NotificationsYou must be signed in to change notification settings
Fork278
Star1.4k

Commitf4e0103

authored

Add oAuth Providers Integration (#305)

* Add oAuth Providers Integration- Add/Rework CRUD APIs for AuthConfigs to support org wide auth providers management.- Add auth token and refresh token handling if access token about to expire in next 5 minutes- Add support to allow same user to add multiple oAuth providers

1 parent417c528 commitf4e0103Copy full SHA for f4e0103

File tree

25 files changed

+277

-111

lines changed

server/api-service
- lowcoder-domain/src/main/java/org/lowcoder/domain/authentication
  - AuthenticationService.java
  - AuthenticationServiceImpl.java
- lowcoder-sdk/src/main
  - java/org/lowcoder/sdk
    - auth
      - Oauth2SimpleAuthConfig.java
    - exception
      - BizError.java
  - resources
    - locale_en.properties
- lowcoder-server/src
  - main
    - java/org/lowcoder/api
      - authentication
        AuthenticationController.java
        request
        AuthRequest.java
        form
        FormAuthRequest.java
        oauth2
        OAuth2RequestContext.java
        Oauth2DefaultSource.java
        Oauth2Source.java
        request
        AbstractOauth2Request.java
        GithubRequest.java
        GoogleRequest.java
        service
        AuthenticationApiService.java
        AuthenticationApiServiceImpl.java
      - config
        ConfigController.java
      - framework
        filter
        UserSessionPersistenceFilter.java
        security
        SecurityConfig.java
      - usermanagement
        OrgApiService.java
        OrgApiServiceImpl.java
        view
        InvitationVO.java
    - resources
      - application-lowcoder.yml
  - test/java/org/lowcoder/api/authentication
    - AuthenticationControllerTest.java
    - GoogleAuthenticateTest.java

25 files changed

+277

-111

lines changed

`‎server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/authentication/AuthenticationService.java‎`

Lines changed: 3 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -10,9 +10,9 @@ public interface AuthenticationService {`
`10`	`10`
`11`	`11`	`EmailAuthConfigDEFAULT_AUTH_CONFIG =newEmailAuthConfig(AuthSourceConstants.EMAIL,true,true);`
`12`	`12`
`13`		`-Mono<FindAuthConfig>findAuthConfigByAuthId(StringauthId);`
	`13`	`+Mono<FindAuthConfig>findAuthConfigByAuthId(StringorgId,StringauthId);`
`14`	`14`
`15`		`-Mono<FindAuthConfig>findAuthConfigBySource(Stringsource);`
	`15`	`+Mono<FindAuthConfig>findAuthConfigBySource(StringorgId,Stringsource);`
`16`	`16`
`17`		`-Flux<FindAuthConfig>findAllAuthConfigs(booleanenableOnly);`
	`17`	`+Flux<FindAuthConfig>findAllAuthConfigs(StringorgId,booleanenableOnly);`
`18`	`18`	`}`

`‎server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/authentication/AuthenticationServiceImpl.java‎`

