Revert oauth commit from master (#70)

* Revert "Add OAuth based authentication to Zoom plugin (#52)"

This reverts commit 9d418a0.

* post-revert fixes

README.md

@@ -17,7 +17,7 @@ You will need a paid Zoom account to use the plugin.
 
 1. Go to **System Console > Plugins > Zoom** to configure the Zoom Plugin.
 
-![image](./assets/settings.png)
+![image](https://github.com/mattermost/docs/raw/master/source/images/zoom_system_console.png)
 
 2. If you're using a self-hosted private cloud or on-premise Zoom server, enter the **Zoom URL** and **Zoom API URL** for the Zoom server, for example `https://yourzoom.com` and `https://api.yourzoom.com/v2` respectively. Leave blank if you're using Zoom's vendor-hosted SaaS service.
 
@@ -37,28 +37,9 @@ You will need a paid Zoom account to use the plugin.
 
 To generate an **API Key** and **API Secret** requires a [Pro, Business, Education, or API Zoom plan](https://zoom.us/pricing).
 
-4. Set the **OAuth ClientID** and **OAuth Secret**, generated by Zoom and used to create meetings and pull user data:
+4. Enable settings for [overriding usernames](https://docs.mattermost.com/administration/config-settings.html#enable-integrations-to-override-usernames) and [overriding profile picture icons](https://docs.mattermost.com/administration/config-settings.html#enable-integrations-to-override-profile-picture-icons).
 
-  - Go to https://marketplace.zoom.us/ and log in.
-  - In the top left click on **Develop** and then **Build App**.
-  - Select **OAuth** in **Choose your app type** section.
-  - Enter a name for your app and disable **Intend to publish this app on Zoom Marketplace**.
-  - Choose **Account-level app** as the app type.
-  - Click **Create**.
-  - Enter the **Company Name** and **Developer Contact Information** for your app.
-  - Go to the **App Credentials** tab on the left. Here you'll find your **Client ID** and **Client Secret**.
-  - Enter a Valid **Redirect URL for OAuth** (`https://<SiteUrl>/plugins/zoom/oauth2/complete`) and add the same url under **Whitelist URL**.
-    * `SiteUrl` should be your mattermost server url
-  - Add following scopes "user:read", "meeting:write", "webinar:write", "recording:write"
-  - Paste the **Client ID** and **Client Secret** into the fields in the System Console, and hit **Save**.
-  - Generate an **Encryption Key** to save the encryped tokens.
-
-![create OAuth app scrren](./assets/oauth_creds.png)
-
-
-5. Enable settings for [overriding usernames](https://docs.mattermost.com/administration/config-settings.html#enable-integrations-to-override-usernames) and [overriding profile picture icons](https://docs.mattermost.com/administration/config-settings.html#enable-integrations-to-override-profile-picture-icons).
-
-6. Activate the plugin at **System Console > Plugins > Management** by clicking **Activate** for Zoom.
+5. Activate the plugin at **System Console > Plugins > Management** by clicking **Activate** for Zoom.
 
 ![image](https://github.com/mattermost/docs/blob/master/source/images/zoom_system-console_management.png)
 

go.mod

@@ -8,5 +8,4 @@ require (
 	github.com/mattermost/mattermost-server/v5 v5.18.0
 	github.com/pkg/errors v0.8.1
 	github.com/stretchr/testify v1.4.0
-	golang.org/x/oauth2 v0.0.0-20190319182350-c85d3e98c914
 )

go.sum

@@ -386,7 +386,6 @@ golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAG
 golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/oauth2 v0.0.0-20190319182350-c85d3e98c914 h1:jIOcLT9BZzyJ9ce+IwwZ+aF9yeCqzrR+NrD68a/SHKw=
 golang.org/x/oauth2 v0.0.0-20190319182350-c85d3e98c914/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/perf v0.0.0-20180704124530-6e6d33e29852/go.mod h1:JLpeXjPJfIyPr5TlbXLkXWLhP8nz10XfvxElABhCtcw=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f h1:wMNYb4v58l5UBM7MYRLPG6ZhfOqbKu7X5eyFl8ZhKvA=

plugin.json

@@ -32,39 +32,6 @@
                 "help_text": "The API URL for a self-hosted private cloud or on-premise Zoom server. For example, https://api.yourzoom.com/v2. Leave blank if you're using Zoom's vendor-hosted SaaS service.",
                 "placeholder": "https://api.zoom.us/v2"
             },
-            {
-                "key": "EnableOAuth",
-                "display_name": "Enable OAuth",
-                "type": "bool",
-                "help_text": "When true, OAuth will be used as authentication means with Zoom. \n Please enable only either one of OAuth based or Password base authentication.",
-                "default": false
-            },
-            {
-                "key": "OAuthClientID",
-                "display_name": "Zoom OAuth Client ID",
-                "type": "text",
-                "help_text": "The Client ID for the OAuth app registered with Zoom. Leave blank if not using OAuth"
-            },
-            {
-                "key": "OAuthClientSecret",
-                "display_name": "Zoom OAuth Client Secret",
-                "type": "text",
-                "help_text": "The Client Secret for the OAuth app registered with Zoom. Leave blank if not using OAuth"
-            },
-            {
-                "key": "EncryptionKey",
-                "display_name": "At Rest Token Encryption Key",
-                "type": "generated",
-                "help_text": "The AES encryption key used to encrypt stored access tokens.",
-                "regenerate_help_text": "Regenerates the encryption key for Zoom OAuth Token. Regenerating the key invalidates your existing Zoom OAuth."
-            },
-            {
-                "key": "EnableLegacyAuth",
-                "display_name": "Enable Password based authentication",
-                "type": "bool",
-                "help_text": "When true, user's email and password will be used to authenticate with Zoom. \n Please enable only either one of OAuth based or Password base authentication.",
-                "default": true
-            },
             {
                 "key": "APIKey",
                 "display_name": "API Key",

