* WIP
* updated swagger file
* renamed routes
* renamed test folder
* separate section for Identity Federation
* sso-tracer -> sso-traces
* don't change ACS url for SAML federation
* SAMLFederation -> IdentityFederation
* SAMLFederation -> IdentityFederation
* keep api/federated-saml but move to api/identity-federation
* test old route as well
* fixed test
* fixed test
* retry tests 3 times
* updated deployment
* WIP create SAML Fed app
(cherry picked from commit 3d15b20a2d)
* Add Admin Portal SSO via SAML Fed
* Minor tweaks
* Use fixture and login using federated connection
* Cleanup SAML fed connection after test, disable failing assertion for now
* Remove only
* Use MockSAML endpoint from env
* Cleanup SSO connections mapped to SAML Fed
* OIDC Fed spec
* Try with higher timeout
* Mutate on page load
* Put back assertion
* Remove assertion and mutate for now
* SAML Fed App + 2 SAML Providers
* Take in optional tenant/product for fixture method
* SAML Fed + 2 OIDC providers
* SAML Fed test cases for single provider
* Tweak title
* Replace swr with fetch
* Remove only
* Bump up timeout to 100s
* Add more test cases for OIDC Fed
* Refactor fetch with hooks
* locale tweaks
* Also try with the other provider
* Fixture support SAML add via raw metadata
* Add second SAML connection using raw metadata
* Revert "Add second SAML connection using raw metadata"
* Revert "Fixture support SAML add via raw metadata"
---------
Co-authored-by: ukrocks007 <ukrocks.mehta@gmail.com>
Co-authored-by: Aswin V <vaswin91@gmail.com>
* chore: Update test.use options in e2e tests
* chore: Update Authorization header in e2e tests
* feat: Add getConnectionByProduct function for retrieving SSO connections by product
* feat: Add test for retrieving empty array of SSO connections by product
* feat: Add OAuth helper functions for authorization
* chore: Remove unused import in oauth.ts file
* feat: Add getDirectoryByProduct function for retrieving a directory by product
* lint fixes
* feat: e2e tests
* lint fixes
* feat: Add getDirectoryEvents function for retrieving events from a directory
* feat: Add deleteAllEventsFromDirectory function for deleting all events from a directory
* feat: Refactor SSO trace API functions to remove unnecessary object destructuring
* refactor: Update webhook URL and secret to empty string in directoryPayload
* Not needed with standalone build in CI as well as local runs
* Start adding tests for main sections under Admin UI
* Add SAML SSO connection
* Remove only
* Debug failing test
* Cleanup debugging changes
* Update mocksaml docker
* Increase number of workers for playwright execution
* Disable multiple workers for now
* Align folder layout with sidebar features
* Enable stdout for webserver
* Try fixture
* Fixture WIP
* WIP fixture tweak and add more test cases
* Fix locator
* Rename test file
* Remove only
* Keep track of connections inside fixture, delete all method fix
* Fix sso naming
* Use portal fixture for common utils
* Make fixture generic for OIDC SSO
* Add OIDC porvider tests
* Comment tweak
* Make client id secret dynamic
* Spec for OAuth2 wrapper + 1 SAML and 1 OIDC providers
* Fixture method to update SSO connection
* Test case for wrong redirect url
* Refactor
* WIP Wrong redirect url test for OIDC provider plus
setup for toggle connection
* WIP inactive connection test
* Set env for credentials login
* Add credentials login to portal fixture
* Fixes
* Tweak sdk style import order
* WIP
* Override SDK styles
* Cleanup and pass props to component
* Cleanup setup link related code as it's handled via setup-link instructions
* Cleanup locale
* Fix e2e tests
* Fix selectors in e2e test
* Add select dropdown style override
* Use component from SDK
* Cleanup locale
* Use Edit DSync from SDK
* Remove default webhook props from setup token page
* Ability to set default webhook secret
* Tweak header text
* Revert sdk style import order - app styles should be latest
* Override default SDK focus style
* Update locale
* Use Edit component from SDK
* Allow patching oidcMetadata fields
* Tweak return data format
* Route change on edit success and other fixes
* Fix button styles
* Fix data access from API
* Fix focus styling for error btn
* Sync lock file
* Cleanup unused files
