hackmdio
diff --git a/‎docs/guides/auth.md‎
Lines changed: 0 additions & 241 deletions b/‎docs/guides/auth.md‎
Lines changed: 0 additions & 241 deletions
diff --git a/‎docs/guides/auth/github.md‎
Lines changed: 36 additions & 0 deletions b/‎docs/guides/auth/github.md‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎docs/guides/auth/gitlab-self-hosted.md‎
Lines changed: 30 additions & 0 deletions b/‎docs/guides/auth/gitlab-self-hosted.md‎
Lines changed: 30 additions & 0 deletions
diff --git a/‎docs/guides/auth/saml-onelogin.md‎
Lines changed: 52 additions & 0 deletions b/‎docs/guides/auth/saml-onelogin.md‎
Lines changed: 52 additions & 0 deletions
@@ -0,0 +1,36 @@
+Authentication guide - GitHub
+===
+
+1. Sign-in or sign-up for a GitHub account
+2. Navigate to developer settings in your GitHub account [here](https://github.com/settings/developers) and select the "OAuth Apps" tab
+3. Click on the **New OAuth App** button, to create a new OAuth App:
+
+![create-oauth-app](../images/auth/create-oauth-app.png)
+
+4. Fill out the new OAuth application registration form, and click **Register Application**
+
+![register-oauth-application-form](../images/auth/register-oauth-application-form.png)
+
+*Note: The callback URL is <your-hackmd-url>/auth/github/callback*
+
+5. After successfully registering the application, you'll receive the Client ID and Client Secret for the application
+
+![application-page](../images/auth/application-page.png)
+
+6. Add the Client ID and Client Secret to your config.json file or pass them as environment variables
+    * config.json:
+      ````javascript
+      {
+        "production": {
+          "github": {
+              "clientID": "3747d30eaccXXXXXXXXX",
+              "clientSecret": "2a8e682948eee0c580XXXXXXXXXXXXXXXXXXXXXX"
+          }
+        }
+      }
+      ````
+    * environment variables:
+      ````
+      HMD_GITHUB_CLIENTID=3747d30eaccXXXXXXXXX
+      HMD_GITHUB_CLIENTSECRET=2a8e682948eee0c580XXXXXXXXXXXXXXXXXXXXXX
+      ````
@@ -0,0 +1,30 @@
+# GitLab (self-hosted)
+===
+
+1. Sign in to your GitLab
+2. Navigate to the application management page at `https://your.gitlab.domain/admin/applications` (admin permissions required)
+3. Click **New application** to create a new application and fill out the registration form:
+
+![New GitLab application](images/auth/gitlab-new-application.png)
+
+4. Click **Submit**
+5. In the list of applications select **HackMD**. Leave that site open to copy the application ID and secret in the next step.
+
+![Application: HackMD](images/auth/gitlab-application-details.png)
+
+
+6. In the `docker-compose.yml` add the following environment variables to `app:` `environment:`
+
+```
+- HMD_DOMAIN=your.hackmd.domain
+- HMD_URL_ADDPORT=443
+- HMD_PROTOCOL_USESSL=true
+- HMD_GITLAB_BASEURL=https://your.gitlab.domain
+- HMD_GITLAB_CLIENTID=23462a34example99XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+- HMD_GITLAB_CLIENTSECRET=5532e9dexamplXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+```
+
+7. Run `docker-compose up -d` to apply your settings.
+8. Sign in to your HackMD using your GitLab ID:
+
+![Sign in via GitLab](images/auth/gitlab-sign-in.png)
@@ -0,0 +1,52 @@
+Authentication guide - SAML (OneLogin)
+===
+
+1. Sign-in or sign-up for an OneLogin account. (available free trial for 2 weeks)
+2. Go to the administration page.
+3. Select the **APPS** menu and click on the **Add Apps**.
+
+![onelogin-add-app](../images/auth/onelogin-add-app.png)
+
+4. Find "SAML Test Connector (SP)" for template of settings and select it.
+
+![onelogin-select-template](../images/auth/onelogin-select-template.png)
+
+5. Edit display name and icons for OneLogin dashboard as you want, and click **SAVE**.
+
+![onelogin-edit-app-name](../images/auth/onelogin-edit-app-name.png)
+
+6. After that other tabs will appear, click the **Configuration**, and fill out the below items, and click **SAVE**.
+    * RelayState: The base URL of your hackmd, which is issuer. (last slash is not needed)
+    * ACS (Consumer) URL Validator: The callback URL of your hackmd. (serverurl + /auth/saml/callback)
+    * ACS (Consumer) URL: same as above.
+    * Login URL: login URL(SAML requester) of your hackmd. (serverurl + /auth/saml)
+
+![onelogin-edit-sp-metadata](../images/auth/onelogin-edit-sp-metadata.png)
+
+7. The registration is completed. Next, click **SSO** and copy or download the items below.
+    * X.509 Certificate: Click **View Details** and **DOWNLOAD** or copy the content of certificate ....(A)
+    * SAML 2.0 Endpoint (HTTP): Copy the URL ....(B)
+
+![onelogin-copy-idp-metadata](../images/auth/onelogin-copy-idp-metadata.png)
+
+8. In your hackmd server, create IdP certificate file from (A)
+9. Add the IdP URL (B) and the Idp certificate file path to your config.json file or pass them as environment variables.
+    * config.json:
+      ````javascript
+      {
+        "production": {
+          "saml": {
+            "idpSsoUrl": "https://*******.onelogin.com/trust/saml2/http-post/sso/******",
+            "idpCert": "/path/to/idp_cert.pem"
+          }
+        }
+      }
+      ````
+    * environment variables
+      ````
+      HMD_SAML_IDPSSOURL=https://*******.onelogin.com/trust/saml2/http-post/sso/******
+      HMD_SAML_IDPCERT=/path/to/idp_cert.pem
+      ````
+10. Try sign-in with SAML from your hackmd sign-in button or OneLogin dashboard (like the screenshot below).
+
+![onelogin-use-dashboard](../images/auth/onelogin-use-dashboard.png)