Implemented the generic Auth feature without additional .well_known endpoint.

Author: th37rose

server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/auth/Oauth2SimpleAuthConfig.java

@@ -38,7 +38,7 @@ public String getAuthorizeUrl() {
             case AuthTypeConstants.GITHUB -> replaceAuthUrlClientIdPlaceholder(Oauth2Constants.GITHUB_AUTHORIZE_URL);
             case AuthTypeConstants.ORY -> replaceAuthUrlClientIdPlaceholder(Oauth2Constants.ORY_AUTHORIZE_URL);
             case AuthTypeConstants.KEYCLOAK -> replaceAuthUrlClientIdPlaceholder(Oauth2Constants.KEYCLOAK_AUTHORIZE_URL);
-            case AuthTypeConstants.GENERIC -> replaceAuthUrlClientIdPlaceholder(((Oauth2GenericAuthConfig)this).getAuthorizationEndpoint());
+            case AuthTypeConstants.GENERIC -> ((Oauth2GenericAuthConfig)this).getAuthorizationEndpoint();
             default -> null;
         };
     }

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/AuthenticationController.java

@@ -130,24 +130,4 @@ public Mono<ResponseView<List<APIKey>>> getAllAPIKeys() {
                 .collectList()
                 .map(ResponseView::success);
     }
-
-    /**
-     * This endpoint is to get IDP configuration
-     * @param issuerUri String
-     * @param source String
-     * @param sourceName String
-     * @param clientId String
-     * @param clientSecret String
-     * @return Oauth2GenericAuthConfig
-     */
-    @Override
-    public Mono<ResponseView<Oauth2GenericAuthConfig>> addOAuthProvider(String issuerUri,
-                                                                        String source,
-                                                                        String sourceName,
-                                                                        String clientId,
-                                                                        String clientSecret) {
-        return authenticationApiService.fetchAndParseConfiguration(issuerUri, source, sourceName, clientId, clientSecret)
-                .map(ResponseView::success);
-    }
-
 }

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/AuthenticationEndpoints.java

@@ -162,20 +162,4 @@ public Mono<ResponseView<Boolean>> linkAccountWithThirdParty(
      */
     public record FormLoginRequest(String loginId, String password, boolean register, String source, String authId) {
     }
-
-	/**
-	 * This endpoint is to get IDP configuration
-	 * @param issuerUri String
-	 * @param source String
-	 * @param sourceName String
-	 * @param clientId String
-	 * @param clientSecret String
-	 * @return Oauth2GenericAuthConfig
-	 */
-	@GetMapping("/providers")
-	public Mono<ResponseView<Oauth2GenericAuthConfig>> addOAuthProvider(@RequestParam String issuerUri,
-																		@RequestParam String source,
-																		@RequestParam String sourceName,
-																		@RequestParam String clientId,
-																		@RequestParam String clientSecret);
 }

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/dto/AuthConfigRequest.java

@@ -1,6 +1,7 @@
 package org.lowcoder.api.authentication.dto;
 
 import jakarta.annotation.Nullable;
+import jakarta.validation.constraints.Null;
 import org.apache.commons.collections4.MapUtils;
 import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -27,6 +28,30 @@ public boolean isEnableRegister() {
         return MapUtils.getBoolean(this, "enableRegister", true);
     }
 
+    /**
+     * Additional configs for generic
+     * config will be updated instead of creating a new one.
+     */
+    @Nullable
+    public String getIssuerUri() {
+        return getString("issuer");
+    }
+
+    @Nullable
+    public String getAuthorizationEndpoint() {
+        return getString("authorizationEndpoint");
+    }
+
+    @Nullable
+    public String getTokenEndpoint() {
+        return getString("tokenEndpoint");
+    }
+
+    @Nullable
+    public String getUserInfoEndpoint() {
+        return getString("userInfoEndpoint");
+    }
+
     @Nullable
     public String getInstanceId() {
         return getString("instanceId");

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/request/oauth2/request/GenericAuthRequest.java

@@ -6,7 +6,6 @@
 import org.lowcoder.domain.user.model.AuthToken;
 import org.lowcoder.domain.user.model.AuthUser;
 import org.lowcoder.sdk.auth.Oauth2GenericAuthConfig;
-import org.lowcoder.sdk.auth.Oauth2KeycloakAuthConfig;
 import org.lowcoder.sdk.util.JsonUtils;
 import org.lowcoder.sdk.webclient.WebClientBuildHelper;
 import org.springframework.http.MediaType;

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiService.java

@@ -6,7 +6,6 @@
 import org.lowcoder.domain.authentication.FindAuthConfig;
 import org.lowcoder.domain.user.model.APIKey;
 import org.lowcoder.domain.user.model.AuthUser;
-import org.lowcoder.sdk.auth.Oauth2GenericAuthConfig;
 import org.springframework.web.server.ServerWebExchange;
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
@@ -30,19 +29,4 @@ public interface AuthenticationApiService {
     Mono<Void> deleteAPIKey(String authId);
 
