search

zorn-v / nextcloud-social-login

GNU Affero General Public License v3.0
198 stars 137 forks source link

OAuth2 provider identifier - feishu #388

Closed RavenLiao closed 1 year ago

RavenLiao commented 1 year ago

I want to login with Feishu(飞书) oauth2 , but it show "Can not get identifier from provider". And it doesn't have OIDC. So I hope social login can support it.

setting

Authorize url: https://passport.feishu.cn/suite/passport/oauth/authorize Token url: https://passport.feishu.cn/suite/passport/oauth/token Profile url: https://passport.feishu.cn/suite/passport/oauth/userinfo

Profile API

here is doc site, but it is in Chinese

request Header:

key value
Authorization Bearer ${access_token}

response Header:

key value
Content-Type application/json;charset=UTF-8

response body

parm desc type necessary
sub equal open_id string Yes
name user name string Yes
picture equal avatar_url string Yes
open_id user id in app string Yes
union_id user id in tenant which developing this app string Yes
en_name user English name string Yes
tenant_key user id in tenant string Yes
avatar_url user avatar string Yes
avatar_thumb user avatar 72x72 string Yes
avatar_middle user avatar240x240 string Yes
avatar_big user avatar 640x640 string Yes
user_id user feishu id, return only after app authorization string No
employee_no user tenant employee no, return only after app authorization string No
email user email, return only after app authorization string No
mobile user mobile number, return only after app authorization string No
body example
{
    "sub": "ou_caecc734c2e3328a62489fe0648c4b98779515d3",
    "name": "李雷",
    "picture": "https://www.feishu.cn/avatar",
    "open_id": "ou_caecc734c2e3328a62489fe0648c4b98779515d3",
    "union_id": "on_d89jhsdhjsajkda7828enjdj328ydhhw3u43yjhdj",
    "en_name": "Lilei",
    "tenant_key": "736588c92lxf175d",
    "avatar_url": "www.feishu.cn/avatar/icon",
    "avatar_thumb": "www.feishu.cn/avatar/icon_thumb",
    "avatar_middle": "www.feishu.cn/avatar/icon_middle",
    "avatar_big": "www.feishu.cn/avatar/icon_big",
    "email": "zhangsan@feishu.cn",
    "user_id": "5d9bdxxx",
    "employee_no": "111222333",
    "mobile": "+86130xxxx0000"
}
zorn-v commented 1 year ago

Did you try to use OpenID Connect instead OAuth2 ?

RavenLiao commented 1 year ago

Did you try to use OpenID Connect instead OAuth2 ?

I tried this. image but it show No id_token was found.

zorn-v commented 1 year ago

Ok, I'll add sub as "userId" for OAuth then. It seems like OIDC identifier so let it be.

zorn-v commented 1 year ago

Check v5.3.0

RavenLiao commented 1 year ago

It work when use Custom OAuth2 now.