[NEW] Drupal oAuth Integration for Rocketchat

.meteor/packages

@@ -4,38 +4,38 @@
 # but you can also edit it by hand.
 
 rocketchat:cors
-accounts-facebook@1.1.0
-accounts-github@1.2.0
-accounts-google@1.1.0
-accounts-meteor-developer@1.2.0
+accounts-facebook@1.1.1
+accounts-github@1.2.1
+accounts-google@1.1.1
+accounts-meteor-developer@1.2.1
 accounts-password@1.3.4
-accounts-twitter@1.2.0
+accounts-twitter@1.2.1
 blaze-html-templates
-check@1.2.4
+check@1.2.5
 coffeescript@1.11.1_4
-ddp-rate-limiter@1.0.6
+ddp-rate-limiter@1.0.7
 ecmascript@0.6.3
 ejson@1.0.13
 email@1.1.18
 fastclick@1.0.13
-http@1.2.11
+http@1.2.12
 jquery@1.11.10
 less@2.7.9
 logging@1.1.17
 meteor-base@1.0.4
 mobile-experience@1.0.4
-mongo@1.1.15
+mongo@1.1.16
 random@1.0.10
-rate-limit@1.0.6
+rate-limit@1.0.7
 reactive-dict@1.1.8
 reactive-var@1.0.11
 reload@1.1.11
 service-configuration@1.0.11
 session@1.1.7
-shell-server@0.2.2
+shell-server@0.2.3
 spacebars
-standard-minifier-css@1.3.3
-standard-minifier-js@1.2.2
+standard-minifier-css@1.3.4
+standard-minifier-js@1.2.3
 tracker@1.1.2
 
 rocketchat:2fa
@@ -170,3 +170,5 @@ yasaricli:slugify
 yasinuslu:blaze-meta
 deepwell:bootstrap-datepicker2
 rocketchat:google-natural-language
+rocketchat:drupal
+rocketchat:i18n

.meteor/release

@@ -1 +1 @@
-METEOR@1.4.3.1
+METEOR@1.4.3.2

.meteor/versions

@@ -1,24 +1,24 @@
-accounts-base@1.2.14
-accounts-facebook@1.1.0
-accounts-github@1.2.0
-accounts-google@1.1.0
-accounts-meteor-developer@1.2.0
+accounts-base@1.2.15
+accounts-facebook@1.1.1
+accounts-github@1.2.1
+accounts-google@1.1.1
+accounts-meteor-developer@1.2.1
 accounts-oauth@1.1.15
 accounts-password@1.3.4
-accounts-twitter@1.2.0
+accounts-twitter@1.2.1
 aldeed:simple-schema@1.5.3
 allow-deny@1.0.5
 autoupdate@1.3.12
 babel-compiler@6.14.1
 babel-runtime@1.0.1
 base64@1.0.10
 binary-heap@1.0.10
-blaze@2.3.0
-blaze-html-templates@1.1.0
+blaze@2.3.2
+blaze-html-templates@1.1.2
 blaze-tools@1.0.10
 boilerplate-generator@1.0.11
 caching-compiler@1.1.9
-caching-html-compiler@1.1.0
+caching-html-compiler@1.1.2
 callback-hook@1.0.10
 cfs:http-methods@0.0.32
 check@1.2.5
@@ -27,7 +27,7 @@ dandv:caret-position@2.1.1
 ddp@1.2.5
 ddp-client@1.3.3
 ddp-common@1.2.8
-ddp-rate-limiter@1.0.6
+ddp-rate-limiter@1.0.7
 ddp-server@1.3.13
 deepwell:bootstrap-datepicker2@1.3.0
 deps@1.0.12
@@ -48,11 +48,11 @@ google-oauth@1.2.0
 hot-code-push@1.0.4
 html-tools@1.0.11
 htmljs@1.0.11
-http@1.2.11
+http@1.2.12
 id-map@1.0.9
 jalik:ufs@0.7.4_1
-jalik:ufs-gridfs@0.1.4
-jalik:ufs-local@0.2.8
+jalik:ufs-gridfs@0.2.1
+jalik:ufs-local@0.2.9
 jparker:crypto-core@0.1.0
 jparker:crypto-md5@0.1.1
 jparker:gravatar@0.5.1
@@ -80,26 +80,26 @@ meteorhacks:inject-initial@1.0.4
 meteorspark:util@0.2.0
 minifier-css@1.2.16
 minifier-js@1.2.18
-minimongo@1.0.20
+minimongo@1.0.21
 mizzao:autocomplete@0.5.1
 mizzao:timesync@0.3.4
 mobile-experience@1.0.4
 mobile-status-bar@1.0.14
 modules@0.7.9
 modules-runtime@0.7.9
-mongo@1.1.15
+mongo@1.1.16
 mongo-id@1.0.6
 mongo-livedata@1.0.12
 mrt:reactive-store@0.0.1
 mystor:device-detection@0.2.0
 nimble:restivus@0.8.12
 nooitaf:colors@1.1.2_1
 npm-bcrypt@0.9.2
-npm-mongo@2.2.16_1
+npm-mongo@2.2.24
 oauth@1.1.13
 oauth1@1.1.11
 oauth2@1.1.11
-observe-sequence@1.0.15
+observe-sequence@1.0.16
 ordered-dict@1.0.9
 ostrio:cookies@2.2.0
 pauli:accounts-linkedin@2.1.2
@@ -114,7 +114,7 @@ raix:handlebar-helpers@0.2.5
 raix:push@3.0.3-rc.7
 raix:ui-dropped-event@0.0.7
 random@1.0.10
-rate-limit@1.0.6
+rate-limit@1.0.7
 reactive-dict@1.1.8
 reactive-var@1.0.11
 reload@1.1.11
@@ -137,6 +137,7 @@ rocketchat:crowd@1.0.0
 rocketchat:custom-oauth@1.0.0
 rocketchat:custom-sounds@1.0.0
 rocketchat:dolphin@0.0.2
+rocketchat:drupal@0.0.1
 rocketchat:emoji@1.0.0
 rocketchat:emoji-custom@1.0.0
 rocketchat:emoji-emojione@0.0.1
@@ -223,30 +224,30 @@ routepolicy@1.0.12
 service-configuration@1.0.11
 session@1.1.7
 sha@1.0.9
-shell-server@0.2.2
+shell-server@0.2.3
 simple:json-routes@2.1.0
 smoral:sweetalert@1.1.1
-spacebars@1.0.13
-spacebars-compiler@1.1.0
+spacebars@1.0.15
+spacebars-compiler@1.1.2
 srp@1.0.10
 standard-minifier-css@1.3.4
 standard-minifier-js@1.2.3
 steffo:meteor-accounts-saml@0.0.1
 tap:i18n@1.8.2
-templating@1.3.0
-templating-compiler@1.3.0
-templating-runtime@1.3.0
-templating-tools@1.1.0
+templating@1.3.2
+templating-compiler@1.3.2
+templating-runtime@1.3.2
+templating-tools@1.1.2
 tmeasday:crypto-base@3.1.2
 tmeasday:crypto-md5@3.1.2
 todda00:friendly-slugs@0.6.0
 tracker@1.1.2
 twitter-oauth@1.2.0
-ui@1.0.12
+ui@1.0.13
 underscore@1.0.10
 underscorestring:underscore.string@3.3.4
 url@1.1.0
-webapp@1.3.13
+webapp@1.3.14
 webapp-hashing@1.0.9
 yasaricli:slugify@0.0.7
 yasinuslu:blaze-meta@0.3.3

