Skip to content
This repository was archived by the owner on Sep 26, 2024. It is now read-only.
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions source/Server.AzureAD/AzureADApi.cs
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
using System;
using Octopus.Server.Extensibility.Authentication.AzureAD.Configuration;
using Octopus.Server.Extensibility.Authentication.AzureAD.Configuration;
using Octopus.Server.Extensibility.Authentication.AzureAD.Identities;
using Octopus.Server.Extensibility.Authentication.AzureAD.Tokens;
using Octopus.Server.Extensibility.Authentication.AzureAD.Web;
Expand All @@ -16,6 +15,7 @@ public AzureADApi(
{
Add<AzureADUserAuthenticationAction>("POST", authenticationProvider.AuthenticateUri, RouteCategory.Raw, new AnonymousWhenEnabledEndpointInvocation<IAzureADConfigurationStore>(), null, "OpenIDConnect");
Add<AzureADUserAuthenticatedAction>("POST", configurationStore.RedirectUri, RouteCategory.Raw, new AnonymousWhenEnabledEndpointInvocation<IAzureADConfigurationStore>(), null, "OpenIDConnect");
Add<AzureADUserAuthenticationCodeAction>("GET", configurationStore.RedirectUri, RouteCategory.Raw, new AnonymousWhenEnabledEndpointInvocation<IAzureADConfigurationStore>(), null, "OpenIDConnect");
}
}
}
1 change: 1 addition & 0 deletions source/Server.AzureAD/AzureADExtension.cs
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ public override void Load(ContainerBuilder builder)

builder.RegisterType<AzureADUserAuthenticationAction>().AsSelf().InstancePerDependency();
builder.RegisterType<AzureADUserAuthenticatedAction>().AsSelf().InstancePerDependency();
builder.RegisterType<AzureADUserAuthenticationCodeAction>().AsSelf().InstancePerDependency();

builder.RegisterType<AzureADAuthenticationProvider>()
.As<IAuthenticationProvider>()
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
using Octopus.Diagnostics;
using Octopus.Server.Extensibility.Authentication.AzureAD.Configuration;
using Octopus.Server.Extensibility.Authentication.AzureAD.Identities;
using Octopus.Server.Extensibility.Authentication.AzureAD.Tokens;
using Octopus.Server.Extensibility.Authentication.HostServices;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Infrastructure;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Issuer;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Web;
using Octopus.Server.Extensibility.HostServices.Web;
using Octopus.Time;

namespace Octopus.Server.Extensibility.Authentication.AzureAD.Web
{
class AzureADUserAuthenticationCodeAction : UserAuthenticationCodeAction<IAzureADConfigurationStore, IAzureADAuthTokenHandler, IAzureADIdentityCreator>
{
public AzureADUserAuthenticationCodeAction(
ISystemLog log,
IAzureADAuthTokenHandler authTokenHandler,
IPrincipalToUserResourceMapper principalToUserResourceMapper,
IUpdateableUserStore userStore,
IAzureADConfigurationStore configurationStore,
IAuthCookieCreator authCookieCreator,
IInvalidLoginTracker loginTracker,
ISleep sleep,
IAzureADIdentityCreator identityCreator,
IClock clock,
IIdentityProviderConfigDiscoverer identityProviderConfigDiscoverer,
IUrlEncoder urlEncoder)
: base(log, authTokenHandler, principalToUserResourceMapper, userStore, configurationStore, authCookieCreator, loginTracker, sleep, identityCreator, clock, identityProviderConfigDiscoverer, urlEncoder)
{
}

