OAuth / OpenID Connect Single Sign-On (SSO) into Joomla using Google Apps | Google Apps SSO Login




What is OAuth / OpenID?


OAuth Server / OpenID Connect Server (OAuth 2.0 Server) also known as Authorization Server, It is the modern standard for securing access to APIs & implements network protocol flows which allow a client (OAuth Client) to act on behalf of a user. OAuth Server allows clients to verify the identity of end-users based on the authentication performed by an Authorization Server and also to obtain basic profile (Scope) information about the end-users in an interoperable and REST-like manner.


How does OAuth / OpenID work?


OAuth 2.0 Server is used to set up any Application as Identity Server to allow users to Single Sign-On / Login into their client site/application with login using OAuth / OpenID Connect protocol flows. The primary goal of this OAuth 2.0 server/Oauth Provider is to allow users to interact with multiple apps without requiring them to store sensitive credentials. You can easily configure an OAuth 2.0/OpenID Connect server to protect your API with access tokens, or allow clients to request new access tokens and refresh them.


Joomla OAuth & OpenID Connect Single Sign-On (SSO) plugin enables secure login into Joomla using Google Apps as OAuth and OpenID Connect provider. You can also configure the plugin using different Oauth providers such as Azure B2C, Office 365, and other custom providers. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, Role mapping, multi-tenant login, etc. Here we will go through a guide to configure SSO between Joomla and Google Apps. By the end of this guide, users should be able to login to Joomla from Google Apps.

click here to know more about other features we provide in Joomla OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin

Step 1: Steps to Configure Google Apps as an OAuth Server

  • Go to https://console.developers.google.com/ and sign up/login.
  • Click on Select Project to create a new Google Apps Project.
  • Joomla Google Apps OAuth SSO, Apps Project
  • Click on NEW PROJECT to create a new project or else select one from the existing projects.
  • Joomla Google Apps OAuth SSO, create a new project
  • Enter your Project name under the Project Name field.
  • Joomla Google Apps OAuth SSO, Project Name field
  • Now, again click on Select a Project (highlighted in the image below) and select the newly created Project by clicking on the project name that you entered in the previous step.
  • Joomla Google Apps OAuth SSO, Select a Project
  • Click on ENABLE APIS AND SERVICES to enable Google PLUS API.
  • Joomla Google Apps OAuth SSO, ENABLE option
  • Search for Google PLUS API in the search bar and click on Google+ API from the search results.
  • Joomla Google Apps OAuth SSO, PLUS API
  • Click on the ENABLE option to enable Google+ API.
  • Joomla Google Apps OAuth SSO, ENABLE APIS AND SERVICES
  • Go to Navigation Menu APIs & Services Credentials.
  • Joomla Google Apps OAuth SSO, Navigation Menu
  • Click on Create Credentials button and then select OAuth Client ID from the options provided.
  • Joomla Google Apps OAuth SSO, Create Credentials
  • In case you are facing some warning saying that in order to create an OAuth Client ID, you must set a product name on consent screen (as shown in below image). Click on the Configure consent screen button.
  • Joomla Google Apps OAuth SSO, Configure consent screen
  • Enter your product name under the Product Name Shown to Users field. Click on the SAVE button to save your settings.
  • Joomla Google Apps OAuth SSO, product name
  • Select Web Applicationfrom the options below Application Type. Enter the name you want for your Client ID under the name field and enter the Redirect/Callback URI from miniOrange OAuth Client plugin/module under the Authorized redirect URIs field.
  • Joomla Google Apps OAuth SSO, Redirect/Callback URI
  • Click on the SAVE button to save your configurations.
  • Copy your Client ID and Client Secret and save it on your miniOrange OAuth Client plugin Configuration.
  • Joomla Google Apps OAuth SSO, Client ID and Client Secret

    Google Endpoints and Scope:


    Client ID : See Above
    Client Secret : See Above
    Scope: Openid email Profile
    Authorize Endpoint: https://accounts.google.com/o/oauth2/auth
    Access Token Endpoint: https://www.googleapis.com/oauth2/v4/token
    Get User Info Endpoint: https://www.googleapis.com/oauth2/v1/userinfo

    Congratulations, you have successfully completed your Google App OAuth Server side configurations.

Step 2: Configure miniOrange Joomla OAuth Client plugin.

  • Download the zip file for the miniOrange OAuth Client plugin for Joomla from the link here.
  • oauth provider the zip for Joomla
  • Login into your Joomla site’s administrator console.
  • Go to Extension Manage Install in the top navigation bar to install the plugin.
  • joomla oauth provider plugin
  • Upload the downloaded zip file to install the OAuth Client plugin.
  • joomla oauth provider zip
  • Navigate to Extensions Manage Manage and search for miniorange in the Search bar provided to see the list of the components.
  • Go to Components MiniOrange OAuth Client in the top navigation bar to go to the configuration page of the plugin.
  • joomla oauth provider OAuth Client
  • Register/ Login with miniOrange.
  • Go to the Configure OAuth tab in the plugin. FIll in the details you received from your OAuth Provider and click on the Save Settings button.
  • joomla oauth provider OAuth tab

    Select your OAuth Provider from the Select Application dropdown. In case your OAuth Provider is not listed in the drop down, please select Custom OAuth Provider to continue.

  • Copy the Redirect/Callback URL given in the plugin and save it in your OAuth Provider.
  • Click on the Test Configuration button and copy the email and name attributes and save these attributes in Email Attribute and Name Attribute text field respectively. Now click on the Save Attribute Mapping button to save your configurations.
  • joomla oauth provider Application joomla oauth provider Attribute Mapping
  • Add a button on your site login page with the following URL:your_home_page/base_url/?morequest=oauthredirect&app_name=xxxxxxxxx
  • You would find appropriate URL in Instructions to configure in the bellow section of Attribute Mapping (After completing test configuration please choose URL and Add a button on your site login page).

  • Now logout and go to your site. You will see a login link where you placed that button.
  • Click on the Licensing Plans Tab to check out our complete list of features and various licensing plans.
  • In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support dialog box in the Account Setup and Configure OAuth tabs.
  • joomla oauth provider server sso submit query

    Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your desired OAuth Provider. In case you have any questions in mind, you can always mail us at joomlasupport@xecurify.com .

Free Trial

If you are looking for anything which you cannot find, please drop us an email on joomlasupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com