Question

What Login page and User Store to use with Open Authentication Module

0

Hi, I have successfully installed the Open Authentication Module from the App Store, and I have questions: Login Page Does the Open Authentication Module expect to use the default Mendix login page below? If not which (and where) is the Login page? User Accounts: Does the Open Authentication Module expects users to be defined in: local User store? AppCloudServices? another? If so, which one & how do I configure it? Any tips appreciated, Guislain Lagron

asked 2018-05-07

Guislain Lagron

3 answers

Rob Bond · Answer 1 · 2018-05-07

Hi Guislain,

The login page that you use here is included as part of the package download. One of the installation steps in the module is the following:

4. From the theme directory copy all the files to your theme directory

Here is a direct link to the files you will need to drop into your project 'Theme' directory:

https://github.com/Erwin-t-Hoen/Open-Authentication-Module/tree/master/theme

Once you copy the files (these are also included in the mpk theme folder) into your project theme directory, then you will use the login.html page. This is the page you can style like a traditional HTML page if you want to make it look more in like with company branding.

For your second question, all accounts used for logging in with Open Authentication are LOCAL users. The Mendix AppCloud user option is used exclusively with apps that Mendix AppCloud SSO (https://www.mendix.com/blog/create-first-mendix-appcloud-powered-app/) This means users can sign in directly with their home.mendix.com ID. I don't see this type of SSO used all that much in enterprise applications. You want to use 'local' users for your app.

Guislain Lagron · Answer 2 · 2018-05-08

Hi (again) Rob,

OK, so I am getting a little closer.

Based on your information and this Integrating Google Sign-In into your web app, I modified the login.html page to look like this:

Upon which Google now actually returns an error:

Yet, they seem to match.

While an error message is an improvement, I still feel pretty far from the solution. For example, I don't understand why the reported Google ClientId

differs from the one in the "Google Client ID for Web App" above and the Mendix Client ID below

I am really confused

Guislain

Rob Bond · Answer 3 · 2018-05-08

Hi Guislain,

To answer your question above, I believe the intended behavior is for you to go to the newly added <yourUrl>/admin.html so that you can log in as the MxAdmin user. This will let you make accounts.

The error you see can be the result of a few missing setup steps. Have you completed the following steps from the install instructions?

Register your app with the OAuth provider, make sure that the callback URL is https://(yourapp)/callback/(OAuth_provider) For Google e.g. http://myfirstapp.mendixcloud.com/callback/google
Set the microflow AS_StartOAuthRequestHandlers as After Startup Microflow
The next setup step for your OAuth module is: navigate to https://(yourapp)/admin.html and login with your Admin account
Synchronize your Model Reflection module and make sure that the data for the OAuthModule is created
Select the OAuth Config menu item and select the microflow ResolveUserByEmail
Don't forget to set your requesthandlers in the cloud ('signin/','callback/' and 'logout/')

I think it is possible that the request handler has not been properly configured. Can you make sure that you have added the redirect URL request handlers and have added the request handler startup microflow?