protected override string ProviderName => AzureADAuthenticationProvider.ProviderName;
}
}
4 changes: 2 additions & 2 deletions source/Server.GoogleApps/GoogleAppsApi.cs
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
using System;
using Octopus.Server.Extensibility.Authentication.GoogleApps.Configuration;
using Octopus.Server.Extensibility.Authentication.GoogleApps.Configuration;
using Octopus.Server.Extensibility.Authentication.GoogleApps.Identities;
using Octopus.Server.Extensibility.Authentication.GoogleApps.Tokens;
using Octopus.Server.Extensibility.Authentication.GoogleApps.Web;
Expand All @@ -16,6 +15,7 @@ public GoogleAppsApi(
{
Add<GoogleAppsUserAuthenticationAction>("POST", authenticationProvider.AuthenticateUri, RouteCategory.Raw, new AnonymousWhenEnabledEndpointInvocation<IGoogleAppsConfigurationStore>(), null, "OpenIDConnect");
Add<GoogleAppsUserAuthenticatedAction>("POST", configurationStore.RedirectUri, RouteCategory.Raw, new AnonymousWhenEnabledEndpointInvocation<IGoogleAppsConfigurationStore>(), null, "OpenIDConnect");
Add<GoogleAppsUserAuthenticationCodeAction>("GET", configurationStore.RedirectUri, RouteCategory.Raw, new AnonymousWhenEnabledEndpointInvocation<IGoogleAppsConfigurationStore>(), null, "OpenIDConnect");
}
}
}
1 change: 1 addition & 0 deletions source/Server.GoogleApps/GoogleAppsExtension.cs
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@ public override void Load(ContainerBuilder builder)

builder.RegisterType<GoogleAppsUserAuthenticationAction>().AsSelf().InstancePerDependency();
builder.RegisterType<GoogleAppsUserAuthenticatedAction>().AsSelf().InstancePerDependency();
builder.RegisterType<GoogleAppsUserAuthenticationCodeAction>().AsSelf().InstancePerDependency();

builder.RegisterType<GoogleAppsAuthenticationProvider>()
.As<IAuthenticationProvider>()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ public GoogleAppsAuthorizationEndpointUrlBuilder(IGoogleAppsConfigurationStore c
{
}

public override string Build(string requestDirectoryPath, IssuerConfiguration issuerConfiguration, string nonce, string? state = null)
public override string Build(string requestDirectoryPath, IssuerConfiguration issuerConfiguration, string? nonce = null, string? state = null)
{
var url = base.Build(requestDirectoryPath, issuerConfiguration, nonce, state);

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
using Octopus.Diagnostics;
using Octopus.Server.Extensibility.Authentication.GoogleApps.Configuration;
using Octopus.Server.Extensibility.Authentication.GoogleApps.Identities;
using Octopus.Server.Extensibility.Authentication.GoogleApps.Tokens;
using Octopus.Server.Extensibility.Authentication.HostServices;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Infrastructure;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Issuer;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Web;
using Octopus.Server.Extensibility.HostServices.Web;
using Octopus.Time;

namespace Octopus.Server.Extensibility.Authentication.GoogleApps.Web
{
class GoogleAppsUserAuthenticationCodeAction : UserAuthenticationCodeAction<IGoogleAppsConfigurationStore, IGoogleAuthTokenHandler, IGoogleAppsIdentityCreator>
{
public GoogleAppsUserAuthenticationCodeAction(
ISystemLog log,
IGoogleAuthTokenHandler authTokenHandler,
IPrincipalToUserResourceMapper principalToUserResourceMapper,
IUpdateableUserStore userStore,
IGoogleAppsConfigurationStore configurationStore,
IAuthCookieCreator authCookieCreator,
IInvalidLoginTracker loginTracker,
ISleep sleep,
IGoogleAppsIdentityCreator identityCreator,
IClock clock,
IIdentityProviderConfigDiscoverer identityProviderConfigDiscoverer,
IUrlEncoder urlEncoder)
: base(log, authTokenHandler, principalToUserResourceMapper, userStore, configurationStore, authCookieCreator, loginTracker, sleep, identityCreator, clock, identityProviderConfigDiscoverer, urlEncoder)
{
}

protected override string ProviderName => GoogleAppsAuthenticationProvider.ProviderName;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@

namespace Octopus.Server.Extensibility.Authentication.OctopusID.Configuration
{
interface IOctopusIDConfigurationStore : IOpenIDConnectWithClientSecretConfigurationStore<OctopusIDConfiguration>,
IOpenIDConnectConfigurationWithRoleStore<OctopusIDConfiguration>
interface IOctopusIDConfigurationStore : IOpenIDConnectConfigurationWithRoleStore<OctopusIDConfiguration>
{
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

namespace Octopus.Server.Extensibility.Authentication.OctopusID.Configuration
{
class OctopusIDConfiguration : OpenIDConnectConfigurationWithClientSecret, IOpenIDConnectConfigurationWithRole
class OctopusIDConfiguration : OpenIDConnectConfiguration, IOpenIDConnectConfigurationWithRole
{
public static string DefaultRoleClaimType = "roles";

