README.md
README - Oauth Client Plugin
OauthClient is a plugin which allow users to login/signup to noosfero with some oauth providers (for now, google, facebook and noosfero itself).
Install
Enable Plugin
cd ./script/noosfero-plugins enable oauth_client
Active Plugin
As a Noosfero administrator user, go to administrator panel:
- Click on "Enable/disable plugins" option
- Click on "Oauth Client Plugin" check-box
Provider Settings
Goggle
Github
- Specially on twitter you need to request user's email address, see more in https://dev.twitter.com/rest/reference/get/account/verify_credentials
Callback
This is the callback path that you need to use in your app configuration:
/plugin/oauth_client/public/callback
Varnish Settings
If varnish has been used in your stack, you've to bypass the cache for signup page and prevent cookies to be removed when calling the oauth_client plugin callback. E.g.:
if (req.url !~ "^/account/*" && req.url !~ "^/plugin/oauth_provider/*" && req.url !~ "^/plugin/oauth_client/*" && req.http.cookie !~ "_noosfero_.*") {
unset req.http.cookie;
return(lookup);
}
Using Oauth Provider Plugin
The oauth_provider plugin may be used as a provider in the same noosfero installation that hosts your oauth_client plugin (this is usefull in a multi environment setup).
However, you've to use a distinct set of thin processes to handle the authorization requests (to avoid deadlock).
Apache settings example:
RewriteRule ^/oauth_provider/oauth/(authorize|token).*$ balancer://noosfero-oauth-provider%{REQUEST_URI} [P,QSA,L]
Development
Running OauthClient tests
$ rake test:noosfero_plugins:oauth_client
License
Copyright (c) The Author developers.
See Noosfero license.