First version

lsgalves · Jun 11, 2023 · 18c2c96 · 18c2c96
commit 18c2c96
Show file tree

Hide file tree

Showing 8 changed files with 1,400 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,2 @@
+.venv
+__pycache__
diff --git a/COPYING b/COPYING
diff --git a/README.md b/README.md
@@ -0,0 +1,64 @@
+# err-backend-talk
+
+This is a backend for [Nexcloud Talk](https://nextcloud.com/talk/) for [Errbot](https://errbot.io/).
+
+## Installation
+
+```sh
+# Clone the repository in the errbot backend directory (BOT_EXTRA_BACKEND_DIR)
+git clone https://github.com/lsgalves/err-backend-talk.git
+cd err-backend-talk
+pip install -r requirements.txt
+```
+
+Add to Errbot `config.py`:
+
+```py
+BACKEND = 'Talk'
+```
+
+## Authentication
+
+### Add OAuth 2.0 Client
+
+Access Nextcloud at `/settings/admin/security` and create an OAuth 2.0 Client with the following data:
+
+- **Name:** Errbot
+- **Redirect URL:** http://localhost:8081/
+
+The redirect URL must point to the host running Errbot (_localhost_ in this example).
+Save the Client ID and Secret Key.
+
+### OAuth Authentication
+
+1. Run the `oauth.py` script:
+
+```sh
+python oauth.py
+```
+
+2. Provide the following data:
+    - Nextcloud installation base URL
+    - OAUTH KEY (Client ID)
+    - OAUTH SECERT (Secret Key)
+
+3. It will open a page in your browser to authorize the OAuth client with the logged in user.
+
+4 .After granting access to the OAuth client, you will be redirected to a screen with the data you must add in your **BOT_IDENTITY** section of your `config.py`:
+
+```py
+BOT_IDENTITY = {
+    'domain': 'http://localhost:8080',
+    'oauth_token': 'YOUR-TOKEN',
+    'oauth_key': 'YOUR-KEY',
+    'oauth_secret': 'YOUR-SECRET',
+}
+```
+
+## Contributing
+
+1. Fork it!
+2. Create your feature branch: `git checkout -b my-new-feature`
+3. Commit your changes: `git commit -am 'Add some feature'`
+4. Push to the branch: `git push origin my-new-feature`
+5. Submit a pull request :D
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,88 @@
+version: '3.7'
+
+networks:
+  nextcloud:
+
+services:
+  nextcloud:
+    image: nextcloud
+    container_name: nextcloud
+    networks:
+      - nextcloud
+    ports:
+      - "8080:80"
+    volumes:
+      - /tmp/nextcloud/html:/var/www/html
+      - /tmp/nextcloud/data:/srv/nextcloud/data
+    extra_hosts:
+      - "cloud.errbot.local:10.20.30.40"
+      - "office.errbot.local:10.20.30.40"
+    depends_on:
+      - mariadb
+      - redis
+    environment:
+      - NEXTCLOUD_TRUSTED_DOMAINS='cloud.errbot.local'
+      - NEXTCLOUD_DATA_DIR=/srv/nextcloud/data
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+      - MYSQL_PASSWORD=password
+      - MYSQL_HOST=nextcloud-mariadb
+      - REDIS_HOST=nextcloud-redis
+    restart: unless-stopped
+
+  mariadb:
+    image: mariadb
+    container_name: nextcloud-mariadb
+    restart: unless-stopped
+    volumes:
+      - /tmp/nextcloud/mariadb:/var/lib/mysql
+    environment:
+      - MYSQL_ROOT_PASSWORD=password
+      - MYSQL_PASSWORD=password
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+    networks:
+      - nextcloud
+
+  redis:
+    image: redis
+    container_name: nextcloud-redis
+    networks:
+      - nextcloud
+    restart: unless-stopped
+
+  coturn:
+    image: instrumentisto/coturn
+    container_name: nextcloud-coturn
+    restart: unless-stopped
+    ports:
+      - "3478:3478/tcp"
+      - "3478:3478/udp"
+    networks:
+      - nextcloud
+    command:
+      - -n
+      - --log-file=stdout
+      - --min-port=49160
+      - --max-port=49200
+      - --realm=cloud.errbot.local
+      - --use-auth-secret
