Implemented the generic Auth feature.

Author: th37rose

server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/auth/Oauth2GenericAuthConfig.java

@@ -0,0 +1,18 @@
+package org.lowcoder.sdk.auth;
+
+import lombok.Getter;
+import lombok.experimental.SuperBuilder;
+import lombok.extern.jackson.Jacksonized;
+
+/**
+ * This class is for Generic Auth Provider
+ */
+@Getter
+@SuperBuilder
+@Jacksonized
+public class Oauth2GenericAuthConfig extends Oauth2SimpleAuthConfig {
+    private String issuerUri;
+    private String authorizationEndpoint;
+    private String tokenEndpoint;
+    private String userInfoEndpoint;
+}

server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/auth/Oauth2SimpleAuthConfig.java

@@ -38,6 +38,7 @@ public String getAuthorizeUrl() {
             case AuthTypeConstants.GITHUB -> replaceAuthUrlClientIdPlaceholder(Oauth2Constants.GITHUB_AUTHORIZE_URL);
             case AuthTypeConstants.ORY -> replaceAuthUrlClientIdPlaceholder(Oauth2Constants.ORY_AUTHORIZE_URL);
             case AuthTypeConstants.KEYCLOAK -> replaceAuthUrlClientIdPlaceholder(Oauth2Constants.KEYCLOAK_AUTHORIZE_URL);
+            case AuthTypeConstants.GENERIC -> replaceAuthUrlClientIdPlaceholder(((Oauth2GenericAuthConfig)this).getAuthorizationEndpoint());
             default -> null;
         };
     }

server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/auth/constants/AuthTypeConstants.java

@@ -10,4 +10,5 @@ public class AuthTypeConstants {
     public static final String GITHUB = "GITHUB";
     public static final String ORY = "ORY";
     public static final String KEYCLOAK = "KEYCLOAK";
+    public static final String GENERIC = "GENERIC";
 }

server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/util/JsonUtils.java

@@ -13,10 +13,7 @@
 import com.fasterxml.jackson.module.paramnames.ParameterNamesModule;
 import jakarta.annotation.Nullable;
 import lombok.extern.slf4j.Slf4j;
-import org.lowcoder.sdk.auth.EmailAuthConfig;
-import org.lowcoder.sdk.auth.Oauth2KeycloakAuthConfig;
-import org.lowcoder.sdk.auth.Oauth2OryAuthConfig;
-import org.lowcoder.sdk.auth.Oauth2SimpleAuthConfig;
+import org.lowcoder.sdk.auth.*;
 
 import java.nio.charset.StandardCharsets;
 import java.util.List;
@@ -41,6 +38,7 @@ public final class JsonUtils {
         OBJECT_MAPPER.registerSubtypes(new NamedType(Oauth2SimpleAuthConfig.class, GOOGLE));
         OBJECT_MAPPER.registerSubtypes(new NamedType(Oauth2OryAuthConfig.class, ORY));
         OBJECT_MAPPER.registerSubtypes(new NamedType(Oauth2KeycloakAuthConfig.class, KEYCLOAK));
+        OBJECT_MAPPER.registerSubtypes(new NamedType(Oauth2GenericAuthConfig.class, GENERIC));
     }
 
     public static final JsonNode EMPTY_JSON_NODE = createObjectNode();

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/AuthenticationController.java

@@ -1,6 +1,7 @@
 package org.lowcoder.api.authentication;
 
 import java.util.List;
+import java.util.Map;
 
 import org.lowcoder.api.authentication.dto.APIKeyRequest;
 import org.lowcoder.api.authentication.dto.AuthConfigRequest;
@@ -14,7 +15,9 @@
 import org.lowcoder.domain.authentication.FindAuthConfig;
 import org.lowcoder.domain.user.model.APIKey;
 import org.lowcoder.sdk.auth.AbstractAuthConfig;
+import org.lowcoder.sdk.auth.Oauth2GenericAuthConfig;
 import org.lowcoder.sdk.util.CookieHelper;
+import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -128,4 +131,23 @@ public Mono<ResponseView<List<APIKey>>> getAllAPIKeys() {
                 .map(ResponseView::success);
     }
 