     Flux<APIKey> findAPIKeys();
-
-    /**
-     * This method is to fetch and parse the OpenID configuration from the issuer URI.
-     * @param issuerUri String
-     * @param source String
-     * @param sourceName String
-     * @param clientId String
-     * @param clientSecret String
-     * @return Oauth2GenericAuthConfig
-     */
-    Mono<Oauth2GenericAuthConfig> fetchAndParseConfiguration(String issuerUri,
-                                                             String source,
-                                                             String sourceName,
-                                                             String clientId,
-                                                             String clientSecret);
 }

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java

@@ -333,56 +333,6 @@ public Flux<APIKey> findAPIKeys() {
                 );
     }
 
-    /**
-     * This method is to fetch and parse the OpenID configuration from the issuer URI.
-     * @param issuerUri String
-     * @param source String
-     * @param sourceName String
-     * @param clientId String
-     * @param clientSecret String
-     * @return Oauth2GenericAuthConfig
-     */
-    @Override
-    public Mono<Oauth2GenericAuthConfig> fetchAndParseConfiguration(String issuerUri,
-                                                                    String source,
-                                                                    String sourceName,
-                                                                    String clientId,
-                                                                    String clientSecret) {
-        String wellKnownUri = issuerUri + "/.well-known/openid-configuration";
-        return WebClientBuildHelper.builder()
-                .systemProxy()
-                .build()
-                .get()
-                .uri(wellKnownUri)
-                .retrieve()
-                .bodyToMono(Map.class)
-                .map(map -> mapToConfig(map, source, sourceName, clientId, clientSecret));
-    }
-
-    /**
-     * This method is to map to config for Generic Auth Provider
-     * @param map Object that comes from /.well-known endpoint for IDP Configuration
-     * @return Oauth2GenericAuthConfig
-     */
-    private Oauth2GenericAuthConfig mapToConfig(Map<String, Object> map,
-                                                String source,
-                                                String sourceName,
-                                                String clientId,
-                                                String clientSecret) {
-        return Oauth2GenericAuthConfig.builder()
-                .authType(AuthTypeConstants.GENERIC)
-                .source(source)
-                .sourceName(sourceName)
-                .clientId(clientId)
-                .clientSecret(clientSecret)
-                .issuerUri((String) map.get("issuer"))
-                .authorizationEndpoint((String) map.get("authorization_endpoint"))
-                .tokenEndpoint((String) map.get("token_endpoint"))
-                .userInfoEndpoint((String) map.get("userinfo_endpoint"))
-                .build();
-    }
-
-
     private Mono<Void> removeTokensByAuthId(String authId) {
         return sessionUserService.getVisitorOrgMemberCache()
                 .flatMapMany(orgMember -> orgMemberService.getOrganizationMembers(orgMember.getOrgId()))

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/factory/AuthConfigFactoryImpl.java

@@ -19,6 +19,7 @@ public class AuthConfigFactoryImpl implements AuthConfigFactory {
 
     @Override
     public AbstractAuthConfig build(AuthConfigRequest authConfigRequest, boolean enable) {
+        buildOauth2GenericAuthConfig(authConfigRequest, enable);
         return switch (authConfigRequest.getAuthType()) {
             case AuthTypeConstants.FORM -> buildEmailAuthConfig(authConfigRequest, enable);
             case AuthTypeConstants.GITHUB -> buildOauth2SimpleAuthConfig(GITHUB, GITHUB_NAME, authConfigRequest, enable);
@@ -103,16 +104,15 @@ private Oauth2SimpleAuthConfig buildOauth2GenericAuthConfig(AuthConfigRequest au
                 .id(authConfigRequest.getId())
                 .enable(enable)
                 .enableRegister(authConfigRequest.isEnableRegister())
-                .source(AuthTypeConstants.GENERIC)
-                .sourceName(org.lowcoder.sdk.constants.AuthSourceConstants.KEYCLOAK_NAME)
+                .source(authConfigRequest.getSource(AuthTypeConstants.GENERIC))
+                .sourceName(authConfigRequest.getSourceName(AuthTypeConstants.GENERIC))
                 .clientId(requireNonNull(authConfigRequest.getClientId(), "clientId can not be null."))
                 .clientSecret(authConfigRequest.getClientSecret())
-                .issuerUri(authConfigRequest.getString("issuer"))
-                .authorizationEndpoint(authConfigRequest.getString("authorization_endpoint"))
-                .tokenEndpoint(authConfigRequest.getString("token_endpoint"))
-                .userInfoEndpoint(authConfigRequest.getString("userinfo_endpoint"))
-                .authType(authConfigRequest.getAuthType())
+                .issuerUri(authConfigRequest.getIssuerUri())
+                .authorizationEndpoint(authConfigRequest.getAuthorizationEndpoint())
+                .tokenEndpoint(authConfigRequest.getTokenEndpoint())
+                .userInfoEndpoint(authConfigRequest.getUserInfoEndpoint())
+                .authType(AuthTypeConstants.GENERIC)
                 .build();
-
     }
 }