Even though there are many services that provides external authentication like ldap server, facebook api, etc; all of them share common authentication procedure issues. The idea of this plugin is to handle all this common details and call the specialized plugin to handle the specifics of each authentication.
In every external authentication environment there are the following requirements:
- Login interface: on the login page the user might be able to choose to login locally or select the external providers available.
- The user doesn't have a local account and try to log in through the external provider: in this scenario the user will try to login on Noosfero with his external account. In this case, the plugin must call the specific provider to perform the authentication. After the authentication ocurred, the plugin must create a new account and ask for the specific plugin to provide all already mapped attributes available to fill in the account information. In this scenario we already forecasted two public mehtods every authentication plugin must provide: #authenticate and #attributes_map.
- The user has a local account and try to log in through the external provider: in this scenario the user already created an account locally but is trying to authenticate through the external service. Noosfero must try to detect this by checking if the username or the email are already used, if so Noosfero offers the user the possibility of associating accounts by logging in locally or to choose other username or email.
- The user is already logged in and wants to associate his account with an external account: there must be an option on the user's control panel where he might be able to associate his local account with external accounts. The user chooses the provider and fill the in the provider's login and password. After successfully authenticated, Noosfero associates the accounts.
- Keep the authentication token: some external services provides an authentication token so that the user, logged on Noosfero account, might be able to perform actions over the external service. Noosfer must also save this token and, if possible or necessary, keep track of it's expiration time.
| Name || Custom Authentication |
| Name l10n || |
| Small Description || This plugin handles any custom external authentication. |
| Small Description l10n || |
| Features || |
| Status || Development |
| Source || |