+    /**
+     * This endpoint is to get IDP configuration
+     * @param issuerUri String
+     * @param source String
+     * @param sourceName String
+     * @param clientId String
+     * @param clientSecret String
+     * @return Oauth2GenericAuthConfig
+     */
+    @Override
+    public Mono<ResponseView<Oauth2GenericAuthConfig>> addOAuthProvider(String issuerUri,
+                                                                        String source,
+                                                                        String sourceName,
+                                                                        String clientId,
+                                                                        String clientSecret) {
+        return authenticationApiService.fetchAndParseConfiguration(issuerUri, source, sourceName, clientId, clientSecret)
+                .map(ResponseView::success);
+    }
+
 }

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/AuthenticationEndpoints.java

@@ -1,6 +1,7 @@
 package org.lowcoder.api.authentication;
 
 import java.util.List;
+import java.util.Map;
 
 import org.lowcoder.api.authentication.dto.APIKeyRequest;
 import org.lowcoder.api.authentication.dto.AuthConfigRequest;
@@ -11,8 +12,10 @@
 import org.lowcoder.domain.user.model.APIKey;
 import org.lowcoder.infra.constant.NewUrl;
 import org.lowcoder.sdk.auth.AbstractAuthConfig;
+import org.lowcoder.sdk.auth.Oauth2GenericAuthConfig;
 import org.lowcoder.sdk.config.SerializeConfig.JsonViews;
 import org.lowcoder.sdk.constants.AuthSourceConstants;
+import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -160,4 +163,19 @@ public Mono<ResponseView<Boolean>> linkAccountWithThirdParty(
     public record FormLoginRequest(String loginId, String password, boolean register, String source, String authId) {
     }
 
+	/**
+	 * This endpoint is to get IDP configuration
+	 * @param issuerUri String
+	 * @param source String
+	 * @param sourceName String
+	 * @param clientId String
+	 * @param clientSecret String
+	 * @return Oauth2GenericAuthConfig
+	 */
+	@GetMapping("/providers")
+	public Mono<ResponseView<Oauth2GenericAuthConfig>> addOAuthProvider(@RequestParam String issuerUri,
+																		@RequestParam String source,
+																		@RequestParam String sourceName,
+																		@RequestParam String clientId,
+																		@RequestParam String clientSecret);
 }

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/oauth2/GenericOAuthProviderSource.java

@@ -0,0 +1,31 @@
+package org.lowcoder.api.authentication.request.oauth2;
+
+import org.lowcoder.sdk.auth.Oauth2GenericAuthConfig;
+
+/**
+ * This class is the implementation of Oauth2Source and uses an instance of GenericOAuthProviderConfig
+ * to return the appropriate URLs
+ */
+public class GenericOAuthProviderSource implements Oauth2Source {
+
+    private final Oauth2GenericAuthConfig config;
+
+    public GenericOAuthProviderSource(Oauth2GenericAuthConfig config) {
+        this.config = config;
+    }
+
+    @Override
+    public String accessToken() {
+        return config.getTokenEndpoint();
+    }
+
+    @Override
+    public String userInfo() {
+        return config.getUserInfoEndpoint();
+    }
+
+    @Override
+    public String refresh() {
+        return config.getTokenEndpoint();
+    }
+}

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/oauth2/Oauth2AuthRequestFactory.java

@@ -4,11 +4,8 @@
 
 import org.lowcoder.api.authentication.request.AuthRequest;
 import org.lowcoder.api.authentication.request.AuthRequestFactory;
-import org.lowcoder.api.authentication.request.oauth2.request.AbstractOauth2Request;
-import org.lowcoder.api.authentication.request.oauth2.request.GithubRequest;
-import org.lowcoder.api.authentication.request.oauth2.request.GoogleRequest;
-import org.lowcoder.api.authentication.request.oauth2.request.KeycloakRequest;
-import org.lowcoder.api.authentication.request.oauth2.request.OryRequest;
+import org.lowcoder.api.authentication.request.oauth2.request.*;
+import org.lowcoder.sdk.auth.Oauth2GenericAuthConfig;
 import org.lowcoder.sdk.auth.Oauth2KeycloakAuthConfig;
 import org.lowcoder.sdk.auth.Oauth2OryAuthConfig;
 import org.lowcoder.sdk.auth.Oauth2SimpleAuthConfig;
@@ -32,6 +29,7 @@ private AbstractOauth2Request<? extends Oauth2SimpleAuthConfig> buildRequest(OAu
             case GOOGLE -> new GoogleRequest((Oauth2SimpleAuthConfig) context.getAuthConfig());
             case ORY -> new OryRequest((Oauth2OryAuthConfig) context.getAuthConfig());
             case KEYCLOAK -> new KeycloakRequest((Oauth2KeycloakAuthConfig)context.getAuthConfig());
+            case GENERIC -> new GenericAuthRequest((Oauth2GenericAuthConfig) context.getAuthConfig());
             default -> throw new UnsupportedOperationException(context.getAuthConfig().getAuthType());
         };
     }
@@ -42,6 +40,7 @@ public Set<String> supportedAuthTypes() {
                 GITHUB,
                 GOOGLE,
                 ORY,
-                KEYCLOAK);
+                KEYCLOAK,
+                GENERIC);
     }
 }

