Skip to content
This repository has been archived by the owner on Apr 24, 2018. It is now read-only.

Setup

Jump to bottom
rugk edited this page Jun 7, 2017 · 6 revisions

How to setup this add-on

1. Installation

  1. Download and install this add-on.
  2. Go to the ACP setting "Threema Gateway". It is very likely that you see at least one error message at the top.
  3. These error messages should vanish when you are finished with the setup. You can reload the site at any time to see what is still missing.
  4. Note that at this point of time no 2FA method is activated and your users should not notice any difference.*
  5. At this point you have to decide whether you want to use the basic mode or the end-to-end mode of the Threema Gateway. The latter is recommend as it not only provides more security, but it also allows XenForo to receive messages, which is required by some 2FA modes.
  6. When you want to use the basic mode create this ID on https://gateway.threema.ch and continue with step 3.
  7. When you want to use the end-to-end encrypted mode continue with the next step.
  8. You should now install libsodium. There are different ways to do this. One way is e.g. described on the official libsodium site. Some others are explained in this guide.
    You also need to install a php-binding for libsodium. This is described in step one of the "generate a new key pair" guide.
    If you are using a shared hoster, please ask them to install it for you. There is a also the chance that this library has already been installed by your hoster.

* It has to be said that your users could already see a minor difference: The custom user field for their Threema ID is already added. But this should not cause any inconveniences as by default only the format of the input is checked.

2. Threema Gateway setup

  1. If you installed everything correctly you should already see no error messages in the ACP anymore. Now you need to generate your private key.
  2. On your server navigate to library/ThreemaGateway/threema-msgapi-sdk-php in the installation of XenForo. Now continue with step 4 of the official guide to create a public and private key.
  3. Protect your private key file, so it is only readable by the process running PHP/XenForo and no other server user can read your private key file.
    Make sure users cannot access the file by browsing to your domain and requesting it like this: http(s)://example.com/library/ThreemaGateway/threema-msgapi-sdk-php/privateKey.txt
    When using Apache this is usually automatically prevented as XenForo protects the library directory.
  4. Also follow step 5 to request a new Gateway ID on https://gateway.threema.ch.

3. Continue setup with approved Gateway ID

  1. When you got your (approved) Gateway ID, please go back to the ACP and enter the Gateway ID and the Gateway ID secret there.
  2. Select the mode you used for your ID.
  3. If you used the end-to-end encrypted mode you also have to add the path to your private key into the input box under the "operation mode". When you followed the guide above and did not move the private key file to another location the path might e.g. be this one: threema-msgapi-sdk-php/privateKey.txt
  4. Now save your changes and when everything worked you should not see any error messages in the status area. Additionally you should be able to see your credits count there.

4. Enable two-factor-authentication

When everything is correct, you can enable the two-factor-authentication modes. To do this go to "Threema Gateway - Two-factor-authentication" and activate the modes you want to make available for your users.

Clone this wiki locally