From 832a95bf7917943c26803ad65c04feffa6e8b977 Mon Sep 17 00:00:00 2001
From: Alexander Mokrov <13138763+sanyappc@users.noreply.github.com>
Date: Mon, 9 Sep 2024 13:13:34 +0300
Subject: [PATCH 1/2] fix: rocket.chat 6 auth requires state

---
 server/modules/authentication/rocketchat/authentication.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/modules/authentication/rocketchat/authentication.js b/server/modules/authentication/rocketchat/authentication.js
index c966326e..9b21ece8 100644
--- a/server/modules/authentication/rocketchat/authentication.js
+++ b/server/modules/authentication/rocketchat/authentication.js
@@ -40,7 +40,8 @@ module.exports = {
         clientID: conf.clientId,
         clientSecret: conf.clientSecret,
         callbackURL: conf.callbackURL,
-        passReqToCallback: true
+        passReqToCallback: true,
+        state: true
       }, async (req, accessToken, refreshToken, profile, cb) => {
         try {
           const user = await WIKI.models.users.processProfile({

From e3f589c38068ab11465601d8722f03625e08eb8b Mon Sep 17 00:00:00 2001
From: "Alexander M. Mokrov" <a.mokrov@norsi-trans.ru>
Date: Thu, 22 May 2025 16:32:40 +0300
Subject: [PATCH 2/2] fix: use proper rocket.chat oauth endpoint

---
 .../authentication/rocketchat/authentication.js       | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/server/modules/authentication/rocketchat/authentication.js b/server/modules/authentication/rocketchat/authentication.js
index 9b21ece8..2140d12f 100644
--- a/server/modules/authentication/rocketchat/authentication.js
+++ b/server/modules/authentication/rocketchat/authentication.js
@@ -13,7 +13,8 @@ module.exports = {
     const siteURL = conf.siteURL.slice(-1) === '/' ? conf.siteURL.slice(0, -1) : conf.siteURL
 
     OAuth2Strategy.prototype.userProfile = function (accessToken, cb) {
-      this._oauth2.get(`${siteURL}/api/v1/me`, accessToken, (err, body, res) => {
+      this._oauth2.useAuthorizationHeaderforGET(true)
+      this._oauth2.get(`${siteURL}/oauth/userinfo`, accessToken, (err, body, res) => {
         if (err) {
           WIKI.logger.warn('Rocket.chat - Failed to fetch user profile.')
           return cb(err)
@@ -21,10 +22,10 @@ module.exports = {
         try {
           const usr = JSON.parse(body)
           cb(null, {
-            id: usr._id,
-            displayName: _.isEmpty(usr.name) ? usr.username : usr.name,
-            email: usr.emails[0].address,
-            picture: usr.avatarUrl
+            id: usr.sub,
+            displayName: _.isEmpty(usr.name) ? usr.preffered_username : usr.name,
+            email: usr.email,
+            picture: usr.picture
           })
         } catch (err) {
           WIKI.logger.warn('Rocket.chat - Failed to parse user profile.')