summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-08-04 13:54:25 +0200
committerChristian Grothoff <christian@grothoff.org>2020-08-04 13:54:25 +0200
commitab73d4320c79633c4015232a8d8f0b27c405b968 (patch)
tree960c14e0da23d6d0f41fea75f90aeb4910b77540
parent6fb1e4aeb076199a3f8f40d5c9028ee0d677cf51 (diff)
downloadwoocommerce-taler-ab73d4320c79633c4015232a8d8f0b27c405b968.tar.gz
woocommerce-taler-ab73d4320c79633c4015232a8d8f0b27c405b968.tar.bz2
woocommerce-taler-ab73d4320c79633c4015232a8d8f0b27c405b968.zip
auto-reclaim script
Diffstat
-rw-r--r--server-build/QEMU-autobuild/buildReclaim.sh63
-rwxr-xr-xserver-build/QEMU-autobuild/buildWebstore.sh7
-rwxr-xr-xserver-build/QEMU-autobuild/buildWooTalerServer.sh11
-rw-r--r--server-build/my-simple-cdd/profiles/wootaler.packages2
-rwxr-xr-xserver-build/my-simple-cdd/profiles/wootaler.postinst2
5 files changed, 85 insertions, 0 deletions
diff --git a/server-build/QEMU-autobuild/buildReclaim.sh b/server-build/QEMU-autobuild/buildReclaim.sh
new file mode 100644
index 0000000..625d899
--- /dev/null
+++ b/server-build/QEMU-autobuild/buildReclaim.sh
@@ -0,0 +1,63 @@
+#!/bin/sh
+set -eu
+
+## BEGIN configuration
+
+# Where is WooCommerce?
+WOOHOST=http://127.0.0.1:9999
+
+# Name of the shop for the user
+SHOP_NAME="WooTaler Shop"
+
+# Ego of the zone for the RP in GNS
+SHOP_ZONE=wootaler-shop
+
+# Which attributes does WooCommerce want from the IdP?
+OIDC_SCOPE="openid profile email full_name"
+
+# URL where GNUnet REST service is listening for requests
+GNUNET_REST="http://localhost:7776/openid/"
+
+## END configuration
+
+# Setup GNUnet REST credentials
+OIDC_CLIENT_SECRET=`uuid`
+gnunet-config -s reclaim-rest-plugin -o OIDC_CLIENT_SECRET -V "$OIDC_CLIENT_SECRET"
+
+# Start GNUnet
+gnunet-arm -s
+
+# Setup Zone for RP
+gnunet-identity -C "$SHOP_ZONE"
+OIDC_CLIENT_IDENTITY=`gnunet-identity -dq -e $SHOP_ZONE`
+
+# Tell reclaim where the RP expects the authorization callback
+gnunet-namestore -a -z "$SHOP_ZONE" -n @ -t RECLAIM_OIDC_REDIRECT -V ${WOOHOST}/wp-admin/admin-ajax.php?action=openid-connect-authorize -e 1h -p
+
+# Tell reclaim the name of the shop that asks for permissions (to be shown to the user)
+gnunet-namestore -a -z "$SHOP_ZONE" -n @ -t RECLAIM_OIDC_CLIENT -V "$SHOP_NAME" -e 1h -p
+
+# Setup ReClaim as OIDC provider with WooCommerce
+cd /var/www/wordpress
+
+
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings client_id "${OIDC_CLIENT_IDENTITY}"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings client_secret "${OIDC_CLIENT_SECRET}"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings scope "${OIDC_SCOPE}"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_login "https://api.reclaim/openid/authorize"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_userinfo "${GNUNET_REST}/userinfo"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_token "${GNUNET_REST}/token"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_end_session ""
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings identity_key "sub"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings no_sslverify "1"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings nickname_key "full_name"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings displayname_format "{full_name}"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings identify_with_username "1"
+sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings enable_logging "1"
+
+
+sudo -u www-data wp --user=admin option
+openid_connect_generic_settings
+a:24:{s:10:"login_type";s:6:"button";s:9:"client_id";s:52:"50BMJB6S9MV22BTG541G6XPQVNT7BNT7DZ3ZCCEZXFZPKV3915N0";s:13:"client_secret";s:6:"secret";s:5:"scope";s:30:"openid
+profile email
+full_name";s:14:"endpoint_login";s:36:"https://api.reclaim/openid/authorize";s:17:"endpoint_userinfo";s:43:"http://localhost:7776/openid/token/userinfo";s:14:"endpoint_token";s:34:"http://localhost:7776/openid/token";s:20:"endpoint_end_session";s:33:"https://example.com/oauth2/logout";s:12:"identity_key";s:3:"sub";s:12:"no_sslverify";s:1:"1";s:20:"http_request_timeout";s:1:"5";s:15:"enforce_privacy";s:1:"0";s:22:"alternate_redirect_uri";s:1:"0";s:12:"nickname_key";s:9:"full_name";s:12:"email_format";s:7:"{email}";s:18:"displayname_format";s:11:"{full_name}";s:22:"identify_with_username";s:1:"1";s:16:"state_time_limit";s:0:"";s:19:"link_existing_users";s:1:"0";s:24:"create_if_does_not_exist";s:1:"1";s:18:"redirect_user_back";s:1:"0";s:18:"redirect_on_logout";s:1:"1";s:14:"enable_logging";s:1:"1";s:9:"log_limit";s:4:"1000";}
diff --git a/server-build/QEMU-autobuild/buildWebstore.sh b/server-build/QEMU-autobuild/buildWebstore.sh
index 1c8c933..a28fba5 100755
--- a/server-build/QEMU-autobuild/buildWebstore.sh
+++ b/server-build/QEMU-autobuild/buildWebstore.sh
@@ -178,8 +178,15 @@ EXECUTE stmt USING @name, @description, @code, "global", 10, 1, NOW();
EOF
+# Configure gnutaler Plugin
+
sudo -u www-data wp wc --user=admin payment_gateway update gnutaler --enabled=true --settings='{"title":"GNU Taler","GNU_Taler_Backend_URL":"http:\/\/backend.demo.taler.net\/","GNU_Taler_Backend_API_Key":"Sandbox","Payment_url":"payto:\/\/x-taler-bank\/bank.demo.taler.net\/Merchant","merchant_name":"GNU Taler WooCommerce Demonstrator"}'
+
+# install OIDC plugin (needed for re:claimID integration)
+
+sudo -u www-data wp --user=admin plugin install daggerhart-openid-connect-generic --activate
+
echo
echo '1. You must set up WooCommerce defaults. To do this:'
echo ' a. Log into the WooTaler site in your host system at 127.0.0.1:9999/wp-admin/. as "admin" with passphrase "admin-pass"'
diff --git a/server-build/QEMU-autobuild/buildWooTalerServer.sh b/server-build/QEMU-autobuild/buildWooTalerServer.sh
index 30bcedf..e99707f 100755
--- a/server-build/QEMU-autobuild/buildWooTalerServer.sh
+++ b/server-build/QEMU-autobuild/buildWooTalerServer.sh
@@ -205,4 +205,15 @@ then
woocommerce-taler/server-build/QEMU-autobuild/buildWebstore.sh
fi
+echo
+read -e -r -p "Ready to setup Re:claim? ['y' continues] " -i "n" doReClaim
+if [[ -z $doReClaim ]]
+then
+ doReClaim="n"
+fi
+if [[ $doReclaim == "y" ]]
+then
+ woocommerce-taler/server-build/QEMU-autobuild/buildReclaim.sh
+fi
+
exit 0
diff --git a/server-build/my-simple-cdd/profiles/wootaler.packages b/server-build/my-simple-cdd/profiles/wootaler.packages
index f507f3c..4a1b545 100644
--- a/server-build/my-simple-cdd/profiles/wootaler.packages
+++ b/server-build/my-simple-cdd/profiles/wootaler.packages
@@ -1,2 +1,4 @@
wget
sudo
+gnunet
+uuid
diff --git a/server-build/my-simple-cdd/profiles/wootaler.postinst b/server-build/my-simple-cdd/profiles/wootaler.postinst
index f1033ce..0b8f04b 100755
--- a/server-build/my-simple-cdd/profiles/wootaler.postinst
+++ b/server-build/my-simple-cdd/profiles/wootaler.postinst
@@ -30,6 +30,8 @@ yes | tr y '\n' | woocommerce-taler/server-build/QEMU-autobuild/buildWooTalerSer
yes | tr y '\n' | woocommerce-taler/server-build/QEMU-autobuild/buildWebstore.sh
+yes | tr y '\n' | woocommerce-taler/server-build/QEMU-autobuild/buildReclaim.sh
+
# Clean up
# rm -rf /tmp/woocommerce-taler.git
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-13 10:01:17 +0000