Login via Odnoklassniki OAuth2 Identity Provider - OpenIdentityPlatform/OpenAM GitHub Wiki
Create Odnoklassniki Applicaton
Create Odnoklassniki application as described here https://apiok.ru/dev/app/create. After you create application you'll receive: Application ID, Application Key and Aplication Secret.
Setup OpenAM
Legacy UI
Login into console. Goto Access Control then select target realm. Goto Authentication
Create Authentication Module
Under section Module Instances create new Authentication Module. Enter new module instance name, for example odnoklassniki. Authentication module type is OAuth 2.0 / OpenID Connect
Then select module, you've just created from module list and enter following settings:
| Setting | Value |
|---|---|
| Client Id | Your Odnoklassniki Application Id |
| Client Secret | Your Odnoklassniki Application Secret |
| Authentication Endpoint URL | https://connect.ok.ru/oauth/authorize |
| Access Token Endpoint URL | https://api.ok.ru/oauth/token.do |
| User Profile Service URL | https://api.ok.ru/api/users/getCurrentUser |
| Scope | Here you should enter scope, according to Odnoklassniki documentation for example VALUABLE_ACCESS;LONG_ACCESS_TOKEN |
| OAuth2 Access Token Profile Service Parameter name | access_token |
| Proxy URL | [Your OpenAM URL]/oauth2c/OAuthProxy.jsp for example: https://openam.example.com/openam/oauth2c/OAuthProxy.jsp |
| Account Provider | org.forgerock.openam.authentication.modules.common.mapping.DefaultAccountProvider |
| Account Mapper | org.forgerock.openam.authentication.modules.common.mapping.JsonAttributeMapper |
| Account Mapper Configuration | Attribute configuration that will be used to map the account of the user authenticated in the OAuth 2.0 Provider to the local data store in the OpenAM. Example: uid=uid |
| Attribute Mapper | org.forgerock.openam.authentication.modules.common.mapping.JsonAttributeMapper |
| Attribute Mapper Configuration | Attribute configuration that will be used to map the user info obtained from the OAuth 2.0 Provider to the local user data store in the OpenAM. Example: first_name=cnlast_name=givenName |
| Custom Properties | Add Oddnoklassniki Application Key as ok-public-key property, for examplpe ok-public-key=AAAAAAAAAAAAAA |
You can setup remaining attributes on your own, depending your authentication process requirement and press Save and then Back to Authentication
Create Authentication Chain
Under section Authentication Chaining create new Authentication Chain, enter its name, for example, odnoklassniki and add recently created module odnoklassniki
Your authentication chain should look like this:
| Instance | Criteria | Options |
|---|---|---|
| odnoklassniki | Required |
Test your Authentication Chain
Goto [Your OpenAM URL]/UI/Login?org=[your org]&service=[ok auth chain], for example, http://example.openam.com/openam/UI/Login?org=/&service=odnoklassniki and you should see Odnoklassniki authentication dialog