lemonldap-ng/doc/sources/admin/authfacebook.rst

Facebook
========

============== ===== ========
Authentication Users Password
============== ===== ========
✔              ✔
============== ===== ========

Presentation
------------

`Facebook <http://facebook.com>`__ is a famous social network service.
Facebook uses `OAuth2 <http://en.wikipedia.org/wiki/OAuth2>`__ protocol
to allow applications to reuse its own authentication process (it means,
if your are connected to Facebook, other applications can trust Facebook
and let you in).

You need
`Net::Facebook::Oauth2 <https://metacpan.org/release/Net-Facebook-Oauth2>`__
package.

You need to register a new application on Facebook to get an application
ID and a secret. See https://developers.facebook.com/apps on how to do
that.

Configuration
-------------

In Manager, go in ``General Parameters`` > ``Authentication modules``
and choose Facebook for authentication module. You can also use Facebook
as user database.

Then, go in ``Facebook parameters``:

-  **Authentication level**: authentication level for this module.
-  **Facebook application ID**: the application ID you get
-  **Facebook application secret**: the corresponding secret
-  **User field**: Facebook field that will be used as default user
   identifier

If you use Facebook as user database, declare values in exported
variables:

-  use any key name you want. If you want to refuse access when a data
   is missing, just add a "!" before the key name
-  in the value field, set the field name. You can show them using
   `Facebook Graph API
   explorer <https://developers.facebook.com/tools/explorer>`__ and have
   a list of supported fields in the `Graph API User
   reference <https://developers.facebook.com/docs/graph-api/reference/user/>`__.
   For example:

   -  cn => name
   -  mail => email
   -  sn => last_name


.. attention::

    Do not query user field in exported variables, as it is
    already registered by the authentication module in ``$_user``.


.. attention::

    Browser implementations of formAction directive are
    inconsistent (e.g. Firefox doesn't block the redirects whereas Chrome
    does). Administrators may have to modify formAction value with wildcard
    likes \*.

    In Manager, go in :

    ``General Parameters`` > ``Advanced Parameters`` > ``Security`` >
    ``Content Security Policy`` > ``Form destination``


.. tip::

    You can use the same Facebook access token in your
    applications. It is stored in session data under the name ``$_facebookToken``\
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00			`Facebook`
			`========`

			`============== ===== ========`
			`Authentication Users Password`
			`============== ===== ========`
doc: fix formatting 2020-05-18 09:56:39 +02:00			`✔ ✔`
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00			`============== ===== ========`

			`Presentation`
			`------------`

			`Facebook <http://facebook.com>`__ is a famous social network service.
			Facebook uses `OAuth2 <http://en.wikipedia.org/wiki/OAuth2>`__ protocol
			`to allow applications to reuse its own authentication process (it means,`
			`if your are connected to Facebook, other applications can trust Facebook`
			`and let you in).`

			`You need`
			`Net::Facebook::Oauth2 <https://metacpan.org/release/Net-Facebook-Oauth2>`__
			`package.`

			`You need to register a new application on Facebook to get an application`
			`ID and a secret. See https://developers.facebook.com/apps on how to do`
			`that.`

			`Configuration`
			`-------------`

			In Manager, go in ``General Parameters`` > ``Authentication modules``
			`and choose Facebook for authentication module. You can also use Facebook`
			`as user database.`

			Then, go in ``Facebook parameters``:

			`- Authentication level: authentication level for this module.`
			`- Facebook application ID: the application ID you get`
			`- Facebook application secret: the corresponding secret`
			`- User field: Facebook field that will be used as default user`
			`identifier`

			`If you use Facebook as user database, declare values in exported`
			`variables:`

			`- use any key name you want. If you want to refuse access when a data`
			`is missing, just add a "!" before the key name`
			`- in the value field, set the field name. You can show them using`
			`Facebook Graph API
			explorer <https://developers.facebook.com/tools/explorer>`__ and have
			a list of supported fields in the `Graph API User
			reference <https://developers.facebook.com/docs/graph-api/reference/user/>`__.
			`For example:`

			`- cn => name`
			`- mail => email`
			`- sn => last_name`


doc: fix markup 2020-05-21 15:13:24 +02:00			`.. attention::`
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00
			`Do not query user field in exported variables, as it is`
			already registered by the authentication module in ``$_user``.


doc: fix markup 2020-05-21 15:13:24 +02:00			`.. attention::`
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00
			`Browser implementations of formAction directive are`
			`inconsistent (e.g. Firefox doesn't block the redirects whereas Chrome`
			`does). Administrators may have to modify formAction value with wildcard`
			`likes \*.`
doc: fix formatting 2020-05-18 09:56:39 +02:00
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00			`In Manager, go in :`
doc: fix formatting 2020-05-18 09:56:39 +02:00
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00			``General Parameters`` > ``Advanced Parameters`` > ``Security`` >
doc: fix formatting 2020-05-18 09:56:39 +02:00			``Content Security Policy`` > ``Form destination``
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00

doc: fix formatting 2020-05-18 09:56:39 +02:00			`.. tip::`
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00
			`You can use the same Facebook access token in your`
Typos 2022-08-19 22:37:46 +02:00			applications. It is stored in session data under the name ``$_facebookToken``\