This project is not covered by Drupal’s security advisory policy.

Here's a description for your custom Drupal module that integrates Salesforce authentication using OAuth with added security through State and PKCE:

---

**Module Name**: Salesforce OAuth Authentication with PKCE

**Description**:
The **Salesforce OAuth Authentication with PKCE** module provides secure authentication for Drupal using Salesforce's OAuth 2.0 protocol, offering enhanced security features, including State and PKCE (Proof Key for Code Exchange). This module enables Drupal to authenticate users via Salesforce, allowing seamless integration between the two systems while adhering to modern security practices.

### Features:
- **OAuth 2.0 Authentication**: Authenticate users from Salesforce using the industry-standard OAuth 2.0 protocol.
- **PKCE (Proof Key for Code Exchange)**: Adds an extra layer of security by enforcing PKCE to mitigate authorization code interception attacks, ensuring secure communication during authentication.
- **State Parameter**: Incorporates a State parameter to protect against cross-site request forgery (CSRF) and ensure the integrity of the authorization process.
- **Easy Configuration**: Admin UI for setting up Salesforce credentials (Client ID, Client Secret) and defining redirect URIs.
- **Seamless Integration**: Once authenticated, users can be mapped to Drupal roles or permissions, allowing integration of Salesforce user management with Drupal.
- **Token Management**: Securely stores and manages access tokens for authenticated users.

### Use Case:
This module is ideal for Drupal sites that need to authenticate users through Salesforce, especially when dealing with sensitive data where security is a top priority. With PKCE and State included, the module ensures a secure OAuth workflow, suitable for both single-page apps and traditional web apps.

### Requirements:
- Drupal 9.x or higher
- Salesforce account with OAuth enabled
- PHP 7.4 or higher

### Installation:
1. Install and enable the module.
2. Configure the Salesforce app in the Salesforce dashboard to generate OAuth credentials (Client ID, Secret).
3. Set up the credentials and configure OAuth settings under the Drupal Salesforce settings page.
4. Customize the user role mappings and adjust any additional security settings.

---

This description should give potential users a clear understanding of the module's functionality and its security features.

Project information

  • caution Seeking co-maintainer(s)
    Maintainers are looking for help reviewing issues.
  • caution Maintenance fixes only
    Considered feature-complete by its maintainers.
  • Project categories: Access control, Decoupled, Integrations
  • Created by afaryab on , updated
  • shield alertThis project is not covered by the security advisory policy.
    Use at your own risk! It may have publicly disclosed vulnerabilities.

Releases