Feat/oauth2 (#6281): Added oauth to API paths

* Added oauth provider.

* Fixed provider.

* Added auth flow.

* Fixed auth flow and added scaffolding vite config.

* Added working oauth2.

* Fixed dockerfile.

* Adapted run.sh script

* Moved api tests to oauth2.

* Updated security schemes.

* Removed api key from existance.

* Fixed installation

* Added missing issuer in config.

* Fixed dev dependencies.

* Updated lock file.

ui/.gitignore

@@ -0,0 +1,24 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?

ui/consent.html

@@ -0,0 +1,24 @@
+<!doctype html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8" />
+    <link rel="icon" type="image/svg+xml" href="/favicon.ico" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Consent Etherpad</title>
+</head>
+<body>
+<div id="app">
+    <div class="login-background login-page">
+        <div class="login-box login-form">
+            <h1 class="login-title">Etherpad <span id="client"></span></h1>
+            <form class="login-inner-box input-control"  method="post">
+                <input type="hidden" name="prompt" value="consent"/>
+                <input type="submit" value="Login" class="login-button"/>
+                <div id="error"></div>
+            </form>
+        </div>
+    </div>
+</div>
+<script type="module" src="/src/consent.ts"></script>
+</body>
+</html>

ui/login.html

@@ -0,0 +1,38 @@
+<!doctype html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8"/>
+    <link rel="icon" type="image/svg+xml" href="/favicon.ico"/>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+    <title>SSO Etherpad</title>
+</head>
+<body>
+<div id="app">
+    <div class="login-background login-page">
+        <div class="login-box login-form">
+            <h1 class="login-title">Etherpad <span id="client"></span></h1>
+            <form class="login-inner-box input-control">
+                <label>
+                    <input class="login-textinput input-control" required type="text" name="login" placeholder="Username"/>
+                </label>
+                <div class="icon-input">
+                    <label class="password-label">
+                        <input class="login-textinput" type="password" required name="password" placeholder="Password"/>
+                        <svg id="eye-visible" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-6 h-6 toggle-password-visibility">
+                            <path stroke-linecap="round" stroke-linejoin="round" d="M2.036 12.322a1.012 1.012 0 0 1 0-.639C3.423 7.51 7.36 4.5 12 4.5c4.638 0 8.573 3.007 9.963 7.178.07.207.07.431 0 .639C20.577 16.49 16.64 19.5 12 19.5c-4.638 0-8.573-3.007-9.963-7.178Z" />
+                            <path stroke-linecap="round" stroke-linejoin="round" d="M15 12a3 3 0 1 1-6 0 3 3 0 0 1 6 0Z" />
+                        </svg>
+                        <svg id="eye-hide" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-6 h-6">
+                            <path stroke-linecap="round" stroke-linejoin="round" d="M3.98 8.223A10.477 10.477 0 0 0 1.934 12C3.226 16.338 7.244 19.5 12 19.5c.993 0 1.953-.138 2.863-.395M6.228 6.228A10.451 10.451 0 0 1 12 4.5c4.756 0 8.773 3.162 10.065 7.498a10.522 10.522 0 0 1-4.293 5.774M6.228 6.228 3 3m3.228 3.228 3.65 3.65m7.894 7.894L21 21m-3.228-3.228-3.65-3.65m0 0a3 3 0 1 0-4.243-4.243m4.242 4.242L9.88 9.88" />
+                        </svg>
+                    </label>
+                </div>
+                <input type="submit" value="Login" class="login-button"/>
+                <div id="error"></div>
+            </form>
+        </div>
+    </div>
+</div>
+<script type="module" src="/src/main.ts"></script>
+</body>
+</html>

ui/package.json

@@ -0,0 +1,15 @@
+{
+  "name": "ui",
+  "private": true,
+  "version": "0.0.0",
+  "type": "module",
+  "scripts": {
+    "dev": "vite",
+    "build": "tsc && vite build",
+    "preview": "vite preview"
+  },
+  "devDependencies": {
+    "typescript": "^5.2.2",
+    "vite": "^5.2.0"
+  }
+}

