blob: 82a879f84f92ce656a3166cd3faf3c34acbcddc5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
#!/bin/sh
set -eu
## BEGIN configuration
# Where is WooCommerce?
WOOHOST=http://127.0.0.1:9999
# Name of the shop for the user
SHOP_NAME="WooTaler Shop"
# Ego of the zone for the RP in GNS
SHOP_ZONE=wootaler-shop
# Which attributes does WooCommerce want from the IdP?
OIDC_SCOPE="openid given_name family_name email address phone"
# URL where GNUnet REST service is listening for requests
GNUNET_REST="http://localhost:7776/openid/"
## END configuration
# Setup GNUnet REST credentials
OIDC_CLIENT_SECRET=`uuid`
gnunet-config -s reclaim-rest-plugin -o OIDC_CLIENT_SECRET -V "$OIDC_CLIENT_SECRET"
# Start GNUnet
gnunet-arm -s
# Setup Zone for RP
gnunet-identity -C "$SHOP_ZONE"
OIDC_CLIENT_IDENTITY=`gnunet-identity -dq -e $SHOP_ZONE`
# Tell reclaim where the RP expects the authorization callback
gnunet-namestore -a -z "$SHOP_ZONE" -n @ -t RECLAIM_OIDC_REDIRECT -V ${WOOHOST}/wp-admin/admin-ajax.php?action=openid-connect-authorize -e 1h -p
# Tell reclaim the name of the shop that asks for permissions (to be shown to the user)
gnunet-namestore -a -z "$SHOP_ZONE" -n @ -t RECLAIM_OIDC_CLIENT -V "$SHOP_NAME" -e 1h -p
# Setup ReClaim as OIDC provider with WooCommerce
cd /var/www/wordpress
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings client_id "${OIDC_CLIENT_IDENTITY}"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings client_secret "${OIDC_CLIENT_SECRET}"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings scope "${OIDC_SCOPE}"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_login "https://api.reclaim/openid/authorize"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_userinfo "${GNUNET_REST}/userinfo"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_token "${GNUNET_REST}/token"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings endpoint_end_session ""
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings identity_key "sub"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings no_sslverify "1"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings nickname_key "sub"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings displayname_format "{given_name} {full_name}"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings identify_with_username "1"
sudo -u www-data wp --user=admin option patch update openid_connect_generic_settings enable_logging "1"
|