* Set `displayInfo` to false for setup link and fix exclude fields for SAML under setup link
* Allow forceAuthn in setup links
* Only update forceAuthn if its a boolean value coming from body
* Cleanup and hideSave only for setup link
* Update UI SDK
* Cleanup locales
* Fix failing e2e
* Reuse styles
* Set min value for expiry field to 1
* Validate expiry before using
* Update SDK and set idpMetadata display to true
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* add WellKnownURLs
* Fix translation keys
* Update dependencies and add IdP Configuration
* Update common.json with new translations
* wip
* Update @boxyhq/internal-ui version to 0.0.5
* add internal ui folder
* Fix imports and build
* Refactor internal-ui package structure
* wip shared UI
* Fix the build
* Add new components and hooks for directory sync
* lint fix
* updated swr
* users
* Refactor shared components and fix API endpoints***
***Update directory user page and add new federated SAML app
* Fix lint
* wip
* Add new files and update existing files
* Refactor DirectoryGroups and DirectoryInfo components
* Update localization strings for directory UI
* Update Google Auth URL description in common.json
* Refactor directory tab and add delete functionality to webhook logs
* Delete unused files and update dependencies
* Fix column declaration
* Add internal-ui/dist to .gitignore
* Update page limit and add new dependencies
* wip
* Refactor directory search in user API endpoint
* wip
* Refactor directory retrieval logic in user and group API handlers
* Add API endpoints for retrieving webhook events
* Add query parameters to API URLs in DirectoryGroups
* Add Google authorization status badge and handle pagination in FederatedSAMLApps
* Add router prop to AppsList component and update page header titles
* UI changes
* Add new files and export functions
* Remove unused router prop
* Add PencilIcon to FederatedSAMLApps
* Refactor FederatedSAMLApps and NewFederatedSAMLApp components
* lint fix
* add jose npm to dev dep
* added missing strings
* locale strings fix
* locale strings cleanup
* update package-lock
* Add prepublish step
* Build and publish npm and internal ui
* Refactor install step
* Run npm install (for local) inside internal ui automatically using prepare
* Remove eslint setup for internal-ui
* wip
* Add `--legacy-peer-deps` to prevent installing peer dependencies
* wip
* Fix the types import path
* wip
* wip
* Fix the types
* Format
* Update package-lock
* Cleanup
* Try adding jose library version 5.2.2
* Add new dependencies for @next/swc package
* Fix translation keys and import types
* Update SSOTracers component and common.json localization
* COPY internal-ui before npm install
* COPY internal-ui in builder stage
* fixed sort order for jose
* wip
* wip setuplink
* Add delete link
* Add exclusion for node_modules in files.exclude
* Add error handling and additional functionality to SetupLinks component
* Refactor SetupLinks component and add missing translations
* Add missing translations and update setup link messages
* Remove comment
* update localization strings
* Remove unused key
* Update SSOTracerInfo component title
* Refactor ConfirmationModal component button styling
* Update package.json and ConfirmationModal.tsx
* Update dep
* Refactor setup links API and UI to use query parameters for pagination
* Refactor deleteLink API endpoint and SetupLinks component
* Update package.json paths
* Update dep
* Refactor setup link forms and add new fields
* Update dep
* Update import paths and add new setup links tests
* wip
* Refactor CreateDirectory and DirectoryInfo components
* Add new fields to setup link and directory sync APIs
* Cleanup
* Update package-lock
* Fix link regeneration
* updated package-lock
* Fix and add e2e tests
* Update API documentation with new parameters for setup link creation and update
* Revert
* Update postcss.config.js and SSOForm.tsx
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
Co-authored-by: Aswin V <vaswin91@gmail.com>
* WIP Connection List SDK component usage
* Cleanup
* Align response data format with v1
* Cleanup and auto route to new connection creation for setup link
* Minor formatting
* Switch to SDK component for DSync list
* Fix query param in API
* Disable pagination for setup link view
* Update SDK
