cymdeveloppement/roundcube-new-oidc
最新稳定版本:v1.0.1
Composer 安装命令:
composer require cymdeveloppement/roundcube-new-oidc
包简介
OpenID Connect login plugin for Roundcube with OIDC logout and auto-redirect support
README 文档
README
Fork of roundcube-oidc with OIDC logout and auto-redirect support.
This plugin allows you to authenticate users to Roundcube using an OpenID Connect 1.0 provider. There are three modes to run the plugin in:
- Cleartext Password: The OIDC provider must supply the user's password in cleartext, which is then used to login to the IMAP server
- Master Password: In this mode (also falls back to this), a master password is used to login to the IMAP server with the username obtained from OIDC
- Master User: IMAP authentication is done using a master user (Dovecot) with a provided separator
Installation
composer require cymdeveloppement/roundcube-new-oidc
Then copy and edit the configuration file:
cp plugins/roundcube_oidc/config.inc.php.dist plugins/roundcube_oidc/config.inc.php
Configuration
OIDC Provider
| Option | Type | Default | Description |
|---|---|---|---|
oidc_url |
string | '' |
URL of the OIDC provider |
oidc_client |
string | '' |
Client ID registered on the provider |
oidc_secret |
string | '' |
Client secret for the given client ID |
oidc_scope |
string | 'openid' |
OIDC scope to request |
IMAP Authentication
| Option | Type | Default | Description |
|---|---|---|---|
oidc_imap_master_password |
string | '' |
Master password fallback if the provider does not supply a cleartext password |
oidc_master_user_separator |
string | '*' |
Separator for Dovecot master user authentication |
oidc_config_master_user |
string | '' |
Master user to append after separator. Leave blank to disable |
User Fields Mapping
| Option | Type | Default | Description |
|---|---|---|---|
oidc_field_uid |
string | 'mail' |
OIDC claim for login UID (typically an email) |
oidc_field_password |
string | 'password' |
OIDC claim for cleartext password |
oidc_field_server |
string | 'imap_server' |
OIDC claim for IMAP server address |
Login Page
| Option | Type | Default | Description |
|---|---|---|---|
oidc_login_page |
string | '' |
Path to an alternative login page. Errors are available as $ERROR |
oidc_auto_redirect |
bool | false |
Automatically redirect to OIDC provider, bypassing the login page |
Logout
| Option | Type | Default | Description |
|---|---|---|---|
oidc_logout_url |
string | '' |
OIDC provider logout URL for Single Logout support |
Example for Keycloak:
$config['oidc_logout_url'] = 'https://auth.example.com/realms/REALM/protocol/openid-connect/logout?post_logout_redirect_uri=https%3A%2F%2Fmail.example.com&client_id=roundcube';
SMTP
Unless cleartext passwords are provided, SMTP must be configured to use no authentication or a master password.
Compatibility
- Roundcube 1.6+
- PHP 8.0+
- Tested with Keycloak 25+ as OIDC provider
License
MIT License
统计信息
- 总下载量: 4
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 7
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-04-08