-
Notifications
You must be signed in to change notification settings - Fork 3
OAuth2 providers configurations
Stefano Rosanelli edited this page Jul 26, 2022
·
4 revisions
Here some basic configurations reference you can use to configure the OAuth2Authenticator and OAuth2Identifier classes.
In order to work properly each provider name (like google, facebook etc.) must match the corresponding auth_providers.name field in the BEdita project database. Here you can find some simple reference settings to use for the most common providers.
Every provider array must have these keys:
-
class- OAuth2 class name, must be a supported provider ofleague/oauth2-client, see https://oauth2-client.thephpleague.com/providers/league/ you can use anofficialorthird-partyprovider -
setup- provider class setup parameters, this includes normallyclientIdandclientSecretkeys whereas other parameters like 'redirectUri' will be added dynamically -
options- provider authorization options, specify the user information scope that you want to read; it contains a'scope'array that will vary between providers, please read the relativeoauth2-clientdocumentation. -
map- map BEdita user fields with data from the OAuth2 provider; in this array keys are BEdita fields and values are paths to extract the desired item from the provider response using dot notation (e.g.user.id); only'provider_username'is mandatory, to uniquely identify the user in the provider context, other fields could be used during signup
'github' => [
// OAuth2 class name
'class' => '\League\OAuth2\Client\Provider\Github',
// Provider class setup parameters
'setup' => [
'clientId' => '####',
'clientSecret' => '####',
],
// Provider authorization options
'options' => [
'scope' => ['read:user', 'user:email'],
],
// Map BEdita user fields with auth provider data
'map' => [
'provider_username' => 'id',
'username' => 'login',
'title' => 'name', // name contains the user full name
'email' => 'email', // can be NULL in github
],
],
'google' => [
// OAuth2 class name
'class' => '\League\OAuth2\Client\Provider\Google',
// Provider class setup parameters
'setup' => [
'clientId' => '####',
'clientSecret' => '####',
],
// Provider authorization options
'options' => [
'scope' => ['https://www.googleapis.com/auth/userinfo.email'],
],
// Map BEdita user fields with auth provider data
'map' => [
'provider_username' => 'sub',
'username' => 'email',
'email' => 'email',
'name' => 'given_name',
'surname' => 'family_name',
],
],
'facebook' => [
// OAuth2 class name
'class' => '\League\OAuth2\Client\Provider\Facebook',
// Provider class setup parameters
'setup' => [
'clientId' => '####',
'clientSecret' => '####',
'graphApiVersion' => 'v2.10',
],
// Provider authorization options
'options' => [
'scope' => ['email'],
],
// Map BEdita user fields with auth provider data
'map' => [
'provider_username' => 'id',
'username' => 'email',
'email' => 'email',
'name' => 'first_name',
'surname' => 'last_name',
'title' => 'name',
],
],