[NEW] Drupal oAuth Integration for Rocketchat

.meteor/packages

@@ -132,6 +132,9 @@ rocketchat:videobridge
 rocketchat:webrtc
 rocketchat:wordpress
 rocketchat:message-snippet
+rocketchat:google-natural-language
+rocketchat:drupal
+rocketchat:monitoring
 #rocketchat:chatops
 
 konecty:change-case
@@ -169,5 +172,3 @@ underscorestring:underscore.string
 yasaricli:slugify
 yasinuslu:blaze-meta
 deepwell:bootstrap-datepicker2
-rocketchat:google-natural-language
-rocketchat:monitoring

.meteor/versions

@@ -138,6 +138,7 @@ rocketchat:crowd@1.0.0
 rocketchat:custom-oauth@1.0.0
 rocketchat:custom-sounds@1.0.0
 rocketchat:dolphin@0.0.2
+rocketchat:drupal@0.0.1
 rocketchat:emoji@1.0.0
 rocketchat:emoji-custom@1.0.0
 rocketchat:emoji-emojione@0.0.1
@@ -252,3 +253,4 @@ webapp@1.3.15
 webapp-hashing@1.0.9
 yasaricli:slugify@0.0.7
 yasinuslu:blaze-meta@0.3.3
+

packages/rocketchat-drupal/README.md

@@ -0,0 +1,23 @@
+#Drupal oAuth Integration module.
+This module works in conjunction with the [Rocket.Chat+ Module for Drupal](https://www.drupal.org/project/rocket_chat) 
+Version 7.x-1.1 or later.
+
+A full set of instructions for how to connect the 2 are present in the drupal module's documentation.
+
+Basically to connect the 2 you first setup the oAuth server connection in your drupal, with the proper permissions 
+("Use OAuth2 Server" => "Anonymous User" = Checked).  
+
+In the Rocket chat you have to do the following:
+- fill in the 'Client ID'.  
+  Bear in mind that the Client ID should not be guessable,but is seen in the URL when doing the login.
+- fill in the 'Client Secret'.
+  This should be treated as a Secret Key (like the Secret Key of a TLS certificate). it __must not__ be guesable or 
+  derivable, and is best a Alphanumerical sequence between 16 and 48 cahracters long (longer would be better but longer 
+  than 48 characters can be problem with long URI's) 
+- fill in the  Drupal's BaseURL.
+- on the Drupal use the "Restrict redirect URIs" Setting to limit possible exploits. and set the Redirect URI's to 
+  whatever is in the Callback URL (like `https://Rocketchat.example.com/_oauth/drupal` and possibly also the 
+  `https://Rocketchat.example.com/_oauth/drupal?close` URI.).
+- Lastly do not forget to Enable the Drupal OAuth and `SAVE CHANGES`.   
+
+When all is a Blue Button with a drupal like logo will apear on the login page of Rocket.Chat+

packages/rocketchat-drupal/common.js

@@ -0,0 +1,39 @@
+/* global CustomOAuth */
+
+// Drupal Server CallBack URL needs to be http(s)://{rocketchat.server}[:port]/_oauth/drupal
+// In RocketChat -> Administration the URL needs to be http(s)://{drupal.server}/
+
+const config = {
+	serverURL: '',
+	identityPath: '/oauth2/UserInfo',
+	authorizePath: '/oauth2/authorize',
+	tokenPath: '/oauth2/token',
+	scope: 'openid email profile offline_access',
+	tokenSentVia: 'payload',
+	usernameField: 'preferred_username',
+	mergeUsers: true,
+	addAutopublishFields: {
+		forLoggedInUser: ['services.drupal'],
+		forOtherUsers: ['services.drupal.name']
+	}
+};
+
+const Drupal = new CustomOAuth('drupal', config);
+
+if (Meteor.isServer) {
+	Meteor.startup(function() {
+		RocketChat.settings.get('API_Drupal_URL', function(key, value) {
+			config.serverURL = value;
+			Drupal.configure(config);
+		});
+	});
+} else {
+	Meteor.startup(function() {
+		Tracker.autorun(function() {
+			if (RocketChat.settings.get('API_Drupal_URL')) {
+				config.serverURL = RocketChat.settings.get('API_Drupal_URL');
+				Drupal.configure(config);
+			}
+		});
+	});
+}

