Extension OAuth2

Title	OAuth2
Name	ckanext-oauth2
Type	Public extension
Description	OAuth2 Extension ermöglicht Site-Besuchern die Anmeldung über einen OAuth2-Server mit Unterstützung für verschiedene Identity Provider.
CKAN versions	~2.6.0,~2.7.0,~2.8.0 Show details These CKAN Versions are exactely matched: 2.6.0 2.6.1 2.6.2 2.6.3 2.6.4 2.6.5 2.6.6 2.6.7 2.6.8 2.6.9 2.7.0 2.7.1 2.7.10 2.7.11 2.7.12 2.7.2 2.7.3 2.7.4 2.7.5 2.7.6 2.7.7 2.7.8 2.7.9 2.8.0 2.8.1 2.8.10 2.8.11 2.8.12 2.8.2 2.8.3 2.8.4 2.8.5 2.8.6 2.8.7 2.8.8 2.8.9
Download-Url (zip)	https://github.com/conwetlab/ckanext-oauth2.git#egg=ckanext-oauth2
Last commit	6 years ago (2019-04-12 15:52:23)
Url to repo	https://github.com/conwetlab/ckanext-oauth2
Category	Authentication & Security

Description (long)	Show details The OAuth2 extension allows site visitors to login through an OAuth2 server. This extension supports integration with multiple OAuth2 providers including FIWARE KeyRock, Google, and other OAuth2-compliant services. Features include: automatic user creation on first login, token management with refresh capabilities, JWT token support, customizable authorization headers, configurable login/register/reset URLs, sysadmin group management, and secure HTTPS-only operation. The extension stores access tokens and refresh tokens in a dedicated database table and provides seamless integration with CKAN’s authentication system. Based on the idea proposed by Etalab.
Version	0.7.0
Version release date	2018-11-15
Contact name	Aitor Magán
Contakt email	amagan@conwet.com
Contact Url	(not set)

Configuration hints	Requires HTTPS for operation. Set OAUTHLIB_INSECURE_TRANSPORT=True for development/testing. Configure OAuth2 provider with callback URL: https://YOUR_CKAN_INSTANCE/oauth2/callback. Database table ‘user_token’ is automatically created. Supports environment variables for all configuration options.
Plugins to configure (ckan.ini)	oauth2
CKAN Settings (ckan.ini)	## OAuth2 configuration # ckan.oauth2.register_url = https://YOUR_OAUTH_SERVICE/users/sign_up # ckan.oauth2.reset_url = https://YOUR_OAUTH_SERVICE/users/password/new # ckan.oauth2.edit_url = https://YOUR_OAUTH_SERVICE/settings # ckan.oauth2.authorization_endpoint = https://YOUR_OAUTH_SERVICE/authorize # ckan.oauth2.token_endpoint = https://YOUR_OAUTH_SERVICE/token # ckan.oauth2.profile_api_url = https://YOUR_OAUTH_SERVICE/user # ckan.oauth2.client_id = YOUR_CLIENT_ID # ckan.oauth2.client_secret = YOUR_CLIENT_SECRET # ckan.oauth2.scope = profile other.scope # ckan.oauth2.rememberer_name = auth_tkt # ckan.oauth2.profile_api_user_field = JSON_FIELD_TO_FIND_THE_USER_IDENTIFIER # ckan.oauth2.profile_api_fullname_field = JSON_FIELD_TO_FIND_THE_USER_FULLNAME # ckan.oauth2.profile_api_mail_field = JSON_FIELD_TO_FIND_THE_USER_MAIL # ckan.oauth2.authorization_header = Authorization # ckan.oauth2.jwt.enable = false # ckan.oauth2.legacy_idm = false # ckan.oauth2.profile_api_groupmembership_field = # ckan.oauth2.sysadmin_group_name =
DB migration to be executed	(not set)