Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: sso implementation #2523

Merged
merged 111 commits into from
Oct 31, 2024
+2,777 −302
Merged

feat: sso implementation #2523

Changes from 1 commit
Commits
Show all changes
111 commits
Select commit Hold shift + click to select a range
a52e18e
feat: create dynamic client registration
huglx Sep 2, 2024
278aa62
feat: Add a tenant to configure the dynamic configuration of providers.
huglx Sep 2, 2024
140c6df
feat: Add a controller to fetch callbacks from the provider and retur…
huglx Sep 2, 2024
b5e75b9
feat: Add a controller to dynamically configure providers
huglx Sep 2, 2024
f7b8c0a
feat: add sso login to FE
huglx Sep 2, 2024
4a14242
fix: move auth logic from controller to service
huglx Sep 6, 2024
8302d33
feat: add custom exceptions
huglx Sep 6, 2024
10a70b7
fix: add component annotation
huglx Sep 6, 2024
ac291db
feat: save domain with port if presents
huglx Sep 6, 2024
1143485
fix: change url
huglx Sep 6, 2024
d8dfdb8
fix: add more properties CreateProviderRequest
huglx Sep 6, 2024
e6a8cd3
fix: The function wasn't marked as a transaction, so it caused a data…
huglx Sep 8, 2024
fccbe74
feat: add an ability to accept invitation code to backend part
huglx Sep 11, 2024
de3cd3c
feat: add properties to enable custom logo & button text
huglx Sep 11, 2024
8d285fa
feat: add create sso provider route
huglx Sep 12, 2024
e866ebb
feat: add an ability to set custom login logo to FE
huglx Sep 12, 2024
10f4022
feat: add create sso provider links
huglx Sep 12, 2024
c468f2c
feat: pass invitationCode to BE
huglx Sep 12, 2024
bf60293
feat: display saved provider on FE
huglx Sep 16, 2024
b7297a0
feat: verify id token to improve security
huglx Sep 17, 2024
45acdfe
feat: disable/enable sso provider FE
huglx Sep 24, 2024
f1e4999
feat: also set jwk uri in ClientRegistration
huglx Sep 24, 2024
0477f25
feat: now a new user logged in via sso is a member of the organizatio…
huglx Oct 6, 2024
8a83e52
feat: refactor login form FE
huglx Oct 6, 2024
0cc553d
feat: enable/disable provider
huglx Oct 6, 2024
d21a845
feat: add function to add user to the org.
huglx Oct 6, 2024
c906b4e
feat: throw if sso provider is disabled
huglx Oct 6, 2024
40e444d
fix: code clean up
huglx Oct 6, 2024
e494b5c
chore: test
huglx Oct 6, 2024
fdfa217
feat: configuration to parse jwt token
huglx Oct 6, 2024
d0f9cb1
feat: generate ee db schema
huglx Oct 6, 2024
86a37dc
Merge remote-tracking branch 'origin/main' into ivanmanzhosov/sso-pro…
huglx Oct 6, 2024
ca6836b
feat: generate FE api schema
huglx Oct 6, 2024
31fef0c
feat: save or update provider
huglx Oct 6, 2024
9d832f0
fix: npm run prettier
huglx Oct 6, 2024
be3754c
fix: ktlint
huglx Oct 6, 2024
43b4d4a
fix: npm run prettier
huglx Oct 6, 2024
4311e68
fix: BE build
huglx Oct 6, 2024
56815f3
fix: fet rid of calling static function
huglx Oct 8, 2024
90dfeda
chore: mock everything for tests
huglx Oct 8, 2024
c02388f
fix: rename, add policy to provider's controller
huglx Oct 8, 2024
a2e70e3
fix: rename oauth2 endpoint
huglx Oct 8, 2024
bc14f1b
fix: code clean up
huglx Oct 8, 2024
a63094f
fix: use Model & ModelAssembler approach
huglx Oct 8, 2024
2b1f8c7
fix: add RequiresSuperAuthentication and change url on FE
huglx Oct 11, 2024
e943634
feat: add sso form validation
huglx Oct 11, 2024
a1c92d0
fix: refactor tenant Service
huglx Oct 11, 2024
22e6462
fix: refactor oauth service and delegate
huglx Oct 11, 2024
9069401
fix: move data class to data package
huglx Oct 11, 2024
e39a9e7
fix: delete timestamp file
huglx Oct 11, 2024
b5a7b0d
fix: edit new url on FE
huglx Oct 11, 2024
036be10
fix: npm run prettier
huglx Oct 11, 2024
333739a
fix: move dto to data package
huglx Oct 11, 2024
682a9d6
fix: rename FE link
huglx Oct 11, 2024
8b39bcc
fix: refactor auth service FE