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
namespace Octopus.Server.Extensibility.Authentication.OctopusID.Configuration
{
[Description("Sign in to your Octopus Server with an Octopus ID. [Learn more](https://g.octopushq.com/AuthOctopusID).")]
class OctopusIDConfigurationResource : OpenIDConnectConfigurationWithClientSecretResource
class OctopusIDConfigurationResource : OpenIDConnectConfigurationResource
{
[ReadOnly(true)]
public override string? Issuer { get; set; }
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

namespace Octopus.Server.Extensibility.Authentication.OctopusID.Configuration
{
class OctopusIDConfigurationStore : OpenIDConnectWithClientSecretConfigurationStore<OctopusIDConfiguration>, IOctopusIDConfigurationStore
class OctopusIDConfigurationStore : OpenIdConnectConfigurationStore<OctopusIDConfiguration>, IOctopusIDConfigurationStore
{
public const string SingletonId = "authentication-octopusid";

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,11 +26,6 @@ public override IEnumerable<ConfigureCommandOption> GetOptions()
{
yield return option;
}
yield return new ConfigureCommandOption($"{ConfigurationSettingsName}ClientSecret=", "Tell Octopus the shared secret to use for Octopus ID authentication requests.", v =>
{
ConfigurationStore.Value.SetClientSecret(v.ToSensitiveString());
Log.Info($"{ConfigurationSettingsName} ClientSecret set");
}, hide: true);
}
}
}
5 changes: 2 additions & 3 deletions source/Server.Okta/OktaApi.cs
Original file line number Diff line number Diff line change
@@ -1,9 +1,7 @@
using System;
using Octopus.Server.Extensibility.Authentication.Okta.Configuration;
using Octopus.Server.Extensibility.Authentication.Okta.Configuration;
using Octopus.Server.Extensibility.Authentication.Okta.Identities;
using Octopus.Server.Extensibility.Authentication.Okta.Tokens;
using Octopus.Server.Extensibility.Authentication.Okta.Web;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common;
using Octopus.Server.Extensibility.Extensions.Infrastructure.Web.Api;

Expand All @@ -16,6 +14,7 @@ public OktaApi(IOktaConfigurationStore configurationStore, OktaAuthenticationPro
{
Add<OktaUserAuthenticationAction>("POST", authenticationProvider.AuthenticateUri, RouteCategory.Raw, new AnonymousWhenEnabledEndpointInvocation<IOktaConfigurationStore>(), null, "OpenIDConnect");
Add<OktaUserAuthenticatedAction>("POST", configurationStore.RedirectUri, RouteCategory.Raw, new AnonymousWhenEnabledEndpointInvocation<IOktaConfigurationStore>(), null, "OpenIDConnect");
Add<OktaUserAuthenticationCodeAction>("GET", configurationStore.RedirectUri, RouteCategory.Raw, new AnonymousWhenEnabledEndpointInvocation<IOktaConfigurationStore>(), null, "OpenIDConnect");
}
}
}
1 change: 1 addition & 0 deletions source/Server.Okta/OktaExtension.cs
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ public override void Load(ContainerBuilder builder)

builder.RegisterType<OktaUserAuthenticationAction>().AsSelf().InstancePerDependency();
builder.RegisterType<OktaUserAuthenticatedAction>().AsSelf().InstancePerDependency();
builder.RegisterType<OktaUserAuthenticationCodeAction>().AsSelf().InstancePerDependency();

builder.RegisterType<OktaAuthenticationProvider>()
.As<IAuthenticationProvider>()
Expand Down
35 changes: 35 additions & 0 deletions source/Server.Okta/Web/OktaUserAuthenticationCodeAction.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
using Octopus.Diagnostics;
using Octopus.Server.Extensibility.Authentication.HostServices;
using Octopus.Server.Extensibility.Authentication.Okta.Configuration;
using Octopus.Server.Extensibility.Authentication.Okta.Identities;
using Octopus.Server.Extensibility.Authentication.Okta.Tokens;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Infrastructure;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Issuer;
using Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Web;
using Octopus.Server.Extensibility.HostServices.Web;
using Octopus.Time;