* [e2e test] Locate by label
* Sync lock file
* Disable pagination for settings view also
* cleanup
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* Pass the okta runscope tests for SCIM
* Fix duplicate group and user creation
* Remove unused const
* Update the tests
* Refactor error response in DirectoryGroups.ts
* Pass along sortOrder and use it in query
* Fix query
* Try with new syntax
* Switch `findBy` (sort order unsupported) to `find`
* Remove square brackets
* Refactor
* Add sort order test for getByIndex
* Fix type
* Support sortOrder for `mem`
* Support sort order for redis (non paginated case covered now)
* Fix e2e test list order
* Revert redis changes
* Exclude redis from test
* Add unit test cases
* Fix displaying the branding
* Remove the license check on the metadata
* Fix the endpoint
* Add e2e
* Fix the tests
* Fix the tests
* Remove unused imports
* Improve the tests
* add BOXYHQ_LICENSE_KEY
* Fix the test
* oidc issuer should match external url where it's hosted
* fixed test
* Fix `issuer` in id_token
* Sync lock file
* Fix test
---------
Co-authored-by: Aswin V <vaswin91@gmail.com>
* Add Google Group API
* Restructure the Group interface
* Rename the methods
* wip
* temp change
* Revert the changes
* Fix the groups from Google
* wip fetch users
* Skip directory check
* Convert to SCIM schema
* Updates to users sync
* Fix the unit test
* Rename folder and merge the files
* add raw to the user payload
* Fix the unit tests
* Optimize the Group sync create ops
* Reorder import
* Remove unused imports
* Add type safety to SCIM Schema
* Fix the users and groups update
* try fixing unit tests
* Fix the file extension
* Delete groups that are not in the directory anymore
* Fix the group update
* Compare and find the delete users
* Add and update group members
* cleanup the test
* Fix the test (temp)
* dont throw error
* Add secondary index if the directory type is `google`
* Rename the file
* wip
* Export functions inline
* Hide the SCIM endpoint and token for non-scim provider
* Update the `dsync` option key to allow multiple providers
* Restructure the folders
* Update folder structure
* Cleanup
* Revert the callback changes
* Fix the type
* Fix the type
* Fix existing unit tests
* add callback
* Fix the internal callback
* Fix the method call
* merge the type files
* add console.info for testing
* Fix the Google OAuth client usage
* Reactor the update method
* Handle no users or group cases
* Refactor the sync method
* Fix the pagination
* Cleanup
* Finish the pagination
* Fix the unit tests
* Fix the lint errors
* Fix the build issues
* Pass directory id to the method
* Pass directoryId while fetching
* apply changes to the UI
* display the Google auth URL
* Fix the type
* add unit tests
* add unit test for syncing users
* add unit tests
* Pass operation to SCIM payload
* unit tests wip 1
* updated
* Test the events deleted
* Test group.user_added events
* Finish the tests
* Revert and cleanup
* update map.js
* Revert
* update the e2e test
* Cleanup
* Revert
* label tweak
* Remove unused import
* Protect the cron job using apiKey
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* display toast and adjust the width of the content
* customize the branding for setup links
* use the branding in setup links page
* Admin Branding WIP
* Update settings
* Move to ee folder
* If the licence is not valid, return the default branding
* update translation
* Add logo to the idp selection page
* add license check to the API
* read default branding from a common place
* add LicenseRequired
* cleanup
* Add License check to NPM
* Fix
* Add --pf css variable
* fix the idp selection page
* use default branding if value is not set
* Fixes
* Improved the store and keys
* Infer the return type
* Whitelabeling the IdP selection screen per tenant and product
* Fix the param type
* Fix the unit tests
* Fix mismatch in server/client rendering
* Switch to radio button look and feel
* Use rounded border only for textual inputs
* Cleanup import
* Move routing to `useEffect`
* Fix server render mismatch
* fixed merge conflict
* fixed merge conflict
---------
Co-authored-by: Aswin V <vaswin91@gmail.com>
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* Support `metadata` in `OIDCSSORecord`
* Helper to create oidc issuer instance
