diff options
Diffstat (limited to 'packages/wekan-accounts-oidc/README.md')
| -rw-r--r-- | packages/wekan-accounts-oidc/README.md | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/packages/wekan-accounts-oidc/README.md b/packages/wekan-accounts-oidc/README.md new file mode 100644 index 00000000..ce0b5738 --- /dev/null +++ b/packages/wekan-accounts-oidc/README.md @@ -0,0 +1,75 @@ +# salleman:accounts-oidc package + +A Meteor login service for OpenID Connect (OIDC). + +## Installation + + meteor add salleman:accounts-oidc + +## Usage + +`Meteor.loginWithOidc(options, callback)` +* `options` - object containing options, see below (optional) +* `callback` - callback function (optional) + +#### Example + +```js +Template.myTemplateName.events({ + 'click #login-button': function() { + Meteor.loginWithOidc(); + } +); +``` + + +## Options + +These options override service configuration stored in the database. + +* `loginStyle`: `redirect` or `popup` +* `redirectUrl`: Where to redirect after successful login. Only used if `loginStyle` is set to `redirect` + +## Manual Configuration Setup + +You can manually configure this package by upserting the service configuration on startup. First, add the `service-configuration` package: + + meteor add service-configuration + +### Service Configuration + +The following service configuration are available: + +* `clientId`: OIDC client identifier +* `secret`: OIDC client shared secret +* `serverUrl`: URL of the OIDC server. e.g. `https://openid.example.org:8443` +* `authorizationEndpoint`: Endpoint of the OIDC authorization service, e.g. `/oidc/authorize` +* `tokenEndpoint`: Endpoint of the OIDC token service, e.g. `/oidc/token` +* `userinfoEndpoint`: Endpoint of the OIDC userinfo service, e.g. `/oidc/userinfo` +* `idTokenWhitelistFields`: A list of fields from IDToken to be added to Meteor.user().services.oidc object + +### Project Configuration + +Then in your project: + +```js +if (Meteor.isServer) { + Meteor.startup(function () { + ServiceConfiguration.configurations.upsert( + { service: 'oidc' }, + { + $set: { + loginStyle: 'redirect', + clientId: 'my-client-id-registered-with-the-oidc-server', + secret: 'my-client-shared-secret', + serverUrl: 'https://openid.example.org', + authorizationEndpoint: '/oidc/authorize', + tokenEndpoint: '/oidc/token', + userinfoEndpoint: '/oidc/userinfo', + idTokenWhitelistFields: [] + } + } + ); + }); +} +``` |