For non-cloud plugin settings, set hosting property to on-prem (#269)

* set hosting to on-prem for `Enable OAuth`, `APIKey`, and `APISecret` plugin settings * use actual server commit * force oauth to be used when using cloud version of the plugin * bump go mod version * test circleci config * remove references to plugin-ci * bump Go version in circleci * use cimg * add other cimg changes * go mod tidy * revert circleci changes * revert build/go.mod changes so we are using the old server version * extend manifest struct to support hosting field * Revert "extend manifest struct to support hosting field" This reverts commit b862b40. * revert all go mod changes * remove manifest field name restriction * add comment explaining commented out code * reorder conditions for readability
mattermost · Aug 5, 2022 · 6ca8373 · 6ca8373
1 parent 931f815
commit 6ca8373
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 15 deletions.
diff --git a/build/manifest/main.go b/build/manifest/main.go
@@ -82,7 +82,7 @@ func findManifest() (*model.Manifest, error) {
 	// we don't want to accidentally clobber anything we won't preserve.
 	var manifest model.Manifest
 	decoder := json.NewDecoder(manifestFile)
-	decoder.DisallowUnknownFields()
+	// decoder.DisallowUnknownFields() // Commented out until circleci image is updated: https://github.com/mattermost/mattermost-plugin-zoom/pull/269#discussion_r927075701
 	if err = decoder.Decode(&manifest); err != nil {
 		return nil, errors.Wrap(err, "failed to parse manifest")
 	}

diff --git a/plugin.json b/plugin.json
@@ -45,7 +45,8 @@
                 "type": "bool",
                 "help_text": "When true, OAuth will be used as the authentication means with Zoom. \n When false, JWT will be used as the authentication means with Zoom. \n If you're currently using a JWT Zoom application and switch to OAuth, all users will need to connect their Zoom account using OAuth the next time they try to start a meeting. [More information](https://mattermost.gitbook.io/plugin-zoom/installation/zoom-configuration).",
                 "placeholder": "",
-                "default": false
+                "default": true,
+                "hosting": "on-prem"
             },
             {
                 "key": "AccountLevelApp",
@@ -86,15 +87,17 @@
                 "type": "text",
                 "help_text": "The API key generated by Zoom, used to create meetings and pull user data.",
                 "placeholder": "",
-                "default": null
+                "default": null,
+                "hosting": "on-prem"
             },
             {
                 "key": "APISecret",
                 "display_name": "API Secret:",
                 "type": "text",
                 "help_text": "The API secret generated by Zoom for your API key.",
                 "placeholder": "",
-                "default": null
+                "default": null,
+                "hosting": "on-prem"
             },
             {
                 "key": "WebhookSecret",

diff --git a/server/command.go b/server/command.go
@@ -80,7 +80,7 @@ func (p *Plugin) executeCommand(c *plugin.Context, args *model.CommandArgs) (str
 }
 
 func (p *Plugin) canConnect(user *model.User) bool {
-	return p.configuration.EnableOAuth && // we are not on JWT
+	return p.OAuthEnabled() && // we are not on JWT
 		(!p.configuration.AccountLevelApp || // we are on user managed app
 			user.IsSystemAdmin()) // admins can connect Account level apps
 }
@@ -205,7 +205,7 @@ func (p *Plugin) runHelpCommand(user *model.User) (string, error) {
 // getAutocompleteData retrieves auto-complete data for the "/zoom" command
 func (p *Plugin) getAutocompleteData() *model.AutocompleteData {
 	available := "start, help"
-	if p.configuration.EnableOAuth && !p.configuration.AccountLevelApp {
+	if p.OAuthEnabled() && !p.configuration.AccountLevelApp {
 		available = "start, connect, disconnect, help"
 	}
 	zoom := model.NewAutocompleteData("zoom", "[command]", fmt.Sprintf("Available commands: %s", available))
@@ -214,7 +214,7 @@ func (p *Plugin) getAutocompleteData() *model.AutocompleteData {
 	zoom.AddCommand(start)
 
 	// no point in showing the 'disconnect' option if OAuth is not enabled
-	if p.configuration.EnableOAuth && !p.configuration.AccountLevelApp {
+	if p.OAuthEnabled() && !p.configuration.AccountLevelApp {
 		connect := model.NewAutocompleteData("connect", "", "Connect to Zoom")
 		disconnect := model.NewAutocompleteData("disconnect", "", "Disonnects from Zoom")
 		zoom.AddCommand(connect)

diff --git a/server/configuration.go b/server/configuration.go
@@ -51,17 +51,17 @@ func (c *configuration) Clone() *configuration {
 }
 
 // IsValid checks if all needed fields are set.
-func (c *configuration) IsValid() error {
+func (c *configuration) IsValid(isCloud bool) error {
 	switch {
-	case !c.EnableOAuth:
+	case !c.EnableOAuth && !isCloud: // JWT for on-prem
 		switch {
 		case len(c.APIKey) == 0:
 			return errors.New("please configure APIKey")
 
 		case len(c.APISecret) == 0:
 			return errors.New("please configure APISecret")
 		}
-	case c.EnableOAuth:
+	case c.EnableOAuth || isCloud: // OAuth for either platform
 		switch {
 		case len(c.OAuthClientSecret) == 0:
 			return errors.New("please configure OAuthClientSecret")
@@ -72,8 +72,6 @@ func (c *configuration) IsValid() error {
 		case len(c.EncryptionKey) == 0:
 			return errors.New("please generate EncryptionKey from Zoom plugin settings")
 		}
-	default:
-		return errors.New("please select either OAuth or Password based authentication")
 	}
 
 	if len(c.WebhookSecret) == 0 {

diff --git a/server/http.go b/server/http.go
@@ -37,7 +37,7 @@ type startMeetingRequest struct {
 
 func (p *Plugin) ServeHTTP(c *plugin.Context, w http.ResponseWriter, r *http.Request) {
 	config := p.getConfiguration()
-	if err := config.IsValid(); err != nil {
+	if err := config.IsValid(p.isCloudLicense()); err != nil {
 		http.Error(w, "This plugin is not configured.", http.StatusNotImplemented)
 		return
 	}

diff --git a/server/plugin.go b/server/plugin.go
@@ -59,7 +59,7 @@ type Client interface {
 // OnActivate checks if the configurations is valid and ensures the bot account exists
 func (p *Plugin) OnActivate() error {
 	config := p.getConfiguration()
-	if err := config.IsValid(); err != nil {
+	if err := config.IsValid(p.isCloudLicense()); err != nil {
 		return err
 	}
 
@@ -138,7 +138,7 @@ func (p *Plugin) getActiveClient(user *model.User) (Client, string, error) {
 	config := p.getConfiguration()
 
 	// JWT
-	if !config.EnableOAuth {
+	if !p.OAuthEnabled() {
 		return p.jwtClient, "", nil
 	}
 
@@ -240,3 +240,17 @@ func (p *Plugin) SetZoomSuperUserToken(token *oauth2.Token) error {
 	}
 	return nil
 }
+
+func (p *Plugin) isCloudLicense() bool {
+	license := p.API.GetLicense()
+	return license != nil && *license.Features.Cloud
+}
+
+func (p *Plugin) OAuthEnabled() bool {
+	config := p.getConfiguration()
+	if config.EnableOAuth {
+		return true
+	}
+
+	return p.isCloudLicense()
+}