Add KeksAccount Stuff and hack

.gitignore

@@ -0,0 +1 @@
+.idea

classes/AbstractAdapter.php

@@ -102,6 +102,7 @@ abstract class AbstractAdapter {
 
             if(!$INPUT->get->has('code')) return false;
             $state = $INPUT->get->str('state', null);
+            $state = null;
 
             try {
                 $this->oAuth->requestAccessToken($INPUT->get->str('code'), $state);

classes/KeksAccountAdapter.php

@@ -0,0 +1,55 @@
+<?php
+
+namespace OAuth\Plugin;
+
+/**
+ * Class DoorkeeperAdapter
+ *
+ * This is an example on how to implement your own adapter for making DokuWiki login against
+ * a custom oAuth provider. The used Generic Service backend expects the authorization and
+ * token endpoints to be configured in the DokuWiki backend.
+ *
+ * Your custom API to access user data has to be implemented in the getUser function. The one here
+ * is setup to work with the demo setup of the "Doorkeeper" ruby gem.
+ *
+ * @link https://github.com/doorkeeper-gem/doorkeeper
+ * @package OAuth\Plugin
+ */
+class KeksAccountAdapter extends AbstractAdapter {
+
+    /**
+     * Retrieve the user's data
+     *
+     * The array needs to contain at least 'user', 'mail', 'name' and optional 'grps'
+     *
+     * @return array
+     */
+    public function getUser() {
+        global  $conf;
+
+        $JSON = new \JSON(JSON_LOOSE_TYPE);
+        $data = array();
+
+        /** var OAuth\OAuth2\Service\Generic $this->oAuth */
+        #var_dump($conf["plugin"]["oauth"]);exit();
+        $result = $JSON->decode($this->oAuth->request($conf["plugin"]["oauth"]["keksaccount-userprofile"]));
+
+
+        $data['user'] = $result["username"];
+        $data['name'] = $result["username"];
+        $data['mail'] = $result['email'];
+
+        return $data;
+    }
+
+    /**
+     * We make use of the "Generic" oAuth 2 Service as defined in
+     * phpoauthlib/src/OAuth/OAuth2/Service/Generic.php
+     *
+     * @return string
+     */
+    public function getServiceName() {
+        return 'Generic';
+    }
+
+}

conf/default.php

@@ -5,29 +5,12 @@
  * @author Andreas Gohr <andi@splitbrain.org>
  */
 
-$conf['auth0-key']           = '';
-$conf['auth0-secret']        = '';
-$conf['auth0-domain']        = '';
+
 $conf['custom-redirectURI']  = '';
-$conf['facebook-key']        = '';
-$conf['facebook-secret']     = '';
-$conf['github-key']          = '';
-$conf['github-secret']       = '';
-$conf['google-key']          = '';
-$conf['google-secret']       = '';
-$conf['dataporten-key']      = '';
-$conf['dataporten-secret']   = '';
-$conf['keycloak-key']        = '';
-$conf['keycloak-secret']     = '';
-$conf['keycloak-authurl']    = 'https://keycloak.example.com/auth/realms/{realm}/protocol/openid-connect/auth';
-$conf['keycloak-tokenurl']   = 'https://keycloak.example.com/auth/realms/{realm}/protocol/openid-connect/token';
-$conf['keycloak-userinfourl'] = 'https://keycloak.example.com/auth/realms/{realm}/protocol/openid-connect/userinfo';
-$conf['yahoo-key']           = '';
-$conf['yahoo-secret']        = '';
-$conf['doorkeeper-key']      = '';
-$conf['doorkeeper-secret']   = '';
-$conf['doorkeeper-authurl']  = 'https://doorkeeper-provider.herokuapp.com/oauth/authorize';
-$conf['doorkeeper-tokenurl'] = 'https://doorkeeper-provider.herokuapp.com/oauth/token';
-$conf['mailRestriction']     = '';
-$conf['singleService']       = '';
+$conf['keksaccount-key']  = '';
+$conf['keksaccount-secret']  = '';
+$conf['keksaccount-authurl']  = 'https://account.keks.cloud/gitlab/oauth/authorize';
+$conf['keksaccount-tokenurl']  = 'https://account.keks.cloud/gitlab/oauth/token';
+$conf['keksaccount-userprofile']  = 'https://account.keks.cloud/gitlab/api/v4/user';
 $conf['register-on-auth']    = 0;
+$conf['keksaccount-enabled'] = 0;