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/oauth2/request/GenericAuthRequest.java

@@ -0,0 +1,91 @@
+package org.lowcoder.api.authentication.request.oauth2.request;
+
+import org.lowcoder.api.authentication.request.AuthException;
+import org.lowcoder.api.authentication.request.oauth2.GenericOAuthProviderSource;
+import org.lowcoder.api.authentication.request.oauth2.OAuth2RequestContext;
+import org.lowcoder.domain.user.model.AuthToken;
+import org.lowcoder.domain.user.model.AuthUser;
+import org.lowcoder.sdk.auth.Oauth2GenericAuthConfig;
+import org.lowcoder.sdk.auth.Oauth2KeycloakAuthConfig;
+import org.lowcoder.sdk.util.JsonUtils;
+import org.lowcoder.sdk.webclient.WebClientBuildHelper;
+import org.springframework.http.MediaType;
+import org.springframework.web.reactive.function.BodyInserters;
+import reactor.core.publisher.Mono;
+
+import java.util.Map;
+
+import static org.lowcoder.api.authentication.util.AuthenticationUtils.mapToAuthToken;
+import static org.lowcoder.api.authentication.util.AuthenticationUtils.mapToAuthUser;
+
+/**
+ * This class is for Generic Auth Request
+ */
+public class GenericAuthRequest  extends AbstractOauth2Request<Oauth2GenericAuthConfig>{
+
+    public GenericAuthRequest(Oauth2GenericAuthConfig context) {
+        super(context, new GenericOAuthProviderSource(context));
+    }
+
+    @Override
+    protected Mono<AuthToken> getAuthToken(OAuth2RequestContext context) {
+        return WebClientBuildHelper.builder()
+                .systemProxy()
+                .build()
+                .post()
+                .uri(config.getTokenEndpoint())
+                .contentType(MediaType.APPLICATION_FORM_URLENCODED)
+                .body(BodyInserters.fromFormData("code", context.getCode())
+                        .with("client_id", config.getClientId())
+                        .with("client_secret", config.getClientSecret())
+                        .with("grant_type", "authorization_code")
+                        .with("redirect_uri", context.getRedirectUrl()))
+                .retrieve()
+                .bodyToMono(Map.class)
+                .flatMap(map -> {
+                    if (map.containsKey("error") || map.containsKey("error_description")) {
+                        return Mono.error(new AuthException(JsonUtils.toJson(map)));
+                    }
+                    return Mono.just(mapToAuthToken(map));
+                });
+    }
+
+    @Override
+    protected Mono<AuthToken> refreshAuthToken(String refreshToken) {
+        return WebClientBuildHelper.builder()
+                .systemProxy()
+                .build()
+                .post()
+                .uri(config.getTokenEndpoint())
+                .body(BodyInserters.fromFormData("grant_type", "refresh_token")
+                        .with("refresh_token", refreshToken)
+                        .with("client_id", config.getClientId())
+                        .with("client_secret", config.getClientSecret()))
+                .retrieve()
+                .bodyToMono(Map.class)
+                .flatMap(map -> {
+                    if (map.containsKey("error") || map.containsKey("error_description")) {
+                        return Mono.error(new AuthException(JsonUtils.toJson(map)));
+                    }
+                    return Mono.just(mapToAuthToken(map));
+                });
+    }
+
+    @Override
+    protected Mono<AuthUser> getAuthUser(AuthToken authToken) {
+        return WebClientBuildHelper.builder()
+                .systemProxy()
+                .build()
+                .get()
+                .uri(config.getUserInfoEndpoint())
+                .headers(headers -> headers.setBearerAuth(authToken.getAccessToken()))
+                .retrieve()
+                .bodyToMono(Map.class)
+                .flatMap(map -> {
+                    if (map.containsKey("error") || map.containsKey("error_description")) {
+                        return Mono.error(new AuthException(JsonUtils.toJson(map)));
+                    }
+                    return Mono.just(mapToAuthUser(map));
+                });
+    }
+}