Lines changed: 30 additions & 21 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,24 +1,23 @@`
`1`	`1`	`packageorg.lowcoder.domain.authentication;`
`2`	`2`
`3`		`-importstaticorg.lowcoder.sdk.exception.BizError.LOG_IN_SOURCE_NOT_SUPPORTED;`
`4`		`-importstaticorg.lowcoder.sdk.util.ExceptionUtils.ofError;`
`5`		`-`
`6`		`-importjava.util.Objects;`
`7`		`-importjava.util.function.Function;`
`8`		`-importjava.util.stream.Collectors;`
`9`		`-`
	`3`	`+importlombok.extern.slf4j.Slf4j;`
`10`	`4`	`importorg.lowcoder.domain.organization.service.OrganizationService;`
`11`	`5`	`importorg.lowcoder.sdk.auth.AbstractAuthConfig;`
`12`	`6`	`importorg.lowcoder.sdk.config.AuthProperties;`
`13`	`7`	`importorg.lowcoder.sdk.config.CommonConfig;`
`14`	`8`	`importorg.lowcoder.sdk.constants.WorkspaceMode;`
`15`	`9`	`importorg.springframework.beans.factory.annotation.Autowired;`
`16`	`10`	`importorg.springframework.stereotype.Service;`
`17`		`-`
`18`		`-importlombok.extern.slf4j.Slf4j;`
`19`	`11`	`importreactor.core.publisher.Flux;`
`20`	`12`	`importreactor.core.publisher.Mono;`
`21`	`13`
	`14`	`+importjava.util.Objects;`
	`15`	`+importjava.util.function.Function;`
	`16`	`+importjava.util.stream.Collectors;`
	`17`	`+`
	`18`	`+importstaticorg.lowcoder.sdk.exception.BizError.LOG_IN_SOURCE_NOT_SUPPORTED;`
	`19`	`+importstaticorg.lowcoder.sdk.util.ExceptionUtils.ofError;`
	`20`	`+`
`22`	`21`	`@Slf4j`
`23`	`22`	`@Service`
`24`	`23`	`publicclassAuthenticationServiceImplimplementsAuthenticationService {`
`@@ -31,35 +30,35 @@ public class AuthenticationServiceImpl implements AuthenticationService {`
`31`	`30`	`privateAuthPropertiesauthProperties;`
`32`	`31`
`33`	`32`	`@Override`
`34`		`-publicMono<FindAuthConfig>findAuthConfigByAuthId(StringauthId) {`
`35`		`-returnfindAuthConfig(abstractAuthConfig ->Objects.equals(authId,abstractAuthConfig.getId()));`
	`33`	`+publicMono<FindAuthConfig>findAuthConfigByAuthId(StringorgId,StringauthId) {`
	`34`	`+returnfindAuthConfig(orgId,abstractAuthConfig ->Objects.equals(authId,abstractAuthConfig.getId()));`
`36`	`35`	`}`
`37`	`36`
`38`	`37`	`@Override`
`39`	`38`	`@Deprecated`
`40`		`-publicMono<FindAuthConfig>findAuthConfigBySource(Stringsource) {`
`41`		`-returnfindAuthConfig(abstractAuthConfig ->Objects.equals(source,abstractAuthConfig.getSource()));`
	`39`	`+publicMono<FindAuthConfig>findAuthConfigBySource(StringorgId,Stringsource) {`
	`40`	`+returnfindAuthConfig(orgId,abstractAuthConfig ->Objects.equals(source,abstractAuthConfig.getSource()));`
`42`	`41`	`}`
`43`	`42`
`44`		`-privateMono<FindAuthConfig>findAuthConfig(Function<AbstractAuthConfig,Boolean>condition) {`
`45`		`-returnfindAllAuthConfigs(true)`
	`43`	`+privateMono<FindAuthConfig>findAuthConfig(StringorgId,Function<AbstractAuthConfig,Boolean>condition) {`
	`44`	`+returnfindAllAuthConfigs(orgId,true)`
`46`	`45`	`.filter(findAuthConfig ->condition.apply(findAuthConfig.authConfig()))`
`47`	`46`	`.next()`
`48`	`47`	`.switchIfEmpty(ofError(LOG_IN_SOURCE_NOT_SUPPORTED,"LOG_IN_SOURCE_NOT_SUPPORTED"));`
`49`	`48`	`}`
`50`	`49`
`51`	`50`	`@Override`
`52`		`-publicFlux<FindAuthConfig>findAllAuthConfigs(booleanenableOnly) {`
	`51`	`+publicFlux<FindAuthConfig>findAllAuthConfigs(StringorgId,booleanenableOnly) {`
`53`	`52`	`returnfindAllAuthConfigsByDomain()`
`54`	`53`	`.switchIfEmpty(findAllAuthConfigsForEnterpriseMode())`
`55`		`- .switchIfEmpty(findAllAuthConfigsForSaasMode())`
	`54`	`+ .switchIfEmpty(findAllAuthConfigsForSaasMode(orgId))`
`56`	`55`	`.filter(findAuthConfig -> {`
`57`	`56`	`if (enableOnly) {`
`58`	`57`	`returnfindAuthConfig.authConfig().isEnable();`
`59`	`58`	`}`
`60`	`59`	`returntrue;`
`61`	`60`	`})`
`62`		`- .defaultIfEmpty(newFindAuthConfig(DEFAULT_AUTH_CONFIG,null));`
	`61`	`+ .concatWithValues(newFindAuthConfig(DEFAULT_AUTH_CONFIG,null));`
`63`	`62`	`}`
`64`	`63`
`65`	`64`	`privateFlux<FindAuthConfig>findAllAuthConfigsByDomain() {`
`@@ -85,10 +84,20 @@ protected Flux<FindAuthConfig> findAllAuthConfigsForEnterpriseMode() {`
`85`	`84`	`);`
`86`	`85`	`}`
`87`	`86`
`88`		`-privateFlux<FindAuthConfig>findAllAuthConfigsForSaasMode() {`
	`87`	`+privateFlux<FindAuthConfig>findAllAuthConfigsForSaasMode(StringorgId) {`
`89`	`88`	`if (commonConfig.getWorkspace().getMode() ==WorkspaceMode.SAAS) {`
`90`		`-returnFlux.fromIterable(authProperties.getAuthConfigs())`
`91`		`- .map(abstractAuthConfig ->newFindAuthConfig(abstractAuthConfig,null));`
	`89`	`+`
	`90`	`+// Get the auth configs for the current org`
	`91`	`+if(orgId !=null) {`
	`92`	`+returnorganizationService.getById(orgId)`
	`93`	`+ .flatMapIterable(organization ->`
	`94`	`+organization.getAuthConfigs()`
	`95`	`+ .stream()`
	`96`	`+ .map(abstractAuthConfig ->newFindAuthConfig(abstractAuthConfig,organization))`
	`97`	`+ .collect(Collectors.toList())`
	`98`	`+ );`
	`99`	`+ }`
	`100`	`+`
`92`	`101`	`}`
`93`	`102`	`returnFlux.empty();`
`94`	`103`	`}`