packages/rocketchat-drupal/README.md

@@ -0,0 +1,23 @@
+#Drupal oAuth Integration module.
+This module works in conjunction with the [Rocket.Chat+ Module for Drupal](https://www.drupal.org/project/rocket_chat) 
+Version 7.x-1.1 or later.
+
+A full set of instructions for how to connect the 2 are present in the drupal module's documentation.
+
+Basically to connect the 2 you first setup the oAuth server connection in your drupal, with the proper permissions 
+("Use OAuth2 Server" => "Anonymous User" = Checked).  
+
+In the Rocket chat you have to do the following:
+- fill in the 'Client ID'.  
+  Bear in mind that the Client ID should not be guessable,but is seen in the URL when doing the login.
+- fill in the 'Client Secret'.
+  This should be treated as a Secret Key (like the Secret Key of a TLS certificate). it __must not__ be guesable or 
+  derivable, and is best a Alphanumerical sequence between 16 and 48 cahracters long (longer would be better but longer 
+  than 48 characters can be problem with long URI's) 
+- fill in the  Drupal's BaseURL.
+- on the Drupal use the "Restrict redirect URIs" Setting to limit possible exploits. and set the Redirect URI's to 
+  whatever is in the Callback URL (like `https://Rocketchat.example.com/_oauth/drupal` and possibly also the 
+  `https://Rocketchat.example.com/_oauth/drupal?close` URI.).
+- Lastly do not forget to Enable the Drupal OAuth and `SAVE CHANGES`.   
+
+When all is a Blue Button with a drupal like logo will apear on the login page of Rocket.Chat+

packages/rocketchat-drupal/common.js

@@ -0,0 +1,39 @@
+/* global CustomOAuth */
+
+// Drupal Server CallBack URL needs to be http(s)://{rocketchat.server}[:port]/_oauth/drupal
+// In RocketChat -> Administration the URL needs to be http(s)://{drupal.server}/
+
+const config = {
+	serverURL: '',
+	identityPath: '/oauth2/UserInfo',
+	authorizePath: '/oauth2/authorize',
+	tokenPath: '/oauth2/token',
+	scope: 'openid email profile offline_access',
+	tokenSentVia: 'payload',
+	usernameField: 'preferred_username',
+	mergeUsers: true,
+	addAutopublishFields: {
+		forLoggedInUser: ['services.drupal'],
+		forOtherUsers: ['services.drupal.name']
+	}
+};
+
+const Drupal = new CustomOAuth('drupal', config);
+
+if (Meteor.isServer) {
+	Meteor.startup(function() {
+		RocketChat.settings.get('API_Drupal_URL', function(key, value) {
+			config.serverURL = value;
+			Drupal.configure(config);
+		});
+	});
+} else {
+	Meteor.startup(function() {
+		Tracker.autorun(function() {
+			if (RocketChat.settings.get('API_Drupal_URL')) {
+				config.serverURL = RocketChat.settings.get('API_Drupal_URL');
+				Drupal.configure(config);
+			}
+		});
+	});
+}

