Office365 OAuth2 Plugin


(cpradio) #1

I’m happy to announce that I’ve completed the Microsoft Office365 OAuth2 plugin.

You can find the new repo at GitHub - discourse/discourse-plugin-office365-auth

You can update all settings within the Admin > Settings area (including disabling the plugin).

After installing the plugin, you will need to perform the following steps:

Visit https://dev.outlook.com/appregistration and follow the directions for creating an application, or look up the details of your existing application.

  • Generate a New Password under Application Secrets (copy the password, you will need it for your admin settings in Discourse). It is not necessary to create a Key Pair.
  • Click Add Platform and choose “Web”
  • Add your website as a Redirect URI in this format:
    https://[YOUR_FORUM_FQDN]/auth/microsoft_office365/callback
    (Note that Office 365 requires HTTPS, this will not work without it)
  • Ensure that there is a Delegated Permission of User.Read
  • Leave the Live SDK support option checked.
  • Click Save, the Client ID will be visible in the My Applications list

Any issues should be reported either here or via a GitHub issue. I also welcome translation file PRs, or general enhancement PRs.


Office 365 Login?
Activate users with a specific domain Directly
Direct activation when user belongs to group
(Allen - Watchman Monitoring) #2

Can confirm this works. Awesome!!


(cpradio) #3

Also going to give a shout out to @yesthatallen who has been working over the copy, README and overall documentation to improve its effectiveness. Your help is appreciated!


(Marko Kaartinen) #4

This works great, but I think these two texts should be configurable or at least translated?
with Office 365 and Log in via Office365

I have not so much knowledge of ruby development so I’m not able to do a PR for this :frowning:


(Arthur Geron) #5

It’s not working anymore on Discourse v2.0.0.beta2


(Sam Saffron) #6

Is this still working for you?


(Allen - Watchman Monitoring) #8

We had not been using the plugin on our main forum, but this was a good enough reason to try it out.

I:

  • Installed the plugin via our app.yml.
  • Created a new o365 application according to the repo’s readme
  • Did the standard cd /var/discourse git pull ./launcher rebuild app,
  • Entered the app ID & key in the admin’s settings.

A test of a new user registration worked without an issue.

And, now we have a new way for users to authenticate to our forum.


(Allen - Watchman Monitoring) #10

I was going to try to bring over the goodness of the more flexible settings from this PR

However, it looks like this o365 auth plugin is using slightly different internal language…

engine_name "discourse_saml" as opposed to PLUGIN_NAME = 'oauth-office365'
or maybe it would pick up on:

  def name
    'microsoft_office365'
  end

What namespace is the o365 plugin using, and would the same GlobalSetting.try

title = GlobalSetting.try(:oauth-office365_title) || "with Office365"

work here?


(Daan Seegers) #11

@cpradio is it possible to limit it by a domain


(cpradio) #12

I think so? It has been a long while since I’ve set one up, but when you register your site with Office365, I think you can limit it to specific domains.