* Use helper to create `Issuer`
* Sync lock file
* Support `oidcMetadata` in pre-loaded connections
* Augment typings for OIDC SSO Connections
* Use helper and pass metadata
* Update validation to consider metadata
* Support for OIDC metadata
* Test fixes for types and error message
* Fix swagger array type
* Update swagger spec
* Util to transform OIDC metadata JSON
* Fix typings
* Augment validation for oidc metadata fields
* Add `oidcMetadataParse` to admin apis
* Add `oidcMetadataParse` to setup link apis
* Remove previously set discoveryUrl or metadata
if any
* Type updates admin portal
* initialState seeding for `object` type
* Add and place at bottom of the form
* Type the catalog list
* use to set the fields for the object type
* Type updates
* Gaurd against parentKey value
* Add missing guard to `formatForDisplay`
* Link like button
* Support for fallback field
* Util function to check if value is `{}`
* Fix premature setting of metadata
* Exclude fallback from form display
Activate fallback on switch interaction
* Fix settings view state setting
* Sync lock file
* Tweak error message
* Add e2e for SSO connection add via metadata
* Tweak switch
* Refactor - Parameterize the e2e test
* Cleanup
* text tweaks
* fixed test
* Update comments
* Use `data-testid` instead of button name
* Source `data-testid`s from catalog
* Refactor `hidden` className setting
* Switch from `locator` to `getByTestId`
* Apply hidden className to checkbox input
---------
Co-authored-by: Kiran K <kiran@boxyhq.com>
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* SAML Idp login using credentials provider
* Use idp login path as defaultRedirectUrl
* Whitelist idp-login route
* Logout from magic link before sign in
* Cleanup
* Set `callbackUrl` for signIn
* Sync lock file
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* Refactor folder structure
* Add job step for mocklab well known oidc document
* Flatten file path
* Fix file name in job
* OIDC discovery path should follow the standard
* Add tests for OIDC sso
* Fix heredoc
* Use different name to avoid conflict with jackson
* Remove annotation
* Add `nonce` to OIDC IdP call
* Add issuer to openid-configuration
* Add back the env sourcing for local e2e test runs
* Add mocksaml service
* Add e2e test for idp initiated login
* Tweaks
* Tweaks and added console log to debug
* Allow http url for local and test environments
* Remove debug log
* Check for localhost and https urls
* Remove validation from UI
* Package fixes for type dependencies
* Tweak comment
* Sync lock file
* Sync lock file
* Sync lock file
* Add admin portal tests
* Use data-testid to enable `page.getByTestId()`
* Support data-testid for inner elements
* Pass data-testid to sso login button
* Remove env-cmd
* Update folder structure
* Add data-testid
* - Use production build for local testing
- Set NODE_ENV to pick up .env.test.local
* Add test-id for logout dropdown activation
* Remove test; superseded with new tests
* Fix tests
* Wait for navigation to complete
* [Failing ci test try fix] Pass url for waiting
* [Failing ci test try fix] skip assertion
* [Fix failing test] use predicate to match origin
* Add back the visibility check
* Fix query param
* Tweak test code
* Update return type of callback
* Group tests and reorganise folders
* Add actions to login and assert by locator
* Support html attribute passing
* Set data-testid on edit button
* Set data-testids
* Final changes
* Tweak
* Update config
* add the test cases for /api/v1/connections
* Fix the strategyChecker, add metadataUrl to the condition
* add the test cases for /api/v1/connections
* update /api/v1/connections
* Update the SSO connections tests
* Rename the test file
* update the tests
* should be able to check if a connection exists
* add the tests for directory sync APIs
* rstructure the tests folder
* add tests wip
* Fix the API tests
* Fix the sso connections tests
* Refactor the connections list
* restructure the /api/v1/connections APIs
* restructure the /api/v1/directory-sync tests
* add the tests for /api/scim/v2.0/
* update the tests
* wip
* fixes the api testing
* allow adding multiple directory connections for the same tenant and product
* update the tests
* update the unit tests
* improved the integration tests
