Drupal 8 Oauth2
The Request Object
To override the OAuth controller we will have to let Drupal know that when /oauth/token route is requested rather than using a controller provided by a simple OAuth module use the controller from our custom module. We will have to alter the route so that we can inform Drupal. I am trying to do some research into potentially setting up an existing Drupal site with user accounts/login page to also be an OAuth service provider, basically authenticating users to make calls with a web service. I am looking for a Drupal module which will give this functionality.
Every server call begins with a request. This library uses its own simple object tovalidate calls to the server. You will almost always create this like so:
Because this uses PHP Interfaces, we can easily extend it for the framework we are using:
The Response Object
The response object serves the purpose of making your server OAuth2 compliant. It will set the appropriate status codes, headers,and response body for a valid or invalid oauth request. To use it as it’s simplest level, just send the output and exit:
The response object can also be used to customize output. Below, if the request is NOT valid, the error is sent to the browser:
This will populate the appropriate error headers, and return a json error response. If you do not want to send a JSON response,the response object can be used to display the information in any other format:
This is very useful when working in a framework or existing codebase, where this library will not have full control of the response.
See the HttpFoundation Bridge library for plugging your request/responseinto frameworks using the HttpFoundation library.
A few months ago I helped a client switch over to Zoom for hosting their webinars. As a professional membership association, they needed to limit registrations to members only. They were also interested in streamlining the process of creating and marketing webinars – doing as much as possible in one system with fewer steps. We used Zoom’s API and a new module for Drupal 8 to make it easy: from dynamically publishing members-only webinars to automatically creating recap pages – complete with saved recordings – for each event.
Getting Familiar with the Zoom API
The Zoom API provides a suite of RESTful endpoints for interacting with just about every part of Zoom. Using the API, developers can build rich video conferencing integrations directly into applications.
Learn more about the Zoom API on Zoom’s marketplace website.
Streamlining Members-Only Webinars
For our purposes, we specifically wanted to:
- Let site admins do everything in one system. When an author creates a new webinar page in Drupal, it should automatically generate a new webinar in Zoom.
- Limit registration to members only. For this particular client, webinars were one of the benefits of purchasing an association membership. Registrations needed to stay behind a paywall.
- Cut down on manual work. In the past, site admins would have to manually upload webinar recordings and publish event recaps. We wanted to reduce or eliminate the need for manual work and copy-and-paste.
Drupal 8 + Zoom API
The Zoom API module for Drupal 8 makes Zoom integrations easy for Drupal developers. Here are the basic steps:
- First, install the Zoom API module. Assuming you’re using composer for your Drupal project, type:
composer require drupal/zoomapi:^1.0
- If you haven't already, create a Zoom App (JWT) Be sure to record your API key and secret for later use.
- Enable the Zoom API Drupal module. With Drush installed, you can simply type:
drush en zoomapi
- After enabling the module, set the necessary API credentials in your Drupal website under /admin/config/zoomapi. You’ll need to set up your API key and secret using the required Key module. Storing keys in files outside the webroot or as environment variables is recommended. (Here’s a post by my colleague Edmund about saving sensitive data the right way.)
- If you’re using the Zoom Event Subscriptions feature (aka webhooks), enable them in your Zoom Application. Copy your Verification Token into the appropriate field at /admin/config/zoomapi. On the Zoom side while managing your app, enter your 'Event Notification endpoint URL,” which will always be https://your-domain.com/zoomapi-webhooks (Sidenote: webhooks let you respond to data being pushed out from Zoom. For example, you could trigger an event in your application every time a meeting starts or ends.)
- Create a custom module for your integration. If you’re using Drupal Console, you can just type
drupal generate:moduleand follow the prompts. There are a number of ways you might want to architect your module.
- Make a test API call in your custom module:
Drupal 8 Oauth2 Client
- In a custom module, inject the
zoomapi.clientservice or write an EventSubscriber – whichever best meets your needs.
Drupal 8 Download
Example Module for Drupal 8
Drupal 8 Release Date
To get started with your own Zoom API integrations in Drupal 8, check out this example module on GitHub. To learn more about the Zoom API Drupal 8 module, checkout the module README. Drop me a line in the comments section if you have questions, or to show off your next great Zoom API integration project!