This requires SSL enabled (HTTPS) on your Shinobi server. This article assumes you are using the default installation location /home/Shinobi.

You can setup local SSL like this here.

Create authorization credentials

  1. Go to Google's Credentials page for Developers.
  2. Click Create credentials > OAuth client ID.
  3. Select the Web application application type.
  4. Add the Domain you are going to use for Shinobi in the Authorized JavaScript origins section.
    • Failing to do this will result in the Google Sign-In button failing to appear.
    • If you did this and it still doesn't appear you may need to remove all Cookies from Shinobi Login Page.
  5. Name your OAuth 2.0 client and click Create
  6. Get your Google Application's Client ID and keep it ready to fill in during a later part of this article. (GOOGLE_APPLICATION_CLIENT_ID)

Don't have a domain?

You can modify hosts files on your client devices or use custom DNS to simulate one.

Here is an example of what I did to my hosts file on Windows 10. You can see the rule that was added at the very bottom. Now whenever I go to http://shinobi-home.com​:8080 or https://shinobi-home.com​ I am directed to my Shinobi server. I am also able to use this with my Google Application Authorized Origins (mentioned in Step 4, Point 2 of the Create authorization credentials section).

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#	127.0.0.1       localhost
#	::1             localhost
10.1.103.128               shinobi-home.com

The added part is broken down as follows.

  • 10.1.103.128 : Local IP Address of your Shinobi  server
  • shinobi-home.com​ : The domain you want to reach your server at. This can be pretty much anything.

Enabling Google Sign-In on Shinobi

1. Install the Google Authentication Library in the Shinobi folder.

cd /home/Shinobi
npm install google-auth-library

2. Add the following to conf.json through either the Superuser Panel or Terminal.

"appIdGoogleSignIn":"GOOGLE_APPLICATION_CLIENT_ID",
"allowGoogleSignOn":true,

Terminal Users :

Use nano to open the conf.json file and add the new lines after Line 2.

nano conf.json

3. Now restart Shinobi after making the changes.

Login to Shinobi

Once you have it all enabled in the configuration you will notice the Google Sign-In button the login page.

Login to Shinobi as you normally would and open your Settings to link your Google account in the Alternate Logins section.

Shinobi Systems never receives this information. Your Google Sign-In management will be handled by your Google Developer Account.

Fast Binding from the Login Screen

If you would like to enable fast binding from the login page you can add the following to your Shinobi Configuration.

"allowBindingAltLoginsFromLoginPage": true,

Restart Shinobi then you can use the login screen for fast binding.

  1. Type your Username and Password into Shinobi's login page, do not press "Login".
  2. Now use the Google Sign-In button and Login to your Google Account and it will automatically bind as well as login you in.