Federated Wiki - Security Plug-in: OIDC (OpenID Connect)

This security plug-in allows you to sign-in with OpenID Connect providers such as PocketID, Keycloak or Authelia.

This plugin uses the preferred_username to check ownership, but displays the name to display who owns the wiki.

Configuration Options

To use this plugin, you must set the security_type to "oidc".

• oidc_clientID: The Client ID for your application. Required.
• oidc_clientSecret: The Client Secret for your application. Required.
• oidc_issuerBaseURL: The Base URL for the issuer. This is used to discover all other URLs. Required.
• secret: A long random string to derive keys from. Required.
• oidc_issuerName: The issuer name shown on the login button. Optional, defaults to "SSO".
• oidc_claimOnFirstLogin: Whether the first login on an un unclaimed wiki results in a claim. Optional, defaults to false.
• oidc_idpLogout: Whether to log out from the identity provider when logging out from the wiki. Providers like Pocket ID don't allow you to be redirected back if this is true. Optional, defaults to false

Development workflow

This project has a Makefile that encapsulates some of the common development tasks.

To help with development, you can to run the plugin in a local instance of wiki. You need to set the path of that using the WIKIDIR environment variable.

The Makefile assumes the wiki is in ../../vendor/wiki.

# If your wiki directory is elsehwere.
WIKIDIR=$HOME/workspace/wiki make link

The source needs to be built before it can be used. make build builds it.

Linking the project.

make link will create a link from this project to the local fedwiki instance, so it can load the latest version of your code.

Running the local Wiki.

make will run the wiki. make watch will rebuild the client on any change.

Code quality.

• Run tests with make test
• Format the code with make format
• Lint the code with make lint
• Generate typescript types with make types