Availability |
Odoo Online
Odoo.sh
On Premise
|
Community Apps Dependencies | Show |
Lines of code | 841 |
Technical Name |
ekika_oauth2_provider |
License | OPL-1 |
Website | https://ekika.co |
Versions | 12.0 13.0 14.0 15.0 16.0 17.0 18.0 |
Supported Versions | 12.0 | 13.0 | 14.0 | 15.0 | 16.0 | 17.0 | 18.0 |
---|---|---|---|---|---|---|---|
Community | |||||||
Enterprise |
https://www.ekika.co/support

OAuth 2.0 Provider
You can use your odoo as central auth server like "Login with Google / Login with Odoo". In the following video we showcase you by connecting two Odoo system.
- "easyapi.ekika.app": This is odoo instance on which user can login using another system.
- "oauth-provider.ekika.app": This act as a central auth provider (So you can make Login with <YOUR-BRAND> on your multiple platforms).
This provider is standard implementation of oauth2 so you can connect non-odoo systems to this provider.
Here's how the module works:

Introduction
Our OAuth 2.0 provider product offers a robust and scalable solution for implementing secure authorization in applications. It enables seamless integration, allowing third-party services to access user data with fine-grained permissions while maintaining the highest standards of privacy and authentication. Our product simplifies the implementation of OAuth 2.0, providing developers with a reliable and customizable solution for enhancing the security of their applications.
All Four Grant Types Supported:
Authorization Code Grant: Ideal for web applications, this flow involves obtaining an authorization code that is exchanged for an access token, enhancing security by keeping sensitive information confidential.
Implicit Grant: Suited for browser-based applications, this flow directly issues access tokens to clients after user authentication, simplifying the process but requiring careful consideration of security implications.
Resource Owner Password Credentials Grant: Allows clients to directly exchange user credentials for an access token, making it suitable for trusted clients but less preferable due to potential security risks.
Client Credentials Grant: Designed for machine-to-machine authentication, this flow enables direct exchange of client credentials for an access token, ensuring efficient authorization between services without involving user credentials.
You'll see how it's work in below example images.
Screenshot:

Authorization Code Grant:

Note:
For Authorization Code Grant, You Have To Define Controller at client-side for callback URL.
Consider Sample Code Below Or you can use our odoo module which provide authorization code grant flow: https://apps.odoo.com/apps/modules/17.0/api_auth_oauth2/
@http.route('/cb', methods=['GET'], type='http', auth='none', save_session=False, csrf=False) def oauth2_client_callback(self, **kwargs): """ This is for client, testing purpose """ if 'error' in kwargs: error = { 'error': kwargs['error'] } return Response(json.dumps(error), status=400) client_id = '<your client id>' client_secret = '<your client secret>' redirect_uri = 'https://easyapi.ekika.app/cb' scope = ['read','write','create','delete'] oauth = OAuth2Session(client_id, redirect_uri=redirect_uri) token = oauth.fetch_token( 'https://oauth-provider.ekika.app/oauth2/token', authorization_response=request.httprequest.url, include_client_id=True) # Note: token['scope'] responded as list ["read", "write", "create", "delete"] # but client has to store string of space saperated like "read write create delete" return Response(json.dumps(token), status=200)
Implicit Grant:

Resource Owner Password Credentials Grant:

Client Credentials Grant:

Refresh Access Token:

Token Revocation:

Services EKIKA Provides
EKIKA is your destination for expert Odoo ERP implementation and customization. We pride ourselves on building reliable, trust-based partnerships that give you full transparency and control over your business processes.
With over 12 years of experience, we can assist you with eCommerce platforms, production planning, point-of-sale systems, managing inventory adjustments, and providing advanced field worker tracking solutions to optimize your workflows and boost operational efficiency.

Implementation
Utilise Odoo ERP tailored for your business needs for smooth operations.

Customization
Personalized adjustments to Odoo modules for seamless management.

Support
Ongoing assistance and maintenance to optimize your Odoo system's performance.
Are you struggling with disorganized operations, high operational costs, or lack of transparency in your processes? What sets us apart is our commitment to personalized solutions tailored to your unique business needs and our proactive support, ensuring seamless integration and ongoing success.
Would you like to explore Odoo ERP for your business? Schedule a free consultation with EKIKA today!
Odoo Proprietary License v1.0 This software and associated files (the "Software") may only be used (executed, modified, executed after modifications) if you have purchased a valid license from the authors, typically via Odoo Apps, or if you have received a written agreement from the authors of the Software (see the COPYRIGHT file). You may develop Odoo modules that use the Software as a library (typically by depending on it, importing it and using its resources), but without copying any source code or material from the Software. You may distribute those modules under the license of your choice, provided that this license is compatible with the terms of the Odoo Proprietary License (For example: LGPL, MIT, or proprietary licenses similar to this one). It is forbidden to publish, distribute, sublicense, or sell copies of the Software or modified copies of the Software. The above copyright notice and this permission notice must be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Please log in to comment on this module