packages/rocketchat-drupal/login-button.css

@@ -0,0 +1,11 @@
+.icon-drupal.service-icon {
+	display: inline-block;
+	width: 21px;
+	height: 28px;
+	background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABUAAAAcCAYAAACOGPReAAAABGdBTUEAALGPC/xhBQAAAAZiS0dEAP8A/wD/oL2nkwAAAcNJREFUSMetlbFrFFEQh7/dJnhpDHcx6SyiRLhLkUKDsRZB8S9IWi2Syj8iVooQ0FLBNlqJRpNO8Br7FLkoRDBooQHhNCr6WTjB48zd7d7uNI+d+c333pt9bx5kNPVGVm1WYF39rTbKhD7zr62XBVwI4MsYF4sCZ9S2uq6mMbbVmWGBx9WW+kGdCN+J+G6pY3mBo2pT/ape6IrNx2qb6mhW4Ii6qf5Ur/TQXI74pjoyCJioa3F8FgdoF0K3pib9hLfiDy9l3NVS6G/3EiyH4GbO+q9E3nJ3oKF+Vx/33Urvkj2K/EZn4JW6l/uY/MsfU9+rzUPHXCz/+jDADvC14Myhrqpf1EpB6LHgrCbqa+BzkiSXikAD/ByopcAUsFUUGLYFTKVABWiXBG0DlRTYB8ZLgo4D+ynQAuolQevAdgq8AM6rk0Vo0R7ngQ3UU+qvvNfzCOhKcE4fOu6r39TpIYHT0XsfdDon45puq7WcwFrk7f1XQvVsdPS3Wd+geMPeRN65XqJZdVf9od5Tz/TZ7t3Q7aqzg2avqnfUg2gQO+pT9WGMO+E/CF21m5H0gU8AV4GLwEmgCnwC3gEbwJMkST4elfsHJbIReGbv9uUAAAAASUVORK5CYII=);
+	background-repeat: no-repeat;
+}
+
+.button.external-login.drupal {
+	background-color: #0f85b6;
+}

packages/rocketchat-drupal/package.js

@@ -0,0 +1,22 @@
+Package.describe({
+	name: 'rocketchat:drupal',
+	version: '0.0.1',
+	summary: 'RocketChat settings for Drupal oAuth2'
+});
+
+Package.onUse(function(api) {
+	api.versionsFrom('1.0');
+	api.use('ecmascript');
+	api.use('service-configuration');
+	api.use('rocketchat:lib@0.0.1');
+	api.use('rocketchat:custom-oauth');
+
+	// api.use('templating', 'client');
+
+	api.addFiles('common.js');
+	api.addFiles('login-button.css', 'client');
+	api.addFiles('startup.js', 'server');
+
+	api.use('templating', 'client');
+});
+

packages/rocketchat-drupal/startup.js

@@ -0,0 +1,14 @@
+RocketChat.settings.addGroup('OAuth', function() {
+	this.section('Drupal', function() {
+		const enableQuery = {
+			_id: 'Accounts_OAuth_Drupal',
+			value: true
+		};
+
+		this.add('Accounts_OAuth_Drupal', false, { type: 'boolean' });
+		this.add('API_Drupal_URL', '', { type: 'string', public: true, enableQuery, i18nDescription: 'API_Drupal_URL_Description' });
+		this.add('Accounts_OAuth_Drupal_id', '', { type: 'string', enableQuery });
+		this.add('Accounts_OAuth_Drupal_secret', '', { type: 'string', enableQuery });
+		this.add('Accounts_OAuth_Drupal_callback_url', '_oauth/drupal', { type: 'relativeUrl', readonly: true, force: true, enableQuery });
+	});
+});

packages/rocketchat-i18n/i18n/en.i18n.json

@@ -62,6 +62,10 @@
   "Accounts_OAuth_Custom_Token_Path": "Token Path",
   "Accounts_OAuth_Custom_Token_Sent_Via": "Token Sent Via",
   "Accounts_OAuth_Custom_Username_Field": "Username field",
+  "Accounts_OAuth_Drupal": "Drupal Login Enabled",
+  "Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
+  "Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",
+  "Accounts_OAuth_Drupal_secret": "Drupal oAuth2 Client Secret",
   "Accounts_OAuth_Facebook": "Facebook Login",
   "Accounts_OAuth_Facebook_callback_url": "Facebook Callback URL",
   "Accounts_OAuth_Facebook_id": "Facebook App Id",
@@ -170,6 +174,8 @@
   "API_CORS_Origin": "CORS Origin",
   "API_Default_Count": "Default Count",
   "API_Default_Count_Description": "The default count for REST API results if the consumer did not provided any.",
+  "API_Drupal_URL": "Drupal Server URL",
+  "API_Drupal_URL_Description": "Example: https://domain.com (excluding trailing slash)",
   "API_Embed": "Embed Link Previews",
   "API_Embed_Description": "Whether embedded link previews are enabled or not when a user posts a link to a website.",
   "API_EmbedCacheExpirationDays": "Embed cache expiration days",