+      - --static-auth-secret=password
+
+  collabora:
+    image: collabora/code
+    container_name: nextcloud-collabora
+    restart: unless-stopped
+    networks:
+      - nextcloud
+    ports:
+      - "9980:9980"
+    extra_hosts:
+      - "cloud.errbot.local:10.20.30.40"
+      - "office.errbot.local:10.20.30.40"
+    environment:
+      - 'domain=cloud.errbot.local'
+      - 'dictionaries=en'
+    cap_add:
+      - MKNOD
+    tty: true
diff --git a/oauth.py b/oauth.py
@@ -0,0 +1,89 @@
+#!/usr/bin/env python3
+from http.server import BaseHTTPRequestHandler, HTTPServer
+from urllib.parse import urlparse, parse_qs, urlencode
+from getpass import getpass
+import threading
+import webbrowser
+import os
+import signal
+
+import requests
+
+
+BASE_URL = None
+CLIENT_ID = None
+CLIENT_SECRET = None
+
+
+class CallbackServer(BaseHTTPRequestHandler):
+    def do_GET(self):
+        global BASE_URL, CLIENT_ID, CLIENT_SECRET
+        query = parse_qs(urlparse(self.path).query)
+        print(f'Receive code {query["code"][0]} from NextCloud')
+        payload = {
+            'client_id': CLIENT_ID,
+            'client_secret': CLIENT_SECRET,
+            'code': query['code'],
+            'redirect_uri':'http://localhost:8081/',
+            'grant_type': 'authorization_code',
+        }
+
+        response = requests.post(f'{BASE_URL}/apps/oauth2/api/v1/token', data=payload)
+        content = response.json()
+        token = content['refresh_token']
+        print(f'''
+You need to put this in your BOT_IDENTITY section of your config.py:
+
+"domain": "{BASE_URL}",
+"oauth_token": "{token}",
+"oauth_key": "{CLIENT_ID}",
+"oauth_secret": "{CLIENT_SECRET}",
+        ''')
+
+        threading.Timer(2.0, lambda:os.kill(os.getpid(), signal.SIGTERM)).start()
+
+        self.send_response(200)
+        self.send_header('Content-type','text/html')
+        self.end_headers()
+        response_bytes = bytes(f'<html><body>You need to put this in your BOT_IDENTITY section of your config.py:<br/><br/>DOMAIN={BASE_URL}<br/>OAUTH_TOKEN={token}<br/>OAUTH_KEY={CLIENT_ID}<br/>OAUTH_SECRET={CLIENT_SECRET}</body></html>', 'utf-8')
+        self.wfile.write(response_bytes)
+
+
+def run_server(bind_address: str, port: int):
+    webserver = HTTPServer((bind_address, port), CallbackServer)
+
+    try:
+        webserver.serve_forever()
+    except KeyboardInterrupt:
+        pass
+
+    webserver.server_close()
+
+
+if __name__ == '__main__':
+    # Put http://localhost:8080 when using with docker
+    BASE_URL = input('Enter URL to Nextcloud:').strip()
+
+    print(f'''
+Welcome to the NextCloud OAuth 2 authenticator for err.
+
+Go to {BASE_URL}/settings/admin/security.
+For `Name` any name, example: errbot
+For `Redirect URL` copy paste: http://localhost:8081/
+The site will give you back the necessary information.
+    ''')
+
+    CLIENT_ID = input('Enter the OAUTH KEY:').strip()
+    CLIENT_SECRET = getpass('Enter the OAUTH SECRET:').strip()
+
+    init_payload = {
+        'client_id': CLIENT_ID,
+        'response_type': 'code',
+        'redirect_uri': 'http://localhost:8081/'
+    }
+
+    url = f'{BASE_URL}/apps/oauth2/authorize?{urlencode(init_payload)}'
+    print(f'Now point your browser to:\n{url}\nto authorize Errbot to use NextCloud. I\'ll try to spawn your browser locally if possible.')
+    webbrowser.open_new_tab(url)
+
+    run_server('localhost', 8081)
diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1 @@
+requests
diff --git a/talk.plug b/talk.plug
@@ -0,0 +1,6 @@
+[Core]
+Name = Talk
+Module = talk
+
+[Documentation]
+Description = This is a backend implementation for Nextcloud Talk.