From d616b9eeec3aa3d037c95e53aa16c532125c7f28 Mon Sep 17 00:00:00 2001
From: Mark <mark@openappstack.net>
Date: Wed, 15 Jan 2020 16:21:59 +0100
Subject: [PATCH] Add rocketchat oauth client

---
 ansible/group_vars/all/oas.yml                   |  1 +
 .../apps/templates/single-sign-on-settings.yaml  | 16 ++++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/ansible/group_vars/all/oas.yml b/ansible/group_vars/all/oas.yml
index 17626d75a..e90671c70 100644
--- a/ansible/group_vars/all/oas.yml
+++ b/ansible/group_vars/all/oas.yml
@@ -38,6 +38,7 @@ userpanel_oauth_client_secret: "{{ lookup('password', '{{ cluster_dir }}/secrets
 nextcloud_oauth_client_secret: "{{ lookup('password', '{{ cluster_dir }}/secrets/nextcloud_oauth_client_secret chars=ascii_letters') }}"
 grafana_oauth_client_secret: "{{ lookup('password', '{{ cluster_dir }}/secrets/grafana_oauth_client_secret chars=ascii_letters') }}"
 wordpress_oauth_client_secret: "{{ lookup('password', '{{ cluster_dir }}/secrets/wordpress_oauth_client_secret chars=ascii_letters') }}"
+rocketchat_oauth_client_secret: "{{ lookup('password', '{{ cluster_dir }}/secrets/rocketchat_oauth_client_secret chars=ascii_letters') }}"
 userbackend_postgres_password: "{{ lookup('password', '{{ cluster_dir }}/secrets/userbackend_postgres_password chars=ascii_letters') }}"
 userbackend_admin_username: "admin"
 userbackend_admin_password: "{{ lookup('password', '{{ cluster_dir }}/secrets/userbackend_admin_password chars=ascii_letters') }}"
diff --git a/ansible/roles/apps/templates/single-sign-on-settings.yaml b/ansible/roles/apps/templates/single-sign-on-settings.yaml
index d09ec4115..acde7ee4a 100644
--- a/ansible/roles/apps/templates/single-sign-on-settings.yaml
+++ b/ansible/roles/apps/templates/single-sign-on-settings.yaml
@@ -28,6 +28,8 @@ userbackend:
       description: "Nextcloud Files offers an on-premise Universal File Access and sync platform with powerful collaboration capabilities and desktop, mobile and web interfaces."
     - name: &WORDPRESS wordpress
       description: "WordPress website hosting."
+    - name: &ROCKETCHAT rocketchat
+      description: "Communicate and collaborate using team chat and switch to video or audio calls with screen sharing for more efficient teamwork."
     - name: &GRAFANA grafana
       description: "Grafana allows you to query, visualize, alert on and understand metrics generated by OpenAppStack. It can be used to create explore and share dashboards."
   username: "{{ userbackend_admin_username }}"
@@ -103,6 +105,20 @@ oAuthClients:
     - "code"
   grantTypes:
     - "implicit"
+- clientName: *ROCKETCHAT
+  clientSecret: "{{ rocketchat_oauth_client_secret }}"
+  redirectUri: "https://chat.{{ domain }}/_oauth/openappstack"
+  scopes: "openid profile email openappstack_roles"
+  clientUri: "https://chat.{{ domain }}"
+  clientLogoUri: "https://chat.{{ domain }}/images/logo/logo.svg"
+  tokenEndpointAuthMethod: "client_secret_post"
+  responseTypes:
+    - "code"
+    - "id_token"
+  grantTypes:
+    - "authorization_code"
+    - "refresh_token"
+    - "client_credentials"
 - clientName: *GRAFANA
   clientSecret: "{{ grafana_oauth_client_secret }}"
   redirectUri: "https://grafana.{{ domain }}/login/generic_oauth"
-- 
GitLab