artin/API-Explorer-II
1
0
Fork 0
mirror of https://github.com/OpenBankProject/API-Explorer-II.git synced 2026-02-06 10:47:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
547 Commits 32 Branches 1 Tag 13 MiB
1033693b09
Commit Graph

106 Commits

Author SHA1 Message Date
simonredfern
1033693b09 Don't hide request body if empty. token refresh try 2025-12-19 16:01:14 +01:00
simonredfern
498a509b2d session timeout 2025-12-19 16:01:14 +01:00
simonredfern
0b4825fc7c OIDC checking / retrying 2 2025-12-14 11:15:35 +01:00
simonredfern
cd9ba264ec OIDC checking / retrying 2025-12-14 11:04:14 +01:00
simonredfern
ca923f7b5a commitID 2025-12-12 10:32:14 +01:00
simonredfern
37c2688fb5 ES modules 2025-12-11 20:44:07 +01:00
simonredfern
c870628ad3 using v6.0.0 of scanned apis 2025-12-11 19:22:59 +01:00
simonredfern
23a1615dcb trying compiler options CommonJS 2025-12-11 16:04:35 +01:00
simonredfern
d7638b1d70 moved shared-constants.ts to src 2025-12-11 14:03:21 +01:00
simonredfern
63bec0dd00 changing url path structure to resource-docs 2025-12-08 16:21:10 +01:00
simonredfern
b0d927c1e1 showing proper OBP error message instead of squashing them 2025-12-03 21:50:56 +01:00
simonredfern
056171388f OAuth2/OIDC 2025-12-02 14:26:19 +01:00
simonredfern
b97f39b4e1 better error with Request Entitlement and sending user_id 2025-12-02 02:08:16 +01:00
simonredfern
4a5239e5aa OAuth2 tweaks 2025-12-02 01:11:17 +01:00
simonredfern
3450df5d01 OAuth2 step 2 ok 2025-12-01 11:28:40 +01:00
simonredfern
dc69f9664d OAuth2 login first step works 2025-12-01 11:07:05 +01:00
simonredfern
d14fb57005 OAuth1 to OAuth2 2025-11-30 10:11:51 +01:00
simonredfern
b2df3a9791 Phase 2: Integrate OAuth2 into application 
Application Integration:
- Update server/app.ts to initialize OAuth2Service on startup
  * Conditional initialization based on VITE_USE_OAUTH2 flag
  * OIDC discovery document fetching
  * Comprehensive error handling and logging
  * Graceful fallback if OIDC provider unavailable

UserController Updates:
- Support dual authentication (OAuth 1.0a and OAuth2)
- OAuth2 user session detection and retrieval
- Automatic token refresh when access token expires
- Unified user data format for both auth methods
- Enhanced logout to clear both OAuth 1.0a and OAuth2 sessions
- Comprehensive logging for debugging

Features:
- Seamless switching between auth methods via feature flag
- Backward compatibility maintained
- Automatic token refresh before expiry
- Session cleanup on logout
- Error handling with fallback to empty response

Next phase: Update frontend components for OAuth2 login flow
 2025-11-29 19:54:58 +01:00
simonredfern
86295f827a Phase 1: Implement OAuth2/OIDC core infrastructure 
Backend Implementation:
- Add arctic and jsonwebtoken dependencies
- Create PKCEUtils for OAuth2 PKCE flow (RFC 7636)
- Create OAuth2Service for OIDC provider integration
  * OIDC discovery (.well-known/openid-configuration)
  * Authorization URL generation with PKCE
  * Token exchange (code for access/refresh/ID tokens)
  * Token refresh flow
  * UserInfo endpoint integration
- Create OAuth2AuthorizationMiddleware (initiate auth flow)
- Create OAuth2CallbackMiddleware (handle provider callback)
- Create OAuth2ConnectController (/oauth2/connect endpoint)
- Create OAuth2CallbackController (/oauth2/callback endpoint)

Configuration:
- Add OAuth2 environment variables to env_ai
- Feature flag VITE_USE_OAUTH2 for gradual migration
- Support for OBP-OIDC provider

Features:
- PKCE (Proof Key for Code Exchange) support
- State parameter for CSRF protection
- Session-based token storage
- Comprehensive error handling
- Security best practices (token expiration, flow timeout)

