|Anonymous | Login | Signup for a new account||2019-05-26 04:21 UTC|
|Main | My View | View Issues | Change Log | My Account|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0008591||TestLink||User Authentication Methods||public||2019-03-08 17:33||2019-03-14 20:52|
|Product Version||1.9.19 (2019 Q1)|
|Fixed in Version|
|Summary||0008591: OAuth enhancement - microsoft oauth provider|
|Description||Added oauth provider configuration and code to enable authentication using Microsoft accounts|
|Additional Information||Added new file microsoftoauth.php (copied relevant sections from login.php) to cater for Microsoft configuration that does not allow redirectURL to contain querystring for security purposes.|
Pull request https://github.com/TestLinkOpenSourceTRMS/testlink-code/pull/188 [^]
|Tags||No tags attached.|
|QA Team - Task Workflow Status|
edited on: 2019-03-09 13:31
1. To register an application go to https://apps.dev.microsoft.com. [^]
2. After signing in with your Microsoft account add an application by clicking Add an app.
3. Enter a name for your application and click Create Application
4. The application will be created, and the application details page will be displayed, which will list the Application Id. Click Generate New Password to generate a new password. The generated password will be displayed, copy it to configure it later in TestLink and click Ok
5. Under Platforms click Add Platform and click Web
6. Enter https://yourtestlinkserver/microsoftoauth.php [^] in the Redirect URL and https://yourtestlinkserver [^] in the Logout URL. The User.Read should be displayed under Microsoft Graph permissions by default, click Save at the bottom of the page to store all the changes.
7. Connect to your testlink server, open config.inc.php in a text editor and uncomment the $tlCfg->OAuthServers lines referring to Microsoft below the Github OAuth section
8. Set the oauth_client_id value to the Application Id from dev.apps.microsoft.com
9. Set the oauth_client_secret to the password generated in step 4.
10. Set the redirect_uri to the same value configured in the Redirect URL in step 6.
11. Save the config, and browse to the main page of your TestLink installation using your browser. You should see another button below the normal Log in button with the name Sign in with Microsoft. Click it, and you will be prompted for your Microsoft account details, after which you will have to give consent to the app (TestLink) to read your profile.
12. Click Yes, and you should be returned to your TestLink instance, and be logged in with a user with guest role.
13. You can change this to by default create a user with no rights, by editing config.inc.php and changing the value of $tlCfg->default_roleid to TL_ROLES_NO_RIGHTS;
P.S. Microsoft might prompt (irritate?!) you to view the App configuration in the Azure portal, the instructions above is not for the Azure portal but for https://apps.dev.microsoft.com. [^]
|Should you be viewing/editing via Azure, your applications can be viewed by nagigating to https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade [^] and clicking the Applications from personal account next to All applications and Own applications. I've noticed that my application was NOT listed under All applications, only under Applications from personal account.|
|It is possible to use both Office365 accounts as well as personal Microsoft accounts to authenticate. I configured my application using a free personal Microsoft account.|
|Thanks for the details you have added.|
|2019-03-08 17:33||buzzlightyear||New Issue|
|2019-03-09 13:27||buzzlightyear||Note Added: 0028580|
|2019-03-09 13:31||buzzlightyear||Note Edited: 0028580||View Revisions|
|2019-03-09 13:34||buzzlightyear||Note Added: 0028581|
|2019-03-09 13:56||buzzlightyear||Note Added: 0028582|
|2019-03-14 20:52||fman||Note Added: 0028600|
|Copyright © 2000 - 2019 MantisBT Team|