oauth Drupal 7

Prerequested: - SSL ceriticate for oAuth Provider. - oAuth Consumers (the websites that can login)
This is only an Identity and Authentication setup, no Authorization. (a.k.a. no Roles are assigned) Setup on Provider: - SSL Website
- Modules: oauth2_server, openid_connect_sso
- Config:
-- admin/structure/oauth2-servers =>
{
  "name" : "main",
  "label" : "Main",
  "settings" : {
    "enforce_state" : true,
    "default_scope" : "basic",
    "allow_implicit" : 0,
    "use_openid_connect" : 1,
    "use_crypto_tokens" : 0,
    "grant_types" : {
      "authorization_code" : "authorization_code",
      "client_credentials" : "client_credentials",
      "refresh_token" : "refresh_token",
      "password" : "password",
      "urn:ietf:params:oauth:grant-type:jwt-bearer" : 0
    },
    "always_issue_new_refresh_token" : 1,
    "unset_refresh_token_after_use" : 1,
    "access_lifetime" : "3600",
    "id_lifetime" : "3600",
    "refresh_token_lifetime" : "1209600",
    "require_exact_redirect_uri" : 0
  },
  "scopes" : [
    {
      "name" : "openid",
      "description" : "Know who you are on oauth-provider.040lab.com"
    },
    {
      "name" : "offline_access",
      "description" : "Access the API when you\u0027re not present."
    },
    { "name" : "email", "description" : "View your email address." },
    {
      "name" : "profile",
      "description" : "View basic information about your account."
    },
    { "name" : "basic", "description" : "Default Basic" }
  ]
}
-- Config: admin/structure/oauth2-servers/manage/main/clients
Array(
['label']=>"OpenId",
['Client ID']=>"040lab_user",
['Require a client secret']=>true,
['Client secret']=>"ItsPeanuteButterYellieTime"
['Redirect URIs']=>"https://oauth-provider.040lab.com/openid-connect/generic
 
",
);

And on the Clients you get: - Config: admin/config/services/openid-connect
array(
 ['generic']=>true,
 ['Client ID']=>"040lab_user",
 ['Client secret'] =>"ItsPeanuteButterYellieTime",
 ['Authorization endpoint']=>"https://oauth-provider.040lab.com/oauth2/authorize",
 ['Token endpoint']=>"https://oauth-provider.040lab.com/oauth2/token",
 ['UserInfo endpoint']=>"https://oauth-provider.040lab.com/oauth2/UserInfo",
['Save user claims on every login']=>true,
);
Youtube Commerceguys Tech talk Video Note: Use the Dev variants of these modules due to implemenation issues.

 

Bloemfonteinstraat 62, 
    room 1,2,9
5642 EH Eindhoven
phone: +316-81888456