Feature/oidc auth support

registry/client/package.json

@@ -37,6 +37,7 @@
         "@material-ui/core": "^4.9.0",
         "@material-ui/icons": "^4.5.1",
         "brace": "^0.11.1",
+        "js-cookie": "^2.2.1",
         "jsoneditor": "^8.6.4",
         "jsoneditor-react": "^3.0.0",
         "ra-data-simple-rest": "^3.3.2",

registry/client/src/LoginPage.js

@@ -0,0 +1,70 @@
+import React, { useEffect } from "react";
+import { Login, LoginForm } from 'react-admin';
+import Button from "@material-ui/core/Button";
+import CardActions from "@material-ui/core/CardActions/CardActions";
+import CircularProgress from '@material-ui/core/CircularProgress';
+import { makeStyles } from '@material-ui/core/styles';
+import { useSafeSetState } from 'ra-core';
+
+const useStyles = makeStyles(theme => ({
+    button: {
+        width: '100%',
+    },
+    icon: {
+        margin: `${theme.spacing(2)}px auto`,
+        display: 'block',
+    },
+}));
+
+
+const LoginPage = props => {
+    const classes = useStyles(props);
+    const [loading, setLoading] = useSafeSetState(true);
+    const [availMethods, setAvailMethods] = useSafeSetState([]);
+
+    useEffect(() => {
+        fetch('/auth/available-methods')
+            .then(response => {
+                if (response.status < 200 || response.status >= 300) {
+                    throw new Error(response.statusText);
+                }
+                return response.text();
+            }).then(res => {
+            setAvailMethods(JSON.parse(res));
+            setLoading(false)
+        });
+    }, []);
+
+    return (
+        <Login>
+            {loading ? (
+                <CircularProgress
+                    className={classes.icon}
+                    size={28}
+                    thickness={4}
+                />
+            ) : (
+                <div>
+                    {availMethods.includes('local') && (
+                        <LoginForm/>
+                    )}
+                    {availMethods.includes('openid') && (
+                        <CardActions>
+                            <Button
+                                variant="contained"
+                                color="secondary"
+                                href="/auth/openid"
+                                className={classes.button}
+                            >
+                                Login with OpenID
+                            </Button>
+                        </CardActions>
+                    )}
+                </div>
+
+            )}
+        </Login>
+    );
+};
+
+export default LoginPage;

registry/client/src/authEntities/Edit.js

@@ -0,0 +1,49 @@
+import React from 'react';
+import {
+    Create,
+    Edit,
+    SimpleForm,
+    SelectInput,
+    TextInput,
+    required,
+    TextField,
+} from 'react-admin'; // eslint-disable-line import/no-unresolved
+
+const Title = ({ record }) => {
+    return (<span>{record ? `Auth Entity "${record.identifier}"` : ''}</span>);
+};
+
+const InputForm = ({mode = 'edit', ...props}) => {
+    return (
+        <SimpleForm {...props}>
+            {mode === 'edit'
+                ? <TextField source="identifier" />
+                : <TextInput source="identifier" fullWidth validate={required()} />}
+            {mode === 'edit'
+                ? <TextField source="provider" />
+                : <SelectInput source="provider" fullWidth validate={required()} choices={[
+                    { id: 'bearer', name: 'Bearer' },
+                    { id: 'local', name: 'Local' },
+                    { id: 'openid', name: 'OpenID' },
+                ]} />}
+            <SelectInput source="role" fullWidth validate={required()} choices={[
+                { id: 'admin', name: 'Admin' },
+                { id: 'user', name: 'User' },
+            ]} />
+            <TextInput source="secret" fullWidth />
+        </SimpleForm>
+    );
+};
+
+export const MyEdit = ({ permissions, ...props }) => (
+    <Edit title={<Title />} undoable={false} {...props}>
+        <InputForm mode="edit"/>
+    </Edit>
+);
+export const MyCreate = ({ permissions, ...props }) => {
+    return (
+        <Create {...props}>
+            <InputForm mode="create"/>
+        </Create>
+    );
+};

