artin/API-Explorer-II
1
0
Fork 0
mirror of https://github.com/OpenBankProject/API-Explorer-II.git synced 2026-02-06 10:47:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
495 Commits 32 Branches 1 Tag 13 MiB
3450df5d01
Commit Graph

92 Commits

Author SHA1 Message Date
simonredfern
3450df5d01 OAuth2 step 2 ok 2025-12-01 11:28:40 +01:00
simonredfern
dc69f9664d OAuth2 login first step works 2025-12-01 11:07:05 +01:00
simonredfern
d14fb57005 OAuth1 to OAuth2 2025-11-30 10:11:51 +01:00
simonredfern
b2df3a9791 Phase 2: Integrate OAuth2 into application 
Application Integration:
- Update server/app.ts to initialize OAuth2Service on startup
  * Conditional initialization based on VITE_USE_OAUTH2 flag
  * OIDC discovery document fetching
  * Comprehensive error handling and logging
  * Graceful fallback if OIDC provider unavailable

UserController Updates:
- Support dual authentication (OAuth 1.0a and OAuth2)
- OAuth2 user session detection and retrieval
- Automatic token refresh when access token expires
- Unified user data format for both auth methods
- Enhanced logout to clear both OAuth 1.0a and OAuth2 sessions
- Comprehensive logging for debugging

Features:
- Seamless switching between auth methods via feature flag
- Backward compatibility maintained
- Automatic token refresh before expiry
- Session cleanup on logout
- Error handling with fallback to empty response

Next phase: Update frontend components for OAuth2 login flow
 2025-11-29 19:54:58 +01:00
simonredfern
86295f827a Phase 1: Implement OAuth2/OIDC core infrastructure 
Backend Implementation:
- Add arctic and jsonwebtoken dependencies
- Create PKCEUtils for OAuth2 PKCE flow (RFC 7636)
- Create OAuth2Service for OIDC provider integration
  * OIDC discovery (.well-known/openid-configuration)
  * Authorization URL generation with PKCE
  * Token exchange (code for access/refresh/ID tokens)
  * Token refresh flow
  * UserInfo endpoint integration
- Create OAuth2AuthorizationMiddleware (initiate auth flow)
- Create OAuth2CallbackMiddleware (handle provider callback)
- Create OAuth2ConnectController (/oauth2/connect endpoint)
- Create OAuth2CallbackController (/oauth2/callback endpoint)

Configuration:
- Add OAuth2 environment variables to env_ai
- Feature flag VITE_USE_OAUTH2 for gradual migration
- Support for OBP-OIDC provider

Features:
- PKCE (Proof Key for Code Exchange) support
- State parameter for CSRF protection
- Session-based token storage
- Comprehensive error handling
- Security best practices (token expiration, flow timeout)

