cymdeveloppement/roundcube-new-oidc
Composer 安装命令:
composer require cymdeveloppement/roundcube-new-oidc
包简介
OpenID Connect login plugin for Roundcube with OIDC logout and auto-redirect support
README 文档
README
Fork of roundcube-oidc with OIDC logout and auto-redirect support.
This plugin allows you to authenticate users to Roundcube using an OpenID Connect 1.0 provider. There are three modes to run the plugin in:
- Cleartext Password: The OIDC provider must supply the user's password in cleartext, which is then used to login to the IMAP server
- Master Password: In this mode (also falls back to this), a master password is used to login to the IMAP server with the username obtained from OIDC
- Master User: IMAP authentication is done using a master user (Dovecot) with a provided separator
Installation
composer require cymdeveloppement/roundcube-new-oidc
Then copy and edit the configuration file:
cp plugins/roundcube_oidc/config.inc.php.dist plugins/roundcube_oidc/config.inc.php
Configuration
OIDC Provider
| Option | Type | Default | Description |
|---|---|---|---|
oidc_url |
string | '' |
URL of the OIDC provider |
oidc_client |
string | '' |
Client ID registered on the provider |
oidc_secret |
string | '' |
Client secret for the given client ID |
oidc_scope |
string | 'openid' |
OIDC scope to request |
IMAP Authentication
| Option | Type | Default | Description |
|---|---|---|---|
oidc_imap_master_password |
string | '' |
Master password fallback if the provider does not supply a cleartext password |
oidc_master_user_separator |
string | '*' |
Separator for Dovecot master user authentication |
oidc_config_master_user |
string | '' |
Master user to append after separator. Leave blank to disable |
User Fields Mapping
| Option | Type | Default | Description |
|---|---|---|---|
oidc_field_uid |
string | 'mail' |
OIDC claim for login UID (typically an email) |
oidc_field_password |
string | 'password' |
OIDC claim for cleartext password |
oidc_field_server |
string | 'imap_server' |
OIDC claim for IMAP server address |
Login Page
| Option | Type | Default | Description |
|---|---|---|---|
oidc_login_page |
string | '' |
Path to an alternative login page. Errors are available as $ERROR |
oidc_auto_redirect |
bool | false |
Automatically redirect to OIDC provider, bypassing the login page |
Logout
| Option | Type | Default | Description |
|---|---|---|---|
oidc_logout_url |
string | '' |
OIDC provider logout URL for Single Logout support |
Example for Keycloak:
$config['oidc_logout_url'] = 'https://auth.example.com/realms/REALM/protocol/openid-connect/logout?post_logout_redirect_uri=https%3A%2F%2Fmail.example.com&client_id=roundcube';
SMTP
Unless cleartext passwords are provided, SMTP must be configured to use no authentication or a master password.
Compatibility
- Roundcube 1.6+
- PHP 8.0+
- Tested with Keycloak 25+ as OIDC provider
License
MIT License
cymdeveloppement/roundcube-new-oidc 适用场景与选型建议
cymdeveloppement/roundcube-new-oidc 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 15 次下载、GitHub Stars 达 0, 最近一次更新时间为 2026 年 04 月 08 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 cymdeveloppement/roundcube-new-oidc 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 cymdeveloppement/roundcube-new-oidc 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 15
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 33
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-04-08