[SQSERVICES-1770] Register OAuth App (1/n) by battermann · Pull Request #2882 · wireapp/wire-server

battermann · 2022-11-29T16:19:14Z

https://wearezeta.atlassian.net/browse/SQSERVICES-1770

Todos

Everything is implemented in a single new module. We should refactor this and extract common generic behavior that could be a standalone OAuth2 library and put the rest into places where it makes more sense, like e.g. wire-api. However, refactoring should probably be done in a single branch that contains all the subsequent OAuth PRs. Also, maybe define new effects for secret generation?

Checklist

Add a new entry in an appropriate subdirectory of changelog.d
Read and follow the PR guidelines
Run make git-add-cassandra-schema to update the cassandra schema documentation

changelog.d/5-internal/pr-2882

fisx · 2023-01-13T09:51:04Z

charts/nginz/values.yaml

      envs:
      - all
      disable_zauth: true
+    - path: /oauth/clients/([^/]*)$


probably should add that part to the changelog entry as well.

fisx · 2023-01-13T09:52:25Z

libs/types-common/src/Data/Id.hs

 import Test.QuickCheck.Instances ()

-data IdTag = A | C | I | U | P | S | T | STo
+data IdTag = A | C | I | U | P | S | T | STo | OAuthClient


i like how the names get exponentially longer over time. :)

is there a reason you're not just using a new type OAuthClientId. it's fine to reuse Id, just wondering.

Id provides us with a lot of helpful utility functions, that's all.

fisx · 2023-01-13T15:16:41Z

services/brig/schema/src/V74_AddOAuthClientTable.hs

+        CREATE TABLE IF NOT EXISTS oauth_client
+          ( id uuid PRIMARY KEY
+          , name text
+          , redirect_uri blob


text? (same for secrect)

Maybe, I did this according to other table columns with the same Haskell types.

then we should probably keep it as is for consistency.

services/brig/src/Brig/API/OAuth.hs

fisx · 2023-01-13T15:28:10Z

services/brig/src/Brig/API/Internal.hs

+     ]
+    r =>
+  ServerT (BrigIRoutes.API :<|> IOAuthAPI) (Handler r)
+servantSitemap = brigInternalAPI :<|> internalOauthAPI


why not add internalOAuthAPI to the list in brigInternalAPI? i would argue it's just one more thing next to mls, teams, user, auth, ...

same for public api.

fisx · 2023-01-13T15:29:04Z

services/brig/src/Brig/API/Public.hs

-    :<|> Team.servantAPI
-    :<|> systemSettingsAPI
+  ServerT (BrigAPI :<|> OAuthAPI) (Handler r)
+servantSitemap = brigAPI :<|> oauthAPI


see comment for internal api above.

fisx · 2023-01-13T15:30:17Z

services/brig/test/integration/Main.hs

      versionApi = API.Version.tests mg brigOpts b
      mlsApi = MLS.tests mg b brigOpts

+  let oauthAPI = API.OAuth.tests mg b brigOpts


add this line to the let block above?

battermann · 2023-03-09T17:35:43Z

Obsolete because of #2989

battermann temporarily deployed to cachix November 29, 2022 16:19 Inactive

battermann temporarily deployed to cachix November 30, 2022 13:02 Inactive

zebot added the ok-to-test Approved for running tests in CI, overrides not-ok-to-test if both labels exist label Nov 30, 2022

battermann temporarily deployed to cachix November 30, 2022 14:32 Inactive

battermann temporarily deployed to cachix November 30, 2022 15:11 Inactive

battermann temporarily deployed to cachix November 30, 2022 15:34 Inactive

battermann requested review from fisx and jschaul November 30, 2022 15:39

battermann marked this pull request as ready for review November 30, 2022 15:39

battermann temporarily deployed to cachix November 30, 2022 15:45 Inactive

battermann temporarily deployed to cachix December 1, 2022 09:44 Inactive

battermann temporarily deployed to cachix December 2, 2022 09:47 Inactive

battermann force-pushed the SQSERVICES-1770-be-oatuh-internal-endpoint-to-register-o-auth-app branch from 390921e to b897080 Compare December 5, 2022 16:14

battermann temporarily deployed to cachix December 5, 2022 16:14 Inactive

battermann temporarily deployed to cachix December 5, 2022 16:15 Inactive

battermann changed the title ~~[SQSERVICES-1770] Register OAuth App~~ [SQSERVICES-1770] Register OAuth App (1/n) Dec 8, 2022

battermann temporarily deployed to cachix December 8, 2022 11:34 — with GitHub Actions Inactive

battermann mentioned this pull request Dec 8, 2022

[SQSERVICES-1772] OAuth authorization endpoint (2/n) #2901

Closed

3 tasks

battermann added 3 commits December 22, 2022 15:19

encpoint without persistence

6e907ac

db migration

f673155

store client credentials in db

d5311f4

battermann added 6 commits December 22, 2022 15:19

clean up

644fb2a

get endpoint

e5e3f8f

changelog

0c7887a

nginz conf

c38a5f4

integration test

9a74a06

lint fix

942f1fa

battermann force-pushed the SQSERVICES-1770-be-oatuh-internal-endpoint-to-register-o-auth-app branch from 468d7f6 to 942f1fa Compare December 22, 2022 15:30

battermann temporarily deployed to cachix December 22, 2022 15:30 — with GitHub Actions Inactive

fix formatting

b4dc360

battermann temporarily deployed to cachix December 22, 2022 15:44 — with GitHub Actions Inactive

fisx reviewed Jan 13, 2023

View reviewed changes

fisx mentioned this pull request Jan 16, 2023

OAuth #2989

Merged

2 tasks

battermann closed this Mar 9, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Comments

[SQSERVICES-1770] Register OAuth App (1/n)#2882

[SQSERVICES-1770] Register OAuth App (1/n)#2882
battermann wants to merge 10 commits intodevelopfrom
SQSERVICES-1770-be-oatuh-internal-endpoint-to-register-o-auth-app

battermann commented Nov 29, 2022 •

edited

Loading

Uh oh!

Uh oh!

fisx Jan 13, 2023

Uh oh!

fisx Jan 13, 2023

Uh oh!

fisx Jan 13, 2023

Uh oh!

battermann Jan 16, 2023

Uh oh!

fisx Jan 13, 2023

Uh oh!

battermann Jan 16, 2023

Uh oh!

fisx Jan 16, 2023

Uh oh!

Uh oh!

fisx Jan 13, 2023

Uh oh!

fisx Jan 13, 2023

Uh oh!

fisx Jan 13, 2023

Uh oh!

battermann commented Mar 9, 2023 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Comments

Conversation

battermann commented Nov 29, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Todos

Checklist

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

battermann commented Mar 9, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

battermann commented Nov 29, 2022 •

edited

Loading

battermann commented Mar 9, 2023 •

edited

Loading