OpenID Connect Provider
Allow XWiki to act as an OpenID Connect provider |
Type | JAR |
Category | |
Developed by | |
Rating | |
License | GNU Lesser General Public License 2.1 |
Table of contents
Description
Allow XWiki to act as an OpenID Connect provider.
Endpoints
Provider metadata
path: /oidc/
Authorization
path: /oidc/authorization
Entry point to authenticate a user and authorize the client to access the provider.
Supported methods:
Token
path: /oidc/token
Supported grand types:
- authorization_code: generate an access token from the the authorization code provided by the authorization endpoint
UserInfo
path: /oidc/userinfo
Return informations about the user.
Supported claims:
- core OpenID Connect claims
- xwiki_groups: the references of the groups of the user
- xwiki_user_<fieldname>: pattern used to access any field of the user document (search in the XWikiUsers object and then in the whole user document)
Customization
Templates
The provider use one template to display ask the user for his consent. This template can be overwritten trough the standard template system.
The name of the template is oidc/provider/consent.vm.
Prerequisites & Installation Instructions
We recommend using the Extension Manager to install this extension (Make sure that the text "Installable with the Extension Manager" is displayed at the top right location on this page to know if this extension can be installed with the Extension Manager).
You can also use the manual method which involves dropping the JAR file and all its dependencies into the WEB-INF/lib folder and restarting XWiki.
Dependencies
Dependencies for this extension (org.xwiki.contrib.oidc:oidc-provider 1.3.1):
- org.xwiki.platform:xwiki-platform-oldcore 7.4
- org.xwiki.platform:xwiki-platform-container-servlet 7.4
- org.xwiki.contrib.oidc:oidc-api 1.3.1
- com.nimbusds:oauth2-oidc-sdk 5.10-xwiki
- org.xwiki.platform:xwiki-platform-instance 7.4