{"id":13558178,"url":"https://github.com/discourse/discourse-oauth2-basic","last_synced_at":"2025-04-06T22:10:22.678Z","repository":{"id":2242324,"uuid":"43092131","full_name":"discourse/discourse-oauth2-basic","owner":"discourse","description":"A basic OAuth2 plugin for use with Discourse","archived":false,"fork":false,"pushed_at":"2024-08-05T11:19:26.000Z","size":470,"stargazers_count":117,"open_issues_count":3,"forks_count":111,"subscribers_count":28,"default_branch":"main","last_synced_at":"2024-08-05T13:08:49.655Z","etag":null,"topics":["discourse","discourse-plugin","oauth2"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/discourse.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-09-24T20:45:21.000Z","updated_at":"2024-08-05T11:19:28.000Z","dependencies_parsed_at":"2023-07-05T16:15:31.029Z","dependency_job_id":"d10a1e06-8072-4305-a15b-1fd1ff8f60f3","html_url":"https://github.com/discourse/discourse-oauth2-basic","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/discourse%2Fdiscourse-oauth2-basic","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/discourse%2Fdiscourse-oauth2-basic/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/discourse%2Fdiscourse-oauth2-basic/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/discourse%2Fdiscourse-oauth2-basic/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/discourse","download_url":"https://codeload.github.com/discourse/discourse-oauth2-basic/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247557767,"owners_count":20958047,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["discourse","discourse-plugin","oauth2"],"created_at":"2024-08-01T12:04:47.788Z","updated_at":"2025-04-06T22:10:22.662Z","avatar_url":"https://github.com/discourse.png","language":"Ruby","readme":"## discourse-oauth2-basic\n\nThis plugin allows you to use a basic OAuth2 provider as authentication for\nDiscourse. It should work with many providers, with the caveat that they\nmust provide a JSON endpoint for retrieving information about the user\nyou are logging in.\n\nThis is mainly useful for people who are using login providers that aren't\nvery popular. If you want to use Google, Facebook or Twitter, those are\nincluded out of the box and you don't need this plugin. You can also\nlook for other login providers in our [Github Repo](https://github.com/discourse).\n\n## Usage\n\n## Part 1: Basic Configuration\n\nFirst, set up your Discourse application remotely on your OAuth2 provider.\nIt will require a **Redirect URI** which should be:\n\n`http://DISCOURSE_HOST/auth/oauth2_basic/callback`\n\nReplace `DISCOURSE_HOST` with the appropriate value, and make sure you are\nusing `https` if enabled. The OAuth2 provider should supply you with a\nclient ID and secret, as well as a couple of URLs.\n\nVisit your **Admin** \u003e **Settings** \u003e **Login** and fill in the basic\nconfiguration for the OAuth2 provider:\n\n- `oauth2_enabled` - check this off to enable the feature\n\n- `oauth2_client_id` - the client ID from your provider\n\n- `oauth2_client_secret` - the client secret from your provider\n\n- `oauth2_authorize_url` - your provider's authorization URL\n\n- `oauth2_token_url` - your provider's token URL.\n\nIf you can't figure out the values for the above settings, check the\ndeveloper documentation from your provider or contact their customer\nsupport.\n\n## Part 2: Configuring the JSON User Endpoint\n\nDiscourse is now capable of receiving an authorization token from your\nOAuth2 provider. Unfortunately, Discourse requires more information to\nbe able to complete the authentication.\n\nWe require an API endpoint that can be contacted to retrieve information\nabout the user based on the token.\n\nFor example, the OAuth2 provider [SoundCloud provides such a URL](https://developers.soundcloud.com/docs/api/reference#me).\nIf you have an OAuth2 token for SoundCloud, you can make a GET request\nto `https://api.soundcloud.com/me?oauth_token=A_VALID_TOKEN` and\nwill get back a JSON object containing information on the user.\n\nTo configure this on Discourse, we need to set the value of the\n`oauth2_user_json_url` setting. In this case, we'll input the value of:\n\n```\nhttps://api.soundcloud.com/me?oauth_token=:token\n```\n\nThe part with `:token` tells Discourse that it needs to replace that value\nwith the authorization token it received when the authentication completed.