====== OAuth for Dokuwiki ======

This is the //simple// version of the [[dokuoauth]] plugin.

It implements basic [[http://oauth.net|oAuth]] support for [[http://dokuwiki.org|DokuWiki]] using **hardcoded** tokens instead of the whole oauth-flow. It's mainly intended as example while the [[dokuoauth]] plugin is being developed.

The plugin is symmetric: It authenticates OAuth signed requests to dokuwiki as well as adds an oAuth signature to an outgoing request (feed, sync) to hosts for which tokens are defined.

===== Installation =====

  * Install (with plugin-manager): http://rg42.org/gitweb/?p=dokuoauth.git;a=snapshot;h=simple;sf=tgz&.tar.gz
  * Edit ''lib/plugins/dokuoauth/tokens.php'' with an editor.
  * Activate the plugin: Admin -> Configuration-editor -> DokuoAuth -> enable

===== Configuration =====
Example ''tokens.php'' 

<code php>
// oauth-consumer - outgoing requests - local=consumer
$oauth_providers=array(
    array(
        'host'             => "localhost",
        'user'             => "" , # if not empty only this user can use this token
        'key'              => "ctoken",
        'secret'           => "csecret",
        'token'            => "atoken",
        'token_secret'     => "asecret" ,
        'signature_method' => 'HMAC-SHA1'
    ),
);

// Oauth service provider - incoming requests - local=serviceprovider
$oauth_tokens=array(
    array(
        'key'              => "ctoken",
        'secret'           => "csecret",
        'token'            => "atoken",
        'token_secret'     => "asecret" ,
        'user'             => "me" # authenticate this user
    ),
    array(
        'key'              => "ct",
        'secret'           => "cs",
        'token'            => "at",
        'token_secret'     => "as" ,
        'user'             => "admin" # authenticate this user
    ),
);
</code>

The ''$oauth_providers'' is used for transparently signing outgoing requests. The Plugins intercepts requests via [[dw>devel:event:httpclient_request_send]], and adds an oauth-signature if the hostname matches 'host' and the current (local) user equals the given 'user' (unless 'user' is empty, in which case only the hostname is checked).

''$oauth_tokens'' are for incoming requests with an ''oauth_signature'' query parameter. If the tokens match and the signature is valid, the specified 'user' is automatically logged in for this request. It works for any HTTP request, though it's mainly intended for XMLRPC. 

There can be multiple ''$oauth_providers'' (for different hosts and users) as well as many ''$oauth_tokens'' (different users).

===== Examples and Testing =====

==== from dokuwiki ====

Add a feed to a private namespace to a wiki-page. The outgoing request (to retrieve the feed) will be signed,
and the signature will be used to authenticate against DokuWiki again.


  {{rss http://localhost/dokuwiki/feed.php?mode=list&ns=private}}

Make sure that the ''tokens.php'' on the server lists the ''host'' (here localhost) in ''$oauth_providers'' and the feed-source has the same tokens and a username that can read the private-namespace in ''$oauth_tokens''.

==== from the commandline ====
use ''oauthsign'' from [[oss:oauth:start|oauth-utils]].

  oauthsign -c ctoken -C csecret -t atoken -T asecret -x "http://localhost/dokuwiki/feed.php?mode=list&ns=private"

==== debugging ====

Enable the //debug Log// (Admin -> Configuration-editor -> DokuoAuth) and look in the ''/tmp/oAuth.debug'' file.

{{tag>dokuplugin floss www}}