api_endpoint']           = ''; // URL to fetch user JSON
$wgOAuth2Client['configuration']['redirect_uri']           = ''; // URL for OAuth2 server to redirect to

$wgOAuth2Client['configuration']['username'] = 'username'; // JSON path to username
$wgOAuth2Client['configuration']['email'] = 'email'; // JSON path to email

$wgOAuth2Client['configuration']['scopes'] = 'openid email profile'; //Permissions

The Redirect URI for your wiki should be:

Optional further configuration
$wgOAuth2Client['configuration']['http_bearer_token'] = 'Bearer'; // Token to use in HTTP Authentication
$wgOAuth2Client['configuration']['query_parameter_token'] = 'auth_token'; // query parameter to use

$wgOAuth2Client['configuration']['service_name'] = 'Citizen Registry'; // the name of your service
$wgOAuth2Client['configuration']['service_login_link_text'] = 'Login with StarMade'; // the text of the login link
Popup Window

To use a popup window to login to the external OAuth2 server, copy the JS from modal.js to the MediaWiki:Common.js page on your wiki.

Private Wikis

To support private wikis, you need to whitelist the special pages the extension adds in "LocalSettings.php":

$wgWhitelistRead = ['Special:OAuth2Client', 'Special:OAuth2Client/redirect'];

See also[edit]