Skip to content

Commit

Permalink
BED-5012 feat: add callback uri to oidc details (#940)
Browse files Browse the repository at this point in the history
  • Loading branch information
mistahj67 authored Nov 22, 2024
1 parent 00365c3 commit 7e90c5d
Show file tree
Hide file tree
Showing 5 changed files with 74 additions and 16 deletions.
21 changes: 19 additions & 2 deletions cmd/api/src/api/v2/auth/sso.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ package auth

import (
"net/http"
"net/url"
"path"
"strconv"
"strings"

Expand All @@ -27,6 +29,7 @@ import (
"github.com/specterops/bloodhound/src/ctx"
"github.com/specterops/bloodhound/src/database/types/null"
"github.com/specterops/bloodhound/src/model"
"github.com/specterops/bloodhound/src/serde"
"gorm.io/gorm/utils"
)

Expand All @@ -37,13 +40,24 @@ type AuthProvider struct {
Type string `json:"type"`
Slug string `json:"slug"`
Details interface{} `json:"details"`

LoginUri serde.URL `json:"login_uri"`
CallbackUri serde.URL `json:"callback_uri"`
}

func (s *AuthProvider) FormatProviderURLs(hostUrl url.URL) {
root := hostUrl
root.Path = path.Join("/api/v2/sso/", s.Slug)

s.LoginUri = serde.FromURL(*root.JoinPath("login"))
s.CallbackUri = serde.FromURL(*root.JoinPath("callback"))
}

// ListAuthProviders lists all available SSO providers (SAML and OIDC) with sorting and filtering
func (s ManagementResource) ListAuthProviders(response http.ResponseWriter, request *http.Request) {
var (
requestCtx = request.Context()
queryParams = request.URL.Query()
requestCtx = request.Context()
queryParams = request.URL.Query()
sortByColumns = queryParams[api.QueryParameterSortBy]
order []string
queryFilters model.QueryParameterFilterMap
Expand Down Expand Up @@ -109,6 +123,9 @@ func (s ManagementResource) ListAuthProviders(response http.ResponseWriter, requ
Slug: ssoProvider.Slug,
}

// Format callback url from host
provider.FormatProviderURLs(*ctx.Get(requestCtx).Host)

switch ssoProvider.Type {
case model.SessionAuthProviderOIDC:
if ssoProvider.OIDCProvider != nil {
Expand Down
16 changes: 16 additions & 0 deletions cmd/api/src/database/samlproviders.go
Original file line number Diff line number Diff line change
@@ -1,3 +1,19 @@
// Copyright 2024 Specter Ops, Inc.
//
// Licensed under the Apache License, Version 2.0
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0

package database

import (
Expand Down
16 changes: 16 additions & 0 deletions cmd/api/src/model/samlprovider.go
Original file line number Diff line number Diff line change
@@ -1,3 +1,19 @@
// Copyright 2024 Specter Ops, Inc.
//
// Licensed under the Apache License, Version 2.0
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0

package model

import (
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,19 +46,26 @@ const SAMLProviderInfoPanel: FC<{
);

const OIDCProviderInfoPanel: FC<{
oidcProviderDetails: OIDCProviderInfo;
}> = ({ oidcProviderDetails }) => (
<FieldsContainer>
<Field
label={<LabelWithCopy label='Client ID' valueToCopy={oidcProviderDetails.client_id} hoverOnly />}
value={oidcProviderDetails.client_id}
/>
<Field
label={<LabelWithCopy label='Issuer' valueToCopy={oidcProviderDetails.issuer} hoverOnly />}
value={oidcProviderDetails.issuer}
/>
</FieldsContainer>
);
ssoProvider: SSOProvider;
}> = ({ ssoProvider }) => {
const oidcProviderDetails = ssoProvider.details as OIDCProviderInfo;
return (
<FieldsContainer>
<Field
label={<LabelWithCopy label='Client ID' valueToCopy={oidcProviderDetails.client_id} hoverOnly />}
value={oidcProviderDetails.client_id}
/>
<Field
label={<LabelWithCopy label='Issuer' valueToCopy={oidcProviderDetails.issuer} hoverOnly />}
value={oidcProviderDetails.issuer}
/>
<Field
label={<LabelWithCopy label='Callback URL' valueToCopy={ssoProvider.callback_uri} hoverOnly />}
value={ssoProvider.callback_uri}
/>
</FieldsContainer>
);
};

const SSOProviderInfoPanel: FC<{
ssoProvider: SSOProvider;
Expand All @@ -77,7 +84,7 @@ const SSOProviderInfoPanel: FC<{
infoPanel = <SAMLProviderInfoPanel samlProviderDetails={ssoProvider.details as SAMLProviderInfo} />;
break;
case 'oidc':
infoPanel = <OIDCProviderInfoPanel oidcProviderDetails={ssoProvider.details as OIDCProviderInfo} />;
infoPanel = <OIDCProviderInfoPanel ssoProvider={ssoProvider} />;
break;
default:
infoPanel = null;
Expand Down
2 changes: 2 additions & 0 deletions packages/javascript/js-client-library/src/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,8 @@ export interface SSOProvider extends Serial {
slug: string;
type: 'OIDC' | 'SAML';
details: SAMLProviderInfo | OIDCProviderInfo;
login_uri: string;
callback_uri: string;
}

export interface ListSSOProvidersResponse {
Expand Down

0 comments on commit 7e90c5d

Please sign in to comment.