Web based family history software

file Question New custom module for OAuth 2.0 single sign on with authorization providers

  • Jefferson49
  • Jefferson49's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
2 weeks 4 days ago #1 by Jefferson49
Today, I released a new webtrees 2.1/2.2 custom module for OAuth 2.0 single sign on (SSO) with authorization providers.

The module is published on Github  and a documentation is available in the Readme .

What are the benefits of the webtrees-oauth2-client module?
  • The module provides single sign on (SSO) into webtrees based on the OAuth 2.0 standard
  • A pre-configured set of authorization providers can be selected during webtrees login
  • If choosing to sign in with an authorization provider, the user account data (i.e. user name, real name, email address) of the authorization provider is used for the user account in webtrees.
  • Single sign on allows a shared user management between a content management system (e.g. Joomla, WordPress) and webtrees
The module uses the  League/oauth2-client   PHP library, which covers all the OAuth 2.0 communication. It is from a trustable source with a large community and integrates very well into the webtrees communication stack. A  description of the concept  can be found in the Readme on Github.

The League/oauth2-client supports to connect to a lot of different authorization providers ( official League clients , additional  3rd party clients ). Currently, the new webtrees module contains specific adapters to a subset of these League clients in order to connect webtrees with the following authorization providers:
  • Generic (can be configured for several authorization providers)
  • Github
  • Google
  • Joomla (with a specific authorization provider extension installed in Joomla)
  • WordPress (with a specific authorization provider plugin installed in WordPress)

Please Log in or Create an account to join the conversation.

More
2 weeks 4 days ago #2 by xiao
Very good module, thank you for your contribution.

Please Log in or Create an account to join the conversation.

More
2 weeks 4 days ago #3 by xmlf
It would be great if webtrees could be used as a server. In this way, users can be controlled through webtrees so that only approved family members can access certain functions, which is convenient for family members to use and discuss.

Wang Family Website of Suining County, China
www.snwsjz.com
A family tree website that is customized, more humanized and convenient for users.
WeChat Automatic login and family tree hangi

Please Log in or Create an account to join the conversation.

More
2 weeks 3 days ago - 2 weeks 3 days ago #4 by Franz Frese
That is the way in each case, even without OAuth2: Only approved members can access functions in webtrees that need authentication.

Acting as OAuth2 server has nothing to do with access to certain functions (of webtrees).The Oauth2 client is conveniant to  users: One click and you can access wt compared to two clicks (when you have stored username and passwd in your browser) or many clicks entering username and passwd each time to access wt.

To provide this single click login for most (all) of my webtrees users I would like to know if someone has already has activated one of the following OAuth2 services (and what is the link to activate the service for webtrees (maybe some screenshots to see what has to be entered there)):
Apple  , Dropbox, Microsoft, Nextcloud, Paypal,.. or other commonly used OAuth2-services, which users have per default or per often usage (like Google (on your Android device or your Chrome browser)).


 
Last edit: 2 weeks 3 days ago by Franz Frese.

Please Log in or Create an account to join the conversation.

Powered by Kunena Forum