User Authorization through HTTPS

Discussion forum for Extension Writers regarding Extension Development.
Post Reply
User avatar
Jur_
Registered User
Posts: 6
Joined: Wed Oct 22, 2014 9:17 am

User Authorization through HTTPS

Post by Jur_ »

Hello! I'm new to development in phpBB as we're about to start using a phpBB forum. In case I've missed any documentation or otherwise, please don't hesitate to tell me. (I've had some experience as a user though)

My purpose is to authorize users through an external website/userbase using HTTPS (SSL/TLS). We have a central webserver with CA certificates where the login credentials can be checked before the user logs in (or ideally is created automatically when he doesn't exist yet).

The feature highlights for 3.1 mentions OAuth and the alternative to create your own external checking mechanisms through extensions.
When looking for information I found the following (probably outdated?) description from phpBB itself: https://wiki.phpbb.com/Authentication_plugins

Some questions:
I was wondering if there is a similar explanation using the new extensions and the alternatives to the OAuth extension?
Do the same methods still apply as in the plugin description or in which way can I otherwise hook on to the login methods/replace the validation mechanism?

Thank you for your time ;)

edit: for clarity: Authentication would be the first step for now, later possibly deriving special forum rights through authorization using a (our) REST service behind the HTTPS connection
User avatar
Jur_
Registered User
Posts: 6
Joined: Wed Oct 22, 2014 9:17 am

Re: User Authorization through HTTPS

Post by Jur_ »

a little bump and some more information: I've been able to authenticate from Mediawiki through this extension plugin. I had to adjust the code a little to get it to work, but it runs on both IIS and Apache servers.

I'm looking to do the same with our phpBB forum. Any idea where I can hook such an authentication method to the phpBB forum? :-)
Khaos-Rage
Registered User
Posts: 71
Joined: Sun Jul 13, 2008 4:31 am

Re: User Authorization through HTTPS

Post by Khaos-Rage »

Just some quick poking around the github repo and I think you would need to look here (auth directory) and here(auth.yml).

And then select the auth method used in the ACP under General -> Client Communications-> Authentication

I'm not sure if that is all that is needed but just a quick look.
User avatar
Jur_
Registered User
Posts: 6
Joined: Wed Oct 22, 2014 9:17 am

Re: User Authorization through HTTPS

Post by Jur_ »

Thanks for pointing in the right direction. I'll check it out straight away
User avatar
Jur_
Registered User
Posts: 6
Joined: Wed Oct 22, 2014 9:17 am

Re: User Authorization through HTTPS

Post by Jur_ »

Alright, I've found the files have tried adding my own plugin, but I'm not getting the changes in the YAML file (config/auth.yaml) to appear in the ACP (under Client Communications > Authentication)

I've also found an actual document on adding your own authentication providers:
https://wiki.phpbb.com/Authentication_providers

For simplicity I've tried to create a copy entry of the ldap option and simply rename it to see if I could get things to work (for the dependency injection):

Code: Select all

    [...]

    auth.provider.test:
        class: phpbb\auth\provider\test
        arguments:
            - @dbal.conn
            - @config
            - @passwords.manager
            - @user
        tags:
            - { name: auth.provider }

    auth.provider.ldap:
        class: phpbb\auth\provider\ldap
        arguments:
            - @dbal.conn
            - @config
            - @passwords.manager
            - @user
        tags:
            - { name: auth.provider }
            
        [...]
 
and simply copied and renamed the ldap.php to test.php and adjusted + simplified it. According to this article the yaml files are initialized lazy and read only when requested, which would make me expect to see them at least on a new login:
https://wiki.phpbb.com/Dependency_Injection_Container

Any ideas why I'm not seeing the option in the ACP menu?
User avatar
imkingdavid
Former Team Member
Posts: 2673
Joined: Sun Jul 26, 2009 7:59 pm
Location: EST
Name: David King

Re: User Authorization through HTTPS

Post by imkingdavid »

Just a thought, make sure you've cleared the cache. I don't remember exactly how that dropdown is populated, but it might be pulling from the list of services, which gets cached.
Don't forget to smile today. :)
Please do NOT contact for support via PM or email.
User avatar
Jur_
Registered User
Posts: 6
Joined: Wed Oct 22, 2014 9:17 am

Re: User Authorization through HTTPS

Post by Jur_ »

imkingdavid wrote:Just a thought, make sure you've cleared the cache. I don't remember exactly how that dropdown is populated, but it might be pulling from the list of services, which gets cached.
Awesome thanks, That did the trick!

I feel a bit silly for overlooking the option in the ACP, but at least I can continue with the auth plugin :lol:
User avatar
imkingdavid
Former Team Member
Posts: 2673
Joined: Sun Jul 26, 2009 7:59 pm
Location: EST
Name: David King

Re: User Authorization through HTTPS

Post by imkingdavid »

No problem, glad to help!
Don't forget to smile today. :)
Please do NOT contact for support via PM or email.
User avatar
Jur_
Registered User
Posts: 6
Joined: Wed Oct 22, 2014 9:17 am

Re: User Authorization through HTTPS

Post by Jur_ »

I've extended the wiki with some of the things I've learned. Including purging the cache and adding forms for configuring the auth provider from the ACP:

https://wiki.phpbb.com/Authentication_providers
Post Reply

Return to “Extension Writers Discussion”