`‎server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/auth/Oauth2SimpleAuthConfig.java‎`

Lines changed: 8 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,8 @@`
`14`	`14`
`15`	`15`	`importlombok.Getter;`
`16`	`16`
	`17`	`+importstaticorg.lowcoder.sdk.auth.constants.Oauth2Constants.CLIENT_ID_PLACEHOLDER;`
	`18`	`+`
`17`	`19`	`/**`
`18`	`20`	`* simple oauth2 auth config.`
`19`	`21`	`*/`
`@@ -48,8 +50,8 @@ public Oauth2SimpleAuthConfig(`
`48`	`50`	`@JsonView(JsonViews.Public.class)`
`49`	`51`	`publicStringgetAuthorizeUrl() {`
`50`	`52`	`returnswitch (authType) {`
`51`		`-caseAuthTypeConstants.GOOGLE ->Oauth2Constants.GOOGLE_AUTHORIZE_URL;`
`52`		`-caseAuthTypeConstants.GITHUB ->Oauth2Constants.GITHUB_AUTHORIZE_URL;`
	`53`	`+caseAuthTypeConstants.GOOGLE ->replaceAuthUrlClientIdPlaceholder(Oauth2Constants.GOOGLE_AUTHORIZE_URL);`
	`54`	`+caseAuthTypeConstants.GITHUB ->replaceAuthUrlClientIdPlaceholder(Oauth2Constants.GITHUB_AUTHORIZE_URL);`
`53`	`55`	`default ->null;`
`54`	`56`	`};`
`55`	`57`	`}`
`@@ -70,4 +72,8 @@ public void merge(AbstractAuthConfig oldConfig) {`
`70`	`72`	`this.clientSecret =oldSimpleConfig.getClientSecret();`
`71`	`73`	`}`
`72`	`74`	`}`
	`75`	`+`
	`76`	`+privateStringreplaceAuthUrlClientIdPlaceholder(Stringurl) {`
	`77`	`+returnurl.replace(CLIENT_ID_PLACEHOLDER,clientId);`
	`78`	`+ }`
`73`	`79`	`}`

`‎server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/exception/BizError.java‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -101,6 +101,7 @@ public enum BizError {`
`101`	`101`	`USER_NOT_EXIST(400,5618),`
`102`	`102`	`JWT_NOT_FIND(400,5619),`
`103`	`103`	`ID_NOT_EXIST(500,5620),`
	`104`	`+DUPLICATE_AUTH_CONFIG_ADDITION(400,5621),`
`104`	`105`
`105`	`106`
`106`	`107`	`// asset related, code range 5700 - 5799`

`‎server/api-service/lowcoder-sdk/src/main/resources/locale_en.properties‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -277,3 +277,4 @@ CERTIFICATE_EMPTY=Certificate is empty.`
`277`	`277`	`ORG_DELETED_FOR_ENTERPRISE_MODE=Provided enterpriseOrgId workspace has been deleted, please contact Lowcoder team.`
`278`	`278`	`DISABLE_AUTH_CONFIG_FORBIDDEN=Can not disable current administrator''s last identity provider.`
`279`	`279`	`USER_NOT_EXIST=User not exist.`
	`280`	`+DUPLICATE_AUTH_CONFIG_ADDITION=Provider auth type already added to organization`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/AuthenticationController.java‎`

