Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/joshp23/YOURLS-OIDC
OpenID Connect Authentication for YOURLS
https://github.com/joshp23/YOURLS-OIDC
oidc oidc-client sso-client yourls-plugin
Last synced: 14 days ago
JSON representation
OpenID Connect Authentication for YOURLS
- Host: GitHub
- URL: https://github.com/joshp23/YOURLS-OIDC
- Owner: joshp23
- License: gpl-3.0
- Created: 2019-11-23T11:39:35.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2022-05-01T16:17:14.000Z (over 2 years ago)
- Last Synced: 2024-08-02T06:16:24.187Z (4 months ago)
- Topics: oidc, oidc-client, sso-client, yourls-plugin
- Language: PHP
- Size: 25.4 KB
- Stars: 7
- Watchers: 4
- Forks: 6
- Open Issues: 10
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome - OIDC - OpenID Connect authentication against a generic OpenID Connect server. (Plugins / O)
README
# YOURLS-OIDC
OpenID Connect Authentication for YOURLS
This plugin enables authentication against a generic OpenID Connect server in YOURLS.
### Features
- Respects YOURLS auth flow
- Respects YOURLS hard-coded logins, if desired
- Can link OpenID Connect accounts to existing YOURLS accounts
- Sets user to `sub`, sets display name to `preferred_username`
- Single Sign Out: signing out of YOURLS signs off OIDC server.
### Requirements
- YOURLS 7.4.0
- The [jumbojett/OpenID-Connect-PHP](https://github.com/jumbojett/OpenID-Connect-PHP) library
- `composer`, `php-curl`, `php-xml`, and `php-json`
- A working OpenID Connect servier (Tested against Keycloak)
- If installed, remove [dgw/yourls-dont-track-admins](https://github.com/dgw/yourls-dont-track-admins), or replace it with [joshp23/YOURLS-No-Tracking-Admins](https://github.com/joshp23/YOURLS-No-Tracking-Admins) for compatability.
### Installation
1. Download this repo and extract the `oidc` folder into `YOURLS/user/plugins/`
2. `cd` to the directory you just created
3. Run `composer install` in that directory to fetch the OIDC library
4. Define OIDC server parameters (see below)
5. configure OIDC, see below.
6. Enable in Admin
Configuration
-------------
Config: `user/config.php` file.
```
// oidc server
define( 'OIDC_BASE_URL', 'https://keycloak.example.com/auth/realms/master/' );
define( 'OIDC_CLIENT_NAME', 'YOURLS' );
define( 'OIDC_CLIENT_SECRET', 'YOUR-SUPER-SECRET-HASH' );
// Option 1: link OIDC users to local YOURLS users
$oidc_profiles = array(
'YOURLS_UNAME' => 'sub attribute from OIDC provider',
);
// Option 2, all users on OIDC platform have YOURLS accounts. uses 'preferred_username' attribute
define( 'OIDC_BYPASS_YOURLS_AUTH', true );
```
### In Development
- Tight integration with AuthMgrPlus
- Group and attribute assignment
- User panel in admin for linking to existing accounts with the push of a button
### Tips
Dogecoin: DARhgg9q3HAWYZuN95DKnFonADrSWUimy3
License
-------
Copyright 2019 Joshua Panter