Merge pull request #42 from marumari/master

Add documentation about OAuth
mozilla · Sep 22, 2015 · e161cfb · e161cfb
2 parents 1afeec0 + 28fc406
commit e161cfb
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 3 deletions.
diff --git a/docs/source/configure_minion.rst b/docs/source/configure_minion.rst
@@ -45,9 +45,9 @@ To configure the frontend, place your configuration in a file called ``frontend.
 
 - ``login``
 
-  - ``type``: the type of authentication to use; currently supported types are ``persona``, which requires no configuration, and ``ldap``
+  - ``type``: the type of authentication to use; currently supported types are ``persona``, which requires no configuration, ``ldap``, and ``oauth``
 
-  - ``ldap``: the configuration for LDAP, if ``ldap`` is the chosen authentication method in ``login -> ``type`` 
+  - ``ldap``: the configuration for LDAP, if ``ldap`` is the chosen authentication method in ``login -> type`` 
 
     - ``uri``: URI to ldap server
 
@@ -63,6 +63,14 @@ To configure the frontend, place your configuration in a file called ``frontend.
 
     - ``authorizedGroups``: list of groups where users are authorized to use Minion (if ``checkAuthorizedGroups`` is true)
 
+  - ``oauth``: the configuration for OAuth, if ``oauth` is the chosen authentication method is set in ``login -> type``; see :ref:`configure_minion_oauth_label`
+
+    - ``***``: supported providers are Facebook, Firefox Accounts, GitHub, and Google
+
+      - ``client_id``: client_id for the chosen provider
+
+      - ``client_secret``: client_secret for the chosen provider
+
 .. _configure_minion_backend_label:
 
 Configure Minion Backend
@@ -117,6 +125,38 @@ To configure the backend, place your configuration in a file called ``backend.js
   - ``max_time_allowed``: determines the life time of an invitation; by default it will remain valid for seven days.
 
 
+
+.. _configure_minion_oauth_label:
+
+Configuring OAuth
+=================
+
+Minion currently supports Facebook, Firefox Accounts (FxA), GitHub, and Google Accounts as OAuth providers.
+
+.. image:: images/login-oauth.png
+   :scale: 50%
+   :height: 468px
+   :width: 614px
+   :align: center
+
+To enable a provider, simply input the ``client_id`` and ``client_secret`` provided by them into ``frontend.json``. Once input, they should automatically appear as options on the login page. For example:
+
+.. code-block:: javascript
+
+    "facebook": {
+         "client_id": "1234567890101112",
+         "client_secret": "1c414b10981bfe1aa134874ac4daf780"
+     }
+
+When configuring the provider, each will have a unique callback URI corresponding to its provider name. The URI should look like:
+
+    ``<http or https>://<hostname>/ws/login/oauth/<provider>``
+
+For example:
+
+    ``https://minion.mozilla.org/ws/login/oauth/facebook``
+
+
 .. _whitelist_blacklist_hostname_label:
 
 Whitelisting and Blacklisting Hosts
@@ -176,4 +216,4 @@ In this configuration, we allowed scanning LAN network and localhost, but we rem
     "blacklist": [
         "mozilla.org",
         "*.mozilla.org"
-    ]
+    ]
diff --git a/docs/source/images/login-oauth.png b/docs/source/images/login-oauth.png