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiService.java

@@ -6,6 +6,7 @@
 import org.lowcoder.domain.authentication.FindAuthConfig;
 import org.lowcoder.domain.user.model.APIKey;
 import org.lowcoder.domain.user.model.AuthUser;
+import org.lowcoder.sdk.auth.Oauth2GenericAuthConfig;
 import org.springframework.web.server.ServerWebExchange;
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
@@ -29,4 +30,19 @@ public interface AuthenticationApiService {
     Mono<Void> deleteAPIKey(String authId);
 
     Flux<APIKey> findAPIKeys();
+
+    /**
+     * This method is to fetch and parse the OpenID configuration from the issuer URI.
+     * @param issuerUri String
+     * @param source String
+     * @param sourceName String
+     * @param clientId String
+     * @param clientSecret String
+     * @return Oauth2GenericAuthConfig
+     */
+    Mono<Oauth2GenericAuthConfig> fetchAndParseConfiguration(String issuerUri,
+                                                             String source,
+                                                             String sourceName,
+                                                             String clientId,
+                                                             String clientSecret);
 }

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java

@@ -31,10 +31,13 @@
 import org.lowcoder.domain.user.model.*;
 import org.lowcoder.domain.user.service.UserService;
 import org.lowcoder.sdk.auth.AbstractAuthConfig;
+import org.lowcoder.sdk.auth.Oauth2GenericAuthConfig;
+import org.lowcoder.sdk.auth.constants.AuthTypeConstants;
 import org.lowcoder.sdk.config.AuthProperties;
 import org.lowcoder.sdk.exception.BizError;
 import org.lowcoder.sdk.exception.BizException;
 import org.lowcoder.sdk.util.CookieHelper;
+import org.lowcoder.sdk.webclient.WebClientBuildHelper;
 import org.springframework.security.core.context.ReactiveSecurityContextHolder;
 import org.springframework.stereotype.Service;
 import org.springframework.web.server.ServerWebExchange;
@@ -330,6 +333,55 @@ public Flux<APIKey> findAPIKeys() {
                 );
     }
 
+    /**
+     * This method is to fetch and parse the OpenID configuration from the issuer URI.
+     * @param issuerUri String
+     * @param source String
+     * @param sourceName String
+     * @param clientId String
+     * @param clientSecret String
+     * @return Oauth2GenericAuthConfig
+     */
+    @Override
+    public Mono<Oauth2GenericAuthConfig> fetchAndParseConfiguration(String issuerUri,
+                                                                    String source,
+                                                                    String sourceName,
+                                                                    String clientId,
+                                                                    String clientSecret) {
+        String wellKnownUri = issuerUri + "/.well-known/openid-configuration";
+        return WebClientBuildHelper.builder()
+                .systemProxy()
+                .build()
+                .get()
+                .uri(wellKnownUri)
+                .retrieve()
+                .bodyToMono(Map.class)
+                .map(map -> mapToConfig(map, source, sourceName, clientId, clientSecret));
+    }
+
+    /**
+     * This method is to map to config for Generic Auth Provider
+     * @param map Object that comes from /.well-known endpoint for IDP Configuration
+     * @return Oauth2GenericAuthConfig
+     */
+    private Oauth2GenericAuthConfig mapToConfig(Map<String, Object> map,
+                                                String source,
+                                                String sourceName,
+                                                String clientId,
+                                                String clientSecret) {
+        return Oauth2GenericAuthConfig.builder()
+                .authType(AuthTypeConstants.GENERIC)
+                .source(source)
+                .sourceName(sourceName)
+                .clientId(clientId)
+                .clientSecret(clientSecret)
+                .issuerUri((String) map.get("issuer"))
+                .authorizationEndpoint((String) map.get("authorization_endpoint"))
+                .tokenEndpoint((String) map.get("token_endpoint"))
+                .userInfoEndpoint((String) map.get("userinfo_endpoint"))
+                .build();
+    }
+
 
     private Mono<Void> removeTokensByAuthId(String authId) {
         return sessionUserService.getVisitorOrgMemberCache()