video-calls: Add Zoom Serverto Server OAuth integration.

Adds a second Zoom integration that uses the Zoom Server to Server OAuth app process. Only one of the two Zoom integrations can be configured on a Zulip server. Adds a cache for the access token from the Zoom server so that it can be used by the server to create meetings for the approximate duration of the access token In the web-app compose box, if the user's delivery email does not match a user on the configured Zoom account for the server to server integration, then a compose box error banner will be shown when the error response is received after clicking/selecting the video or audio call button. Also updates the production documentation for the both types of Zoom integration apps (Server to Server and General). The General app process for Zoom now requires unlisted apps to go through their review process, which we now have documented. Fixes #33117.
2025-11-02 13:03:29 +00:00 · 2025-01-10 19:59:53 +01:00
parent e22c786d4b
commit 8561800676
18 changed files with 435 additions and 39 deletions
--- a/zproject/default_settings.py
+++ b/zproject/default_settings.py
@@ -119,6 +119,7 @@ SOCIAL_AUTH_SYNC_ATTRS_DICT: dict[str, dict[str, dict[str, str]]] = {}
 SSO_APPEND_DOMAIN: str | None = None
 CUSTOM_HOME_NOT_LOGGED_IN: str | None = None

+VIDEO_ZOOM_SERVER_TO_SERVER_ACCOUNT_ID = get_secret("video_zoom_account_id", development_only=True)
 VIDEO_ZOOM_CLIENT_ID = get_secret("video_zoom_client_id", development_only=True)
 VIDEO_ZOOM_CLIENT_SECRET = get_secret("video_zoom_client_secret")

--- a/zproject/prod_settings_template.py
+++ b/zproject/prod_settings_template.py
@@ -709,9 +709,10 @@ SOCIAL_AUTH_SAML_SUPPORT_CONTACT = {
 ################
 ## Video call integrations.
 ##
-## Controls the Zoom video call integration.  See:
+## Controls the Zoom video call integrations.  See:
 ## https://zulip.readthedocs.io/en/latest/production/video-calls.html
 # VIDEO_ZOOM_CLIENT_ID = "<your Zoom client ID>"
+# VIDEO_ZOOM_SERVER_TO_SERVER_ACCOUNT_ID = "<your Zoom account ID>"

 ## Controls the Jitsi Meet video call integration.  By default, the
 ## integration uses the SaaS https://meet.jit.si server.  You can specify
--- a/zproject/test_extra_settings.py
+++ b/zproject/test_extra_settings.py
@@ -194,6 +194,7 @@ SOCIAL_AUTH_OIDC_ENABLED_IDPS: dict[str, OIDCIdPConfigDict] = {
 SOCIAL_AUTH_OIDC_FULL_NAME_VALIDATED = True


+VIDEO_ZOOM_SERVER_TO_SERVER_ACCOUNT_ID = "account_id"
 VIDEO_ZOOM_CLIENT_ID = "client_id"
 VIDEO_ZOOM_CLIENT_SECRET = "client_secret"