account_portal
This module provides the fundamental functionality to implement an "Account Portal", like how Google does it when you log in to a website with your Google account (accounts.google.com).
For what is this for?
When you want to build a "portal" to provide account functionality for your OAuth applications, like login, registration, etc.
The idea is to create a contained area in drupal where the user get's redirected when login in. This is mainly the /oauth/authorize endpoint from Simple OAuth. Depending in your setup, the user can then login or register, handle 2FA or even Passkeys.
You might also be interested in the Simple OAuth Account Picker module that let's the user pick the current account or previous accounts, just like Google does it.
Functionality
The following functionality is provided:
- Deeply integrates with the
consumersmodule to distinguish requests from different consumers. - Each request is expected to be prefixed with an account portal path and the consumer id. e.g.
/account-portal/realm/_consumer-id_/user/login. - Configurable routes which will have the base-path prefixed when the URL to that route is generated.
- Provides a utility to get the origin from where the user comes from.
Various utility functions are provided in AccountPortalUtility.
Most notably the AccountPortalUtility::getRedirectUri() method is used to get the redirect URL to where the user came from. The URL is either infered from the redirect_uri GET parameter, which is set when using the Authorization Code Grant or the Referer HTTP header.
Why not use the core routes?
One coud ask why not just use the core routes, like `/user/login`.
This indeed would work, but the problem is that in more complex flows,
like user registration, the user needs to go through multiple steps
(pages) before being redirected back to the external application.
If the user wants to abort the process and go back to the external
application, it would be very hard to get the information from where
the user came from.
Therefore by redirecting the user to an account portal route, the needed
information is always available.
This would also enable you to customize the account portal pages on a
per consumer basis. (e.g. show custom links, if the user comes from
a native mobile app, etc.)