Zoom plugin: OAuth integration #136
Comments
|
I suppose an alternate solution would be if Indico developed a Zoom Marketplace App directly? Many thanks for your consideration! |
|
I think both are things that would need to be contributed by someone outside the core team - we do not need this functionality ourselves, and it would require significant development effort to support. |
|
That was tried at the very beginning and it turns out that Zoom's handling of OAuth refresh tokens is disastrous to say the least. If you happen to miss a response due to a bug or temporarily unavailability, you end up with a dead token which you can only renew by asking the user to re-authorize. In the case of admin-level OAuth tokens, that's of course not very practical... |
|
Indeed - even though I think he might have had user-level tokens in mind. Those wouldn't play well together with the idea of being able to select someone else as the host (unless Indico has a token for them), but could in principle work if users were asked to do the oauth flow whenever they try to do an operation that interacts with the Zoom APIs and there's no valid token available. |
|
FYI Zoom is deprecating the JWT App Type in favour for SDK/OAUTH. https://developers.zoom.us/docs/guides/build/jwt-app/jwt-faq |
|
We're aware. I started #193 a while ago, but then I realized what a complete pile of garbage their oauth integration is (getting a token invalidates all previous tokens) and I haven't updated it yet to ensure only a single token is every used and expired/invalidates ones are correctly handled, but I will do that (and merge the PR / release an updated Zoom plugin) before the June deadline where JWT will go away for good. |
|
The linked PR is merged, so is this supported now? I have issues setting this up, mainly: what of the several tokens zoom provides when creating the marketplace oauth app do I need to fill into API Key / API Secret on the Indico side? I have on the zoom side:
Also zoom needs a "Redirect URL for OAuth", which I guess is some path under our indico instance, but I cannot find what I need to put there. |
|
The plugin uses "server oauth" (and that is indeed merged), NOT per-user oauth. So there are no redirect URLs etc involved.... |
|
If I create an oauth based app in the zoom market place, I need to provide a redirect URL and it is tested if that works. It is required and zoom doesn't let me create the app without that working. |
|
Server-to-server oauth does not use a redirect URL since there is no end user oauth flow. The plugin does NOT support user oauth, only server-to-server oauth. |
|
Thanks for linking the corresponding documentation, that's a different link from the README and clear what is meant. Unfortunately, I don't see the tile for "Server to server OAuth", which probably means I am lacking the corresponding permissions. |
It would be great if the indico zoom plugin provided an integration option under OAuth (which does not require developer privileges). Unfortunately I am unable to obtain developer credentials with our zoom instance, so I'm unable to build a JWT App.
The text was updated successfully, but these errors were encountered: