Rocket.chat: NextCloud integration

Note that at the moment iframe integration (ie. first point) can be easily achieved with External app (https://apps.nextcloud.com/apps/external).

I have similar ideas, yet my programming skills both in Ruby and PHP are pitiful at best. One of the features that I found would be useful (and actually what initially brought me to Rocketchat+) was to be able to have it running at all times in the background for the notification support. The Chat/XMPP plugin accomplishes this somehow. Looking forward to seeing what comes of this, although I'll be more of a cheerer on the sidelines.

Well, #404 would be in fact useful as one of ways besides app iframe. Currently there is NextCloud app ojsxc, which provides nice-looking XMPP interface on top of NextCloud interface.

Would really love to see an integration between Rocket.Chat und Nextcloud. To start with I would be happy to post notifications from Nextcloud to Rocket.Chat. After this, having Nextcloud as attachment source would be awesome!

Hey,
We also use Nextcloud and i started a rocketchat server for the IT Department a while ago. unfortunally my colleague's don't use the chat anymore so the server wasn't used much.

Now the Managment likes a similiar setup and i try to revive the rocket.chat and also like to integrate nextcloud as mcuh as possible.

Any step to bring these both awesome tools together will help me argument to invest or even donate to both projects.

I have just small coding skills myself but try to help as much as i can.

Point no. 5 is very interesting for me. Currently attaching files means keeping them twice on the server. It would be ideal, if Rocket.Chat would allow to store/search attachments on/from Nextcloud <3

+1 for all of this functionality! NextCloud+RocketChat would be very powerful.

• 1 for this, would come really handy

I believe some nextcloud integration is proposed as a gsoc project. But long term if we were to do this, it would be in the forum of a Rocket.Chat App.

For now it is possible to use NextCloud as OAuth2 provider, so that if someone doesn't use some external way of authentication (like LDAP) it can be very useful, as credentials are managed by NextCloud and Rocket.Chat authenticates via OpenID Connect. I didn't test it yet, but configuring OAuth2 is pretty straightforward, so it should work out of the box.
Probably it would be also possible to share some other resources via OAuth2 (like files and so on), but it would require some development on Rocket.Chat side.

@MarPiRK have you tested this approach? I'm trying to use Nextcloud as Oauth2 provider for rocket.chat and as for now i didn't succeded...

Additional idea: Similar to the integration available with GoogleCalendar, the Nextcloud calendar could be integrated into Rocket.Chat, e.g. users could create a special room that notifies them about calendar events.

I did it! Now it seems pretty staightforward (:)
It works with Nextcloud 13.0.2 and rocket 0.64.1
You have to set token path to /index.php/apps/oauth2/api/v1/token
Identity Path to /ocs/v2.php/cloud/user?format=json
Authorize Path to /index.php/apps/oauth2/authorize
username field to ocs.data.id
Allow user registration through external services (if you don't want to create user by hand).

And it works :tired_face:

Hi,
I've successfully connected Nextcloud 13.0.2 with 0.64.1 RocketChat (thanks moonwolf-github !);
... BUT : everytime I use the Oauth Connector to access RockeChat over Nextcloud login form, I loose my Nextcloud session (i.e. : if Nextcloud is open in another Browser Tab, the user is disconnected and I have to reconnect).
Any thoughts from someone ?

hey actually we have a gsoc student(@karakayasemi) working on (next|own)cloud, and I believe very soon we will have this feature :)

@MarPiRK, this is a great idea you have. Same here. We are using Nextcloud and Rocket.Chat at the same time. Both software may be build in a different way, but they are open source. In my opinion there should be more interaction between both.

Hi guys! It's happening! https://rocket.chat/2018/09/17/RC-Nextcloud-partnership-post/

I did it! Now it seems pretty staightforward (:)
It works with Nextcloud 13.0.2 and rocket 0.64.1
You have to set token path to /index.php/apps/oauth2/api/v1/token
Identity Path to /ocs/v2.php/cloud/user?format=json
Authorize Path to /index.php/apps/oauth2/authorize
username field to ocs.data.id
Allow user registration through external services (if you don't want to create user by hand).

And it works

Hey! Can anybody confirm that this works? I tried to use nextcloud as oauth for RC and the nextcloud auth popup appears and I can easily log in and grant permission but when the window closes RC gives an "Internal Server Error".

Any server errors?

@geekgonecrazy Thank you for responding. I wish to take this forward this year with a GSoC project.
I'm building both RC and NC from source and individually they are working fine. I'm able to use NC as a file upload storage for RC. I'm also able to open the file picker for NC from within RC and then send files stored at NC server in RC chats through webdav. But I'm getting "Internal Server Error" when I try to login to RC via NC oauth.

EDIT: I think this may be related to the fact that I have both RC and NC on http instead of https. This issue may also be related. https://github.com/RocketChat/Rocket.Chat/issues/919

EDIT2: It finally worked! Turns out the Identity Path does not need index.php so removing it from the url. I am editing the config if anyone else has this issue. Also, I moved to a remote server from local server.

This is my custom oauth config that I have entered in RC. I think something may be wrong here.
URL: [SERVER] (Eg. http://localhost/nextcloud/)
Token Path: index.php/apps/oauth2/api/v1/token
Token Sent Via: Header
Identity Token Sent Via: Same as Token Sent Via
Identity Path: /ocs/v2.php/cloud/user?format=json
Authorize Path: index.php/apps/oauth2/authorize
Scope: openid
Id: kipMYAZQxbg0lCU***************************qcb9vQhUG1sRBKkmx
Secret: nDX0y0FILGjkJ*****************************HNPuYnt52OYuM5smW
Username field: ocs.data.id

This is the RC log:

W20190323-16:05:54.449(5.5) (oauth_server.js:392) Error in OAuth Server: Failed to complete OAuth handshake with nextcloud at http://localhost/nextcloud/index.php/apps/oauth2/api/v1/token. failed [500] <!DOCTYPE html> <html class="ng-csp" data-placeholder-focus="false" lang="en" data-locale="en" >  <head  data-requesttoken="">        <meta charset="utf-8">      <title>         Nextcloud       </title>        <meta http-equiv="X-UA-Compatible" content="IE=edge">       <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0">       <meta name="apple-itunes-app" content="app-id=1125420102">      <meta name="theme-color" content="#0082c9">         <link rel="icon" href="/nextcloud/index.php/apps/theming/fa...
I20190323-16:05:54.585(5.5)? Exception while invoking method 'login' { Error: Failed to complete OAuth handshake with nextcloud at http://localhost/nextcloud/index.php/apps/oauth2/api/v1/token. failed [500] <!DOCTYPE html> <html class="ng-csp" data-placeholder-focus="false" lang="en" data-locale="en" >     <head  data-requesttoken="">        <meta charset="utf-8">      <title>         Nextcloud       </title>        <meta http-equiv="X-UA-Compatible" content="IE=edge">       <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0">       <meta name="apple-itunes-app" content="app-id=1125420102">      <meta name="theme-color" content="#0082c9">         <link rel="icon" href="/nextcloud/index.php/apps/theming/fa...
I20190323-16:05:54.586(5.5)?     at CustomOAuth.getAccessToken (app/custom-oauth/server/custom_oauth_server.js:118:18)
I20190323-16:05:54.586(5.5)?     at Object.OAuth.registerService.query [as handleOauthRequest] (app/custom-oauth/server/custom_oauth_server.js:174:29)
I20190323-16:05:54.586(5.5)?     at OAuth._requestHandlers.(anonymous function) (packages/oauth2/oauth2_server.js:10:33)
I20190323-16:05:54.586(5.5)?     at middleware (packages/oauth/oauth_server.js:161:5)
I20190323-16:05:54.586(5.5)?     at /home/utkarsh/.meteor/packages/promise/.0.11.2.zpjg1x.sihl++os+web.browser+web.browser.legacy+web.cordova/npm/node_modules/meteor-promise/fiber_pool.js:43:40
I20190323-16:05:54.586(5.5)?   message: 'Failed to complete OAuth handshake with nextcloud at http://localhost/nextcloud/index.php/apps/oauth2/api/v1/token. failed [500] <!DOCTYPE html> <html class="ng-csp" data-placeholder-focus="false" lang="en" data-locale="en" > \t<head  data-requesttoken=""> \t\t<meta charset="utf-8"> \t\t<title> \t\tNextcloud\t\t</title> \t\t<meta http-equiv="X-UA-Compatible" content="IE=edge"> \t\t<meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0"> \t\t<meta name="apple-itunes-app" content="app-id=1125420102"> \t\t<meta name="theme-color" content="#0082c9"> \t\t<link rel="icon" href="/nextcloud/index.php/apps/theming/fa...',
I20190323-16:05:54.587(5.5)?   response: 
I20190323-16:05:54.587(5.5)?    { statusCode: 500,
I20190323-16:05:54.587(5.5)?      content: '<!DOCTYPE html>\n<html class="ng-csp" data-placeholder-focus="false" lang="en" data-locale="en" >\n\t<head\n data-requesttoken="">\n\t\t<meta charset="utf-8">\n\t\t<title>\n\t\tNextcloud\t\t</title>\n\t\t<meta http-equiv="X-UA-Compatible" content="IE=edge">\n\t\t<meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0">\n\t\t<meta name="apple-itunes-app" content="app-id=1125420102">\n\t\t<meta name="theme-color" content="#0082c9">\n\t\t<link rel="icon" href="/nextcloud/index.php/apps/theming/favicon?v=0">\n\t\t<link rel="apple-touch-icon-precomposed" href="/nextcloud/index.php/apps/theming/icon?v=0">\n\t\t<link rel="mask-icon" sizes="any" href="/nextcloud/core/img/favicon-mask.svg" color="#0082c9">\n\t\t<link rel="manifest" href="/nextcloud/index.php/apps/theming/manifest?v=0">\n\t\t<link rel="stylesheet" href="/nextcloud/core/css/guest.css?v=599d2865-0">\n\t\t<script nonce="UHJzbUN1eG9yUE83QzZKVVBrc3NhQ1ZPTy9hdG1SdEtjd3MvRDczempPdz06RmMxblk0b2dsSnJ0UCs4TmFSRmdEVzU1ZDhmdjh6QStIWDVLT00rOTQ2bz0=" defer src="/nextcloud/core/js/dist/main.js?v=599d2865-0"></script>\n<script nonce="UHJzbUN1eG9yUE83QzZKVVBrc3NhQ1ZPTy9hdG1SdEtjd3MvRDczempPdz06RmMxblk0b2dsSnJ0UCs4TmFSRmdEVzU1ZDhmdjh6QStIWDVLT00rOTQ2bz0=" defer src="/nextcloud/index.php/js/core/merged-template-prepend.js?v=599d2865-0"></script>\n<script nonce="UHJzbUN1eG9yUE83QzZKVVBrc3NhQ1ZPTy9hdG1SdEtjd3MvRDczempPdz06RmMxblk0b2dsSnJ0UCs4TmFSRmdEVzU1ZDhmdjh6QStIWDVLT00rOTQ2bz0=" defer src="/nextcloud/core/search/js/search.js?v=599d2865-0"></script>\n<script nonce="UHJzbUN1eG9yUE83QzZKVVBrc3NhQ1ZPTy9hdG1SdEtjd3MvRDczempPdz06RmMxblk0b2dsSnJ0UCs4TmFSRmdEVzU1ZDhmdjh6QStIWDVLT00rOTQ2bz0=" defer src="/nextcloud/core/js/dist/share_backend.js?v=599d2865-0"></script>\n<script nonce="UHJzbUN1eG9yUE83QzZKVVBrc3NhQ1ZPTy9hdG1SdEtjd3MvRDczempPdz06RmMxblk0b2dsSnJ0UCs4TmFSRmdEVzU1ZDhmdjh6QStIWDVLT00rOTQ2bz0=" defer src="/nextcloud/core/search/js/searchprovider.js?v=599d2865-0"></script>\n<script nonce="UHJzbUN1eG9yUE83QzZKVVBrc3NhQ1ZPTy9hdG1SdEtjd3MvRDczempPdz06RmMxblk0b2dsSnJ0UCs4TmFSRmdEVzU1ZDhmdjh6QStIWDVLT00rOTQ2bz0=" defer src="/nextcloud/core/js/files/fileinfo.js?v=599d2865-0"></script>\n<script nonce="UHJzbUN1eG9yUE83QzZKVVBrc3NhQ1ZPTy9hdG1SdEtjd3MvRDczempPdz06RmMxblk0b2dsSnJ0UCs4TmFSRmdEVzU1ZDhmdjh6QStIWDVLT00rOTQ2bz0=" defer src="/nextcloud/core/js/files/client.js?v=599d2865-0"></script>\n\t\t<link rel="stylesheet" href="/nextcloud/index.php/apps/theming/styles?v=0"/><script defer src="/nextcloud/index.php/apps/theming/js/theming?v=0" nonce="UHJzbUN1eG9yUE83QzZKVVBrc3NhQ1ZPTy9hdG1SdEtjd3MvRDczempPdz06RmMxblk0b2dsSnJ0UCs4TmFSRmdEVzU1ZDhmdjh6QStIWDVLT00rOTQ2bz0="></script><script defer src="/nextcloud/index.php/apps/accessibility/js/accessibility?v=0" nonce="UHJzbUN1eG9yUE83QzZKVVBrc3NhQ1ZPTy9hdG1SdEtjd3MvRDczempPdz06RmMxblk0b2dsSnJ0UCs4TmFSRmdEVzU1ZDhmdjh6QStIWDVLT00rOTQ2bz0="></script>\t</head>\n\t<body id="body-login">\n\t\t<noscript>\n\t<div id="nojavascript">\n\t\t<div>\n\t\t\tThis application requires JavaScript for correct operation. Please <a href="https://www.enable-javascript.com/" target="_blank" rel="noreferrer noopener">enable JavaScript</a> and reload the page.