\nDiscourse will also add the `Authorization: Bearer` HTTP header with the\ntoken in case your API uses that instead.\n\nThere is one last step to complete. We need to tell Discourse what\nattributes are available in the JSON it received. Here's a sample\nresponse from SoundCloud:\n\n```json\n{\n  \"id\": 3207,\n  \"permalink\": \"jwagener\",\n  \"username\": \"Johannes Wagener\",\n  \"uri\": \"https://api.soundcloud.com/users/3207\",\n  \"permalink_url\": \"http://soundcloud.com/jwagener\",\n  \"avatar_url\": \"http://i1.sndcdn.com/avatars-000001552142-pbw8yd-large.jpg?142a848\",\n  \"country\": \"Germany\",\n  \"full_name\": \"Johannes Wagener\",\n  \"city\": \"Berlin\"\n}\n```\n\nThe `oauth2_json_user_id_path`, `oauth2_json_username_path`, `oauth2_json_name_path` and\n`oauth2_json_email_path` variables should be set to point to the appropriate attributes\nin the JSON.\n\nThe only mandatory attribute is _id_ - we need that so when the user logs on in the future\nthat we can pull up the correct account. The others are great if available -- they will\nmake the signup process faster for the user as they will be pre-populated in the form.\n\nHere's how I configured the JSON path settings:\n\n```\n  oauth2_json_user_id_path: 'id'\n  oauth2_json_username_path: 'permalink'\n  oauth2_json_name_path: 'full_name'\n```\n\nI used `permalink` because it seems more similar to what Discourse expects for a username\nthan the username in their JSON. Notice I omitted the email path: SoundCloud do not\nprovide an email so the user will have to provide and verify this when they sign up\nthe first time on Discourse.\n\nIf the properties you want from your JSON object are nested, you can use periods.\nSo for example if the API returned a different structure like this:\n\n```json\n{\n  \"user\": {\n    \"id\": 1234,\n    \"email\": {\n      \"address\": \"test@example.com\"\n    }\n  }\n}\n```\n\nYou could use `user.id` for the `oauth2_json_user_id_path` and `user.email.address` for `oauth2_json_email_path`.\n\n## Part 3: Test it with Google OAuth 2.0 Server\n\nTo test this plugin in your local dev environment you can use Google OAuth 2.0 Server. Follow [this guide](https://support.google.com/cloud/answer/6158849?hl=en) to create new OAuth client id \u0026 secret.\n\n- While creating it choose \"Web application\" as \"Application type\".\n- Add `http://localhost:3000` in \"Authorized JavaScript origins\" and `http://localhost:3000/auth/oauth2_basic/callback` in \"Authorized redirect URIs\" fields.\n- Then add following site settings in your admin panel.\n\n```json\n{\n  \"oauth2_enabled\": true,\n  \"oauth2_client_id\": \"YOUR_PROJECT_CLIENT_ID\",\n  \"oauth2_client_secret\": \"YOUR_PROJECT_CLIENT_SECRET\",\n  \"oauth2_authorize_url\": \"https://accounts.google.com/o/oauth2/auth\",\n  \"oauth2_token_url\": \"https://www.googleapis.com/oauth2/v3/token\",\n  \"oauth2_user_json_url\": \"https://www.googleapis.com/userinfo/v2/me\",\n  \"oauth2_json_user_id_path\": \"id\",\n  \"oauth2_json_user_name_path\": \"name\",\n  \"oauth2_json_user_email_path\": \"email\",\n  \"oauth2_json_user_avatar_path\": \"picture\",\n  \"oauth2_email_verified\": true,\n  \"oauth2_scope\": \"https://www.googleapis.com/auth/userinfo.email\"\n}\n```\n\nThat's it! You can check it now in your browser.\n\nGood luck setting up custom OAuth2 on your Discourse!\n\n### Issues\n\nPlease use [this topic on meta](https://meta.discourse.org/t/oauth2-basic-support/33879) to discuss\nissues with the plugin, including bugs and feature requests.\n\n### How to run tests\n\nMake sure the plugin has been installed, then from the discourse directory run:\n\n```\nLOAD_PLUGINS=1 bundle exec rspec plugins/discourse-oauth2-basic/spec/plugin_spec.rb\n```\n\n### License\n\nMIT\n","funding_links":[],"categories":["Ruby","others"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdiscourse%2Fdiscourse-oauth2-basic","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdiscourse%2Fdiscourse-oauth2-basic","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdiscourse%2Fdiscourse-oauth2-basic/lists"}