Here is the link to the Sandbox: http://drupal.org/sandbox/gansbrest/1524900

git clone --branch master gansbrest@git.drupal.org:sandbox/gansbrest/1524900.git

It's currently available for Drupal 6 only.

Module description:

At the moment oAuth2 Connect allows you to authenticate with different 3rd party oAuth2 providers and maintains association between drupal uid and provider uid.

The module provides an abstraction layer with pluggable components for different oAuth2 providers. Currently it doesn't have an UI and all oAuth2 configuration is done with plugins ( and plugins are just classes extending an abstract class ).

The goal was to allow the plugin to handle the dirty work ( dialog url creation, tokens manipulation, user data retrieval ), because each provider implements the protocol a little differently. Most notably Facebook requires post request to get the access token.

We tested the module with the following oauth2 providers:
- Twitter
- Facebook
- Yammer

The main ideas behind this module were simplicity and extensibility. Before creating this module I evaluated different options including oauth and oauthconnector but at the moment there was no Drupal 6 version with oAuth 2.0 support, only 1.0. There were also many dependencies to consider - oauth, connector, http_client, chaos tools.

You probably could incorporate all of them and create oAuth authentication system, but it seemed like an overkill for me. That's how oAuth2 connect module was born..

Dependencies:

Autoload - http://drupal.org/project/autoload

Installation:

Install the module. The module comes with Facebook, Twitter and Yammer plugins, so go to the plugins subfolder and type in your current client_id and client_secret which you will get after application registration on the provider side.

Enable the block with Authentication options, which are easily themable using the default Drupal theme system.

Roadmap:

- Create access token refresh functionality
- Abstract out plugins location
- Expose access token in a smart way, so other modules could get additional data from external APIs
- Possible integration with connector module, so users could have the UI to manipulate connection (add / remove)
- Create D7 version

Comments

willietse’s picture

willietse commented

An initial automated review, there are some problems that need to be modified.

http://ventral.org/pareview/httpgitdrupalorgsandboxgansbrest1524900git

Recently, I have done based on the oauth module.
https://drupal.org/node/1497394

Manual review in progress.

1, About automatically create a new user(oauth2_connect_user_dispatch($userDataArr)), if I have some project must fill in registration form, or temporarily closed to registered users, Here will be a bug.

2, It's really lacking of too much of the inline comments.

3, oauth2_connect.module line 140, Using function l(), is not better?

4, I hope more about KEY is set in the system settings, rather than in the code.

luxpaparazzi’s picture

luxpaparazzi commented

What exactly is the difference between oAuth and oAuth2? I think there could be a small hint at the beginning of your project description...

gansbrest’s picture

gansbrest commented

Thanks for the initial review guys!

I've created separate branch for Drupal 6 as per willietse suggestion and fixed critical and normal problems in Coder. I'm not sure about minor / coding style problems, probably will get there eventually.

willietse also brought up a very good point about sites with closed or confirmation based registrations (if I understood it correctly). I will put that on the Roadmap for the module. I also think all of us would benefit from this module going from the sandbox to the real project so more people could find it and provide patches.

luxpaparazzi

If you are talking about protocol differences - http://blog.apigee.com/detail/oauth_differences/

As for the difference from oAuth drupal module - oAuth2 Connect was designed to be more straightforward (partly because it supports oAuth2.0 protocol only), delegates implementation logic to plugins, it doesn't require a bunch of different modules just the autoload and provides drupal_uid -> provider_uid functionality.

novalnet’s picture

novalnet commented

Hi,

Manual Review :

1. You should use t() for messages in drupal_set_message.ex : drupal_set_message($_GET['error_description'], 'error') should be drupal_set_message(t('@error', array(@error => $_GET['error_description']), 'error');
2. Please use l() to create link markup in line 140 of oauth2_connect.module and also in all other files.
3. Please add file comment and function coment in all the files.
4. Do not use t() in hook_schema() in oauth2_connect.install.
5. Class name must begin with a capital letter in includes/oAuth2.php
6. Please PAREVIEW your codes, it contains too many errors.

Thanks,

novalnet’s picture

novalnet commented
Status: Needs review » Needs work
klausi’s picture

klausi
he/him||they/them
Primary language German
Location 🇦🇹 Vienna
commented
Status: Needs work » Closed (won't fix)

Closing due to lack of activity. Feel free to reopen if you are still working on this application.