Thanks Fabrice!
While I feel like I'm much closer, I'm still having trouble. Whenever I
click the "Login with Google Account" button, it does a refresh on the
login page (and changes the "destination_url" to "
https://accounts.google.com/o/oauth2/auth";). Am I missing something? I
went ahead and added "https://accounts.google.com"; to the Passthroughs
setting.
Here's what I'm seeing in packetfence.log:
Jan 22 16:40:22 redir.cgi(0) INFO: 60:eb:69:56:53:06 being redirected
(default profile)
(ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler)
Jan 22 16:40:22 redir.cgi(0) INFO: Updating node 60:eb:69:56:53:06
user_agent with useragent: 'Mozilla/5.0 (Windows NT 5.1; rv:26.0)
Gecko/20100101 Firefox/26.0' (pf::web::web_node_record_user_agent)
Jan 22 16:40:22 redir.cgi(0) INFO: Static User-Agent lookup data
initialized (pf::useragent::_init)
Jan 22 16:40:22 redir.cgi(0) INFO: 60:eb:69:56:53:06 redirected to
authentication page
(ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler)
Jan 22 16:40:35 pfmon(0) INFO: running expire check (main::cleanup)
Jan 22 16:40:35 pfmon(0) INFO: checking registered nodes for expiration
(main::cleanup)
Jan 22 16:40:35 pfmon(0) INFO: checking violations for expiration
(main::cleanup)
Jan 22 16:40:35 pfmon(0) INFO: checking accounting data for potential
bandwidth abuse (main::cleanup)
Jan 22 16:40:35 pfmon(0) INFO: getting violations triggers for accounting
cleanup (pf::accounting::acct_maintenance)
Jan 22 16:40:35 pfmon(0) INFO: Calling node acct maintenance total with
monthly and 1 for 21474836480 (pf::accounting::acct_maintenance)
Jan 22 16:40:40 oauth2.cgi(0) INFO: Sending 60:eb:69:56:53:06 to OAuth2 -
Provider:google
(ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_oauth2_2ecgi::handler)
Jan 22 16:40:40 redir.cgi(0) INFO: 60:eb:69:56:53:06 being redirected
(default profile)
(ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler)
Jan 22 16:40:40 redir.cgi(0) INFO: 60:eb:69:56:53:06 redirected to
authentication page
(ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler)
Thanks,
Joshua Nathan
IT Administrator
Black Forest Academy
+49 (0) 7626-916123
On Wed, Jan 22, 2014 at 2:55 PM, Fabrice DURAND <[email protected]> wrote:
> Hello Joshua,
>
> it look that google change a little bit the console.
> So on https://cloud.google.com/console/ go in APIs & auth -> credentials
> and create a new client id.
>
> Then in Oauth2 config in pf:
> API ID => Client ID (From google)
> API Secret => Client Secret (From google)
> API URL => https://accounts.google.com
> API Authorize Path => /o/oauth2/auth
> API Token Path => /o/oauth2/token
> Access Token Parameter => oauth_token
> Scope => https://www.googleapis.com/auth/userinfo.email
> API URL of logged user => https://www.googleapis.com/oauth2/v2/userinfo
> Portal URL =>
> https://packtfence.black-forest-academy.com/oauth2/google(Should be the same
> as Redirect URIs in google)
> Authorized domains => *.google.com,*.google.ca,*.google.fr,*.gstatic.com,
> googleapis.com,accounts.youtube.com
>
> Also Javascript Origins should be
> https://packtfence.black-forest-academy.com
>
>
> For authorized domains you have to take care of the user account origin,
> like if you create your account on google.fr then you have to allow *.
> google.fr, if you create it in UK the google.uk ...
>
>
> Regards
> Fabrice
>
>
> Le 2014-01-22 06:49, Josh Nathan a écrit :
>
> OK, I'm floundering here. I have a fresh PacketFence 4.1 install,
> and I'd like to make it so that people can register with their Google
> account. Specifically, we have a Google for education domain, and want our
> users to be able to use that for logging into PacketFence.
>
> The problem is that I can't quite figure out how to make it work. The
> administrator guide says I need "an API key". What kind? From the Admin
> console in Google, I can get an "OAuth consumer key" and "OAuth consumer
> secret". When I follow the link mentioned in the PF admin guide, it takes
> me somewhere else where I can create a "project". So I did, but I feel
> like I'm just guessing what services to connect to it. Any guidance
> there? And none of them seem to be title "userinfo" which is the scope
> mentioned in the PF configurations.
>
> When setting up Google as a source, what all fields do I need to
> customize/how?
>
> Is the "API" ID my "project" ID followed by the ".
> apps.googleusercontent.com"?
>
> I'm assuming the API key should be whichever long hash comes paired with
> the ID...
>
> How many of the other fields do I need to tweak? Is it ok to use my
> external IP address in the Portal URL?
>
> And back to the PF Admin guide, where is this "Redirect URI" field? I
> don't see it in the configs for the source, nor do I readily see it in the
> Google configurations?
>
> Thank you for any and all help!
>
>
> Thanks,
> Joshua Nathan
> IT Administrator
> Black Forest Academy
> +49 (0) 7626-916123
>
>
> ------------------------------------------------------------------------------
> CenturyLink Cloud: The Leader in Enterprise Cloud Services.
> Learn Why More Businesses Are Choosing CenturyLink Cloud For
> Critical Workloads, Development Environments & Everything In Between.
> Get a Quote or Start a Free Trial Today.
> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
>
>
>
> _______________________________________________
> PacketFence-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
> --
> Fabrice [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org)
>
>
>
> ------------------------------------------------------------------------------
> CenturyLink Cloud: The Leader in Enterprise Cloud Services.
> Learn Why More Businesses Are Choosing CenturyLink Cloud For
> Critical Workloads, Development Environments & Everything In Between.
> Get a Quote or Start a Free Trial Today.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
