Flarum OpenID Connect Client

OpenID Connect client/SSO for Flarum

Compatible with Flarum v1.8.5

Latest release 3.0.1

1 subscriber

24 downloads

released on Jul 20, 2021

Tags

$3.75 per month
standard
not for profit
$37.50 per year
extended
for profit

Extiverse card

Flarum OpenID Connect Client logo

Supports latest Flarum version?

This extension enables users to login with an OpenID Connect (OIDC) provider. This method can be set to the only allowed method to login (SSO mode) or used as a complementary login method (like OAuth providers)

This is a Premium extension, not a free one. You can buy a license to use it in your Flarum through Extiverse

⚠ Warning! This README might be outdated! Please always refer to the docs to ensure you are reading the latest update!

Why premium

Mostly for two reasons:

  1. You can connect to any auth system, written in any language, as long as they are compliant with the OpenID Connect specs. My other SSO extension, which is free, allows you to connect to any auth system written in PHP.
  2. It requires only configuration in the admin panel and zero code. The SSO extension requires integration with your auth system through plugins in addition to extension configuration.

Screenshots

| Description | Screenshot | |-----------------------------------------|-------------------------------------------------------------------------------------------------------| | Button in login modal | login_modal.png | | Buttons in user settings (non-SSO mode) | settings_buttons_oauth.png | | Buttons in user settings (SSO mode) | settings_buttons_sso.png |

Tested providers

Note: This list is not exhaustive. Other generic OIDC providers should work as well. If you have tested this library with a provider not listed here, please contact me to add it here.

| Provider | Is tested? | Notes | |----------|------------|---------------------------------------------------------------| | Keycloak | ✅ | Client authenticator must be set to "Client id and secret" | | Casdoor | ✅ | Code challenge must be set to S256 or PKCE should be disabled |

Requirements

Other extensions may be required due to third party dependencies. Check what composer says to know more.

To make JWT operations faster you'll need the gmp or bcmath extension. Read here for more.

Implemented OpenID Connect features

The extension relies on maicol07/oidc-client-php, a heavenly modified fork of JuliusPC/OpenID-Connect-PHP. You can see a list of OIDC drafts and documents that have been implemented. However, the following features aren't already implemented in the extension at the time of writing (v3.0) and they can't be set/used:

How does it work?

The extension uses the authorization code flow variant of OpenID Connect. I suggest checking these resources to learn more about OIDC flow here:

Will it work on WordPress and other CMS?

Yes, as long as you're using a plugin that provides OpenID Connect features. For WordPress, you can try this one (not tested): https://wordpress.org/plugins/miniorange-oauth-20-server/

Installation

  1. Be sure to check Extiverse instructions in your subscriptions page on how to install a premium extension via composer.json 2Install by executing the command below and activate the extension in Flarum Administration area.
composer require maicol07/flarum-oidc-client:*

⚠️ PHP versions support/drop notice

PHP versions will be supported until its EOL. If Flarum core changes PHP version before the official EOL, I'll update too the version accordingly to what they have chosen.

Upgrading

Upgrade by executing the command below, like with every other extension.

composer update maicol07/flarum-oidc-client:*

Contact/Help

Since this is a premium extension, you also have premium support. So I'll help you in every error you're facing. You can contact me using the following services:

Links

© 2024 Hyn by Daniël "Luceos" Klabbers. All rights reserved. · Extensions and extension information is provided by the respective (copyright holding) authors. · Extiverse is not affiliated to the Flarum project or Flarum foundation. · Images on Extiverse pages are from Unsplash.