NAME

RT-Authen-OAuth2 - External authentication for OAuth 2 sources, like Google, X, Authentik, okta, GitHub, etc.

DESCRIPTION

External authentication for OAuth2 sources.

RT VERSION

Works with RT 4.4, 5, and 6.0

DEPENDENCIES

Requires Net::OAuth2::Profile::WebServer

INSTALLATION

perl Makefile.PL

make

make install

May need root permissions

Edit your /opt/rt4/etc/RT_SiteConfig.pm

Add this line:

Plugin('RT::Authen::OAuth2');

Add (at least) configuration options:

Set($OAuthIDP, 'your_idp_name');

Set(%OAuthIDPSecrets,
    'your_idp_name' => {
        client_id => '.....',
        client_secret => '.....',
    },
);

Set(%OAuthIDPOptions,
    ...
);

- Plus any additional options needed for specific IDPs.

- See OAuth2_Config.pm / perldoc OAuth2_Config.pm for examples and additional options.

OAuth2_Config.pm includes working examples for google, auth0, okta and authentik.

Clear your mason cache

rm -rf /opt/rt4/var/mason_data/obj

Restart your webserver

AUTHOR

Best Practical Solutions, LLC <modules@bestpractical.com>

BUGS

All bugs should be reported via email to

L<bug-RT-Authen-OAuth2@rt.cpan.org|mailto:bug-RT-Authen-OAuth2@rt.cpan.org>

or via the web at

L<rt.cpan.org|http://rt.cpan.org/Public/Dist/Display.html?Name=RT-Authen-OAuth2>.

LICENSE AND COPYRIGHT

This is free software, licensed under:

The GNU General Public License, Version 2, June 1991

METHODS

`RequestAuthorization()`

Creates an Authorization Request on behalf of the Resource Owner (user), and initiates the OAuth 2 protocol with the Authorization Server. The browser will redirect to the $OAuthRedirect endpoint specified in the config.

`LogUserIn()`

Called from the $OAuthRedirect endpoint handler element. Validates the user exists and is allowed to log in, auto-populates user metadata returned from the OAuth 2 server, and sets up a session. If successful, returns to the handler template element to redirect to the final destination.

`IDPLoginButtonImage()`

Returns the appropriate login button image for the active OAuth 2 server. This is displayed on the RT login page.

`IDPName()`

Returns the name configured for the active OAuth 2 provider.

`LogOutURL()`

Returns the appropriate logout URL active OAuth 2 server.

To install RT::Authen::OAuth2, copy and paste the appropriate command in to your terminal.

cpanm

cpanm RT::Authen::OAuth2

CPAN shell

perl -MCPAN -e shell
install RT::Authen::OAuth2

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)