Lines changed: 10 additions & 18 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`packageorg.lowcoder.api.authentication;`
`2`	`2`
`3`		`-importjava.util.List;`
`4`		`-`
	`3`	`+importcom.fasterxml.jackson.annotation.JsonView;`
	`4`	`+importlombok.extern.slf4j.Slf4j;`
`5`	`5`	`importorg.lowcoder.api.authentication.dto.AuthConfigRequest;`
`6`	`6`	`importorg.lowcoder.api.authentication.service.AuthenticationApiService;`
`7`	`7`	`importorg.lowcoder.api.framework.view.ResponseView;`
`@@ -17,21 +17,12 @@`
`17`	`17`	`importorg.lowcoder.sdk.constants.AuthSourceConstants;`
`18`	`18`	`importorg.lowcoder.sdk.util.CookieHelper;`
`19`	`19`	`importorg.springframework.beans.factory.annotation.Autowired;`
`20`		`-importorg.springframework.web.bind.annotation.DeleteMapping;`
`21`		`-importorg.springframework.web.bind.annotation.GetMapping;`
`22`		`-importorg.springframework.web.bind.annotation.PathVariable;`
`23`		`-importorg.springframework.web.bind.annotation.PostMapping;`
`24`		`-importorg.springframework.web.bind.annotation.RequestBody;`
`25`		`-importorg.springframework.web.bind.annotation.RequestMapping;`
`26`		`-importorg.springframework.web.bind.annotation.RequestParam;`
`27`		`-importorg.springframework.web.bind.annotation.RestController;`
	`20`	`+importorg.springframework.web.bind.annotation.*;`
`28`	`21`	`importorg.springframework.web.server.ServerWebExchange;`
`29`		`-`
`30`		`-importcom.fasterxml.jackson.annotation.JsonView;`
`31`		`-`
`32`		`-importlombok.extern.slf4j.Slf4j;`
`33`	`22`	`importreactor.core.publisher.Mono;`
`34`	`23`
	`24`	`+importjava.util.List;`
	`25`	`+`
`35`	`26`	`@Slf4j`
`36`	`27`	`@RestController`
`37`	`28`	`@RequestMapping(value = {NewUrl.CUSTOM_AUTH})`
`@@ -72,9 +63,10 @@ public Mono<ResponseView<Boolean>> loginWithThirdParty(`
`72`	`63`	`@RequestParam(required =false)Stringsource,`
`73`	`64`	`@RequestParamStringcode,`
`74`	`65`	`@RequestParam(required =false)StringinvitationId,`
`75`		`-@RequestParam(required =false)StringredirectUrl,`
	`66`	`+@RequestParamStringredirectUrl,`
	`67`	`+@RequestParamStringorgId,`
`76`	`68`	`ServerWebExchangeexchange) {`
`77`		`-returnauthenticationApiService.authenticateByOauth2(authId,source,code,redirectUrl)`
	`69`	`+returnauthenticationApiService.authenticateByOauth2(authId,source,code,redirectUrl,orgId)`
`78`	`70`	`.flatMap(authUser ->authenticationApiService.loginOrRegister(authUser,exchange,invitationId))`
`79`	`71`	`.thenReturn(ResponseView.success(true));`
`80`	`72`	`}`
`@@ -99,10 +91,10 @@ public Mono<ResponseView<Void>> disableAuthConfig(@PathVariable("id") String id)`
`99`	`91`	`.thenReturn(ResponseView.success(null));`
`100`	`92`	`}`
`101`	`93`
`102`		`-@JsonView(JsonViews.Public.class)`
	`94`	`+@JsonView(JsonViews.Internal.class)`
`103`	`95`	`@GetMapping("/configs")`
`104`	`96`	`publicMono<ResponseView<List<AbstractAuthConfig>>>getAllConfigs() {`
`105`		`-returnauthenticationService.findAllAuthConfigs(false)`
	`97`	`+returnauthenticationApiService.findAuthConfigs(false)`
`106`	`98`	`.map(FindAuthConfig::authConfig)`
`107`	`99`	`.collectList()`
`108`	`100`	`.map(ResponseView::success);`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/AuthRequest.java‎`

Lines changed: 1 addition & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,7 @@`
`1`	`1`	`packageorg.lowcoder.api.authentication.request;`
`2`	`2`
`3`	`3`	`importorg.lowcoder.domain.authentication.context.AuthRequestContext;`
`4`		`-importorg.lowcoder.domain.user.model.AuthToken;`
`5`	`4`	`importorg.lowcoder.domain.user.model.AuthUser;`
`6`		`-`
`7`	`5`	`importreactor.core.publisher.Mono;`
`8`	`6`
`9`	`7`	`/**`
`@@ -13,7 +11,5 @@ public interface AuthRequest {`
`13`	`11`
`14`	`12`	`Mono<AuthUser>auth(AuthRequestContextauthRequestContext);`
`15`	`13`
`16`		`-defaultMono<AuthToken>refresh(StringrefreshToken) {`
`17`		`-returnMono.error(newUnsupportedOperationException());`
`18`		`- }`
	`14`	`+Mono<AuthUser>refresh(StringrefreshToken);`
`19`	`15`	`}`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/form/FormAuthRequest.java‎`

