Fix #83 - pass OIDC group information into Dokuwiki group list

cosmocode / dokuwiki-plugin-oauth

Generic oAuth1 and oAuth2 plugin for DokuWiki

http://www.dokuwiki.org/plugin:oauth

30 stars 79 forks source link

Fix #83 - pass OIDC group information into Dokuwiki group list #101

Closed philpem closed 2 years ago

philpem commented 3 years ago

This is a fix done by @wintamute and discussed on cosmocode#83, but which doesn't seem to have a pull request.

This passes the group list from OpenID Connect / OAuth2 (and especially Keycloak) through to Dokuwiki as a group list.

This can be extremely helpful when paired with Dokuwiki's ACL management, to allow access to pages and namespaces based on OIDC group membership.

philpem commented 3 years ago

Looking into the build failure, it seems there's some issue with the CI:

$ composer --version

Composer version 2.0.11 2021-02-24 14:57:23

before_install

0.13s$ wget https://raw.github.com/splitbrain/dokuwiki-travis/master/travis.sh
install

4.21s$ sh travis.sh

0.00s$ cd _test && ./phpunit.phar --stderr --group plugin_oauth

/home/travis/.travis/functions: line 109: ./phpunit.phar: No such file or directory

The command "cd _test && ./phpunit.phar --stderr --group plugin_oauth" exited with 127.

Done. Your build exited with 1.

Looks like there's a file missing in the CI.

ghost commented 2 years ago

I have hit this with #110 and I also tried different strategies with the group mappers, both grps and groups, and String as returned object and the suggested config in the documentation. It seems the group is effective somehow because my user can access the admin pages if I add him to the Keycloak/FreeIPA group "doku-testadmins" and then set that as the superuser config.

splitbrain commented 2 years ago

fixed in refactor branch. See #111 for upcoming release