search

marketing-factory / oauth2

Generic OAuth2 authentication and authorization for TYPO3 CMS
Other
9 stars 18 forks source link

Extensibility #12

Closed kellerrennkadse closed 5 years ago

kellerrennkadse commented 5 years ago

Looking at the code i thought I could easily write my own OAuthProvider to connect my own Resource Server, but when I saw https://github.com/marketing-factory/oauth2/blob/develop/Classes/Services/OAuth2LoginService.php#L124 it killed all my hopes. This switch makes it impossible to swap in my own implementation

zenobio93 commented 5 years ago

Can you show us your implementation? Maybe we can help you to use it with our extension.

kellerrennkadse commented 5 years ago

I did not write an implementation yet, since the whole service class is written very specifically to work with Gitlab (another example: https://github.com/marketing-factory/oauth2/blob/develop/Classes/Services/OAuth2LoginService.php#L251 ) Although line 124 is the real show stopper. There's no way to have any other provider initialized

zenobio93 commented 5 years ago

We have developed the extension for our special need.

Feel free to contribute us and modify our extension you can easily extend this extension with you own OAuthProvider. For example it could be made with a registration for OAuthProvider.

kellerrennkadse commented 5 years ago

That's what I'm about to do. Hence this issue for future reference

kellerrennkadse commented 5 years ago

Hm. Question is: How to define the extra Providers? Plain old TypoScript or some kind of static function called in ext_localconf of you own extension?

Thinking about something along the lines of

\Mfc\OAuth2ResourceServers::register($identifier, $className, array $options);

or

plugin.tx_oauth2 {
  settings {
    servers {
      gitlab {
        enabled = 1
        ...
      }
      other-provider {
        enabled = 0
        ...
      }
    }
  }
}

Not quite sure what to prefer here..

Pro side for the PHP Version is... you could access environment variables, so if your code is under a VCS, you would not end up putting your secrets in there. TypoScript allows for this since TYPO3 9.4, so I'd personally prefer the PHP version. But I guess that's up to you guys :)

kellerrennkadse commented 5 years ago

Implemented a simple registry for OAuthProviders. Registration for the original Gitlab Provider would be

use Mfc\OAuth2\ResourceServer\Registry;

Registry::addServer(
    'gitlab',
    'Login with GitLab',
    \Mfc\OAuth2\ResourceServer\GitLab::class,
    [
        'enabled'   => true,
        'arguments' => [
            'appId'                => 'your-app-id',
            'appSecret'            => 'your-app-secret',
            'gitlabServer'         => 'https://gitlab.com',
            'gitlabAdminUserLevel' => 0,
            'gitlabDefaultGroups'  => 0,
            'gitlabUserOption'     => 0,
            'projectName'          => 'some/repo',
        ],
    ]
);

and can be placed in either the ext_localconf.php of your own extension or even the LocalConfiguration.php or AdditionalConfiguration.php

If you think this route is worth it, I will continue ridding the LoginService from Gitlab specific code. Progress so far: https://github.com/marketing-factory/oauth2/compare/develop...kellerrennkadse:feature/allow-custom-providers

sfsmfc commented 5 years ago

Hi @kellerrennkadse,

I think this is a good approach. Thanks.

kellerrennkadse commented 5 years ago

Alright, I'll finish this up this week and add a section to the docs

zenobio93 commented 5 years ago

Thank you for your contribution. We have checked and merged your pull request and releases it with version 1.0.0.