Is there any easy way to use identity providers like Microsoft/Azure or Google for Identity? If not, are we allowed to change the login page/code to use an identity provider or perhaps create our own module for this type of thing?
Hi @travisb . Currently we do not have this out of the box. However, we do want to have this ability in the core in the near future.
Here is some pointers if you would like to assist us in buidling this feature as a module.
The module in charge of security is contentbox-security which can be found under the conrtentbox-admin module.
The SecurityService is in charge of authentication via the authenticate method which such cfc adheres to our our ISecurityService.
We also make use of several events during the authentication process:
- cbadmin_beforeLoginForm
- cbadmin_afterLoginForm
- cbadmin_preLogin
- cbadmin_onLogin
- cbadmin_onBadLogin
- cbadmin_onLogout
A typical flow for identity providers would be to add something to the login form to initiate that type of authentication, which you can do using the two login form events. Then you can add your own UI and events to your module so it can go out to the third party provider and do the authentication.
Once the authentication is validated in your module, you will have to assign them to a ContentBox user in order to make sure you validate the authentication. You can use the SecurityService methods to log in a user into ContenBox using the login( author ) method. Just make sure you pass in a valid Author object.
That would be it. I think the most complex part is that you must get the data form the auth provider and either match it to a ContentBox author (if it exists) and if not, create for them a matching user with their information. You can use the AuthorService for this.
It would be great if you help us with this approach. We can assist and give you direction as much as possible.