registry/client/src/authEntities/List.js

@@ -0,0 +1,66 @@
+import React, { Children, Fragment, cloneElement, memo } from 'react';
+import { useMediaQuery, makeStyles } from '@material-ui/core';
+import {
+    BulkDeleteButton,
+    Datagrid,
+    EditButton,
+    List,
+    SimpleList,
+    TextField,
+    ChipField,
+} from 'react-admin'; // eslint-disable-line import/no-unresolved
+
+const PostListBulkActions = memo(props => (
+    <Fragment>
+        <BulkDeleteButton {...props} />
+    </Fragment>
+));
+
+const ListActionsToolbar = ({ children, ...props }) => {
+    const classes = makeStyles({
+        toolbar: {
+            alignItems: 'center',
+            display: 'flex',
+            marginTop: -1,
+            marginBottom: -1,
+        },
+    });
+
+    return (
+        <div className={classes.toolbar}>
+            {Children.map(children, button => cloneElement(button, props))}
+        </div>
+    );
+};
+
+const Pagination = () => (<div/>);
+
+const PostList = props => {
+    const isSmall = useMediaQuery(theme => theme.breakpoints.down('sm'));
+    return (
+        <List
+            {...props}
+            bulkActionButtons={<PostListBulkActions />}
+            exporter={false}
+            pagination={<Pagination/>}
+        >
+            {isSmall ? (
+                <SimpleList
+                    primaryText={record => record.identifier}
+                    secondaryText={record => record.provider}
+                />
+            ) : (
+                <Datagrid rowClick="edit" optimized>
+                    <TextField source="identifier" />
+                    <TextField source="provider" />
+                    <TextField source="role" />
+                    <ListActionsToolbar>
+                        <EditButton />
+                    </ListActionsToolbar>
+                </Datagrid>
+            )}
+        </List>
+    );
+};
+
+export default PostList;

registry/client/src/authEntities/index.js

@@ -0,0 +1,10 @@
+import Icon from '@material-ui/icons/PermIdentity';
+import {MyEdit, MyCreate} from './Edit';
+import List from './List';
+
+export default {
+    list: List,
+    create: MyCreate,
+    edit: MyEdit,
+    icon: Icon,
+};

registry/client/src/authProvider.js

@@ -1,7 +1,9 @@
+import Cookies from 'js-cookie';
+
 // Authenticatd by default
 export default {
     login: ({ username, password }) => {
-        const request = new Request('/login', {
+        const request = new Request('/auth/local', {
             method: 'POST',
             body: JSON.stringify({ username, password }),
             headers: new Headers({ 'Content-Type': 'application/json' }),
@@ -11,19 +13,15 @@ export default {
                 if (response.status < 200 || response.status >= 300) {
                     throw new Error(response.statusText);
                 }
-                return response.json();
-            })
-            .then((userInfo) => {
-                localStorage.setItem('ilc:userInfo', JSON.stringify(userInfo));
             });
     },
     logout: () => {
-        return fetch('/logout')
+        Cookies.remove('ilc:userInfo');
+        return fetch('/auth/logout')
             .then(response => {
                 if (response.status < 200 || response.status >= 300) {
                     throw new Error(response.statusText);
                 }
-                localStorage.removeItem('ilc:userInfo');
             });
     },
     checkError: ({ status }) => {
@@ -32,12 +30,12 @@ export default {
             : Promise.resolve();
     },
     checkAuth: () => {
-        return localStorage.getItem('ilc:userInfo')
+        return Cookies.get('ilc:userInfo')
             ? Promise.resolve()
             : Promise.reject();
     },
     getPermissions: () => {
-        const userInfo = localStorage.getItem('ilc:userInfo');
-        return userInfo ? Promise.resolve(JSON.parse(userInfo).role) : Promise.reject();
+        const userInfo = Cookies.getJSON('ilc:userInfo');
+        return userInfo ? Promise.resolve(userInfo.role) : Promise.reject();
     },
 };

registry/client/src/index.html

@@ -2,7 +2,7 @@
 <html>
 
 <head>
-    <title>React Admin</title>
+    <title>ILC Registry</title>
     <style>
         body {
             margin: 0;

registry/client/src/index.js

@@ -3,16 +3,20 @@ import React from 'react';
 import { Admin, Resource } from 'react-admin'; // eslint-disable-line import/no-unresolved
 import { render } from 'react-dom';
 
