From 7e90c5d51a993e620b46307aa1d3245f2ce946fb Mon Sep 17 00:00:00 2001
From: mistahj67 <26472282+mistahj67@users.noreply.github.com>
Date: Fri, 22 Nov 2024 14:51:11 -0700
Subject: [PATCH] BED-5012 feat: add callback uri to oidc details (#940)
---
cmd/api/src/api/v2/auth/sso.go | 21 +++++++++--
cmd/api/src/database/samlproviders.go | 16 +++++++++
cmd/api/src/model/samlprovider.go | 16 +++++++++
.../SSOProviderInfoPanel.tsx | 35 +++++++++++--------
.../javascript/js-client-library/src/types.ts | 2 ++
5 files changed, 74 insertions(+), 16 deletions(-)
diff --git a/cmd/api/src/api/v2/auth/sso.go b/cmd/api/src/api/v2/auth/sso.go
index 7269c8fffb..027f349e5c 100644
--- a/cmd/api/src/api/v2/auth/sso.go
+++ b/cmd/api/src/api/v2/auth/sso.go
@@ -18,6 +18,8 @@ package auth
import (
"net/http"
+ "net/url"
+ "path"
"strconv"
"strings"
@@ -27,6 +29,7 @@ import (
"github.com/specterops/bloodhound/src/ctx"
"github.com/specterops/bloodhound/src/database/types/null"
"github.com/specterops/bloodhound/src/model"
+ "github.com/specterops/bloodhound/src/serde"
"gorm.io/gorm/utils"
)
@@ -37,13 +40,24 @@ type AuthProvider struct {
Type string `json:"type"`
Slug string `json:"slug"`
Details interface{} `json:"details"`
+
+ LoginUri serde.URL `json:"login_uri"`
+ CallbackUri serde.URL `json:"callback_uri"`
+}
+
+func (s *AuthProvider) FormatProviderURLs(hostUrl url.URL) {
+ root := hostUrl
+ root.Path = path.Join("/api/v2/sso/", s.Slug)
+
+ s.LoginUri = serde.FromURL(*root.JoinPath("login"))
+ s.CallbackUri = serde.FromURL(*root.JoinPath("callback"))
}
// ListAuthProviders lists all available SSO providers (SAML and OIDC) with sorting and filtering
func (s ManagementResource) ListAuthProviders(response http.ResponseWriter, request *http.Request) {
var (
- requestCtx = request.Context()
- queryParams = request.URL.Query()
+ requestCtx = request.Context()
+ queryParams = request.URL.Query()
sortByColumns = queryParams[api.QueryParameterSortBy]
order []string
queryFilters model.QueryParameterFilterMap
@@ -109,6 +123,9 @@ func (s ManagementResource) ListAuthProviders(response http.ResponseWriter, requ
Slug: ssoProvider.Slug,
}
+ // Format callback url from host
+ provider.FormatProviderURLs(*ctx.Get(requestCtx).Host)
+
switch ssoProvider.Type {
case model.SessionAuthProviderOIDC:
if ssoProvider.OIDCProvider != nil {
diff --git a/cmd/api/src/database/samlproviders.go b/cmd/api/src/database/samlproviders.go
index 694beef48a..ce822387ab 100644
--- a/cmd/api/src/database/samlproviders.go
+++ b/cmd/api/src/database/samlproviders.go
@@ -1,3 +1,19 @@
+// Copyright 2024 Specter Ops, Inc.
+//
+// Licensed under the Apache License, Version 2.0
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: Apache-2.0
+
package database
import (
diff --git a/cmd/api/src/model/samlprovider.go b/cmd/api/src/model/samlprovider.go
index e7a216d204..124039c2a6 100644
--- a/cmd/api/src/model/samlprovider.go
+++ b/cmd/api/src/model/samlprovider.go
@@ -1,3 +1,19 @@
+// Copyright 2024 Specter Ops, Inc.
+//
+// Licensed under the Apache License, Version 2.0
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: Apache-2.0
+
package model
import (
diff --git a/packages/javascript/bh-shared-ui/src/components/SSOProviderInfoPanel/SSOProviderInfoPanel.tsx b/packages/javascript/bh-shared-ui/src/components/SSOProviderInfoPanel/SSOProviderInfoPanel.tsx
index 6f21c82529..993609b5ad 100644
--- a/packages/javascript/bh-shared-ui/src/components/SSOProviderInfoPanel/SSOProviderInfoPanel.tsx
+++ b/packages/javascript/bh-shared-ui/src/components/SSOProviderInfoPanel/SSOProviderInfoPanel.tsx
@@ -46,19 +46,26 @@ const SAMLProviderInfoPanel: FC<{
);
const OIDCProviderInfoPanel: FC<{
- oidcProviderDetails: OIDCProviderInfo;
-}> = ({ oidcProviderDetails }) => (
-
- }
- value={oidcProviderDetails.client_id}
- />
- }
- value={oidcProviderDetails.issuer}
- />
-
-);
+ ssoProvider: SSOProvider;
+}> = ({ ssoProvider }) => {
+ const oidcProviderDetails = ssoProvider.details as OIDCProviderInfo;
+ return (
+
+ }
+ value={oidcProviderDetails.client_id}
+ />
+ }
+ value={oidcProviderDetails.issuer}
+ />
+ }
+ value={ssoProvider.callback_uri}
+ />
+
+ );
+};
const SSOProviderInfoPanel: FC<{
ssoProvider: SSOProvider;
@@ -77,7 +84,7 @@ const SSOProviderInfoPanel: FC<{
infoPanel = ;
break;
case 'oidc':
- infoPanel = ;
+ infoPanel = ;
break;
default:
infoPanel = null;
diff --git a/packages/javascript/js-client-library/src/types.ts b/packages/javascript/js-client-library/src/types.ts
index 1e15874460..9b851c7e43 100644
--- a/packages/javascript/js-client-library/src/types.ts
+++ b/packages/javascript/js-client-library/src/types.ts
@@ -179,6 +179,8 @@ export interface SSOProvider extends Serial {
slug: string;
type: 'OIDC' | 'SAML';
details: SAMLProviderInfo | OIDCProviderInfo;
+ login_uri: string;
+ callback_uri: string;
}
export interface ListSSOProvidersResponse {