https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=16892
--- Comment #3 from M. Tompsett <[email protected]> --- TEST PLAN --------- 1) backup the database 2) run upgrade: ./installer/data/mysql/updatedatabase.pl -- proves the atomic update. 3) run it again: -- proves the INSERT IGNORE is done 4) drop the database and recreate it mysql> drop database koha_library; mysql> create database koha_library; 5) run the web installer 6) log into the staff client 7) Home -> Koha administration -> Global system preferences -> Administration -- GoogleOpenIDConnectAutoRegister, GoogleOpenIDConnectDefaultBranch, and GoogleOpenIDConnectDefaultCategory should be visible in the "Google OpenID Connect" section. -- proves the admin.pref is correct 8) In a new tab, go to https://console.developers.google.com/project and log in. 9) Click 'CREATE PROJECT' 10) Enter a project name which isn't going to scare the user off. (e.g. {institution} Library Authentication) 11) Wait a bit, then click 'Credentials' on the left pane. 12) Click the 'Create credentials' drop down button, and select 'OAuth client ID' 13) Click the 'Configure consent screen' button 14) Enter at least a product name which isn't going to scare the user off. (e.g. {institution} Library) 15) Click 'Save' 16) Select 'Web application' 17) Enter at least a memorable name whose purpose is clear. (e.g. {institution} Library Credentials) 18) Enter the OPAC URL into the 'Authorized JavaScript origins' text box 19) Enter a URL of the form: {OPACBaseURL}/cgi-bin/koha/svc/auth/googleopenidconnect into the 'Authorized redirect URIs' text box. 20) Click the 'Create' button. 21) Copy the client ID into the 'GoogleOAuth2ClientID' system preference 22) Copy the client secret into the 'GoogleOAuth2ClientSecret' system preference 23) Change the 'GoogleOpenIDConnect' system preference to 'Use'. 24) Change the 'GoogleOpenIDConnectAutoRegister' system preference to 'Allow' 25) Enter default branch and category values. (for all sample data: GoogleOpenIDConnectDefaultBranch=CPL, GoogleOpenIDConnectDefaultCategory=PT) 26) Click 'Save all Administration preferences' 27) Click 'OPAC' in the left pane. 28) Make sure OPACBaseURL is set. 27) Open the OPAC and click 'Log in to your account' 28) Click 'Allow' to authorize Google. -- should end up at opac-user page. -- proves everything works. :) NOTE: Because of the nature of OAuth, authenticating this way does not force a Google log out and the user MUST make a secondary effort to log out or close the browser. Otherwise, a person from the same terminal could abuse that person's Google account. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