+
+import LoginPage from './LoginPage';
 import authProvider from './authProvider';
 import dataProvider from './dataProvider';
 import Layout from './Layout';
 import apps from './apps';
 import sharedProps from './sharedProps';
 import templates from './templates';
 import appRoutes from './appRoutes';
+import authEntities from './authEntities';
 
 render(
     <Admin
+        loginPage={LoginPage}
         authProvider={authProvider}
         dataProvider={dataProvider}
         title="ILC Registry"
@@ -23,6 +27,7 @@ render(
             <Resource name="shared_props" {...sharedProps} />,
             <Resource name="template" {...templates} />,
             <Resource name="route" {...appRoutes} />,
+            <Resource name="auth_entities" {...authEntities} />,
         ]}
     </Admin>,
     document.getElementById('root')

registry/package.json

@@ -36,22 +36,25 @@
         "@types/passport": "^1.0.3",
         "@types/passport-http-bearer": "^1.0.35",
         "@types/passport-local": "^1.0.33",
+        "@types/sinon": "^9.0.4",
         "@types/supertest": "2.0.8",
+        "@types/newrelic": "^6.2.0",
+        "@types/url-join": "^4.0.0",
+        "@types/uuid": "^3.4.9",
         "chai": "4.2.0",
         "cross-env": "6.0.3",
         "mocha": "^7.2.0",
         "nock": "^11.7.2",
-        "nodemon": "^1.19.4",
+        "nodemon": "^2.0.4",
         "nyc": "^15.1.0",
+        "sinon": "^9.0.2",
         "supertest": "4.0.2",
         "ts-node": "^8.10.2",
+        "timekeeper": "^2.2.0",
         "typescript": "3.7.5"
     },
     "dependencies": {
         "@hapi/joi": "^16.1.7",
-        "@types/newrelic": "^6.2.0",
-        "@types/url-join": "^4.0.0",
-        "@types/uuid": "^3.4.9",
         "axios": "^0.19.0",
         "bcrypt": "^4.0.1",
         "body-parser": "^1.19.0",
@@ -61,8 +64,9 @@
         "express-session": "^1.17.1",
         "http-shutdown": "^1.2.1",
         "knex": "^0.21.1",
-        "lodash": "^4.17.15",
+        "lodash": "^4.17.19",
         "newrelic": "^6.9.0",
+        "openid-client": "^3.15.9",
         "passport": "^0.4.1",
         "passport-http-bearer": "^1.0.1",
         "passport-local": "^1.0.0",

registry/server/app.ts

@@ -9,6 +9,7 @@ import * as routes from "./routes";
 import errorHandler from './errorHandler';
 import serveStatic from 'serve-static';
 import auth from './auth';
+import settingsService from './settings/services/SettingsService';
 
 export default (withAuth: boolean = true) => {
     // As in production there can be 2+ instances of the ILC registry
@@ -18,14 +19,15 @@ export default (withAuth: boolean = true) => {
     const app = express();
 
     app.use(bodyParser.json());
+    app.use(bodyParser.urlencoded());
 
     app.get('/ping', pong);
 
     app.use('/', serveStatic('client/dist'));
 
     let authMw: RequestHandler = (req, res, next) => next();
     if (withAuth) {
-        authMw = auth(app, {
+        authMw = auth(app, settingsService, {
             session: {secret: config.get('auth.sessionSecret')}
         });
     }
@@ -35,6 +37,7 @@ export default (withAuth: boolean = true) => {
     app.use('/api/v1/template', routes.templates(authMw));
     app.use('/api/v1/route', authMw, routes.appRoutes);
     app.use('/api/v1/shared_props', authMw, routes.sharedProps);
+    app.use('/api/v1/auth_entities', authMw, routes.authEntities);
 
     app.use(errorHandler);