stable
Clone or download
Part of story #14714: be an OpenID Connect provider 1. In the project admin create an OAuth2 app (note the ID and the given secret) 2. Generate a new client secret in project admin. 3. Access the authorize page at the URL https://tuleap.example.com/oauth2/authorize?client_id=<client_id>&scope=openid&response_type=code&redirect_uri=<redirect_uri> 4. Quickly retrieve (it is valid only 1 minute) the authorization code from the URL 5. When you try to exchange the authorization code for an access token, - The old client secret (at app creation) should be rejected with "invalid_client" - The new client secret should be accepted. 6. Exchange the authorization code for an access token and an ID token: shell> curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \ --user '<client_id>:<client_secret>' \ --data 'grant_type=authorization_code&redirect_uri=<redirect_uri>&code=<authorization_code>' \ https://tuleap.example.com/oauth2/token Change-Id: I0eac3c9347f509b806a9dc8404d1b56f1f04ee1f
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | package.json | +1 | −0 | Go to diff View file |
| M | plugins/oauth2_server/include/App/AppDao.php | +9 | −0 | Go to diff View file |
| M | plugins/oauth2_server/include/App/ClientIdentifier.php | +2 | −2 | Go to diff View file |
| A | plugins/oauth2_server/include/App/ClientSecretUpdater.php | +61 | −0 | Go to diff View file |
| R | plugins/oauth2_server/include/App/LastCreatedOAuth2App.php | Go to diff View file | ||
| R | plugins/oauth2_server/include/App/LastCreatedOAuth2AppStore.php | Go to diff View file | ||
| M | plugins/oauth2_server/include/ProjectAdmin/AddAppController.php | +4 | −4 | Go to diff View file |
| A | plugins/oauth2_server/include/ProjectAdmin/NewClientSecretController.php | +96 | −0 | Go to diff View file |
| M | plugins/oauth2_server/include/ProjectAdmin/ProjectAdminPresenter.php | +11 | −5 | Go to diff View file |
| M | plugins/oauth2_server/include/ProjectAdmin/ProjectAdminPresenterBuilder.php | +11 | −11 | Go to diff View file |
| M | plugins/oauth2_server/include/oauth2_serverPlugin.php | +36 | −2 | Go to diff View file |
| M | plugins/oauth2_server/scripts/po/fr_FR.po | +11 | −0 | Go to diff View file |
| M | plugins/oauth2_server/scripts/src/project-administration.ts | +24 | −2 | Go to diff View file |
| M | plugins/oauth2_server/scripts/src/replacers.test.ts | +17 | −32 | Go to diff View file |
| M | plugins/oauth2_server/scripts/src/replacers.ts | +15 | −0 | Go to diff View file |
| M | plugins/oauth2_server/site-content/fr_FR/LC_MESSAGES/tuleap-oauth2_server.po | +10 | −7 | Go to diff View file |
| A | plugins/oauth2_server/templates/new-secret-modal.mustache | +40 | −0 | Go to diff View file |
| M | plugins/oauth2_server/templates/project-admin.mustache | +13 | −2 | Go to diff View file |
| M | plugins/oauth2_server/tests/unit/App/ClientIdentifierTest.php | +3 | −3 | Go to diff View file |
| A | plugins/oauth2_server/tests/unit/App/ClientSecretUpdaterTest.php | +72 | −0 | Go to diff View file |
| R | plugins/oauth2_server/tests/unit/App/LastCreatedOAuth2AppStoreTest.php | Go to diff View file | ||
| M | plugins/oauth2_server/tests/unit/ProjectAdmin/AddAppControllerTest.php | +12 | −11 | Go to diff View file |
| M | plugins/oauth2_server/tests/unit/ProjectAdmin/DeleteAppControllerTest.php | +2 | −6 | Go to diff View file |
| A | plugins/oauth2_server/tests/unit/ProjectAdmin/NewClientSecretControllerTest.php | +122 | −0 | Go to diff View file |
| M | plugins/oauth2_server/tests/unit/ProjectAdmin/ProjectAdminPresenterBuilderTest.php | +13 | −15 | Go to diff View file |