\t\t</div>\n\t</div>\n</noscript>\n\t\t\t\t<div class="wrapper">\n\t\t\t<div class="v-align">\n\t\t\t\t\t\t\t\t\t<header role="banner">\n\t\t\t\t\t\t<div id="header">\n\t\t\t\t\t\t\t<div class="logo">\n\t\t\t\t\t\t\t\t<h1 class="hidden-visually">\n\t\t\t\t\t\t\t\t\tNextcloud\t\t\t\t\t\t\t\t</h1>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</header>\n\t\t\t\t\t\t\t\t<main>\n\t\t\t\t\t<div class="error error-wide">\n\t<h2>Internal Server Error</h2>\n\t<p>The server was unable to complete your request.</p>\n\t<p>If this happens again, please send the technical details below to the server administrator.</p>\n\t<p>More details can be found in the server log.</p>\n\n\t<h3>Technical details</h3>\n\t<ul>\n\t\t<li>Remote Address: 127.0.0.1</li>\n\t\t<li>Request ID: QOdE6eowMdjOIrxByrUv</li>\n\t\t\t</ul>\n\n\t</div>\n\t\t\t\t</main>\n\t\t\t</div>\n\t\t</div>\n\t\t<footer role="contentinfo">\n\t\t\t<p class="info">\n\t\t\t\t<a href="https://nextcloud.com" target="_blank" rel="noreferrer noopener" class="entity-name">Nextcloud</a> – a safe home for all your data\t\t\t</p>\n\t\t</footer>\n\t</body>\n</html>\n',
I20190323-16:05:54.587(5.5)?      headers: 
I20190323-16:05:54.587(5.5)?       { date: 'Sat, 23 Mar 2019 10:35:52 GMT',
I20190323-16:05:54.587(5.5)?         server: 'Apache/2.4.38 (Unix) PHP/7.3.3',
I20190323-16:05:54.587(5.5)?         'x-powered-by': 'PHP/7.3.3',
I20190323-16:05:54.588(5.5)?         'set-cookie': [Array],
I20190323-16:05:54.588(5.5)?         expires: 'Thu, 19 Nov 1981 08:52:00 GMT',
I20190323-16:05:54.588(5.5)?         'cache-control': 'no-store, no-cache, must-revalidate',
I20190323-16:05:54.588(5.5)?         pragma: 'no-cache',
I20190323-16:05:54.588(5.5)?         'content-security-policy': 'default-src \'self\'; script-src \'self\' \'unsafe-eval\' \'nonce-UHJzbUN1eG9yUE83QzZKVVBrc3NhQ1ZPTy9hdG1SdEtjd3MvRDczempPdz06RmMxblk0b2dsSnJ0UCs4TmFSRmdEVzU1ZDhmdjh6QStIWDVLT00rOTQ2bz0=\'; style-src \'self\' \'unsafe-inline\'; frame-src *; img-src * data: blob:; font-src \'self\' data:; media-src *; connect-src *; object-src \'none\'; base-uri \'self\';',
I20190323-16:05:54.588(5.5)?         'x-frame-options': 'SAMEORIGIN',
I20190323-16:05:54.622(5.5)?         'x-xss-protection': '1; mode=block',
I20190323-16:05:54.622(5.5)?         'x-content-type-options': 'nosniff',
I20190323-16:05:54.622(5.5)?         'x-robots-tag': 'none',
I20190323-16:05:54.622(5.5)?         'x-download-options': 'noopen',
I20190323-16:05:54.622(5.5)?         'x-permitted-cross-domain-policies': 'none',
I20190323-16:05:54.622(5.5)?         'referrer-policy': 'no-referrer',
I20190323-16:05:54.623(5.5)?         'content-length': '4096',
I20190323-16:05:54.623(5.5)?         connection: 'close',
I20190323-16:05:54.623(5.5)?         'content-type': 'text/html; charset=UTF-8' },
I20190323-16:05:54.623(5.5)?      data: null } }

So dropping index.php from path solved?

@geekgonecrazy yes! It did... Though I am still not able to integrate NC OAuth in local server even after using ngrok and then changing the server URL to the ngrok one. It shows an error that unable to verify first certificate and handshake could not be completed. :( Though I couldn't give much time to solve this then.

Note that at the moment iframe integration (ie. first point) can be easily achieved with External app (https://apps.nextcloud.com/apps/external).

Is there a guide on how to do this? I'd like to try that, if I may, but having trouble finding resources/walkthroughs.

In Rocket Chat, what do I put in here:

And then, in Nextcloud do I need to do anything special when adding Rocket Chat as an external site?