forked from wekan/wekan
-
Notifications
You must be signed in to change notification settings - Fork 0
Oracle OIM
Lauri Ojansivu edited this page Oct 2, 2020
·
3 revisions
Here is a summary of code and changes by anonymous Wekan contributors and xet7:
- If the OAuth2 token doesn't contain the email address, Wekan raises an exception. The userinfo and servicedata were changed to avoid that.
- In the getToken function, OIM expects a POST request that contains OAUTH2_CLIENT_ID and OAUTH2_SECRET in its header. We fixed that.
- We also had to edit the app.js in order to put a custom "scope" value. But we think the target should be to be able to set this as an environment variable.
- Another point concerns OAUTH2_REQUEST_PERMISSION. It must be exactly
BDFUserProfile.me. xet7 hardcoded it in above commit atwekan/server/authentication.js - There is a problem in the code when email is null or empty. I know it might not be null but we have some situation where it is. xet7 maybe fixed it in above commit so that if email is missing, it takes that value from username. When logging into Wekan with OIDC, both username and email should be mapped to email.
- TODO: Testing does everything work with these changes.
Other OIDC settings are similar like in this wiki OAuth2, Google, Azure etc settings. Both username and email should be mapped to email.
sudo snap set wekan oracle-oim-enabled='true'
Unset Snap:
sudo snap unset wekan oracle-oim-enabled
- ORACLE_OIM_ENABLED=true
- About
- No UI major redesign
- Test Edge
- FAQ
- IRC FAQ - answers to questions asked at IRC
- Roadmap - board at Wekan demo
- Team
- Press
- Blog
- NOT related to Wekan
- Wekan vs Trello vs Restyaboard
- Features
- Custom Logo
- Gantt Chart
- Admin: Impersonate user
- Emoji etc syntax
- Numbered text syntax
- Time Tracking
- Subtasks <== Has fix
- Templates
- Archive and Delete
- Adding Users
- LDAP
- Keycloak
- Google login
- Azure
- OAuth2, Auth0, GitLab, RocketChat
- Oracle OIM on premise using OAuth2
- ADFS 4.0 using OAuth2 and OpenID
- Nextcloud
- CAS Please test
- SAML Please test
- IFTTT
- Custom Fields
- Due Date
- Forgot Password
- Requirements
- Translations
- Roadmap
- Fix Export board menu not visible on some boards
- Integrations
- RAM usage
- Demo
- Swimlane Documentation
- Wekan Markdown
- Download Wekan for various Platforms: Supported by xet7, Operating Systems, NAS, Cloud
- Example: New card with Python3 and REST API
- Python client to REST API
- Java
- Wekan Sandstorm cards to CSV using Python
- Excel and VBA
- Global Webhook
- Limiting Webhook data
- Receiving Webhooks
- Outgoing Webhook to Discord/Slack/RocketChat/Riot
- Outgoing Webhook to NodeRed
- Outgoing Webhook to PowerShell
- Security: Webhook and CA
- Outgoing Webhooks Data
- Outgoing Webhooks and Let's Encrypt
- Outgoing Webhooks Original Pull Request, multiple Webhooks, more parameters and response order