[Koha-bugs] [Bug 30988] Add generic OpenIDConnect client implementation

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Thu Jun 23 15:31:09 CEST 2022 

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30988

Shi Yao Wang <shi-yao.wang at inLibro.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #136430|0                           |1
        is obsolete|                            |

--- Comment #28 from Shi Yao Wang <shi-yao.wang at inLibro.com> ---
Created attachment 136450
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=136450&action=edit
Bug 30988: Add generic OpenIDConnect client implementation

A generic OpenID Connect implementation.

Test plan:
1- Set up an OAuth2 provider that has a discovery doc (e.g. for google it's
https://accounts.google.com/.well-known/openid-configuration) and note down the
client id and client secret.
Docs to help setup:
google: https://developers.google.com/identity/protocols/oauth2/openid-connect
       
https://koha-community.org/manual/20.11/en/html/administrationpreferences.html
gitlab: https://docs.gitlab.com/ee/integration/oauth_provider.html
2- Apply the patch
3- Run atomicupdate to update database
4- Configure system preferences:
    a- Set OIDC to Yes
    b- Enter the url to the discovery doc of your OAuth2 provider
    c- Fill OIDCOAuth2ClientID with noted client id
    d- Fill OIDCOAuth2ClientSecret with noted client secret
    e- Change OIDCProviderName to change the text displayed on OIDC login
buttons

    f- Configure the other related system preferences as you wish. They
shoud work the same way as the similar googleopenidconnect system
preferences.
5- If OIDCAutoRegister is set to Don't allow, have a koha
account with the same email as the one used by your OAuth2 provider.
6- In OPAC, sign in using OpenID Connect.
7- You may have to log into your OpenID provider account and accept conditions.
It should finally log you into the koha account.

-- 
You are receiving this mail because:
You are watching all bug changes.

More information about the Koha-bugs mailing list