* cleanup the api tests
* add tests for SCIM APIs
* fix the globalSetup
* update the tests for SCIM endpoints
* add the remaining tests
* fix the bug with fetching resource by invalid ID
* cleanup
* fix the tests
* update the tenant name
* typescript types cleanup
* directory sync API updates
* standardize the /api/v1/directory-sync
* update the directories.test.ts
* remove unused methods
* filter the users and groups by directoryId
* improve the SCIM request handling
* fix the e2e tests
* fix the e2e tests
* attempt to fix the api tests
* fix the api testing
* move the files to helpers
* add pagination for directory groups
* API - delete a directory by id
* delete the directory after the tests
* remove the members array from the group info
* Share setup link related changes
1. Setup link creation for saml connection
2. Setup link creation for Directory sync
3. Regeneration of Setup link
4. Ability to open setup link without login
5. Setup link opens up SAML connection page
6. Saml Connection page hides Tenant & Product fields
* Saving SAML and OIDC configuration
* showing the connection list on setup page
* Connections CRUD
* UI changes for Setup layout
* semantics changes connection -> sso-connection
* directory sync support for share link
* showing only current tenant product directories
* fixes mentioned in commnets by Aswin
* prettier formatting
* fixed route
* minor fixes
* Fix the layout rendering for the /setup routes
* minor fixes
* review changes
* package lock changes
* package json and lock changes
* removed xmlbuilder
* package lock changes
* removed api call from ConnectionList component
* Back button link fix
* intermediate changes for Setup link list feature
* setup link list related changes
* UI fixes and actions
* removed unwanted import
* setup link list action hooked with correct functions
* path rewrites, styling changes, toast
regenerate & delete setup links
* fixes for mutate
* minor tweaks to clipboard icon
* updated package-lock
* formatting changes
* removed console log
* Added cusor pointer for action for LinkList component
Removed unused variable & validation of empty token
Removed redundent validation code
linting fixes
* Auto redirect in setup link page for sso-connection create form
Delete icon on setup link list page on hover red color & tooltips
* removed redirect and used isValidating
* fixes for router replace
* toast for setup links
* fixes for dsync apis
* redirect related change
* removing redirect for sso-connection
* fallback to error.message
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
Co-authored-by: Kiran <kiran@boxyhq.com>
* Support connection dynamic param in route
* Pass `connection`
* Fix tests
* Accept oidc params and validate the same
* Rename `connection` --> `strategy`
* Use saml for preLoadedConfig for now
* Rename `apiController` --> `apiConfigController`
* Flatten the params
* Validate passed config
* Backward compatibility for embed setup
* Impl for oidc config save
* index addition for oidc clientId
* Remove param, defaults to saml
* Validation will be done inside controller
* Zap secondary index on clientId, not required
* Rename `APIConfigController` --> `ConfigAPIController`
* Update swagger
* Fix name
* Fix name elsewhere
* Revert filter
* Split `saml` and `oidc` create/update logic
* Route `saml` and `oidc`
* Test update
* Update swagger
* Update swagger
* Use tenant/product from stored config
in lieu of params
* Validate passed OIDC clientId using hash
* Update swagger annotations
* Handlers for getting OIDC/SAML configs
* Validate tenant/product in update
* Typo fix
* Fix test
* Default to empty string, validation is done
to check if the params are not empty
* Extract provider name just like saml
* OIDC Connection support
*delta for authorize*
- Renamed samlConfig(s) → connection(s)
- Renamed resolvedSamlConfig -> resolvedConnection
- Detect connection is SAML or OIDC
- Perform Issuer discovery and oidc client init
- Tweak error responses
- Persist oidc client metadata in session
* Test type fix
* Test fix
* openid-client dependency
* Sync package locks
* Fix return type
- Remove `undefined` from return type
- Return `OAuthErrorResponse` for else case
* Handle OIDC Authorization response
* Persist OIDC code_verifier
* Remove scope check for OIDC connection
