Hi Folks -
I have been going a bit in circles in trying to get the authoritative mode thing to work so that users with logins at my company can login with their credentials without creating an account on the wiki.
I have used
- GoogleLogin-REL1_34-c395c86.tar.gz
- mediawiki-extensions-GoogleLogin-master.tar.gz (download 1/16/20)
- git clone (link to github) mediawiki-extensions-GoogleLogin.git (download 1/16/20)
I have setup my LocalSettings.php with the following and various commented and uncommented variants based on multiple threads here:
require_once "$IP/extensions/GoogleLogin/GoogleLogin.php";
wfLoadExtension( 'GoogleLogin' );
$wgGLAllowedDomains = array( 'mydomain.com' );
$wgGLAllowedDomainsStrict = 'true';
$wgGLSecret = '****';
$wgGLAppId = '****';
$wgGroupPermissions['*']['read'] = false;
$wgWhitelistRead = array( 'Special:GoogleLoginReturn' );
$wgGLAuthoritativeMode = 'true';
$wgGroupPermissions['*']['autocreateaccount'] = true;
$wgUserrightsInterwikiDelimiter = "%";
$wgInvalidUsernameCharacters = "%";
$wgAuthManagerConfig = [
'primaryauth' => [
GooglePrimaryAuthenticationProvider::class => [
"class" => GooglePrimaryAuthenticationProvider::class,
"sort" => 0
]
],
'preauth' => [],
'secondaryauth' => [],
];
My errors include some combination of
1)
Fatal error: Uncaught GoogleLogin\ConfigurationError: GoogleLogin runs in authoritative mode, but multiple primary authentication providers where found.
2)
Fatal error: Uncaught Error: Class 'GooglePrimaryAuthenticationProvider' not found in /homepages/14/d387179246/htdocs/pruebawiki/vendor/wikimedia/object-factory/src/ObjectFactory.php:77 Stack trace: #0
3)
No error, but after choosing a user in the Google Auth modal, we don't return to the wiki, we return to the same user selection modal.
Is there a definitive "best practices" to use the Authoritative mode for a company wishing to use Mediawiki privately using their domain's login, making use of that login to automatically create a new account?