Skip to content

OAuth2 flow changes#28179

Merged
PVince81 merged 4 commits into
owncloud:masterfrom
Hemant-Mann:new_oauth2_js
Jun 26, 2017
Merged

OAuth2 flow changes#28179
PVince81 merged 4 commits into
owncloud:masterfrom
Hemant-Mann:new_oauth2_js

Conversation

@Hemant-Mann

Copy link
Copy Markdown
Contributor

Description

Instead of hard coding the request to the backend in oauth2.js i have triggered some new events on which respective event handlers can be attached in app specific js which will handle those events. Two new methods have been added to OCA.External.Settings namespace which will abstract the details of sending the request to backend and saving the mount configuration.

The developer of new apps don't need to write custom javascript for the same. All they will need to provide will the be the url to backend which will handle oauth2 steps like it is done in files_external/ajax/oauth2.php

Related Issue

#27049

Motivation and Context

This PR aims to solve the problem of authentication of storage apps using OAuth2. New apps will be need to attach event handlers on 2 events and just the call the related OCA.External.Settings.OAuth2.{function} by providing the backendUrl (based on lines of ajax/oauth2.php) which does the necessary OAuth2 tasks like generating Authorization URL and verifying access token

How Has This Been Tested?

This has been tested with the OwnCloud version 10.0.2 (git) with browser cache turned off.
Google Drive was mounted as an external storage successfully

Screenshots (if appropriate):

screen shot 2017-06-21 at 4 59 33 pm

screen shot 2017-06-21 at 5 00 44 pm

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@CLAassistant

CLAassistant commented Jun 21, 2017

Copy link
Copy Markdown

CLA assistant check
All committers have signed the CLA.

@PVince81 PVince81 added this to the 10.1 milestone Jun 22, 2017
Comment thread apps/files_external/js/gdrive.js Outdated
@@ -1,12 +1,14 @@
$(document).ready(function() {
var storageId = 'googledrive';
var backendUrl = OC.filePath('files_external', 'ajax', 'oauth2.php');

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OC.generateUrl('apps/files_external/ajax/oauth2.php') is better and is the new way since many OC versions

@Hemant-Mann Hemant-Mann Jun 22, 2017

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok didn't know about this, will use this though

Comment thread apps/files_external/js/gdrive.js Outdated
@@ -1,12 +1,14 @@
$(document).ready(function() {
var storageId = 'googledrive';

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

uh oh, please don't call it "storageId" because storage ID in OC is a complete different thing.

Please call it "backend" or "backendId" instead

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay I'll change it to backendId
I was doubtful about storageId in the first place

Comment thread apps/files_external/js/gdrive.js Outdated
/**
* ------- OAUTH2 Events ----------
*
* The files_external_{storageId} app's CUSTOM JS should handle the OAuth2 events itself

@PVince81 PVince81 Jun 22, 2017

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/storageId/backendId/

Comment thread apps/files_external/js/gdrive.js Outdated
}

OCA.External.Settings.OAuth2.getAuthUrl(backendUrl, data, function (authUrl) {
// (Optional) do some extra task - then control shifts back to getAuthUrl

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if this is not needed for GDrive let's remove it ?

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes the callback function is optional (I think I over engineered it)

But we need thisOCA.External.Settings.OAuth2.getAuthUrl because as you might have seen it sends request to backend to get the authUrl and it also redirect's the user to that URL (if status - success) else it display error message to the user

So I guess the name getAuthUrl does not fully describe what the function

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you remove the empty callback and make it optional ? An empty function here doesn't make sense.

Comment thread apps/files_external/js/settings.js Outdated
* @param {Object} data Keys -> (client_id, client_secret, redirect, tr)
* @param {Function} callback Callback function to be called once authUrl is fetched
*/
OCA.External.Settings.OAuth2.getAuthUrl = function (backendUrl, data, callback) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

now it would also be nice to provide the promise pattern by returning a $.Deferred object and resolving it on success

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay so if we are returning a Promise then it will be upto the caller of the function to redirect the user on success right?
because we can't do both - return promise and also redirect?

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, I understand now. Then let's forget about the Promise for now. The callback is fine.

One thing I'm wondering is whether we should check for the return value of the callback. If it's false (not undefined or null), then block the redirect. This way a callback could decide to do the a custom redirect.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have done away with callback in Step 1: Auth URL Removed the callback argument from the function OCA.External.Settings.OAuth2.getAuthUrl

In Step 2 I have provided promise pattern using $.Deferred object

* @param {String} backendUrl The backend URL to which request will be sent
* @param {Object} data Keys -> (backend_id, client_id, client_secret, redirect, tr)
*/
OCA.External.Settings.OAuth2.getAuthUrl = function (backendUrl, data) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok so do I understand it correctly that we don't need a promise here and just redirect directly ?

@Hemant-Mann Hemant-Mann Jun 23, 2017

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes we dont need promise here as far as i think, just redirecting the user on success will be fine and if there is error in backend it is displayed to the user using OC.dialogs.alert
I think this will make life easy because the AuthUrl is generated by backend nothing much can be done in frontend (client side)

Comment thread apps/files_external/js/gdrive.js Outdated

OCA.External.Settings.OAuth2.verifyCode(backendUrl, data)
.done(function (storageConfig) {
console.log('Oauth 2 successful');

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove logging statement and function

@PVince81

Copy link
Copy Markdown
Contributor

Please remove that logging statement and the empty function that will result once removed.

Then this is good for merge from my POV 👍

@Hemant-Mann

Copy link
Copy Markdown
Contributor Author

@PVince81 for some reason jenkins build failed

@PVince81 PVince81 merged commit 2897882 into owncloud:master Jun 26, 2017
@PVince81

Copy link
Copy Markdown
Contributor

Please backport to stable10

@PVince81

Copy link
Copy Markdown
Contributor

submit pr with same commits to stable10

@Hemant-Mann Hemant-Mann mentioned this pull request Jun 26, 2017
9 tasks
@Hemant-Mann

Copy link
Copy Markdown
Contributor Author

PR #28210

@lock

lock Bot commented Aug 2, 2019

Copy link
Copy Markdown

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock Bot locked as resolved and limited conversation to collaborators Aug 2, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants