So, I know you can install the OAuth Server on UNA to make it a provider. I know you can install OAuth Connect to have it connect to another UNA instance that is running OAuth Server. I see the apps in the marketplace to connect UNA to other social media platforms that are authentication providers. (Now that that is out of the way, here is where I am at:)
My nonprofit has developed its own OAuth2 provider Heis Soma so our members can use SSO through Heis Soma for all of our connected websites. I would like to connect my UNA community to Heis Soma as the authentication method. Now, I did use the OAuth Connect plugin, and was able to see the resulting information UNA sent to the Heis Soma servers. I setup a special incoming path for that connection, provided authentication and returned the user back to the `redirect_uri` encoded in the URL UNA connect sent. All seemed to go well on Heis Soma side as it allowed me to log into my account, asked me if I wanted to Authorize My Faith Community (the name of my UNA community), I clicked 'Authorize', and it sent me back to the `redirect_uri` and I get an "ERROR OCCURRED" message (see attached image). Since I am new to UNA coding, I don't know how to check logs yet to see what the error is. I went into Audit (logs were enabled) checked for logs for UNA Connect, and nothing showing. Any suggestions?
Another possible route to do what I am wanting is to modify another Connect app's code to make it work with my app?
I just download the code for the Twitter Connect and LinkedIn Connect apps. I haven't coded in PHP for sometime now, but following along, it looks like I might be able to change the code in one of them to just say, `bx_heissoma` instead of `bx_twitter` for instance; then change the code for the DB and connection to make sure that it is pulling in and storing the information correctly.
I see some variables not referenced elsewhere in the folder, so I am assuming they are required from the core UNA framework? For instance in the Twitter Connect app, the `request.php` file has the following line:
require_once(BX_DIRECTORY_PATH_INC . 'profiles.inc.php');
and those two files are not located within the downloaded folder. I went into the UNA Docs (which the UNA team has been working so hard to update, and I am very thankful for this), but the module section leads to a GitHub page that isn't so helpful unfortunately.
If this is the direction I should go, instead of using the UNA Connect as in my original post, can someone direct me to an information that may be helpful as I modify one of these connection apps?
Thank you all!
Hello @TCCDevelopment
Did you setup all endpoints for your UNA site in your adaptation?
Authorize endpoint: https://example.com/path-to-una/modules/?r=oauth2/auth
Access token endpoint: https://example.com/path-to-una/modules/?r=oauth2/token
Get user info endpoints: https://example.com/path-to-una/modules/?r=oauth2/api/me
Usually, all UNA logs can be found in the log folder.
When you say my "adaptation", do you mean my OAuth provider, Heis Soma? Or the UNA site trying to use the provider to login?
I mean your variant of the Connect app.
Ahh, no, I did not. I just used the UNA Connect app as is, put in the endpoints for my provider, saw where the UNA site went and what it sent; updated the provider site to have specific una/auth code to account for that.
I am downloading the UNA Connect app now to take a look at its code.
I have updated the UNA Connect app with my code. Now, I just need to figure out how to go about uploading an app from within UNA; I've only gone through the App Storefront in Studio. But, I have to step away from the computer now for an appointment.
Also, is there a way within the UNA dashboard to get to "logs" or do I have to go through the server or FTP?
You may upload the module files to the UNA modules folder and then install it form the Apps Market in the usual way. And yes, the content of the log folder is available through FTP too.
Ok, Thank you @LeonidS for all of your help! I installed this through the AWS deployment solution UNA has. So, I will work in my AWS account to figure out the FTP login credentials needed to do both of those things. Again, thank you for pointing me in the right directions.