Closed joesb closed 8 years ago
Looks like OAuth is ready for D8: https://www.drupal.org/project/oauth … but not Google Auth: https://www.drupal.org/project/gauth … so we'd need to put time into the Google Auth D8 port
Looks like OpenID Connect (successor to OpenID) is the probably the way forward with this, though it may need some adaptation to limit it to Wunderkraut accounts.
That Google OpenID Connect sandbox module looks pretty good so far. I've made some adaptations to it so there's support for the 'hosted domain' parameter in Google authentication i.e. limiting the authentication to a specific Google 'hosted domain', which for us would be 'wunderkraut.com' of course.
Pull request: sanduhrs/drupal-openid_connect#5
Only limiting problem at the moment is that I haven't yet worked out how to associate existing Drupal accounts with a Google account. Looking into that now.
This is now deployed.
It would be great to get WunderHub user accounts to authenticate against the user's WK Google account, so passwords and access permission are managed in one central location.
Icing on the cake: automagic Hub account creation/blocking when a person joins/leaves WK