kanbanworkflowstimelinescrumrubyroadmapproject-planningproject-managementopenprojectangularissue-trackerifcgantt-chartganttbug-trackerboardsbcf
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
108 lines
4.4 KiB
108 lines
4.4 KiB
11 years ago
|
# OpenProject AuthPlugins Plugin
|
||
|
|
||
|
Adds support for easy integration of OmniAuth strategy providers as a means to authenticate users in OpenProject.
|
||
|
|
||
11 years ago
|
## Usage
|
||
|
|
||
11 years ago
|
gem 'openproject-auth_plugins', :git => 'git@github.com:finnlabs/openproject-auth_plugins', :branch => 'stable'
|
||
11 years ago
|
|
||
11 years ago
|
You can use this plugin to make an authentication plugin out of an ordinary OpenProject plugin.
|
||
10 years ago
|
The first step is to generate a new plugin.
|
||
11 years ago
|
Once you have done that it only takes a few additions to make it an authentication plugin.
|
||
|
Find your Engine class in `engine.rb`, let it extend `OpenProject::Plugin::AuthPlugin` and register the providers you want to use.
|
||
|
|
||
11 years ago
|
Here's an example of how that might look:
|
||
11 years ago
|
|
||
11 years ago
|
```ruby
|
||
|
module OpenProject::SomeAuthPlugin
|
||
|
class Engine < ::Rails::Engine
|
||
|
engine_name :openproject_some_auth_plugin
|
||
|
|
||
|
include OpenProject::Plugins::ActsAsOpEngine
|
||
|
extend OpenProject::Plugins::AuthPlugin # just add this ...
|
||
|
|
||
|
register 'openproject-some_auth_plugin',
|
||
|
author_url: 'http://my.site',
|
||
|
requires_openproject: '>= 3.1.0pre1'
|
||
|
|
||
|
assets %w(
|
||
|
some_auth_plugin/some_provider.png
|
||
|
)
|
||
|
|
||
|
# to get #register_auth_providers:
|
||
|
register_auth_providers do
|
||
|
strategy :some_strategy do
|
||
|
[
|
||
|
{
|
||
11 years ago
|
name: 'some_provider',
|
||
|
host: 'foo.bar.baz',
|
||
11 years ago
|
port: 999,
|
||
|
#, ... more provider options
|
||
|
icon: 'some_auth_plugin/some_provider.png'
|
||
|
},
|
||
|
{
|
||
11 years ago
|
name: 'another_provider',
|
||
|
host: 'foobar.biz',
|
||
|
port: '692',
|
||
11 years ago
|
#, ... more provider options
|
||
11 years ago
|
display_name: 'Provider 2'
|
||
10 years ago
|
# ... provide custom attribute mapping
|
||
|
openproject_attribute_map: Proc.new {|auth| { login: auth[:info][:uid] } }
|
||
11 years ago
|
}
|
||
|
]
|
||
|
end
|
||
|
|
||
|
strategy :another_strategy do
|
||
11 years ago
|
[{name: 'yet_another_provider'}]
|
||
11 years ago
|
end
|
||
|
end
|
||
11 years ago
|
end
|
||
|
end
|
||
|
```
|
||
11 years ago
|
|
||
11 years ago
|
Register each OmniAuth strategy by calling `strategy` with the strategy's name and returning the options for the providers using that strategy in the passed block. Provider options must at the very least contain a `name` that has to be unique among all strategies' providers. The rest depends on the used strategy.
|
||
|
|
||
|
**Additional provider attribute `icon`**
|
||
11 years ago
|
|
||
11 years ago
|
As you can see in the first registered provider you can also give a new option called `icon`.
|
||
11 years ago
|
Using this option you can define which icon is to be rendered for the given provider.
|
||
|
In the example our own plugin provides the icon. In the plugin's directory it has to be placed under `app/assets/images/some_auth_plugin/some_provider.png`.
|
||
11 years ago
|
|
||
11 years ago
|
**Additional provider attribute `display_name`**
|
||
11 years ago
|
|
||
|
Another extra attribute shown is `display_name`. While `name` is used to identify the provider in URLs `display_name` is what is shown to the user.
|
||
|
|
||
10 years ago
|
**Additional provider attribute `openproject_attribute_map`**
|
||
|
|
||
|
To provide a custom user attribute mapping for this strategy, you may optionally specify a block that returns an attribute mapping hash. In the examplary strategy *another_provider*, the OpenProject attribute `:login` is overridden reflect the attribute `:uid` from the strategy.
|
||
|
|
||
|
The block is called with the [OmniAuth AuthHash object](https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema). You can use the `:extra` key to access the raw attributes as returned from the authentication schema.
|
||
|
|
||
11 years ago
|
## OpenProject Integration
|
||
|
|
||
11 years ago
|
For each registered provider a button will be added to the OpenProject login screen as shown in the following example:
|
||
11 years ago
|
|
||
11 years ago
|
![OpenProject Login Screen](../screenshots/login_screen_en.png?raw=true "Login screen showing buttons for 6 providers.")
|
||
11 years ago
|
|
||
|
In this example an icon has only been defined for 'Google'.
|
||
11 years ago
|
All other providers just show a default icon.
|
||
11 years ago
|
|
||
11 years ago
|
### Runtime Changes
|
||
11 years ago
|
|
||
|
All used strategies have to be known at the start of the application.
|
||
|
Providers, however, can change arbitrarily at runtime.
|
||
|
The block passed to `#strategy` is called each time an authentication request is made.
|
||
11 years ago
|
|
||
|
## Repository
|
||
|
|
||
|
This repository contains two main branches:
|
||
|
|
||
|
* `dev`: The main development branch. We try to keep it stable in the sense of all tests are passing, but we don't recommend it for production systems.
|
||
|
* `stable`: Contains the latest stable release that we recommend for production use. Use this if you always want the latest version of this plugin.
|
||
|
|
||
|
## License
|
||
|
|
||
|
Copyright (C) 2014 the OpenProject Foundation (OPF)
|
||
|
|
||
|
This plugin is licensed under the GNU GPL v3. See [doc/COPYRIGHT.md](doc/COPYRIGHT.md) for details.
|