Open Id connect.
Tried Identity Server
-
Gluu
- Problem with the Acess Token.
- Gluu Team Suggests the use of a intermediate oxd server which is confusing.
-
WSO2 Identity Server.
- Claim management problem.
- No Openid connect discovery
- from the url ./well-known/openid-configuration
- requires manually editing the configuration.
-
Drupal.
- Working Fine.
- Server Settings.
- install drupal
- run on https
- enable Oauth2 server and its dependencies
- enable Openid connect library by adding the following two modules
- Library API
- Libraries
- Do the plugin configuration
- create server
- create client with a proper redirect Uri
- enable the scopes (openid email profile)
- create an user with some credentials
-
WordPress
- Requires License Key for the openid plugin
Tried client applications
- wordpress
- wordpress with gluu
- problem with access token exists.
- the access token provider is expired,revoked or malformed .Try to request a new access token.
- problem with access token exists.
- wordpress with wso2
- problem with the claim mapping using wordpress openid connect plugin.
- It is really confusing on whether which openid dialect used during openid connect.
- oidc/claim or wso2/claims
- ambiguity in how the attributes are mapped from one claim to another.
- ssl error with the openid connect generic plugin
- problem with the claim mapping using wordpress openid connect plugin.
- wordpress with Drupal
- working fine with wordpress openid connect plugin.
- Do the server configuration.
- using the client id and client secret obtained from the drupal configure the wordpress openid connect plugin .
- working fine with wordpress openid connect plugin.
- wordpress with gluu
-
orangehrm
- orangehrm with drupal
- working good after some plugin configuration.
- edited the social media authentication plugin in the orangehrm.
- put the openid connect library in
- /var/www/html/orangehrm/symfony/plugins/orangehrmOpenidAuthenticationPlugin/lib/vendor/GoogleAPIClient
- edit the file in
- /var/www/html/orangehrm/symfony/plugins/orangehrmOpenidAuthenticationPlugin/lib/authproviders/GoogleAuthProvider.php
- inside the function validate user.
- $oClient=new OpenIDConnectClient(‘https://localhost/’,$authProvider->getClientId(),$authProvider->getClientSecret());
$oClient->setRedirectURL($provider->getProviderUrl());$oClient->addScope(‘openid’);
$oClient->addScope(’email’);
$oClient->addScope(‘profile’);
$oClient->authenticate();
$name = $oClient->requestUserInfo(‘given_name’);
echo var_dump($oClient);
$username=$oClient->requestUserInfo(’email’);
$dataArray[‘providerid’] = $provider->getProviderId();
$dataArray[‘useridentity’] = $oClient->getAccessToken();
$success = $this->getOpenIdService()->setOpenIdCredentials($username, $dataArray);
if ($success) {
$flag = array(‘type’ => ‘true’, ‘message’ => ‘User has authentication!’);
return $flag;
} else {
$flag = array(‘type’ => ‘false’, ‘message’ => ‘User Account Not found’);
return $flag;
}exit(); - add the following line to /var/www/html/orangehrm/symfony/cache/orangehrm/prod/config/config_autoload.yml.php
- ‘openidconnectclient’ => ‘/var/www/html/orangehrm/symfony/plugins/orangehrmOpenidAuthenticationPlugin/lib/vendor/GoogleAPIClient/OpenIDConnectClient.php’
- to enable the library
- if verifyRSAJWTsignature is causing some problems
- set its return value always to false to skip verification
- orangehrm with drupal
- Redmine
- redmine with drupal
- working good after some plugin configuration.
- installed redmine and configured ssl on port 8080
- setup the omni auth open id connect google plugin for redmine
- created a folder in /usr/share/redmine/plugin..
- cd /usr/share/redmine/plugins
- git clone https://github.com/twinslash/redmine_omniauth_googe.git
- cd ../
- bundle install
- go to /usr/share/redmine/plugins/redmine_omniauth_google/app/controllers/redmine_oauth_controller.rb
- for ssl error on localhost,add the following two lines
- require ‘openssl’
- OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
- edit provider url , authorize url ,token url and userinfo url
- add a state variable in the authorization request because state parameter is required for drupal.
- edit the scopes to openid email profile.
- change the code in the try_login_info function as
- user = User.select(:lastname, :firstname, :status, :login, :must_change_passwd, :id).where(:mail => info[“email”] ).first_or_create.
- for ssl error on localhost,add the following two lines
- enable the logging
- add following into the config/environment/production.rb
- config.log_level = :debug
- add the code
- logger.debug() to view the log in /var/log/redmine/default/production.log
- working good after some plugin configuration.
- redmine with drupal