OAuth2 flow changes#28179
Conversation
| @@ -1,12 +1,14 @@ | |||
| $(document).ready(function() { | |||
| var storageId = 'googledrive'; | |||
| var backendUrl = OC.filePath('files_external', 'ajax', 'oauth2.php'); | |||
There was a problem hiding this comment.
OC.generateUrl('apps/files_external/ajax/oauth2.php') is better and is the new way since many OC versions
There was a problem hiding this comment.
Ok didn't know about this, will use this though
| @@ -1,12 +1,14 @@ | |||
| $(document).ready(function() { | |||
| var storageId = 'googledrive'; | |||
There was a problem hiding this comment.
uh oh, please don't call it "storageId" because storage ID in OC is a complete different thing.
Please call it "backend" or "backendId" instead
There was a problem hiding this comment.
Okay I'll change it to backendId
I was doubtful about storageId in the first place
| /** | ||
| * ------- OAUTH2 Events ---------- | ||
| * | ||
| * The files_external_{storageId} app's CUSTOM JS should handle the OAuth2 events itself |
| } | ||
|
|
||
| OCA.External.Settings.OAuth2.getAuthUrl(backendUrl, data, function (authUrl) { | ||
| // (Optional) do some extra task - then control shifts back to getAuthUrl |
There was a problem hiding this comment.
if this is not needed for GDrive let's remove it ?
There was a problem hiding this comment.
Yes the callback function is optional (I think I over engineered it)
But we need thisOCA.External.Settings.OAuth2.getAuthUrl because as you might have seen it sends request to backend to get the authUrl and it also redirect's the user to that URL (if status - success) else it display error message to the user
So I guess the name getAuthUrl does not fully describe what the function
There was a problem hiding this comment.
Can you remove the empty callback and make it optional ? An empty function here doesn't make sense.
| * @param {Object} data Keys -> (client_id, client_secret, redirect, tr) | ||
| * @param {Function} callback Callback function to be called once authUrl is fetched | ||
| */ | ||
| OCA.External.Settings.OAuth2.getAuthUrl = function (backendUrl, data, callback) { |
There was a problem hiding this comment.
now it would also be nice to provide the promise pattern by returning a $.Deferred object and resolving it on success
There was a problem hiding this comment.
Okay so if we are returning a Promise then it will be upto the caller of the function to redirect the user on success right?
because we can't do both - return promise and also redirect?
There was a problem hiding this comment.
Ah, I understand now. Then let's forget about the Promise for now. The callback is fine.
One thing I'm wondering is whether we should check for the return value of the callback. If it's false (not undefined or null), then block the redirect. This way a callback could decide to do the a custom redirect.
There was a problem hiding this comment.
I have done away with callback in Step 1: Auth URL Removed the callback argument from the function OCA.External.Settings.OAuth2.getAuthUrl
In Step 2 I have provided promise pattern using $.Deferred object
| * @param {String} backendUrl The backend URL to which request will be sent | ||
| * @param {Object} data Keys -> (backend_id, client_id, client_secret, redirect, tr) | ||
| */ | ||
| OCA.External.Settings.OAuth2.getAuthUrl = function (backendUrl, data) { |
There was a problem hiding this comment.
ok so do I understand it correctly that we don't need a promise here and just redirect directly ?
There was a problem hiding this comment.
Yes we dont need promise here as far as i think, just redirecting the user on success will be fine and if there is error in backend it is displayed to the user using OC.dialogs.alert
I think this will make life easy because the AuthUrl is generated by backend nothing much can be done in frontend (client side)
|
|
||
| OCA.External.Settings.OAuth2.verifyCode(backendUrl, data) | ||
| .done(function (storageConfig) { | ||
| console.log('Oauth 2 successful'); |
There was a problem hiding this comment.
remove logging statement and function
|
Please remove that logging statement and the empty function that will result once removed. Then this is good for merge from my POV 👍 |
|
@PVince81 for some reason jenkins build failed |
|
Please backport to stable10 |
|
submit pr with same commits to stable10 |
|
PR #28210 |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Description
Instead of hard coding the request to the backend in oauth2.js i have triggered some new events on which respective event handlers can be attached in app specific js which will handle those events. Two new methods have been added to
OCA.External.Settingsnamespace which will abstract the details of sending the request to backend and saving the mount configuration.The developer of new apps don't need to write custom javascript for the same. All they will need to provide will the be the url to backend which will handle oauth2 steps like it is done in
files_external/ajax/oauth2.phpRelated Issue
#27049
Motivation and Context
This PR aims to solve the problem of authentication of storage apps using OAuth2. New apps will be need to attach event handlers on 2 events and just the call the related
OCA.External.Settings.OAuth2.{function}by providing the backendUrl (based on lines of ajax/oauth2.php) which does the necessary OAuth2 tasks like generating Authorization URL and verifying access tokenHow Has This Been Tested?
This has been tested with the OwnCloud version 10.0.2 (git) with browser cache turned off.
Google Drive was mounted as an external storage successfully
Screenshots (if appropriate):
Types of changes
Checklist: