GNUnet preparation ================== Setup zone for RP: gnunet-identity -C martin Extracted from OpenID connect button 'redirect_uri': http://127.0.0.1:9999/wp-admin/admin-ajax.php?action/openid-connect-authorize gnunet-namestore -a -z martin -n @ -t RECLAIM_OIDC_REDIRECT -V http://127.0.0.1:9999/wp-admin/admin-ajax.php?action=openid-connect-authorize -e 1h -p # Set name of Web site ("wootaler") to be shown to user: gnunet-namestore -a -z martin -n @ -t RECLAIM_OIDC_CLIENT -V wootaler -e 1h -p OIDC setup in WooCommerce ========================= Install OIDC plugin: sudo -u www-data wp --user=admin plugin install daggerhart-openid-connect-generic --activate Find existing settings: sudo -u www-data wp --user=admin option list Configuration: 1) OpenID client ID is public key of identity: $ gnunet-identity -d -e martin For example: 50BMJB6S9MV22BTG541G6XPQVNT7BNT7DZ3ZCCEZXFZPKV3915N0 2) Authorize Endpoint definieren im OpenID Connect Wordpress plugin zu ("Login Endpoint URL"): https://api.reclaim/openid/authorize 3) Specify client secret key: $ gnunet-config -s reclaim-rest-plugin -o OIDC_CLIENT_SECRET default is "secret" 4) OpenID scope: configure the list of desired attributes, i.e.: "openid profile email full_name given-name family-name organization country address-line1 address-line2 address-level2 address-level1 postal-code tel" NOTE: The 'oidc-woocommerce.php' contains the logic to convert OIDC profile data into the WooCommerce shopping form. 5) Token Validation Endpoint URL - where is the GNUnet REST API reachable: Default is: http://localhost:7776/openid/token 6) Userinfo Endpoint URL - similar: http://localhost:7776/openid/token/userinfo 7) Identity key: always "sub" 8) Nickname key: use "full_name" 9) Display name formatting: use "{full_name}" 10) Identify with username: check the box Reclaim setup ============= 1) Install re:claim plugin: https://addons.mozilla.org/en-US/firefox/addon/reclaimid/ 2) Connect GNUnet peers: Ensure both GNUnet peers (WooCommerce+Reclaim and locale GNUnet installation) are connected, or for trivial tests export the WooCommerce+Reclaim peer from qemu to the local host: set BIND_TO option of GNUnet REST service to 0.0.0.0. Integration Notes: ================== An action 'openid-connect-generic-register-login-form' was added to the OIDC plugin. This is needed to nicely integrate the OIDC plugin with WooCommerce using the 'oidc-woocommerce.php' snippet.