* Normalize scope before relaying
* Method name update
* Extract user profile from id token and userinfo
* Handle error response from OIDC Provider
* Update type
* Type update with OIDC specific error codes
* Bug fix : typo
* Cleanup
* OIDC callback route
* Bug fix: return profile and parameter fix
* Rename `config` -> `connection`
* Use `Link` and add oidc connection nav item
* Use `strategy` from query param
* Delta ↴
- Reorganised api routes
- Removed Admin controller filtering methods for saml/oidc
* Fix page link in e2e test
* Changes:
- Handle oidc connection fields
- Rename component file path
* Remove slug for save/update connection
* Fix keyname in update operation
* Import path update
* Radio select connection type for new connection
* Update lock file
* Sync lock file
* Sync package lock
* Fix connectionType detection for new connection
* Fix error message
* Add comment
* Tweak comment
* Use the correct state and directly from session
* Sync lock file
* Remove `provider` from OAuthReqBody
* Remove duplicate scopes
* Pass recent param additions to idpSelection page
* Add badge for Provider type
* Style tweak
* Style IdP type selection
* Add test for oidc provider
* Comment
* Check for empty state
* Add test for oidcAuthzResponse
* Add test for oidcAuthzResponse
* Add test for error response from OP
* Error message tweak
* Test the happy path
* Remove unused import
* Fix assertion
* - Fix types
- add createOIDCConfig` test for missing params
* Test happy path for `createOIDCConfig`
* Param validation tests for `createOIDCConfig`
* Test for `updateOIDCConfig`
* Tests for `updateOIDCConfig`
* Male `oidcPath` required like `samlPath`
* Bump `openid-client` version
* Refactor
* Update test coverage map
* Tweak label
* Split openid/oauth tests
* call `t.end`
* Fix file name in comment
* Add test teardown
* Improve coverage and rename test files
* For backwards compatibility
* Minor formatting
* Add api paths for /connection
* Zap config path for admin ui
* Update swagger spec
* Rename `configAPIController`
→ `connectionAPIController`
* Rename `IdPConfig` → `IdPConnection`
* Rename `validateIdPConfig` → `validateIdPConnection`
* Rename `createSAMLConfig` → `createSAMLConnection`
* Rename `createOIDCConfig` → `createOIDCConnection`
* Update swagger spec
* Rename `updateSAMLConfig` → `updateSAMLConnection`,
`updateOIDCConfig` → `updateOIDCConnection`
* Make `clientID`/`clientSecret` readOnly
* Rename `configStore` → `connectionStore`
* Update swagger spec
* Add `getConnection` + `deleteConnection`
* Remove `/api/v1/oidc/config`
and keep `api/v1/saml/config`
* Rename `getAllConfig` → `getAllConnection`
* Rename `readConfig` → `loadConnection`
* Rename `deleteConfiguration` → `deleteConnection`
* Add `preLoadedConnection` env
* Update map and cli
* Refactor api tests and rename config to connection
* Rename `configList` → `connectionList`
* Rename `samlConfig` → `samlConnection`
* Rename config -> connection
* Rename `config` → `connection`
* Rename counters for otl
* Sync package lock
* Remove api key validation from api route
* Update Admin ui title
* Update swagger
* Update otl metric descriptions
* Update var naming to connection
* Add strategy validation
* Add tests for invalid strategy
* Sync package lock
* Upgrade and pin version
* Update saml config api with deprecated
* Updated swagger spec for deprecated config api
* Bump package version
* Fix label
* - removed strategy for `get` and `delete`
- Type update
* Type updates
* getConnection -> getConnections,
deleteConnection -> deleteConnections
* Update swagger spec
* Use only for saml connection
* Remove slug from api routes
* API path updates
* Type updates
* Helper util for api routes to check strategy
* Type updates and api changes
* `OAuthReq` typings enhancement
* Narrowed down types for `OAuthTokenReq` and
`OIDCAuthzResponsePayload`
* `IdPConnection` -> `SSOConnection`
* Update cookie name to avoid clash
* Handle the uncaught case to prevent req hanging
* Merged
* Revert the changes
* wip
* wip
* wip
* UI improvements
* wip
* Text changes
* Add the cta
* Code cleanup
* Fixes
* Fixing the tests
* Fixing the tests
* Fixing the tests
* Fix the issues with package-lock
* Fix the issues with package-lock
* updated package-lock
