Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/oauth external providers #185

Open
wants to merge 35 commits into
base: feature/oauth2_support
Choose a base branch
from
Open

Feature/oauth external providers #185

wants to merge 35 commits into from

Conversation

toggm
Copy link
Member

@toggm toggm commented Mar 17, 2025

Implemented support for external OAuth providers:

  • Implemented opaque token validation in backend
  • Introduce custom http header to preselect opaque token issuer as this info is no carried by the token itself
  • Gitlab based on OIDC opaque token validation
  • Github based on custom opaque token validation

toggm added 10 commits March 11, 2025 15:45
@toggm
add gitlab and github providers
b5b6fe9
@toggm
Implemented opaque_token based authorization to be able to integrate …
16894ab 
…backend with oidc providers handling non JWT based access_tokens (github, gitlab)
@toggm
Fixed integration of github authentication based on opaque_token
12bf2b1 
* introduce additional X-Token-Issuer header to improve issuer lookup when calling from frontend
* Fix integration of shared caches
* Fix calling introspection and user_info endpoints
* Dispatch refresh_token call to correct provider
@toggm
Added support for github oauth authentication
52f92c7 
* Implement specific TokenValidator logic as github needs further steps
@toggm
fixed linter issues
4cbd7a1
@toggm
Integrated dotenv-cli to re-use client side credentials when starting…
6a6a298 
… local backend based on `yarn backend`
@toggm
added login provider logos, adjusted styling
ad18a6b
@toggm
provided test cases for opaque token authentication
1e3be1b
@toggm
fixed icons representation
8c24407
@toggm
adjusted readme
7d2b3b2
@toggm
Copy link
Member Author

toggm commented Mar 17, 2025

image

@toggm toggm added the enhancement New feature or request label Mar 17, 2025
MarcoSteinacher
MarcoSteinacher reviewed Mar 19, 2025
View reviewed changes
Copy link

@MarcoSteinacher MarcoSteinacher left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. I just have a few questions to clarify and pointed out minor issues in the comments.

@toggm toggm self-assigned this Mar 20, 2025
@toggm
declare clientId and clientSecret as optional to enable initial start…
c931f74 
…up without declaring gitlab and github client details
@toggm toggm force-pushed the feature/oauth_external_providers branch from 93e2b3d to c931f74 Compare March 20, 2025 12:05
@toggm
improved layouting of components. Inline styles in gitlab svg logo as…
1e5d117 
… firefox doesnt resolve class names from global defined styles in symbols
@toggm toggm force-pushed the feature/oauth_external_providers branch from 11287ba to 1e5d117 Compare March 20, 2025 13:09
toggm and others added 10 commits March 20, 2025 16:03
@toggm
Enabled support for authentication against local keycloak
bb6ecde 
* Provide local keycloak and mailhog instance in dev mode
* start local keycloak with initial realm and lasius client
* Fix JWKS url to override full path as keycloak is using a non-standard path
* Enable JWT validation for custom keycloak in backend
@toggm
Added auto-logout for keycloak and internal lasius oauth
9ee3552 
* Implemented logout method in internal oauth provider by removing token from database
* auto logout on provider if logged in with internal oauth provider or keycloak provider
@toggm
* fixed signout to keycloak and internal oauth provider
52ce54c 
* integrated custom naming and logo for keycloak provider
@toggm
LASIUS-12: added additional env variables to default configuration
d369638
@toggm
addressed PR comments
8333977
@toggm
Merge pull request #194 from tegonal/feature/oauth_external_provider_…
a755d8f 
…keycloak

Enabled support for authentication against local keycloak
@MarcoSteinacher
Added terms of service (TOS) acceptance support to backend
40efded 
- New acceptedTOS field in user profile
- New endpoint /backend/user/accept-tos to accept TOS
@MarcoSteinacher
Updated and added tests for accepting TOS.
803c09a 
Bumped EmbedMongo version to 7.0 for testing.
@MarcoSteinacher
Implemented Terms of Service dialog in frontend.
81109f8
@MarcoSteinacher
Adjusted README.
f3b9a3e
MarcoSteinacher and others added 13 commits March 25, 2025 11:38
@MarcoSteinacher
Adjusted tests and minor fixes/typos.
be6f120
@MarcoSteinacher
Fixed readme.
4de3b22
@MarcoSteinacher
Fetch localized ToS text directly from /public.
ffdb10e
@MarcoSteinacher
Adjusted .env.template
b4dbb28
@toggm
added env to configure debug behaviour
2ac144b
@toggm
Enahncements to run lasius in docker-compose setup
758757c 
* Fixed styling of demo info box
* Prevent of auto-loop if after successful login backend request fails
* adjust next-auth lookup of internal oauth provider if running in docker container
* add .dockerignore to prevent including local .env.local file in deployment
@toggm
added additional error message if no provider is available, fixed key…
9e235b9 
… in configuration to be able to overwrite via env variables
@toggm
Small improvements:
fc72aeb 
- LASIUS-18: improve initial selected organisation
- Improve layout of my-org detail page
- Fix startup without custom keycloak logo
- Prevent loading of profile data until user is authenticated
@toggm
LASIU-21: fixed handling in tag edit form
954257c
@toggm
LASIU-8: refresh session if request was unauthorized to refresh token…
a4c4846 
… in middleware
@toggm
upgrade to latest libraries to get rid of react error messages
4163e48
@toggm
fixed initial loading of data when using internal oauth provider
cf76f51
@toggm
fixed frontend build errors
6e8595d
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@genox genox genox left review comments

@MarcoSteinacher MarcoSteinacher MarcoSteinacher left review comments

@mcmpp mcmpp mcmpp left review comments

Assignees

@toggm toggm

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@toggm @genox @MarcoSteinacher @mcmpp