conf/metadata.php

@@ -26,39 +26,11 @@ class setting_plugin_oauth extends setting {
 }
 
 $meta['info']                = array('plugin_oauth');
-$meta['auth0-key']           = array('string');
-$meta['auth0-secret']        = array('string');
-$meta['auth0-domain']        = array('string');
+$meta['keksaccount-key']           = array('string');
+$meta['keksaccount-secret']        = array('string');
+$meta['keksaccount-authurl']        = array('string');
+$meta['keksaccount-tokenurl']        = array('string');
+$meta['keksaccount-userprofile']        = array('string');
 $meta['custom-redirectURI']  = array('string','_caution' => 'warning');
-$meta['facebook-key']        = array('string');
-$meta['facebook-secret']     = array('string');
-$meta['github-key']          = array('string');
-$meta['github-secret']       = array('string');
-$meta['google-key']          = array('string');
-$meta['google-secret']       = array('string');
-$meta['dataporten-key']      = array('string');
-$meta['dataporten-secret']   = array('string');
-$meta['keycloak-key']        = array('string');
-$meta['keycloak-secret']     = array('string');
-$meta['keycloak-authurl']    = array('string');
-$meta['keycloak-tokenurl']   = array('string');
-$meta['keycloak-userinfourl'] = array('string');
-$meta['yahoo-key']           = array('string');
-$meta['yahoo-secret']        = array('string');
-$meta['doorkeeper-key']      = array('string');
-$meta['doorkeeper-secret']   = array('string');
-$meta['doorkeeper-authurl']  = array('string');
-$meta['doorkeeper-tokenurl'] = array('string');
-$meta['mailRestriction']     = array('string','_pattern' => '!^(@[^,@]+(\.[^,@]+)+(,|$))*$!'); // https://regex101.com/r/mG4aL5/3
-$meta['singleService']       = array('multichoice',
-                                     '_choices' => array(
-                                         '',
-                                         'Auth0',
-                                         'Google',
-                                         'Dataporten',
-                                         'Facebook',
-                                         'Github',
-                                         'Yahoo',
-                                         'Doorkeeper',
-                                         'Keycloak'));
 $meta['register-on-auth']    = array('onoff','_caution' => 'security');
+$meta['keksaccount-enabled']    = array('onoff');

helper.php

@@ -141,6 +141,7 @@ class helper_plugin_oauth extends DokuWiki_Plugin {
      * @return array
      */
     public function getValidDomains() {
+        return [];
         if ($this->getConf('mailRestriction') === '') {
             return array();
         }

lang/en/settings.php

@@ -8,29 +8,9 @@
 
 $lang['info']            = 'Redirect URI to use when configuring the applications';
 $lang['custom-redirectURI'] = 'Use the following custom redirect URI';
-$lang['auth0-key']       = 'The Client ID of your registered <a href="https://manage.auth0.com/#/applications">Auth0 application</a>';
-$lang['auth0-secret']    = 'The Client Secret of your registered <a href="https://manage.auth0.com/#/applications">Auth0 application</a>';
-$lang['auth0-domain']    = 'The Domain of your registered <a href="https://manage.auth0.com/#/applications">Auth0 account</a>';
-$lang['facebook-key']    = 'The App ID of your registered <a href="https://developers.facebook.com/apps">Facebook application</a>';
-$lang['facebook-secret'] = 'The App Secret of your registered <a href="https://developers.facebook.com/apps">Facebook application</a>';
-$lang['github-key']      = 'The Client ID of your registered <a href="https://github.com/settings/applications">Github application</a>';
-$lang['github-secret']   = 'The Client Secret of your registered <a href="https://github.com/settings/applications">Github application</a>';
-$lang['google-key']      = 'The Client ID of your registered <a href="https://console.developers.google.com/project">Google Project</a> (see Credentials Screen)';
-$lang['google-secret']   = 'The Client Secret of your registered <a href="https://console.developers.google.com/project">Google Project</a> (see Credentials Screen)';
-$lang['dataporten-key']  = 'The Client ID of your registered <a href="https://dashboard.dataporten.no">Dataporten application</a>';
-$lang['dataporten-secret'] = 'The Client Secret of your registered <a href="https://dashboard.dataporten.no">Dataporten application</a>';
-$lang['keycloak-key']      = 'The resource id of your Keycloak application.';
-$lang['keycloak-secret']   = 'The Secret of your Keycloak Application.';
-$lang['keycloak-authurl']  = 'The authorization endpoint URL of your Keycloak setup.';
-$lang['keycloak-tokenurl'] = 'The access token endpoint URL of your Keycloak setup.';
-$lang['keycloak-userinfourl'] = 'The userinfo endpoint URL of your Keycloak setup.';
-$lang['mailRestriction']   = "Limit authentification to users from this domain (optional, must start with an <code>@</code>)";
-$lang['yahoo-key']       = 'The Consumer Key of your registered <a href="https://developer.apps.yahoo.com/dashboard/createKey.html">Yahoo Application</a>';
-$lang['yahoo-secret']    = 'The Consumer Secret of your registered <a href="https://developer.apps.yahoo.com/dashboard/createKey.html">Yahoo Application</a>';
-$lang['doorkeeper-key']      = '(Example) The Application ID of your registered Doorkeeper Application.';
-$lang['doorkeeper-secret']   = '(Example) The Secret of your registered Doorkeeper Application.';
-$lang['doorkeeper-authurl']  = '(Example) The authorization endpoint URL of your Doorkeeper setup.';
-$lang['doorkeeper-tokenurl'] = '(Example) The access token endpoint URL of your Doorkeeper setup.';
+$lang['keksaccount-key'] = 'App Key from keksAccount';
+$lang['keksaccount-secret'] = 'App Secret from keksAccount';
+$lang['keksaccount-url'] = 'URL of the keksAccount Server';
 $lang['singleService']            = 'Login with single oAuth service only (disables local logins!)';
 $lang['singleService_o_'] = 'Allow all services';
 $lang['register-on-auth'] = 'Register authenticated users even if self-registration is disabled in main configuration';