How to contribute a sub module for oauth?

[Richard Mücke]

Hi Steve,

we created a submodule for the oauth module to login using Azure.

I would like to contribute this module to your oauth-module.

But I don't know how to do it.

I have an account in github, but never used it.

Please tell me if you want to have a look at the module and maybe add it to oauth module. I would be pleased to give a small piece of work back to you and all the contributers.

Thanks.

Best regards

Richard

[Steve Hannah]

Hi Richard,

It's been a while since I've worked on that module.  But the strategy I would use is to start with an existing one like, facebook, twitter, or github, for which there is already a submodule.

You'll need to modify the actions.ini of the module to change the name of the action, and the relevant urls.

E.g. The facebook one has:

[oauth_facebook]
    oauth.url=https://www.facebook.com/dialog/oauth
    oauth.request_token_url=https://graph.facebook.com/oauth/access_token
    label="Login with Facebook"
    category="login_actions"

[oauth_azure]
    oauth.url=https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize
    oauth.request_token_url=https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token
    label="Login with Azure"
    category="login_actions


I pulled those new URLs from the azure oauth login docs.  Not sure how the tenant works, but that {tenant} needs to be replaced with your tenant ID.  Although I think you can replace it with "common" if this will be a multi-tenant login.

The other file that would need be changed for your azure implementation is the oauth_facebook.php file, which you would rename to oauth_azure

This needs to be changed to use azure's API to retrieve the login profile instead of facebook's.   I ran this through ChatGPT since it should be a straight forward conversion, and this is what it came up with for the azure version:

<?php
class modules_oauth_azure {
    const GRAPH_URL = "https://graph.microsoft.com/v1.0/me"; // Azure Graph API URL to fetch user profile
   
    public function __construct() {
        $app = Dataface_Application::getInstance();
        $app->registerEventListener('oauth_fetch_user_data', array($this, 'oauth_fetch_user_data'), false);
        $app->registerEventListener('oauth_extract_user_properties_from_user_data', array($this, 'oauth_extract_user_properties_from_user_data'), false);
    }
   
    public function oauth_fetch_user_data($evt) {
        if ($evt->service !== 'azure') {
            return;
        }
        $mod = Dataface_ModuleTool::getInstance()->loadModule('modules_oauth');
       
        // Fetch user profile using Azure Graph API
        $res = df_http_get(self::GRAPH_URL, array('Authorization' => 'Bearer ' . $mod->getOauthToken('azure')));
       
        if (!@$res['id']) {
            error_log("Azure login failed with access token");
            throw new Exception("Failed to get Azure profile for access token");
        }
       
        $data = $res;
        $evt->out = $data;
        return;
    }
   
    public function oauth_extract_user_properties_from_user_data($evt) {
        if ($evt->service !== 'azure') {
            return;
        }
       
        $evt->out = array(
            'id' => $evt->userData['id'],
            'name' => $evt->userData['displayName'],
            'username' => strtolower(preg_replace('/[^a-zA-Z0-9]/', '', $evt->userData['displayName']))
        );
    }
}
?>

Might just work.

--
You received this message because you are subscribed to the Google Groups "Xataface" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xataface+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/xataface/ba119362-75bb-4e4e-9048-f4fe82a60e45n%40googlegroups.com.