ref: master
plugins/oauth_client/README.md
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 |
README - Oauth Client Plugin ================================ OauthClient is a plugin which allow users to login/signup to noosfero with some oauth providers (for now, google, facebook and noosfero itself). Install ======= Enable Plugin ------------- cd <your_noosfero_dir> ./script/noosfero-plugins enable oauth_client Active Plugin ------------- As a Noosfero administrator user, go to administrator panel: - Click on "Enable/disable plugins" option - Click on "Oauth Client Plugin" check-box Provider Settings ================= Goggle ------ [Create Google+ application](https://developers.google.com/+/web/signin/javascript-flow) Facebook -------- [Create Facebook application](https://developers.facebook.com/docs/facebook-login/v2.1) Github -------- [Create Github application](https://github.com/settings/developers) Twitter -------- - Specially on twitter you need to request user's email address, see more in https://dev.twitter.com/rest/reference/get/account/verify_credentials [Create Twitter application](https://apps.twitter.com/) Callback ======== This is the callback path that you need to use in your app configuration: /plugin/oauth_client/public/callback Varnish Settings ================ If varnish has been used in your stack, you've to bypass the cache for signup page and prevent cookies to be removed when calling the oauth_client plugin callback. E.g.: ``` if (req.url !~ "^/account/*" && req.url !~ "^/plugin/oauth_provider/*" && req.url !~ "^/plugin/oauth_client/*" && req.http.cookie !~ "_noosfero_.*") { unset req.http.cookie; return(lookup); } ``` Using Oauth Provider Plugin =========================== The oauth_provider plugin may be used as a provider in the same noosfero installation that hosts your oauth_client plugin (this is usefull in a multi environment setup). However, you've to use a distinct set of thin processes to handle the authorization requests (to avoid deadlock). Apache settings example: ``` RewriteRule ^/oauth_provider/oauth/(authorize|token).*$ balancer://noosfero-oauth-provider%{REQUEST_URI} [P,QSA,L] ``` Development =========== Running OauthClient tests -------------------- $ rake test:noosfero_plugins:oauth_client License ======= Copyright (c) The Author developers. See Noosfero license. |