Connect Cocalc by OAuth with MediaWiki (MediaWiki4IntraNet)
(→Install Cocalc) |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 58: | Line 58: | ||
| − | <source lang=" | + | <source lang="javascript"> |
{ | { | ||
"icon": "https://yourwiki.site/img_auth.php/6/6f/ThisWikiLogo.png", | "icon": "https://yourwiki.site/img_auth.php/6/6f/ThisWikiLogo.png", | ||
| Line 79: | Line 79: | ||
} | } | ||
</source> | </source> | ||
| + | |||
| + | Important! Check that key "userinfoURL" exists, because users matching works by email, if this key absent, | ||
| + | all authorized users will be mapped to one user of cocalc. | ||
| + | {{wl-publish: 2022-04-08 02:29:45 +0300 | StasFomin }} | ||
Latest revision as of 02:29, 8 April 2022
- The Idea
CoCalc (my fork) is great service for scientific realtime collaboration (jupyter notebooks, latex editing, PDF articles sharing). But it is not suitable for creating Team Portal/Dashboard, and Team Knowledge Base. Lot of loosely connected projects, impossibility of consistenly linked/renamed pages, … So better to have MediaWiki (MediaWiki4IntraNet) + CoCalc with authorization on the MediaWiki. Additionaly to Content Features, this binging get interesting possibilities to Team Authorization. For example, «extensions/LdapAuthentication» allows MediaWiki authenticate by LDAP, but is is not possible without radical patching, add LDAP Auth to Cocalc.
So, how to do it.
For MediaWiki4IntraNet, install REL1_26 branch of our fork https://github.com/mediawiki4intranet/mediawiki-extensions-OAuth (branch REL1_26 unusable and need patch).
Add this to LocalSettings:
$wgGroupPermissions['user']['mwoauthproposeconsumer'] = true; $wgGroupPermissions['user']['mwoauthupdateownconsumer'] = true; $wgGroupPermissions['user']['mwoauthmanageconsumer'] = true; $wgGroupPermissions['user']['mwoauthsuppress'] = true; $wgGroupPermissions['user']['mwoauthviewsuppressed'] = true; $wgGroupPermissions['user']['mwoauthviewprivate'] = true; $wgGroupPermissions['user']['mwoauthmanagemygrants'] = true;
Register new client
… /Special:OAuthConsumerRegistration/propose
_2022-03-29_18-24-23_image0.png)
- Record consumer key and secret «You have been assigned a consumer token of xxxx and a secret token of yyyy. Please record these for future reference».
… /Special:OAuthConsumerRegistration/list
_2022-03-29_21-05-59_image0.png)
… /Special:OAuthManageConsumers
_2022-03-29_21-08-04_image0.png)
… /Special:OAuthManageConsumers/proposed
_2022-03-29_21-09-59_image0.png)
… Find appropriate row in table «oauth_register», column «oarc_grants» insert in cell rights:
["authonly", "authonlyprivate"]
- Todo
- Why where is not frontend interface for doing so? May be need patch.
Install Cocalc
- https://github.com/belonesox/cocalc branch «belonesox-stable» or «belonesox-oauth1».
- Go to PostgresQL database «SMC», table «passport_settings»
- add row with «oauth1» key, and value like this
{ "icon": "https://yourwiki.site/img_auth.php/6/6f/ThisWikiLogo.png", "type": "oauth1", "scope": [ "id", "email" ], "public": true, "display": "YourWikiLogin", "login_info": { "emails": "emails[0].value" }, "consumerKey": "xxxxxxxxxxxxx", "userinfoURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Fidentify", "accessTokenURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Ftoken", "consumerSecret": "yyyyyyyyyyyyy", "requestTokenURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Finitiate", "userAuthorizationURL": "https://yourwiki.site/index.php?title=Special%3AOAuth%2Fauthorize" }
Important! Check that key "userinfoURL" exists, because users matching works by email, if this key absent, all authorized users will be mapped to one user of cocalc.