* try reverting e2e test changes
* add menu text inside a div so it can be found by e2e tests
* one more attempt
* remove hidden class
* package-lock.json
* Make the test fails
* Fix the e2e test
* Adjust the layout loading
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* Support 'POST' at authorization endpoint
* handle additional scope params
* handle additional claims param
* Try with `legacy-peer-deps` true
* Fix logic
* Set legacy-peer-deps to `true`
* Remove `.npmrc` files and sync packages from main
* Resolve conflicts
* Load jwtSigningKeys into env
* Return id_token for OIDC flow
* Support `nonce`
* Add type for `nonce`
* Set `nonce` only if present in request
* Expose OpenId provider metadata
* Update metadata
* Tweak path remove dot, map jwks
* Add jwsAlg and source keys using base64
* Source jose from root package.json too
* JWS utils
* Serve jwks_uri
* Load private key for signing
* Fix authz endpoint
* Format example env
* Fix claims
* Format discovery and add missing metadata
* Include the basic profile in id_token
* Fix claims access
* Remove console log
* Sync package lock
* Cleanup
* Support for claims is optional
* cleanup type
* Set `Content-Type` header
* Remove default from env
* Handle jwt env
* oidc fixture
* Test for oidc flow, check id_token in response
* Add jwt envs
* Fix for undefined
* Remove keys check in controller init
* Runtime check for JWS keys
* check if id_token is absent
* Check for claims and verify signature
* Snapshot test oidc discovery page
* Add snapshot for linux to work in CI
* Test with a fontless screenshot
* test with this one
* add a debug step
* Get the entire dir for snapshot
* Test with this
* Comment out debug step
* snapshot test jwks
* Update env
* Upload screenshot for linux
* Add debug step
* Update snapshot
* Sync package lock
* Remove local testing snapshots
* Assert using api request
* Update to use api test for jwks endpoint
* Set `JWS_ALG` env
* Prefix openid vars
* Fix env access
* Fix e2e test
* Fix options in tests
* Fix env var access
* Use ttl from env
* Simplify exp value setting
* oidc discovery controller
* Fix typing
* Handle case where signing keys are not set
* return `oidcDiscoveryController`
* Throw a JacksonError like object
* Use controllers and cleanup
* throw JacksonError like object
* Minor formatting
* Fix typing and add check for undefined
* Keep order of packages same as in main
* Update key generation comment
* Initialise `openid` correctly in npm
* Cleanup
* Set `sub` claim
* Set 'sub' only for oidc flow
* NextAuth + users providers
* Add a temporary fix for verification token - don't use it in production
* Admin ui files
* Admin controller
* getAll db apis
* IdP provider page and api route
* Fix padding
* Style fixes
* middleware to check session
* Loading state handling
* fetcher better response handling
* Add new provider form and api route
* Tab panel in client add form
* Tab switching plus new fields
* Flowbite config
* darkMode with flowbite
* Save config
* Update route path to saml
* Reusable component for add/edit
* cleanup
* Set Secret in NextAuth options
* Prettier lint changes
* Support for delete operation
* Link update
* PopUp Modal reusable component
* Popup confirm before delete
* disable SWR revalidation on focus
* Display IdP metadata, clientID,secret
* Header fixed positioning and style fixes
* Filter raw XML in edit mode
* Add name field to config
* - Edit/New form delta
- Split by newline
- Route back after POST
* Remove flowbite
* Remove flowbite [cleanup]
* Add description field
* updateConfig implementation
* Route PATCH to updateConfig
* Naming change
* Naming Client -> Connection
* AddEdit component updates
* Omit provider, returns full config
* Destructure session first
* Change to domain ACL
* Delete unused component
* Support glob and list of emails for ACL
* Delete unused CSS
* Update package lock
* Remove flowbite from content source
* Redirect to admin route
* Check session in Layout and redirect to login
* Logout in dropdown
* vertical alignment
* Show status message on save (edit)
* Consolidate fields to one long vertical column
* GetAll function for SQL and Add CreationDate and Modification Date for Mongo and SQL
* Add name as header
* Styling and opacity transition for status
* Configure button style fix