Note: Backend infrastructure complete. Next phase: integrate with app.ts
and update UserController for dual auth support.
 2025-11-29 19:53:41 +01:00
simonredfern
7905adb252 Making sure important env variables are not null. 2025-11-07 07:15:10 +01:00
simonredfern
eae18ad106 Adding a shared constant for the default API Version which is used if 
the env variable is not present.
 2025-11-07 07:07:17 +01:00
Marko Milić
24107ee884 feature/API Explorer II - make v6.0.0 the default version 2025-11-06 11:29:34 +01:00
Hongwei
826adcb8e0 Remove 'kafka_vSept2018' connector from StatusController and message-docs 2025-08-07 12:58:53 +02:00
Nemo Godebski-Pedersen
f4fa0e4ce9 fix page redirect when logout 2025-05-20 18:12:52 +07:00
Nemo Godebski-Pedersen
267cffba3b fix redirecting after log on 2025-05-20 18:12:52 +07:00
Nemo Godebski-Pedersen
6b2ef5f214 add consent expiry checking 2025-04-21 15:32:49 +01:00
Nemo Godebski-Pedersen
139310574c gert existing consents for opey 2025-04-10 16:26:23 +01:00
Nemo Godebski-Pedersen
e95a172235 add logout error handling 2025-04-09 15:47:43 +01:00
Nemo Godebski-Pedersen
0c51cb8a7d add existing consent checking 2025-03-28 16:30:11 +00:00
Nemo Godebski-Pedersen
c6b0dd5a42 WIP log in frontend 2025-03-21 10:47:36 +00:00
Nemo Godebski-Pedersen
43c7934e0c change naming of opeyConsent to obpConsent 2025-03-17 14:58:42 +00:00
Nemo Godebski-Pedersen
fd69736eb0 tests for stream endpoint 2025-03-13 17:06:23 +01:00
Nemo Godebski-Pedersen
303bb29ccb add testing for getOpeyConfig and checkAuthConfig 2025-03-13 16:35:14 +01:00
Nemo Godebski-Pedersen
7d93025fd3 auth framework WIP 2025-03-13 12:09:41 +01:00
Nemo Godebski-Pedersen
39b21dc5f5 fix test for consent endpoint 2025-03-12 15:16:39 +01:00
Nemo Godebski-Pedersen
b2110ca904 opey consent flow leg 1 working 2025-03-12 13:10:30 +01:00
Nemo Godebski-Pedersen
d3e44a154d consents flow WIP 2025-03-11 13:42:39 +00:00
Nemo Godebski-Pedersen
01090f85b4 create consent request service 2025-03-10 17:53:47 +00:00
Nemo Godebski-Pedersen
f8b313a130 add test for OBPConsentsService 2025-03-10 12:33:40 +00:00
Nemo Godebski-Pedersen
e5df920fea consents flow WIP 2025-03-07 16:21:10 +00:00
Nemo Godebski-Pedersen
cde2462612 Consents WIP, add the obp-api-typescript package 2025-03-07 11:14:28 +00:00
Nemo Godebski-Pedersen
c8228e171f bugfix broken import 2025-03-05 13:19:44 +00:00
Nemo Godebski-Pedersen
0124ba465e refactor and consents workflow WIP 2025-03-05 13:16:04 +00:00
Nemo Godebski-Pedersen
b8894bb371 fix enter-to-submit 2025-02-26 18:01:07 +00:00
Nemo Godebski-Pedersen
951aa989f9 simplify streaming 2025-02-26 17:48:46 +00:00
Nemo Godebski-Pedersen
b32866458f stream working (WIP) 2025-02-26 17:22:36 +00:00
Nemo Godebski-Pedersen
2faf6737c5 streaming WIP 2025-02-26 12:01:37 +00:00
Nemo Godebski-Pedersen
cd13f057a2 integration tests passing 2025-02-20 15:45:19 +00:00
Nemo Godebski-Pedersen
29c98120cd bugfix/remove potentially broken packages and redundancies 2025-02-20 10:07:26 +00:00
nemo
3321235c7f tests WIP 2025-02-14 17:27:55 +00:00
nemo
b78daae06e add tests for Opey status and invoke endpoints 2025-02-12 15:06:52 +00:00
nemo
7ec6a447c1 streams WIP 2025-02-11 17:12:07 +00:00
nemo
a98dc346e8 Tests WIP 2025-02-10 10:58:51 +00:00
nemo
7893183585 Opey II integration WIP: Add test 2025-01-30 11:01:55 +00:00
nemo
0feb271e23 integration WIP 2025-01-28 14:51:23 +00:00
nemo
1ca686b892 opey consents WIP 2025-01-23 12:36:06 +00:00
nemo
df88161095 Add connection loading indicator and logging for Opey 2025-01-17 12:58:18 +00:00
Marko Milić
aab04015f6 feature/Add error handling in case of git commit feature 2024-12-23 13:49:10 +01:00
Marko Milić
175f146dee feature/Resolve merge issues 2024-12-18 12:02:12 +01:00
Marko Milić
697ee2688d Merge remote-tracking branch 'upstream/develop' into develop 2024-12-18 11:49:15 +01:00
simonredfern
779812a020 add current user info to /api/status page 2024-12-09 18:51:54 +01:00
simonredfern
ef8d637daf debug fix 2024-12-09 18:33:11 +01:00
simonredfern
11a126b51f debugfix/Adding session to console.log 2024-12-09 18:10:19 +01:00
simonredfern
21ce2d0c11 debugfix/Adding console.log during OAuth flow 2024-12-09 17:55:04 +01:00