itk-dev / os2forms_nemlogin_openid_connect
os2forms_nemlogin_openid_connect
Installs: 1 746
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 1
Open Issues: 0
Type:drupal-module
Requires
- drupal/webform: ^6.0
- itk-dev/drupal_psr6_cache: ^1.0
- itk-dev/openid-connect: ^3.1
- os2web/os2web_nemlogin: ^1.2
- symfony/options-resolver: ^5.4 || ^6.0
Requires (Dev)
- dealerdirect/phpcodesniffer-composer-installer: ^0.7.1
- drupal/coder: ^8.3
- friendsoftwig/twigcs: ^6.0
- mglaman/drupal-check: ^1.4
README
Implements an OS2Web NemLog-in
AuthProvider,
OpenIDConnect, for
authenticating with OpenID Connect.
But allows for multiple of these to be defined eg. AD and NemLogin.
A controller,
OpenIDConnectController, takes
care of the actual authenticating.
Installation
composer require itk-dev/os2forms_nemlogin_openid_connect vendor/bin/drush pm:enable os2forms_nemlogin_openid_connect
The module has a soft dependency on os2forms_organisation in the sense that
the OrganisationEventSubscriber only will be initialized if the
os2forms_organisation module is installed. See the comments in
OrganisationEventSubscriber::getSubscribedEvents.
Configuration
Go to /admin/os2forms_nemlogin_openid_connect/settings to set up providers, eg.
openid_connect_nemlogin: OpenIDConnect Nemlogin openid_connect_ad: OpenIDConnect AD
and then go to /admin/config/system/os2web-nemlogin/«id» to set up the OpenID
Connect configuration.
You should then see the provider having status OK on
/admin/config/system/os2web-nemlogin.
Use on a webform
Edit a webform, go to Settings > Third Party Settings > OS2Forms > OS2Forms NemID settings and specify “Webform type”:
Authentication settings
When “Webform type” is specified it’s possible to add an authentication check on the form by requiring the value of a field (pre-filled with a value from a previous submission) to match the value of a specified user property.
Before using authentication checks, “User claims” available for the checks must
be defined on /admin/config/system/os2web-nemlogin/«id».
Edit a webform, go to Settings > Third Party Settings > OS2Forms > OS2Forms NemID settings > Authentication settings and define which “User claim” value must match a “Form element” value:
Note: The authentication check sits on top of the other access checks in OS2Forms, i.e. it does not itself grant access, but adds additional requirements that must be fulfilled before a user can fill in a form.
Local test
Authenticating with local test users can be enabled in settings.local.php:
// Enable local test mode $settings['os2forms_nemlogin_openid_connect']['local_test_mode'] = TRUE; // Define local test users // User id => user info (claims) $settings['os2forms_nemlogin_openid_connect']['local_test_users'] = [ '1234567890' => [ 'cpr' => '1234567890', 'name' => 'John Doe', ], 'another-user' => [ … ], ]; // Override settings for specific plugins: $settings['os2forms_nemlogin_openid_connect']['my-plugin-id']['local_test_mode'] = FALSE; // Define local test users // User id => user info (claims) $settings['os2forms_nemlogin_openid_connect']['another-plugin-id']['local_test_users'] = [ 'user087' => [ 'id' => 'user087', 'name' => 'User 87', ], ];