WeChat Login module

Edition

Incubator (services)

Issues

Git

Git

Latest

1.0-SNAPSHOT

Compatible with Magnolia 6.2.

The WeChat Login module allows you to integrate Magnolia’s login mechanism with that provided to WeChat’s Open Platform. Once enabled, visitors have to scan a Wechat QR code and can access protected content of the website, e.g. members-only pages.

This module is at the INCUBATOR level.

This module is not in the Magnolia platform support scope

Installing with Maven

Maven is the easiest way to install the module. Add the following to your bundle:

<dependency>
  <groupId>info.magnolia.wechat</groupId>
  <artifactId>magnolia-sso-connector</artifactId>
  <version>1.0-SNAPSHOT</version>
</dependency>

<dependency>
  <groupId>info.magnolia.connector.sso</groupId>
  <artifactId>magnolia-sso-connector</artifactId>
  <version>2.7.4</version>
</dependency>

Configuration

This module integrates open id connect provider WeChat as an authentication method for Magnolia CMS. It uses the SSO Connector module and adds configuration for this service.

For full details about the WeChat platform please refer to WeChat Login.
  • AdminCentral login with WeChat

  • AdminCentral login with Magnolia (.magnlia/defaultlogin)

  • Login button beside the login link of travel demo.

  • Page /travel/members/wechat as the default target of the login process with WeChat.

  • Page /travel/members/wechat-profile as the user profile page.

JAAS configuration for OAuth authentication

Magnolia’s web app has to provide a special JAAS configuration for the SSO Connector Module. Add the following at the bottom of the file:

/WEB-INF/config/jaas.config
sso-authentication {
    info.magnolia.connector.sso.jaas.SSOAuthenticationModule requisite;
    info.magnolia.jaas.sp.jcr.JCRAuthorizationModule required;
};

loginHandlers configuration

/server/filters/login/loginHandlers
class info.magnolia.cms.security.auth.login.SSOAuthenticationLoginFilter
login handlers

Logout configuration

/server/filters/logout
class info.magnolia.cms.security.auth.logout.SSOLogoutFilter

securityCallback configuration

This is found at /server/filters/securityCallback/clientCallbacks.

Example

travel-demo-pur (if we have travel demo site)

public-sso (*/server/filters/securityCallback/clientCallbacks/public-sso/originalUrlPattern *)

patternString (*|travel)/members/(wechat)*

form (/server/filters/securityCallback/clientCallbacks/admincentral-sso/originalUrlPattern)

patternString   /.magnolia/defaultlogin

admincentral-sso (no originalUrlPattern)

WeChat Service configuration

Configure Wechat’s API service (appid, clilentSecret, endpoint, etc. ) under /modules/sso-connector/config/authenticationServices/wechatService.

Item Description

callbackURL

the callback URL after login. It should different for author and public

author instance

`http://localhost:8080`

public instance

`http://localhost:8080/magnoliaPublic/travel/members/wechat`

securityGroups

magnolia user group for logged user. Default is wechat-sso-default.

weChatService configuration

Security

This module introduces a default user role (wechat-sso-default) and a default user group (wechat-sso-default) for view-only permission.

wechat user role

wechat user group

Changelog

Version Notes

Version Alpha 1.0

Initial release of the module.

If you need, you can download the JAR file.
Feedback