Skip to content

Latest commit

 

History

History
270 lines (179 loc) · 6.91 KB

readme.md

File metadata and controls

270 lines (179 loc) · 6.91 KB

lib_OAuth

OAuth library to perform authentication

This is the OAuth Library for Convertigo applications. This library is used in conjunction with the OAuth Action to perform SSO Login to Convertigo Apps.

Symbols

Symbol Usaqe
lib_oauth.azuread.clientid The Azure Active Directory Client ID
lib_oauth.azuread.tenantid The Azure Active Directory Tenant ID
lib_oauth.github.clientid The GitHub Client ID
lib_oauth.github.keysecret.secret The Azure Active Directory Client Secret
lib_oauth.google.clientid The Google Client ID
lib_oauth.google.keysecret.secret The Azure Active Directory Client Secret
lib_oauth.linkedin.clientid The LinkedIn Client ID
lib_oauth.linkedin.keysecret.secret The LinkedIn Client Secret
lib_oauth.openid.clientid The Openid Client id
lib_oauth.openid.clientsecret.secret The Openid Client Secret
lib_oauth.openid.introspect_url The Openid introspect API endpoint URL

Best Practices

Client secrets must never be embedded in the client applications. The best way to use them in the OAuth Action is to call the GetOAuthCredentials sequence to retrieve on the client side the necessary credentials.

Configure the OAuth / OpenID providers

Follow the https://doc.convertigo.com/documentation/latest/reference-manual/convertigo-objects/mobile-application/components/action-components/oauth-openid instructions to learn on how to configure your OAuth IDP.

For more technical informations : documentation

Installation

  1. In your Convertigo Studio use File->Import->Convertigo->Convertigo Project and hit the Next button

  2. In the dialog Project remote URL field, paste the text below:

    UsageClick the copy button
    To contribute
    lib_OAuth=https://github.com/convertigo/c8oprj-lib-oauth.git:branch=8.0.0
    
    To simply use
    lib_OAuth=https://github.com/convertigo/c8oprj-lib-oauth/archive/8.0.0.zip
    
  3. Click the Finish button. This will automatically import the lib_OAuth project

Sequences

checkAccessOpenID

Checks is a valid access token is held by the current users' session for AzureAD

This as to be called by client apps to decide whenever or not they have to display an OAuth login screen

checkAccessToken

Checks is a valid access token is held by the current users' session for AzureAD

This as to be called by client apps to decide whenever or not they have to display an OAuth login screen

checkAccessTokenGoogle

Checks is a valid access token is held by the current users' session for Google

This as to be called by client apps to decide whenever or not they have to display an OAuth login screen

checkAccessTokenLinkedIn

Checks is a valid access token is held by the current users' session for LinkedIn

This as to be called by client apps to decide whenever or not they have to display an OAuth login screen

GetOAuthCredentials

Returns to the client the public OAuth credentials

listGroupsAzureAd

Returns the list of groups for a user for AzureAD

loginAzureAdWithAccessToken

Perform the OAuth flow for AzureAD

If the token is valid, it will be stored in the user's session to be used when calling Microsoft APIs.

Also if the token is valid, setAuthenticatedUser step is executed to flag this session as authenticated.

variables

namecomment
access_token

loginGitHubWithCode

Perform the OAuth flow for GitHub with Code

If the token is valid, it will be stored in the user's session to be used when calling Microsoft APIs.

Also if the token is valid, setAuthenticatedUser step is executed to flag this session as authenticated.

variables

namecomment
client_id
code
keySecret
redirect_uri

loginGoogleWithCode

Perform the OAuth flow for Google

If the token is valid, it will be stored in the user's session to be used when calling Microsoft APIs.

Also if the token is valid, setAuthenticatedUser step is executed to flag this session as authenticated.

variables

namecomment
client_id
code
keySecret
redirect_uri

loginLinkedInWithCode

Perform the OAuth flow for LinkedIn

If the token is valid, it will be stored in the user's session to be used when calling Microsoft APIs.

Also if the token is valid, setAuthenticatedUser step is executed to flag this session as authenticated.

variables

namecomment
client_id
code
keySecret
redirect_uri

loginOpenIDWithAccessToken

Perform the OAuth flow for OpenID with a JWT acess token

If the token is valid, it will be stored in the user's session

Also if the token is valid, setAuthenticatedUser step is executed to flag this session as authenticated.

variables

namecomment
access_tokenThe JWT acess Token
introspectURLThe URL to call to instrospect and validate the TWT token

setLastConnected

Sets a lastConnected timestamp in the user database

variables

namecomment
user

SignOut

Sign out from App.. Warning must be called with disableAutologin to true !