-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OAuth2 support #1
base: master
Are you sure you want to change the base?
Conversation
Dockerfile
Outdated
ENV CONVO_INSTANCE_URL=https://<MEDALLIA_CONVERSATION_HOST> | ||
ENV CONVO_WEBHOOK_URL=https://<MEDALLIA_CONVERSATION_HOST>/cg/mc/custom/<CHANNEL_GUID> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Deprecate the CONVO_WEBHOOK_URL
with the new API endpoints available.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I still need the CHANNEL_GUID. Do you want a CHANNEL_GUID and the CONVO_INSTANCE_URL (that will change to CONVO_API_GATEWAY) in two env configs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, please!
README.md
Outdated
@@ -1,5 +1,4 @@ | |||
# Medallia Conversations Adapter | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Leave this in for formatting sync with other projects. (Style guidelines say to have a blank line after each Markdown heading.)
README.md
Outdated
* `export AUTH_TYPE_INBOUND=<It can be 'Oauth2' or 'Signature'>` | ||
* `export SHARED_SECRET=<32_CHARACTER_STRING only for Signature>` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We are fully deprecating Signature. Only show OAuth2 at this point. Also, the standard name is OAuth
for capitalization correctness.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is it the same for API-Token in Outbound messages?
README.md
Outdated
### Auth Configuration | ||
For inbound conversations configuration you can setup 2 auth types: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add a newline between these. Only keep the "OAuth2" type.
README.md
Outdated
For inbound conversations configuration you can setup 2 auth types: | ||
* Signature: This is used to generate signature of the body to send it to Medallia Conversations with the SHARED_SECRET key. In the converation side, under the Signed request auth type, this Secret should match. The string must be 32 characters long. | ||
* Oauth2: It will use the Conversations OAuth server. You will need the following configuration CONVO_INSTANCE_URL, CLIENT_ID and CLIENT_SECRET. | ||
* CONVO_INSTANCE_URL: <MEDALLIA_CONVERSATION_HOST>/oauth/token |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Need to add https://
src/helpers/TestOAuthServer.js
Outdated
// test OAuth server that supports only client_credentials grant type | ||
// with a fixed set of client id and secret values configured in auth-settings.js |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// This implements a basic OAuth 2.0-compatible token server for use with this reference implementation.
// It only supports client_credentials grants and uses the static client_id/client_secret values that are
// configured in auth-settings.js.
src/helpers/TestOAuthServer.js
Outdated
const cache = new Cache({ | ||
ttl: 3600 * 1000 | ||
}); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we've used this Cache declaration twice now? Should we abstract to a helper function and/or at least move the default TTL value to a shared constant file?
src/helpers/TestOAuthServer.js
Outdated
} else { | ||
const token = crypto.randomBytes(16).toString('hex'); | ||
const { auth } = req; | ||
if (auth.user) cache.put(token, auth.user); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't use single-line if
statements. Add {}
and put on multiple lines.
src/helpers/TestOAuthServer.js
Outdated
const { auth } = req; | ||
if (auth.user) cache.put(token, auth.user); | ||
console.info(`Issued new access token: ${token} for client ${auth.user || 'unknown'}`); | ||
res.status(200).send({ access_token: token, expires_in: 3600 }); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reference the DEFAULT_OAUTH_EXPIRES_SECS
constant here?
src/helpers/TestOAuthServer.js
Outdated
} | ||
}); | ||
|
||
// This is just to confirm the token is valid and get the client info for the token |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not clear what exactly this function does. Is this used for your internal debugging? Or is it valuable to Conversations somehow?
c660e96
to
12698a6
Compare
No description provided.