server/command.go

@@ -33,6 +33,7 @@ func (p *Plugin) postCommandResponse(args *model.CommandArgs, text string) {
 }
 
 func (p *Plugin) executeCommand(c *plugin.Context, args *model.CommandArgs) (string, error) {
+
 	split := strings.Fields(args.Command)
 	command := split[0]
 	action := ""
@@ -68,12 +69,12 @@ func (p *Plugin) executeCommand(c *plugin.Context, args *model.CommandArgs) (str
 			return "", nil
 		}
 
-		zoomUser, authErr := p.authenticateAndFetchZoomUser(userID, user.Email, args.ChannelId)
-		if authErr != nil {
-			return authErr.Message, authErr.Err
+		// create a personal zoom meeting
+		ru, clientErr := p.zoomClient.GetUser(user.Email)
+		if clientErr != nil {
+			return "We could not verify your Mattermost account in Zoom. Please ensure that your Mattermost email address matches your Zoom login email address.", nil
 		}
-
-		meetingID := zoomUser.Pmi
+		meetingID := ru.Pmi
 
 		_, appErr = p.postMeeting(user.Username, meetingID, args.ChannelId, "")
 		if appErr != nil {

server/configuration.go

@@ -21,17 +21,11 @@ import (
 // If you add non-reference types to your configuration struct, be sure to rewrite Clone as a deep
 // copy appropriate for your types.
 type configuration struct {
-	ZoomURL           string
-	ZoomAPIURL        string
-	EnableLegacyAuth  bool
-	APIKey            string
-	APISecret         string
-	EnableOAuth       bool
-	OAuthClientID     string
-	OAuthClientSecret string
-	OAuthRedirectUrl  string
-	EncryptionKey     string
-	WebhookSecret     string
+	ZoomURL       string
+	ZoomAPIURL    string
+	APIKey        string
+	APISecret     string
+	WebhookSecret string
 }
 
 // Clone shallow copies the configuration. Your implementation may require a deep copy if
@@ -43,33 +37,12 @@ func (c *configuration) Clone() *configuration {
 
 // IsValid checks if all needed fields are set.
 func (c *configuration) IsValid() error {
-
-	if _, err := isValidAuthConfig(c); err != nil {
-		return err
+	if len(c.APIKey) == 0 {
+		return errors.New("APIKey is not configured")
 	}
 
-	switch {
-	case c.EnableLegacyAuth:
-		switch {
-		case len(c.APIKey) == 0:
-			return errors.New("APIKey is not configured")
-
-		case len(c.APISecret) == 0:
-			return errors.New("APISecret is not configured")
-		}
-	case c.EnableOAuth:
-		switch {
-		case len(c.OAuthClientSecret) == 0:
-			return errors.New("OAuthClientSecret is not configured")
-
-		case len(c.OAuthClientID) == 0:
-			return errors.New("OAuthClientID is not configured")
-
-		case len(c.EncryptionKey) == 0:
-			return errors.New("Please generate EncryptionKey from Zoom plugin settings")
-		}
-	default:
-		return errors.New("Please select either OAuth or Password based authentication")
+	if len(c.APISecret) == 0 {
+		return errors.New("APISecret is not configured")
 	}
 
 	if len(c.WebhookSecret) == 0 {
@@ -128,29 +101,7 @@ func (p *Plugin) OnConfigurationChange() error {
 	if err := p.API.LoadPluginConfiguration(configuration); err != nil {
 		return errors.Wrap(err, "failed to load plugin configuration")
 	}
-	if _, err := isValidAuthConfig(configuration); err != nil {
-
-		if apiErr := p.API.DisablePlugin(manifest.Id); apiErr != nil {
-			return errors.Wrap(apiErr, "failed to disable plugin on invalid configuration change")
-		}
-
-		return errors.Wrap(err, "failed to validate authentication configuration")
-	}
-
 	p.setConfiguration(configuration)
 
 	return nil
 }
-
-// function to validate authentication config
-func isValidAuthConfig(configuration *configuration) (bool, error) {
-	switch {
-	case configuration.EnableLegacyAuth && configuration.EnableOAuth:
-		return false, errors.New(
-			"Only one authentication scheme (OAuth or Password) is allowed to be enabled at the same time.")
-	case !configuration.EnableLegacyAuth && !configuration.EnableOAuth:
-		return false, errors.New("Please enable authentication")
-	default:
-		return true, nil
-	}
-}