Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom Oauth login with provider access Token #14108

Closed
geekgonecrazy opened this issue Apr 11, 2019 · 3 comments · Fixed by #14113
Closed

Custom Oauth login with provider access Token #14108

geekgonecrazy opened this issue Apr 11, 2019 · 3 comments · Fixed by #14113
Labels
feat: oauth / sso type: improvement
Milestone
1.0.0

Comments

@geekgonecrazy
Copy link
Member

geekgonecrazy commented Apr 11, 2019
edited
Loading

We have a method called: registerAccessTokenService
Source found: https://github.com/RocketChat/Rocket.Chat/blob/develop/app/lib/server/oauth/oauth.js#L9

It is executed from the login endpoint: https://github.com/RocketChat/Rocket.Chat/blob/develop/app/lib/server/oauth/oauth.js#L27

So when you do a login like:

curl -H "Content-type:application/json" \
      http://localhost:3000/api/v1/login \
      -d '{ "serviceName": "yourOauth", "accessToken": "tokenFromOauthProvider", "expiresIn": 200 }'

serviceName matches the oauth service registered and executes the function passed. That returns an object like:

{
  serviceData,
  options: {
    profile: {
      name: identity.name,
    },
  },
};

That then finds or creates an account here: https://github.com/RocketChat/Rocket.Chat/blob/develop/app/lib/server/oauth/oauth.js#L54

An example of an oauth provider registering:
https://github.com/RocketChat/Rocket.Chat/blob/develop/app/lib/server/oauth/google.js#L28

It takes the access token and calls google with it to get the identity: https://github.com/RocketChat/Rocket.Chat/blob/develop/app/lib/server/oauth/google.js#L10

This is ensuring its valid as well as getting some info about the user that the token belongs to.

The data is then pieced together: https://github.com/RocketChat/Rocket.Chat/blob/develop/app/lib/server/oauth/google.js#L39

picked of only the fields we want: https://github.com/RocketChat/Rocket.Chat/blob/develop/app/lib/server/oauth/google.js#L46

then returned as mentioned above.

That needs added in here: https://github.com/RocketChat/Rocket.Chat/blob/develop/app/custom-oauth/server/custom_oauth_server.js making use of the access patterns setup. Can likely reuse a lot of the code/functions already there to make this not so bad.

This would also close out: #5521
@geekgonecrazy geekgonecrazy mentioned this issue Apr 11, 2019
Closed
@knrt10
Copy link
Contributor

knrt10 commented Apr 11, 2019

On it, will try to fix this

@geekgonecrazy
Copy link
Member Author

@knrt10 awesome! Feel free to request my review on it when you open a PR. Will gladly help you shape it up and test it.

@knrt10 knrt10 mentioned this issue Apr 11, 2019
Merged
1 task
@ralfbecker
Copy link
Contributor

I'll created a provider for EGroupware OpenID Connect / OAuth server, I'll refactor it for all custom OAuth servers and send a pull request soon.

@engelgabriel engelgabriel added this to the 1.0.0 milestone Apr 12, 2019
This was referenced Mar 17, 2021
Closed
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feat: oauth / sso type: improvement
Projects
None yet
Milestone
1.0.0
Development

Successfully merging a pull request may close this issue.

[FIX] Custom Oauth login not working with accessToken knrt10/Rocket.Chat
4 participants
@geekgonecrazy @ralfbecker @engelgabriel @knrt10