Skip to content

Google Authentication (On-Premise Only)

Available for Botium Box version >= 1.13.2

Authentication against Google OAuth2 (known as Login with Google)

Preparing your Google account:

  • Create a Google Project in the Google Developer Console
  • Enable APIs for your project
  • Create authorization credentials
  • The Redirect URI has to be set to botium-box-url/api/auth/google/callback (Replace botium-box-url with the URL to your Botium Box installation)
  • Download the Google OAuth-Client file (client_secret_....json), rename it to googleauth.client_secret.json and place it in the resources folder of your Botium Box installation.

Activation

  • Set the environment variable BOTIUMBOX_PASSPORT_STRATEGY to googleauth
  • Add configuration with JSON file and/or other environment variables (see below)
  • Restart Botium Box

Configuration with JSON File and Environment Variables

Place a file named googleauth.config.json in the resources folder of your Botium Box installation. This is an example:

{
  "clientId": "xxxxx",
  "clientSecret": "xxxx",
  "autoCreateUser": true,
  "autoCreateRole": "GUEST",
  "autoCreateDomain": "botium.at",
  "email2Role": {
    "sysadmin@botium.at": "ADMIN"
  }
}

Note

Botium will first try read the clientId and clientSecret from the googleauth.client_secret.json file (if exists), but you can place it here as well.

Note

On first access, Botium Box will read and cache this file. When making changes you have to restart Botium Box.

clientId

Set the client ID of your app credentials

Also read from environment variable BOTIUMBOX_PASSPORT_OAUTH2_GOOGLE_CLIENT_ID

clientSecret

Set the client secret of your app credentials

Also read from environment variable BOTIUMBOX_PASSPORT_OAUTH2_GOOGLE_CLIENT_SECRET

autoCreateUser

A boolean flag to let Botium Box automatically create user records that do not yet exist (default true)

Also read from environment variable BOTIUMBOX_PASSPORT_OAUTH2_GOOGLE_AUTOCREATE_USER ("1" => true)

autoCreateRole

A role name that is automatically assigned to all created user records (default GUEST)

Also read from environment variable BOTIUMBOX_PASSPORT_OAUTH2_GOOGLE_AUTOCREATE_ROLE

autoCreateDomain

Only allow user record creation for email addresses ending in this domain

Also read from environment variable BOTIUMBOX_PASSPORT_OAUTH2_GOOGLE_AUTOCREATE_DOMAIN

email2Role

A mapping from the Google email addresses to Botium Box roles.

Also read from environment variable BOTIUMBOX_PASSPORT_OAUTH2_GOOGLE_EMAIL2ROLE