Note: Backend infrastructure complete. Next phase: integrate with app.ts
and update UserController for dual auth support.
 2025-11-29 19:53:41 +01:00
simonredfern
7905adb252 Making sure important env variables are not null. 2025-11-07 07:15:10 +01:00
simonredfern
eae18ad106 Adding a shared constant for the default API Version which is used if 
the env variable is not present.
 2025-11-07 07:07:17 +01:00
Marko Milić
24107ee884 feature/API Explorer II - make v6.0.0 the default version 2025-11-06 11:29:34 +01:00
Hongwei
826adcb8e0 Remove 'kafka_vSept2018' connector from StatusController and message-docs 2025-08-07 12:58:53 +02:00
Nemo Godebski-Pedersen
f4fa0e4ce9 fix page redirect when logout 2025-05-20 18:12:52 +07:00
Nemo Godebski-Pedersen
267cffba3b fix redirecting after log on 2025-05-20 18:12:52 +07:00
Nemo Godebski-Pedersen
6b2ef5f214 add consent expiry checking 2025-04-21 15:32:49 +01:00
Nemo Godebski-Pedersen
139310574c gert existing consents for opey 2025-04-10 16:26:23 +01:00
Nemo Godebski-Pedersen
e95a172235 add logout error handling 2025-04-09 15:47:43 +01:00
Nemo Godebski-Pedersen
0c51cb8a7d add existing consent checking 2025-03-28 16:30:11 +00:00
Nemo Godebski-Pedersen
c6b0dd5a42 WIP log in frontend 2025-03-21 10:47:36 +00:00
Nemo Godebski-Pedersen
43c7934e0c change naming of opeyConsent to obpConsent 2025-03-17 14:58:42 +00:00
Nemo Godebski-Pedersen
fd69736eb0 tests for stream endpoint 2025-03-13 17:06:23 +01:00
Nemo Godebski-Pedersen
303bb29ccb add testing for getOpeyConfig and checkAuthConfig 2025-03-13 16:35:14 +01:00
Nemo Godebski-Pedersen
7d93025fd3 auth framework WIP 2025-03-13 12:09:41 +01:00
Nemo Godebski-Pedersen
39b21dc5f5 fix test for consent endpoint 2025-03-12 15:16:39 +01:00
Nemo Godebski-Pedersen
b2110ca904 opey consent flow leg 1 working 2025-03-12 13:10:30 +01:00
Nemo Godebski-Pedersen
d3e44a154d consents flow WIP 2025-03-11 13:42:39 +00:00
Nemo Godebski-Pedersen
01090f85b4 create consent request service 2025-03-10 17:53:47 +00:00
Nemo Godebski-Pedersen
f8b313a130 add test for OBPConsentsService 2025-03-10 12:33:40 +00:00
Nemo Godebski-Pedersen
e5df920fea consents flow WIP 2025-03-07 16:21:10 +00:00
Nemo Godebski-Pedersen
cde2462612 Consents WIP, add the obp-api-typescript package 2025-03-07 11:14:28 +00:00
Nemo Godebski-Pedersen
c8228e171f bugfix broken import 2025-03-05 13:19:44 +00:00
Nemo Godebski-Pedersen
0124ba465e refactor and consents workflow WIP 2025-03-05 13:16:04 +00:00
Nemo Godebski-Pedersen
b8894bb371 fix enter-to-submit 2025-02-26 18:01:07 +00:00
Nemo Godebski-Pedersen
951aa989f9 simplify streaming 2025-02-26 17:48:46 +00:00
Nemo Godebski-Pedersen
b32866458f stream working (WIP) 2025-02-26 17:22:36 +00:00
Nemo Godebski-Pedersen
2faf6737c5 streaming WIP 2025-02-26 12:01:37 +00:00
Nemo Godebski-Pedersen
cd13f057a2 integration tests passing 2025-02-20 15:45:19 +00:00
Nemo Godebski-Pedersen
29c98120cd bugfix/remove potentially broken packages and redundancies 2025-02-20 10:07:26 +00:00
nemo
3321235c7f tests WIP 2025-02-14 17:27:55 +00:00