huglx Oct 11, 2024
ccebc56
fix: refactor provider form and view
huglx Oct 11, 2024
156afd3
fix: add sso_domain in user account
huglx Oct 11, 2024
726b5ea
fix: refactor sso provider form
huglx Oct 11, 2024
d36d18c
fix: now user must type his domain
huglx Oct 11, 2024
d7f5ec5
fix: rephrase description in auth props, use local icon instead of re…
huglx Oct 11, 2024
098c602
fix: rename error messages
huglx Oct 11, 2024
2fb5794
fix: code format
huglx Oct 11, 2024
9d14caa
fix: ktlint fix
huglx Oct 11, 2024
be5752d
fix: eslint
huglx Oct 11, 2024
af7cc92
fix: eslint
huglx Oct 11, 2024
53c5735
fix: rename sso provider url
huglx Oct 13, 2024
b64d790
chore: add sso controller tests
huglx Oct 13, 2024
eaaa364
chore: add sso auth tests
huglx Oct 13, 2024
48f1e19
chore: add simple e2e test
huglx Oct 13, 2024
c965f20
fix: regenerate schema
huglx Oct 13, 2024
915a774
fix: FE prettier
huglx Oct 13, 2024
d879d48
fix: FE prettier
huglx Oct 13, 2024
0a4b9e1
fix: BE code format
huglx Oct 13, 2024
1ba0902
fix: rename link
huglx Oct 14, 2024
481d3f6
fix: rename static link
huglx Oct 14, 2024
4e9d32e
fix: rename static link e2e
huglx Oct 14, 2024
ad236eb
fix: remove unused code
huglx Oct 14, 2024
560bd01
fix: decode/encode domain in url
huglx Oct 14, 2024
41e9334
fix: store domain in localstorage instead of passing throw url
huglx Oct 14, 2024
abb886d
fix: remove unused code
huglx Oct 15, 2024
72ba29a
fix: FE prettier
huglx Oct 15, 2024
f537f59
fix: FE prettier
huglx Oct 15, 2024
923cf48
fit: remove score role from auth request
huglx Oct 18, 2024
1493068
feat: do not create user's organization on sso login
huglx Oct 21, 2024
ebec37e
chore: test sso login doesnt create user's organization
huglx Oct 21, 2024
1d7061b
feat: check if organization has sso feature
huglx Oct 21, 2024
642d6fd
feat: show banner if user doesnt have feature enabled
huglx Oct 21, 2024
1dee374
fix: prettier
huglx Oct 21, 2024
a3d655e
fix: add sso feature message
huglx Oct 21, 2024
0672f26
fix: renaming
huglx Oct 21, 2024
72b531e
fix: prettier
huglx Oct 21, 2024
f232ae6
fix: prettier
huglx Oct 21, 2024
61e5fd3
fix: remove scope
huglx Oct 21, 2024
ac207b6
feat: prevent sso user from create organizations
huglx Oct 22, 2024
53df0c0
fix: if it's sso user find by sso domain
huglx Oct 22, 2024
b8a4962
fix: change default sso login logo
huglx Oct 22, 2024
af85aff
feat: add sso valid user cache
huglx Oct 25, 2024
284d7a6
feat: add validation that user is still an employee
huglx Oct 25, 2024
e73c0aa
chore: test new validation
huglx Oct 25, 2024
6c0b685
feat: move ssoDomain from UserAccount to separate entity
huglx Oct 26, 2024
fc83174
chore: update tests
huglx Oct 26, 2024
b69c9b6
fix: use enum as ThirdPartyAuthType instead of string
huglx Oct 26, 2024
ffdcbe4
feat: prevent sso user to login
huglx Oct 26, 2024
c77ee5e
feat: prevent sso user to change password
huglx Oct 26, 2024
370a51e
feat: add global sso config
huglx Oct 27, 2024
b9681d3
chore: test global sso config
huglx Oct 27, 2024
e046416
fix: use frontend url from config, instead of saving it to db
huglx Oct 29, 2024
873324d
fix: use frontend url from config, instead of saving it to db
huglx Oct 29, 2024
a960a6c
chore: update tests
huglx Oct 29, 2024
2397931
chore: update docs property descriptions
huglx Oct 29, 2024
1cfa8df
chore: fix ktlint
huglx Oct 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
chore: test
@huglx
huglx committed Oct 6, 2024
commit e494b5c919b5182c9bd9fcadf0f27bfadc8a38a3
1 change: 1 addition & 0 deletions ee/backend/tests/build.gradle
View file
Original file line number Diff line number Diff line change
@@ -43,6 +43,7 @@ dependencies {
implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
implementation "org.springframework.boot:spring-boot-starter-hateoas"

