API-Explorer-II

mirror of https://github.com/OpenBankProject/API-Explorer-II.git synced 2026-02-06 18:56:58 +00:00

History

simonredfern 86295f827a Phase 1: Implement OAuth2/OIDC core infrastructure Backend Implementation: - Add arctic and jsonwebtoken dependencies - Create PKCEUtils for OAuth2 PKCE flow (RFC 7636) - Create OAuth2Service for OIDC provider integration * OIDC discovery (.well-known/openid-configuration) * Authorization URL generation with PKCE * Token exchange (code for access/refresh/ID tokens) * Token refresh flow * UserInfo endpoint integration - Create OAuth2AuthorizationMiddleware (initiate auth flow) - Create OAuth2CallbackMiddleware (handle provider callback) - Create OAuth2ConnectController (/oauth2/connect endpoint) - Create OAuth2CallbackController (/oauth2/callback endpoint) Configuration: - Add OAuth2 environment variables to env_ai - Feature flag VITE_USE_OAUTH2 for gradual migration - Support for OBP-OIDC provider Features: - PKCE (Proof Key for Code Exchange) support - State parameter for CSRF protection - Session-based token storage - Comprehensive error handling - Security best practices (token expiration, flow timeout) Note: Backend infrastructure complete. Next phase: integrate with app.ts and update UserController for dual auth support.	2025-11-29 19:53:41 +01:00
..
pkce.ts	Phase 1: Implement OAuth2/OIDC core infrastructure	2025-11-29 19:53:41 +01:00

simonredfern 86295f827a Phase 1: Implement OAuth2/OIDC core infrastructure

Backend Implementation:
- Add arctic and jsonwebtoken dependencies
- Create PKCEUtils for OAuth2 PKCE flow (RFC 7636)
- Create OAuth2Service for OIDC provider integration
  * OIDC discovery (.well-known/openid-configuration)
  * Authorization URL generation with PKCE
  * Token exchange (code for access/refresh/ID tokens)
  * Token refresh flow
  * UserInfo endpoint integration
- Create OAuth2AuthorizationMiddleware (initiate auth flow)
- Create OAuth2CallbackMiddleware (handle provider callback)
- Create OAuth2ConnectController (/oauth2/connect endpoint)
- Create OAuth2CallbackController (/oauth2/callback endpoint)

Configuration:
- Add OAuth2 environment variables to env_ai
- Feature flag VITE_USE_OAUTH2 for gradual migration
- Support for OBP-OIDC provider

Features:
- PKCE (Proof Key for Code Exchange) support
- State parameter for CSRF protection
- Session-based token storage
- Comprehensive error handling
- Security best practices (token expiration, flow timeout)

Note: Backend infrastructure complete. Next phase: integrate with app.ts
and update UserController for dual auth support.

2025-11-29 19:53:41 +01:00

pkce.ts

Phase 1: Implement OAuth2/OIDC core infrastructure

2025-11-29 19:53:41 +01:00