Connect Cocalc by OAuth with MediaWiki (MediaWiki4IntraNet)

From Wiki4Intranet
Jump to: navigation, search
 
(7 intermediate revisions by the same user not shown)
Line 30: Line 30:
  
 
* Record consumer key and secret «You have been assigned a consumer token of xxxx and a secret token of yyyy. Please record these for future reference».
 
* Record consumer key and secret «You have been assigned a consumer token of xxxx and a secret token of yyyy. Please record these for future reference».
 +
 +
… /Special:OAuthConsumerRegistration/list
 +
 +
[[File:Connect Cocalc by OAuth with MediaWiki (MediaWiki4IntraNet)_2022-03-29_21-05-59_image0.png|center|640px]]
 +
 +
 +
… /Special:OAuthManageConsumers
 +
 +
[[File:Connect Cocalc by OAuth with MediaWiki (MediaWiki4IntraNet)_2022-03-29_21-08-04_image0.png||400px]]
 +
 +
… /Special:OAuthManageConsumers/proposed
 +
 +
[[File:Connect Cocalc by OAuth with MediaWiki (MediaWiki4IntraNet)_2022-03-29_21-09-59_image0.png||400px]]
 +
 +
… Find appropriate row in table «oauth_register», column «oarc_grants» insert in cell rights:
 +
<pre>
 +
["authonly", "authonlyprivate"]
 +
</pre>
 +
 +
;Todo: Why where is not frontend interface for doing so? May be need patch.
  
  
Line 35: Line 55:
 
* https://github.com/belonesox/cocalc  branch «belonesox-stable» or «belonesox-oauth1».
 
* https://github.com/belonesox/cocalc  branch «belonesox-stable» or «belonesox-oauth1».
 
* Go to PostgresQL database «SMC», table «passport_settings»
 
* Go to PostgresQL database «SMC», table «passport_settings»
 +
* add row with «oauth1» key, and value like this
 +
 +
 +
<source lang="javascript">
 +
{
 +
    "icon": "https://yourwiki.site/img_auth.php/6/6f/ThisWikiLogo.png",
 +
    "type": "oauth1",
 +
    "scope": [
 +
        "id",
 +
        "email"
 +
    ],
 +
    "public": true,
 +
    "display": "YourWikiLogin",
 +
    "login_info": {
 +
        "emails": "emails[0].value"
 +
    },
 +
    "consumerKey": "xxxxxxxxxxxxx",
 +
    "userinfoURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Fidentify",
 +
    "accessTokenURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Ftoken",
 +
    "consumerSecret": "yyyyyyyyyyyyy",
 +
    "requestTokenURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Finitiate",
 +
    "userAuthorizationURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Fauthorize"
 +
}
 +
</source>
 +
 +
Important! Check that key "userinfoURL" exists, because users matching works by email, if this key absent,
 +
all authorized users will be mapped to one user of cocalc.
 +
{{wl-publish: 2022-04-08 02:29:45 +0300 | StasFomin }}

Latest revision as of 02:29, 8 April 2022

The Idea

CoCalc (my fork) is great service for scientific realtime collaboration (jupyter notebooks, latex editing, PDF articles sharing). But it is not suitable for creating Team Portal/Dashboard, and Team Knowledge Base. Lot of loosely connected projects, impossibility of consistenly linked/renamed pages, … So better to have MediaWiki (MediaWiki4IntraNet) + CoCalc with authorization on the MediaWiki. Additionaly to Content Features, this binging get interesting possibilities to Team Authorization. For example, «extensions/LdapAuthentication» allows MediaWiki authenticate by LDAP, but is is not possible without radical patching, add LDAP Auth to Cocalc.

So, how to do it.

For MediaWiki4IntraNet, install REL1_26 branch of our fork https://github.com/mediawiki4intranet/mediawiki-extensions-OAuth (branch REL1_26 unusable and need patch).

Add this to LocalSettings:

$wgGroupPermissions['user']['mwoauthproposeconsumer'] = true;
$wgGroupPermissions['user']['mwoauthupdateownconsumer'] = true;
$wgGroupPermissions['user']['mwoauthmanageconsumer'] = true;
$wgGroupPermissions['user']['mwoauthsuppress'] = true;
$wgGroupPermissions['user']['mwoauthviewsuppressed'] = true;
$wgGroupPermissions['user']['mwoauthviewprivate'] = true;
$wgGroupPermissions['user']['mwoauthmanagemygrants'] = true;

Register new client

… /Special:OAuthConsumerRegistration/propose

Connect Cocalc by OAuth with MediaWiki (MediaWiki4IntraNet) 2022-03-29 18-24-23 image0.png
  • Record consumer key and secret «You have been assigned a consumer token of xxxx and a secret token of yyyy. Please record these for future reference».

… /Special:OAuthConsumerRegistration/list

Connect Cocalc by OAuth with MediaWiki (MediaWiki4IntraNet) 2022-03-29 21-05-59 image0.png


… /Special:OAuthManageConsumers

Connect Cocalc by OAuth with MediaWiki (MediaWiki4IntraNet) 2022-03-29 21-08-04 image0.png

… /Special:OAuthManageConsumers/proposed

Connect Cocalc by OAuth with MediaWiki (MediaWiki4IntraNet) 2022-03-29 21-09-59 image0.png

… Find appropriate row in table «oauth_register», column «oarc_grants» insert in cell rights:

["authonly", "authonlyprivate"]
Todo
Why where is not frontend interface for doing so? May be need patch.


Install Cocalc

  • https://github.com/belonesox/cocalc branch «belonesox-stable» or «belonesox-oauth1».
  • Go to PostgresQL database «SMC», table «passport_settings»
  • add row with «oauth1» key, and value like this


{
    "icon": "https://yourwiki.site/img_auth.php/6/6f/ThisWikiLogo.png",
    "type": "oauth1",
    "scope": [
        "id",
        "email"
    ],
    "public": true,
    "display": "YourWikiLogin",
    "login_info": {
        "emails": "emails[0].value"
    },
    "consumerKey": "xxxxxxxxxxxxx",
    "userinfoURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Fidentify",
    "accessTokenURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Ftoken",
    "consumerSecret": "yyyyyyyyyyyyy",
    "requestTokenURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Finitiate",
    "userAuthorizationURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Fauthorize"
}

Important! Check that key "userinfoURL" exists, because users matching works by email, if this key absent, all authorized users will be mapped to one user of cocalc.