namespace Octopus.Server.Extensibility.Authentication.Okta.Web
{
class OktaUserAuthenticationCodeAction : UserAuthenticationCodeAction<IOktaConfigurationStore, IOktaAuthTokenHandler, IOktaIdentityCreator>
{
public OktaUserAuthenticationCodeAction(
ISystemLog log,
IOktaAuthTokenHandler authTokenHandler,
IPrincipalToUserResourceMapper principalToUserResourceMapper,
IUpdateableUserStore userStore,
IOktaConfigurationStore configurationStore,
IAuthCookieCreator authCookieCreator,
IInvalidLoginTracker loginTracker,
ISleep sleep,
IOktaIdentityCreator identityCreator,
IClock clock,
IIdentityProviderConfigDiscoverer identityProviderConfigDiscoverer,
IUrlEncoder urlEncoder)
: base(log, authTokenHandler, principalToUserResourceMapper, userStore, configurationStore, authCookieCreator, loginTracker, sleep, identityCreator, clock, identityProviderConfigDiscoverer, urlEncoder)
{
}

protected override string ProviderName => OktaAuthenticationProvider.ProviderName;
}
}
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
using Octopus.Data.Model;

namespace Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Configuration
{
public interface IOpenIDConnectConfiguration
{
string? Issuer { get; set; }
string? ClientId { get; set; }
SensitiveString? ClientSecret { get; set; }
string? Scope { get; set; }
string? NameClaimType { get; set; }
bool AllowAutoUserCreation { get; set; }
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ public interface IOpenIDConnectConfigurationStore : IExtensionConfigurationStore
string? GetClientId();
void SetClientId(string? clientId);

SensitiveString? GetClientSecret();
void SetClientSecret(SensitiveString? clientSecret);
bool HasClientSecret { get; }

string? GetScope();
void SetScope(string? scope);

Expand Down

This file was deleted.

This file was deleted.

Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
using Octopus.Server.Extensibility.Extensions.Infrastructure.Configuration;
using Octopus.Data.Model;
using Octopus.Server.Extensibility.Extensions.Infrastructure.Configuration;

namespace Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Configuration
{
public abstract class OpenIDConnectConfiguration : ExtensionConfigurationDocument, IOpenIDConnectConfiguration
{
public const string DefaultResponseType = "code+id_token";
public const string AuthCodeResponseType = "code";
public const string HybridResponseType = "code+id_token";
public const string DefaultResponseMode = "form_post";
public const string DefaultScope = "openid%20profile%20email";
public const string DefaultNameClaimType = "name";
Expand All @@ -27,6 +29,8 @@ protected OpenIDConnectConfiguration(string id, string name, string author, stri

public string? ClientId { get; set; }

public SensitiveString? ClientSecret { get; set; }

public string? Scope { get; set; }

public string? NameClaimType { get; set; }
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
using System.ComponentModel;
using Octopus.Server.Extensibility.Extensions.Infrastructure.Configuration;
using Octopus.Server.MessageContracts;
using Octopus.Server.MessageContracts.Attributes;

namespace Octopus.Server.Extensibility.Authentication.OpenIDConnect.Common.Configuration
Expand All @@ -15,6 +16,11 @@ public class OpenIDConnectConfigurationResource : ExtensionConfigurationResource
[Writeable]
public virtual string? ClientId { get; set; }

[DisplayName("Client Secret")]
[Description("Shared secret for validating the authentication tokens")]
[Writeable]
public virtual SensitiveValue? ClientSecret { get; set; }

[DisplayName("Allow Auto User Creation")]
[Description("Tell Octopus to automatically create a user account when a person signs in for the first time with this identity provider")]
[Writeable]
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,18 @@ public void SetClientId(string? clientId)
SetProperty(doc => doc.ClientId = clientId);
}

public SensitiveString? GetClientSecret()
{
return GetProperty(doc => doc.ClientSecret);
}

public void SetClientSecret(SensitiveString? clientSecret)
{
SetProperty(doc => doc.ClientSecret = clientSecret);
}

public bool HasClientSecret => GetClientSecret() != null;

public string? GetScope()
{
return GetProperty(doc => doc.Scope);
Expand Down

This file was deleted.

This file was deleted.

Loading