Code Monkey home page Code Monkey logo

ghl-app-template's Introduction

@cbnsndwch/ghl-app-template

A base template for full-stack HighLevel Marketplace apps

Table of Contents

Getting Started

  :warning: This project requires a recent version of NodeJS installed on your machine. The current Active LTS version is NodeJS 20.x and a transition to NodeJS 22.x is expected on November of 2024.

You should be OK using NodeJS 18.x until the end of the maintenance period in April 2025 but I will not be offering support for it.

For more information on NodeJS LTS releases, see the NodeJS Release Schedule.  

Create a new repository from this template

Then, clone your new repository on your dev machine and install the dependencies:

git clone https://github.com/{YOUR_GITHUB_USERNAME}/ghl-app-template
cd ghl-app-template
yarn

Open the directory in VSCode:

code .

To start the development server with the debugger attached run the Debug API launch configuration. Alternatively, change to the apps/server directory and run the following command:

yarn dev

Usage

Work in progress...

API Routes

Work in progress...

SSO (iframe integration)

This section illustrates the process of authenticating a user in the context of a GHL Marketplace App's Custom Pages, by using the new GHL SSO feature. The SSO flow works as follows:

  1. The user navigates to the GHL App under the Marketplace menu.
  2. The GHL App loads the Custom Page in an iframe.
  3. The Custom Page requests the SSO session info from the GHL App by sending a cross-frame message.
  4. The GHL App requests the SSO session info from the GHL Server, passing the app's Client ID.
  5. The GHL Server uses the app's SSO Token to encrypt the SSO session info and returns it to the GHL App.
  6. The GHL App returns the encrypted SSO session info to the Custom Page by sending a response cross-frame message.
  7. The Custom Page sends the encrypted SSO session info to the Marketplace App's back-end. The back-end decrypts the SSO session info using the app's SSO Token. Perform app-specific autjorization logic here, like checking if the user, location, or agency is allowed to access the Marketplace.
  8. The back-end returns the decrypted SSO session info to the Custom Page along with any relevant app-specific data.
  9. The Custom Page now has access to the user's SSO session info and can use it to show content or provide functionality that is user-, location-, or agency-specific.

SSO Flow

For a reference implementation see the code in apps/server/public/js/ghl.mjs.

License

This project is licensed under the MIT License.

ghl-app-template's People

Contributors

cbnsndwch avatar dependabot[bot] avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

mavera0107 vemich ghfjs23fjs nilupulmanodya abdul-mustapha keshav1990

ghl-app-template's Issues

Looking for GHL marketplace app SSO implementation documentation

I wouild like to apologize by creating an issue to get your attention. I'd be happy to send you a virtual coffee or beer for your help.

I am simply looking for any documentation that discusses how GHL is implementing SSO for marketplace apps. I see your flow diagram, but it's missing the key point of how the session is encrypted so that I can understand how to decrypt it. I thought decryption would be a bit more straight forward, similar to your NodeJS example, but it is not as easily implemented in Python.

I'm using the pycryptodome library and the AES module that it provides. I'm base 64 decoding the SSO key and session payload into their byte equivalents. The data I'm seeing does line up with AES specifications for key size and block size on the payload. I've tried all the AES modes as well and I cannot get the decryption process to yield anything but gibberish. I'm assuming I should be seeing byte data that looks like ASCII json to be parsed as a last step, similar to your example.

Any help would be appreciated, as I'm stuck here. Let me know what I can do to show my appreciation.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.