Add lookup endpoint for external services to find users by their own id

Christian Schmidt · julianlam · commit 007923d0a9cb · 2025-03-10T11:20:38.000-04:00
diff --git a/README.md b/README.md
@@ -33,9 +33,15 @@ _The role-based access control functionality was sponsored by [Outplayed](https:
 
 ## For Developers
 
+### Hooks
 Other plugins can interact with this plugin, as it fires the following hooks:
 
 1. On successful login — `action:oauth2.login` — passes in `(name, user, profile)`
 	* `name` is the strategy name.
 	* `user` is the local NodeBB user (probably just the `uid`).
-	* `profile` is the remote profile as retrieved by this plugin.
+	* `profile` is the remote profile as retrieved by this plugin.
+
+### API
+If you need to look up the user from your own system, you can use the GET api route `/api/v3/plugins/oauth2-multiple/provider/:provider/user/:oAuthId`.
+* `:provider` must be the name of you OAuth2 strategy
+* `:oAuthId` must be the same value that the userinfo endpoint returns for the defined user id
diff --git a/lib/controllers.js b/lib/controllers.js
@@ -8,6 +8,7 @@ const db = require.main.require('./src/database');
 const groups = require.main.require('./src/groups');
 const slugify = require.main.require('./src/slugify');
 const helpers = require.main.require('./src/controllers/helpers');
+const userController = require.main.require('./src/controllers/user');
 
 const main = require('../library');
 
@@ -98,3 +99,13 @@ Controllers.deleteStrategy = async (req, res) => {
 	const strategies = await main.listStrategies();
 	helpers.formatApiResponse(200, res, { strategies });
 };
+
+Controllers.userByOAuthId = async (req, res) => {
+	const userId = await main.getUidByOAuthid(req.params.provider, req.params.oAuthId);
+	if (!userId) {
+		return helpers.formatApiResponse(404, res);
+	}
+
+	const userData = await userController.getUserDataByUID(req.uid, userId);
+	helpers.formatApiResponse(200, res, { userData });
+};
diff --git a/library.js b/library.js
@@ -33,6 +33,8 @@ OAuth.addRoutes = async ({ router, middleware }) => {
 	routeHelpers.setupApiRoute(router, 'post', '/oauth2-multiple/strategies', middlewares, controllers.editStrategy);
 	routeHelpers.setupApiRoute(router, 'get', '/oauth2-multiple/strategies/:name', middlewares, controllers.getStrategy);
 	routeHelpers.setupApiRoute(router, 'delete', '/oauth2-multiple/strategies/:name', middlewares, controllers.deleteStrategy);
+
+	routeHelpers.setupApiRoute(router, 'get', '/oauth2-multiple/provider/:provider/user/:oAuthId', middlewares, controllers.userByOAuthId);
 };
 
 OAuth.addAdminNavigation = (header) => {