* overflow for smaller viewports and rounded border
* Fallback to default behavior of useSession
* Store, use and dispose (after signIn)
verification token in db
* Remove unused class
* Rename Connections ➡ Configurations
* Handle getAll and getConfig using slug
* Better naming
* Update fetch paths
* Refactor getAllConfig ➡ getConfig (By Id)
* Better naming
* Rename saml ➡ samlconf
* Use light theme by not defaulting to system theme
* Path update /samlconf ➡ /saml/config
* Fix path
* Revert manual changes
* getall funcationality and migration script
* message
* Updating migration file formating
* message
* Pull and fix package.json and lock file
* correcting the migration script formatting
* remove file
* add new migration files
* e2e with playwright
* Better naming
* Remove comment
* Make headless
* Run npm install from root
* Add e2e steps in workflow
* try with separate npm installs
* Move higher in the pipeline to test
* Fix quote
* Rely on npx
* fixed migration script formatting
* spelling correction
* headless for CI but false for local
* Use secret
* Type fixes for mongo
* [skip ci] Swagger annotation for getConfig
* Adding migration scriptis for all db's
* added migration script to prettierignore
* unformat migration script
* removing postgress migration files
* generate new migration files
* remove wrong migration files
* Add new migration files for mysql and mariadb
* [skip ci] Swagger annotation for updateConfig
* Return empty for update op
* Update swagger spec
* Fix type
* Wait for mongo to start
* Fix db_engine
* Test with pg
* Test with POSTGRES_DB env to auto create db
* Swap install-deps with install
* Use prod build
* enable @ts-ignore
* Test some fixes
* Can be omitted in next-auth v4, uses secret
* Move env to playwright config
* authDbSeed script needs the db and other secrets
* Typo
* Bad typo day 😅
* Again typo
* Set NEXTAUTH_URL
* Use prod build in CI
* Prefix the env for seeding
* Try with inline
* tidying up migration scripts
* fixed migration scripts
* Set env in actions yml
* Remove comma
* Target chromium
* Prefix the env
* Try inline in playwright
* print env
* Move build to action step
* Remove console log
* Let env sit on the job level
* Add ACL
* Fix attribute check
* Add name field
* add name in metadata preload config
* Use postgres
* Remove unneeded secret
* Remove env/options from mongo service
* Fix swagger
* Update swagger spec
* [skip ci] Fix eslint warning
* Add updateConfig test
* Add description to preloaded config
* [skip ci] cleanup
* minor fix
* Update comment
* Expose PATCH in config api
* Added missing validation for clientSecret
* Update swagger spec
* updated example postgres url, updated deps
* Redirect to saml config route
* Remove unused pages/routes
* Update in package lock
* Add primary and secondary colors to tailwind
* Swap icon
* Remove text-color and apply default theme
* Use the primary color from theme
* Reusable custom class for btn-primary
* Add link-primary reusable class
* Use primary secondary colors for main logo
* Show error status & color align with primary color
* Show product if name is absent
* Simplify required attribute setting,
'description' is not required
* Make description optional
* Fix placeholder text
* Swagger updates
* Add validation for description
* Swagger - add missing status codes & descriptions
* Update swagger artifact
* Fix styling for status message
* revalidate config on successful save
* style text highlight globally
* Fix cancel button style
* Set the main height to 100%-headerHeight,
add overflow
* removed default ACL, if someone forgets to change it then we might have Tony Stark logging into everyones instances :)
* print the arch/platform
* Collect platform info
* Disable swc and remove platform query steps
* Try with custom babel config to disable swc
* Add next.js build cache
* Refactor step
* trying swc
* Make name parameter optional
* Update form state from backend after save
* port 5000 -> 5225
* Handle empty value case for ACL
* bumped up version
Co-authored-by: Kiran <kiran@boxyhq.com>
Co-authored-by: Vishal Lodha <vishal@boxyhq.com>
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
Co-authored-by: Utkarsh Mehta <ukrocks.mehta@gmail.com>
Aswin V
Deepak Prabhakara
Utkarsh Mehta
Kiran K
dependabot[bot]