diff options
author | Christian Grothoff <christian@grothoff.org> | 2020-08-04 13:54:25 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2020-08-04 13:54:25 +0200 |
commit | ab73d4320c79633c4015232a8d8f0b27c405b968 (patch) | |
tree | 960c14e0da23d6d0f41fea75f90aeb4910b77540 | |
parent | 6fb1e4aeb076199a3f8f40d5c9028ee0d677cf51 (diff) | |
download | woocommerce-taler-ab73d4320c79633c4015232a8d8f0b27c405b968.tar.gz woocommerce-taler-ab73d4320c79633c4015232a8d8f0b27c405b968.tar.bz2 woocommerce-taler-ab73d4320c79633c4015232a8d8f0b27c405b968.zip |
auto-reclaim script
-rw-r--r-- | server-build/QEMU-autobuild/buildReclaim.sh | 63 | ||||
-rwxr-xr-x | server-build/QEMU-autobuild/buildWebstore.sh | 7 | ||||
-rwxr-xr-x | server-build/QEMU-autobuild/buildWooTalerServer.sh | 11 | ||||
-rw-r--r-- | server-build/my-simple-cdd/profiles/wootaler.packages | 2 | ||||
-rwxr-xr-x | server-build/my-simple-cdd/profiles/wootaler.postinst | 2 |
5 files changed, 85 insertions, 0 deletions
diff --git a/server-build/QEMU-autobuild/buildReclaim.sh b/server-build/QEMU-autobuild/buildReclaim.sh new file mode 100644 index 0000000..625d899 --- /dev/null +++ b/server-build/QEMU-autobuild/buildReclaim.sh @@ -0,0 +1,63 @@ +#!/bin/sh +set -eu + +## BEGIN configuration + +# Where is WooCommerce? +WOOHOST=http://127.0.0.1:9999 + +# Name of the shop for the user +SHOP_NAME="WooTaler Shop" + +# Ego of the zone for the RP in GNS +SHOP_ZONE=wootaler-shop + +# Which attributes does WooCommerce want from the IdP? +OIDC_SCOPE="openid profile email full_name" + +# URL where GNUnet REST service is listening for requests +GNUNET_REST="http://localhost:7776/openid/" + +## END configuration + +# Setup GNUnet REST credentials +OIDC_CLIENT_SECRET=`uuid` +gnunet-config -s reclaim-rest-plugin -o OIDC_CLIENT_SECRET -V "$OIDC_CLIENT_SECRET" + +# Start GNUnet +gnunet-arm -s + +# Setup Zone for RP +gnunet-identity -C "$SHOP_ZONE" +OIDC_CLIENT_IDENTITY=`gnunet-identity -dq -e $SHOP_ZONE` + +# Tell reclaim where the RP expects the authorization callback +gnunet-namestore -a -z "$SHOP_ZONE" -n @ -t RECLAIM_OIDC_REDIRECT -V ${WOOHOST}/wp-admin/admin-ajax.php?action=openid-connect-authorize -e 1h -p + +# Tell reclaim the name of the shop that asks for permissions (to be shown to the user) +gnunet-namestore -a -z "$SHOP_ZONE" -n @ -t RECLAIM_OIDC_CLIENT -V "$SHOP_NAME" -e 1h -p + +# Setup ReClaim as OIDC provider with WooCommerce +cd /var/www/wordpress + + +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings client_id "${OIDC_CLIENT_IDENTITY}" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings client_secret "${OIDC_CLIENT_SECRET}" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings scope "${OIDC_SCOPE}" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_login "https://api.reclaim/openid/authorize" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_userinfo "${GNUNET_REST}/userinfo" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_token "${GNUNET_REST}/token" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_end_session "" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings identity_key "sub" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings no_sslverify "1" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings nickname_key "full_name" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings displayname_format "{full_name}" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings identify_with_username "1" +sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings enable_logging "1" + + +sudo -u www-data wp --user=admin option +openid_connect_generic_settings +a:24:{s:10:"login_type";s:6:"button";s:9:"client_id";s:52:"50BMJB6S9MV22BTG541G6XPQVNT7BNT7DZ3ZCCEZXFZPKV3915N0";s:13:"client_secret";s:6:"secret";s:5:"scope";s:30:"openid +profile email +full_name";s:14:"endpoint_login";s:36:"https://api.reclaim/openid/authorize";s:17:"endpoint_userinfo";s:43:"http://localhost:7776/openid/token/userinfo";s:14:"endpoint_token";s:34:"http://localhost:7776/openid/token";s:20:"endpoint_end_session";s:33:"https://example.com/oauth2/logout";s:12:"identity_key";s:3:"sub";s:12:"no_sslverify";s:1:"1";s:20:"http_request_timeout";s:1:"5";s:15:"enforce_privacy";s:1:"0";s:22:"alternate_redirect_uri";s:1:"0";s:12:"nickname_key";s:9:"full_name";s:12:"email_format";s:7:"{email}";s:18:"displayname_format";s:11:"{full_name}";s:22:"identify_with_username";s:1:"1";s:16:"state_time_limit";s:0:"";s:19:"link_existing_users";s:1:"0";s:24:"create_if_does_not_exist";s:1:"1";s:18:"redirect_user_back";s:1:"0";s:18:"redirect_on_logout";s:1:"1";s:14:"enable_logging";s:1:"1";s:9:"log_limit";s:4:"1000";} diff --git a/server-build/QEMU-autobuild/buildWebstore.sh b/server-build/QEMU-autobuild/buildWebstore.sh index 1c8c933..a28fba5 100755 --- a/server-build/QEMU-autobuild/buildWebstore.sh +++ b/server-build/QEMU-autobuild/buildWebstore.sh @@ -178,8 +178,15 @@ EXECUTE stmt USING @name, @description, @code, "global", 10, 1, NOW(); EOF +# Configure gnutaler Plugin + sudo -u www-data wp wc --user=admin payment_gateway update gnutaler --enabled=true --settings='{"title":"GNU Taler","GNU_Taler_Backend_URL":"http:\/\/backend.demo.taler.net\/","GNU_Taler_Backend_API_Key":"Sandbox","Payment_url":"payto:\/\/x-taler-bank\/bank.demo.taler.net\/Merchant","merchant_name":"GNU Taler WooCommerce Demonstrator"}' + +# install OIDC plugin (needed for re:claimID integration) + +sudo -u www-data wp --user=admin plugin install daggerhart-openid-connect-generic --activate + echo echo '1. You must set up WooCommerce defaults. To do this:' echo ' a. Log into the WooTaler site in your host system at 127.0.0.1:9999/wp-admin/. as "admin" with passphrase "admin-pass"' diff --git a/server-build/QEMU-autobuild/buildWooTalerServer.sh b/server-build/QEMU-autobuild/buildWooTalerServer.sh index 30bcedf..e99707f 100755 --- a/server-build/QEMU-autobuild/buildWooTalerServer.sh +++ b/server-build/QEMU-autobuild/buildWooTalerServer.sh @@ -205,4 +205,15 @@ then woocommerce-taler/server-build/QEMU-autobuild/buildWebstore.sh fi +echo +read -e -r -p "Ready to setup Re:claim? ['y' continues] " -i "n" doReClaim +if [[ -z $doReClaim ]] +then + doReClaim="n" +fi +if [[ $doReclaim == "y" ]] +then + woocommerce-taler/server-build/QEMU-autobuild/buildReclaim.sh +fi + exit 0 diff --git a/server-build/my-simple-cdd/profiles/wootaler.packages b/server-build/my-simple-cdd/profiles/wootaler.packages index f507f3c..4a1b545 100644 --- a/server-build/my-simple-cdd/profiles/wootaler.packages +++ b/server-build/my-simple-cdd/profiles/wootaler.packages @@ -1,2 +1,4 @@ wget sudo +gnunet +uuid diff --git a/server-build/my-simple-cdd/profiles/wootaler.postinst b/server-build/my-simple-cdd/profiles/wootaler.postinst index f1033ce..0b8f04b 100755 --- a/server-build/my-simple-cdd/profiles/wootaler.postinst +++ b/server-build/my-simple-cdd/profiles/wootaler.postinst @@ -30,6 +30,8 @@ yes | tr y '\n' | woocommerce-taler/server-build/QEMU-autobuild/buildWooTalerSer yes | tr y '\n' | woocommerce-taler/server-build/QEMU-autobuild/buildWebstore.sh +yes | tr y '\n' | woocommerce-taler/server-build/QEMU-autobuild/buildReclaim.sh + # Clean up # rm -rf /tmp/woocommerce-taler.git |