Lines changed: 7 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,5 @@`
`1`	`1`	`packageorg.lowcoder.api.authentication.request.form;`
`2`	`2`
`3`		`-importstaticorg.lowcoder.sdk.util.ExceptionUtils.ofError;`
`4`		`-`
`5`	`3`	`importorg.lowcoder.api.authentication.request.AuthRequest;`
`6`	`4`	`importorg.lowcoder.domain.authentication.context.AuthRequestContext;`
`7`	`5`	`importorg.lowcoder.domain.authentication.context.FormAuthRequestContext;`
`@@ -15,9 +13,10 @@`
`15`	`13`	`importorg.lowcoder.sdk.exception.BizException;`
`16`	`14`	`importorg.springframework.beans.factory.annotation.Autowired;`
`17`	`15`	`importorg.springframework.stereotype.Component;`
`18`		`-`
`19`	`16`	`importreactor.core.publisher.Mono;`
`20`	`17`
	`18`	`+importstaticorg.lowcoder.sdk.util.ExceptionUtils.ofError;`
	`19`	`+`
`21`	`20`	`@Component`
`22`	`21`	`publicclassFormAuthRequestimplementsAuthRequest {`
`23`	`22`
`@@ -58,4 +57,9 @@ public Mono<AuthUser> auth(AuthRequestContext authRequestContext) {`
`58`	`57`	`})`
`59`	`58`	`.thenReturn(AuthUser.builder().uid(context.getLoginId()).username(context.getLoginId()).build());`
`60`	`59`	`}`
	`60`	`+`
	`61`	`+@Override`
	`62`	`+publicMono<AuthUser>refresh(StringrefreshToken) {`
	`63`	`+returnMono.error(newUnsupportedOperationException());`
	`64`	`+ }`
`61`	`65`	`}`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/oauth2/OAuth2RequestContext.java‎`

Lines changed: 2 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,8 @@ public final class OAuth2RequestContext extends AuthRequestContext {`
`9`	`9`	`privatefinalStringcode;`
`10`	`10`	`privatefinalStringredirectUrl;`
`11`	`11`
`12`		`-publicOAuth2RequestContext(Stringcode,StringredirectUrl) {`
	`12`	`+publicOAuth2RequestContext(StringorgId,Stringcode,StringredirectUrl) {`
	`13`	`+this.setOrgId(orgId);`
`13`	`14`	`this.code =code;`
`14`	`15`	`this.redirectUrl =redirectUrl;`
`15`	`16`	`}`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/oauth2/Oauth2DefaultSource.java‎`

Lines changed: 10 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,11 @@ public String userInfo() {`
`13`	`13`	`return"https://api.github.com/user";`
`14`	`14`	`}`
`15`	`15`
	`16`	`+@Override`
	`17`	`+publicStringrefresh() {`
	`18`	`+return"https://www.googleapis.com/oauth2/v4/token";`
	`19`	`+ }`
	`20`	`+`
`16`	`21`	`},`
`17`	`22`	`GOOGLE {`
`18`	`23`	`@Override`
`@@ -25,5 +30,10 @@ public String userInfo() {`
`25`	`30`	`return"https://www.googleapis.com/oauth2/v3/userinfo";`
`26`	`31`	`}`
`27`	`32`
	`33`	`+@Override`
	`34`	`+publicStringrefresh() {`
	`35`	`+return"https://www.googleapis.com/oauth2/v4/token";`
	`36`	`+ }`
	`37`	`+`
`28`	`38`	`}`
`29`	`39`	`}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitf4e0103

File tree

25 files changed

25 files changed

`‎server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/authentication/AuthenticationService.java‎`

`‎server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/authentication/AuthenticationServiceImpl.java‎`

`‎server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/auth/Oauth2SimpleAuthConfig.java‎`

`‎server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/exception/BizError.java‎`

`‎server/api-service/lowcoder-sdk/src/main/resources/locale_en.properties‎`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/AuthenticationController.java‎`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/AuthRequest.java‎`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/form/FormAuthRequest.java‎`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/oauth2/OAuth2RequestContext.java‎`

`‎server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/oauth2/Oauth2DefaultSource.java‎`

0 commit comments