packages/rocketchat-drupal/i18n/en.i18n.json

@@ -0,0 +1,8 @@
+{
+"API_Drupal_URL": "Drupal Server URL",
+"API_Drupal_URL_Description": "Example: https://domain.com (excluding trailing slash)",
+"Accounts_OAuth_Drupal": "Drupal Login Enabled",
+"Accounts_OAuth_Drupal_callback_url": "Drupal oAuth2 Redirect URI",
+"Accounts_OAuth_Drupal_id": "Drupal oAuth2 Client ID",
+"Accounts_OAuth_Drupal_secret": "Drupal oAuth2 Client Secret"
+}

packages/rocketchat-drupal/login-button.css

@@ -0,0 +1,11 @@
+.icon-drupal.service-icon {
+	display: inline-block;
+	width: 21px;
+	height: 28px;
+	background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABUAAAAcCAYAAACOGPReAAAABGdBTUEAALGPC/xhBQAAAAZiS0dEAP8A/wD/oL2nkwAAAcNJREFUSMetlbFrFFEQh7/dJnhpDHcx6SyiRLhLkUKDsRZB8S9IWi2Syj8iVooQ0FLBNlqJRpNO8Br7FLkoRDBooQHhNCr6WTjB48zd7d7uNI+d+c333pt9bx5kNPVGVm1WYF39rTbKhD7zr62XBVwI4MsYF4sCZ9S2uq6mMbbVmWGBx9WW+kGdCN+J+G6pY3mBo2pT/ape6IrNx2qb6mhW4Ii6qf5Ur/TQXI74pjoyCJioa3F8FgdoF0K3pib9hLfiDy9l3NVS6G/3EiyH4GbO+q9E3nJ3oKF+Vx/33Urvkj2K/EZn4JW6l/uY/MsfU9+rzUPHXCz/+jDADvC14Myhrqpf1EpB6LHgrCbqa+BzkiSXikAD/ByopcAUsFUUGLYFTKVABWiXBG0DlRTYB8ZLgo4D+ynQAuolQevAdgq8AM6rk0Vo0R7ngQ3UU+qvvNfzCOhKcE4fOu6r39TpIYHT0XsfdDon45puq7WcwFrk7f1XQvVsdPS3Wd+geMPeRN65XqJZdVf9od5Tz/TZ7t3Q7aqzg2avqnfUg2gQO+pT9WGMO+E/CF21m5H0gU8AV4GLwEmgCnwC3gEbwJMkST4elfsHJbIReGbv9uUAAAAASUVORK5CYII=);
+	background-repeat: no-repeat;
+}
+
+.button.external-login.drupal {
+	background-color: #0f85b6;
+}

packages/rocketchat-drupal/package.js

@@ -0,0 +1,22 @@
+Package.describe({
+	name: 'rocketchat:drupal',
+	version: '0.0.1',
+	summary: 'RocketChat settings for Drupal oAuth2'
+});
+
+Package.onUse(function(api) {
+	api.versionsFrom('1.0');
+	api.use('ecmascript');
+	api.use('service-configuration');
+	api.use('rocketchat:lib@0.0.1');
+	api.use('rocketchat:custom-oauth');
+
+	// api.use('templating', 'client');
+
+	api.addFiles('common.js');
+	api.addFiles('login-button.css', 'client');
+	api.addFiles('startup.js', 'server');
+
+	api.use('templating', 'client');
+});
+

packages/rocketchat-drupal/startup.js

@@ -0,0 +1,14 @@
+RocketChat.settings.addGroup('OAuth', function() {
+	this.section('Drupal', function() {
+		const enableQuery = {
+			_id: 'Accounts_OAuth_Drupal',
+			value: true
+		};
+
+		this.add('Accounts_OAuth_Drupal', false, { type: 'boolean' });
+		this.add('API_Drupal_URL', '', { type: 'string', public: true, enableQuery, i18nDescription: 'API_Drupal_URL_Description' });
+		this.add('Accounts_OAuth_Drupal_id', '', { type: 'string', enableQuery });
+		this.add('Accounts_OAuth_Drupal_secret', '', { type: 'string', enableQuery });
+		this.add('Accounts_OAuth_Drupal_callback_url', '_oauth/drupal', { type: 'relativeUrl', readonly: true, force: true, enableQuery });
+	});
+});