OAuth2 Client
The Rocket.Chat App OAuth2 workflow is a feature that lets developers handle OAuth2 authentication on their apps directly within Rocket.Chat
- Start by importing the methods needed from the IOAuth2 definition in the main class of your app.
import { IAuthData } from '@rocket.chat/apps-engine/definition/oauth2/IOAuth2';
import { createOAuth2Client } from '@rocket.chat/apps-engine/definition/oauth2/OAuth2';
- In setting up the app configurations using the
extendConfigurationmethod, we create an instance of the createOAuth2Client imported above.
protected async extendConfiguration(configuration: IConfigurationExtend): Promise<void> {
try {
await createOAuth2Client(this, this.config)
.setup(configuration);
await configuration.slashCommands.provideSlashCommand(new AuthCommandCommand(this));
} catch (error) {
this.getLogger().error('[extendConfiguration] error', error);
}
}
- The
createOAuth2Clientmethod takes in two parameters:app: being the app itselfoptions: An object with props as configuration Below is a sample of the config parameter as seen in the definition documentation
private config = {
alias: 'test',
accessTokenUri: 'https://oauth2.googleapis.com/token',
authUri: 'https://accounts.google.com/o/oauth2/v2/auth',
refreshTokenUri: 'https://oauth2.googleapis.com/token',
revokeTokenUri: 'https://oauth2.googleapis.com/revoke',
callback: this.autorizationCallback.bind(this),
};
- Now calling the
setup(configuration)method on thecreateOAuth2Clientcreates all the setup APIs you need to use.
After setup, however, you want to go about implementing OAuth2 on your app is dependent on the
The OAuth2Client gives you access to multiple methods like
getAccessTokenForUser, revokeUserAccessToken etc.Gets the token information for a specific user, if available. This receives the user instance as a parameter and returns data about the authenticated user.
await createOAuth2Client(this, this.config).getAccessTokenForUser(user);
Returns the authorization URL to which the user must be redirected in order to authorize access to the application.
const url = await createOAuth2Client(this, this.config).getUserAuthorizationUrl(user);
Refreshes the user's access token. This is useful when the user access token has expired.
await createOAuth2Client(this, this.config).refreshUserAccessToken(user, persis);
Revokes user's access token in the service provider. When successfully executed, users will ned to be authenticated again before using the service
await createOAuth2Client(this, this.config).revokeUserAccessToken(user, persis);
Last modified 8mo ago