testImplementation("org.springframework.boot:spring-boot-starter-oauth2-client")
testImplementation("org.springframework.boot:spring-boot-starter-test")
testImplementation(project(":testing"))
testImplementation(project(":ee-app"))
56 changes: 56 additions & 0 deletions ee/backend/tests/src/test/kotlin/io/tolgee/ee/OAuthTest.kt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
package io.tolgee.ee

import io.tolgee.ee.model.Tenant
import io.tolgee.ee.repository.DynamicOAuth2ClientRegistrationRepository
import io.tolgee.ee.service.OAuthService
import io.tolgee.ee.service.TenantService
import io.tolgee.ee.utils.OAuthMultiTenantsMocks
import io.tolgee.testing.AbstractControllerTest
import org.junit.jupiter.api.Test
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.boot.test.mock.mockito.MockBean
import org.springframework.test.web.servlet.MockMvc
import org.springframework.web.client.RestTemplate

class OAuthTest : AbstractControllerTest() {
@MockBean
@Autowired
private val restTemplate: RestTemplate? = null

@Autowired
private var authMvc: MockMvc? = null

@Autowired
private lateinit var dynamicOAuth2ClientRegistrationRepository: DynamicOAuth2ClientRegistrationRepository

@Autowired
private lateinit var oAuthService: OAuthService

@Autowired
private lateinit var tenantService: TenantService

private val oAuthMultiTenantsMocks: OAuthMultiTenantsMocks by lazy {
OAuthMultiTenantsMocks(authMvc, restTemplate, dynamicOAuth2ClientRegistrationRepository)
}

@Test
fun authorize() {
tenantService.save(
Tenant().apply {
name = "tenant1"
domain = "registrationId"
clientId = "clientId"
clientSecret = "clientSecret"
authorizationUri = "authorizationUri"
jwkSetUri = "jwkSetUri"
tokenUri = "tokenUri"
redirectUriBase = "redirectUriBase"
organizationId = 0L
},
)
val clientRegistraion = dynamicOAuth2ClientRegistrationRepository.findByRegistrationId("registrationId").clientRegistration
oAuthMultiTenantsMocks.authorize(clientRegistraion.registrationId)
val response = oAuthService.exchangeCodeForToken(clientRegistraion, "code", "redirectUrl")
response
}
}
51 changes: 51 additions & 0 deletions ee/backend/tests/src/test/kotlin/io/tolgee/ee/utils/OAuthMultiTenantsMocks.kt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
package io.tolgee.ee.utils

import io.tolgee.ee.repository.DynamicOAuth2ClientRegistrationRepository
import io.tolgee.ee.service.OAuthService
import org.mockito.kotlin.any
import org.mockito.kotlin.eq
import org.mockito.kotlin.whenever
import org.springframework.http.HttpMethod
import org.springframework.http.HttpStatus
import org.springframework.http.ResponseEntity
import org.springframework.test.web.servlet.MockMvc
import org.springframework.web.client.RestTemplate

class OAuthMultiTenantsMocks(
private var authMvc: MockMvc? = null,
private val restTemplate: RestTemplate? = null,
private val dynamicOAuth2ClientRegistrationRepository: DynamicOAuth2ClientRegistrationRepository,
) {
companion object {
val defaultUserResponse =
OAuthService.GenericUserResponse().apply {
sub = "fakeId"
given_name = "fakeGiveName"
family_name = "fakeGivenFamilyName"
email = "email@domain.com"
}

val defaultToken =
OAuthService.OAuth2TokenResponse(id_token = "id_token", scope = "scope")

val defaultTokenResponse =
ResponseEntity(
defaultToken,
HttpStatus.OK,
)
}

fun authorize(registrationId: String) {
val receivedCode = "fake_access_token"
val registration = dynamicOAuth2ClientRegistrationRepository.findByRegistrationId(registrationId)

whenever(
restTemplate?.exchange(
eq(registration.providerDetails.tokenUri),
eq(HttpMethod.POST),
any(),
eq(OAuthService.OAuth2TokenResponse::class.java),
),
).thenReturn(defaultTokenResponse)
}
}