ui/src/consent.ts

@@ -0,0 +1,35 @@
+import "./style.css"
+//import {MapArrayType} from "ep_etherpad-lite/node/types/MapType";
+
+const form = document.querySelector('form')!;
+const sessionId = new URLSearchParams(window.location.search).get('state');
+
+form.action = '/interaction/' + sessionId;
+
+/*form.addEventListener('submit', function (event) {
+    event.preventDefault();
+    const formData = new FormData(form);
+    const data: MapArrayType<any> = {};
+    formData.forEach((value, key) => {
+        data[key] = value;
+    });
+    const sessionId = new URLSearchParams(window.location.search).get('state');
+
+    fetch('/interaction/' + sessionId, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+        },
+        body: JSON.stringify(data),
+    }).then(response => {
+        if (response.ok) {
+            if (response.redirected) {
+                window.location.href = response.url;
+            }
+        } else {
+            document.getElementById('error')!.innerText = "Error signing in";
+        }
+    }).catch(error => {
+        document.getElementById('error')!.innerText = "Error signing in" + error;
+    })
+});*/

ui/src/main.ts

@@ -0,0 +1,58 @@
+import './style.css'
+import {MapArrayType} from "ep_etherpad-lite/node/types/MapType.ts";
+
+const searchParams = new URLSearchParams(window.location.search);
+
+
+document.getElementById('client')!.innerText = searchParams.get('client_id')!;
+
+const form = document.querySelector('form')!;
+form.addEventListener('submit', function (event) {
+    event.preventDefault();
+    const formData = new FormData(form);
+    const data: MapArrayType<any> = {};
+    formData.forEach((value, key) => {
+        data[key] = value;
+    });
+    const sessionId = new URLSearchParams(window.location.search).get('state');
+
+    fetch('/interaction/' + sessionId, {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+        },
+        redirect: 'follow',
+        body: JSON.stringify(data),
+    }).then(response => {
+        if (response.ok) {
+            if (response.redirected) {
+                window.location.href = response.url;
+            }
+        } else {
+            document.getElementById('error')!.innerText = "Error signing in";
+        }
+    }).catch(error => {
+        document.getElementById('error')!.innerText = "Error signing in" + error;
+    })
+});
+
+const hidePassword = document.querySelector('.toggle-password-visibility')! as HTMLElement
+const showPassword = document.getElementById('eye-hide')! as HTMLElement
+const togglePasswordVisibility = () => {
+    const passwordInput = document.getElementsByName('password')[0] as HTMLInputElement;
+    if (passwordInput.type === 'password') {
+        showPassword.style.display = 'block';
+        hidePassword.style.display = 'none';
+        passwordInput.type = 'text';
+    } else {
+        showPassword.style.display = 'none';
+        hidePassword.style.display = 'block';
+        passwordInput.type = 'password';
+    }
+}
+
+
+hidePassword.addEventListener('click', togglePasswordVisibility);
+showPassword.addEventListener('click', togglePasswordVisibility);
+
+

ui/src/style.css

@@ -0,0 +1,125 @@
+:root {
+    font-family: Inter, system-ui, Avenir, Helvetica, Arial, sans-serif;
+    line-height: 1.5;
+    font-weight: 400;
+
+
+    font-synthesis: none;
+    text-rendering: optimizeLegibility;
+    -webkit-font-smoothing: antialiased;
+    -moz-osx-font-smoothing: grayscale;
+    --color-etherpad: #0f775b;
+}
+
+body {
+    font-size: 16px;
+    margin: 0;
+    display: flex;
+    place-items: center;
+    min-width: 320px;
+    min-height: 100vh;
+}
+
+#app {
+    max-width: 1280px;
+    margin: auto;
+    padding: 2rem;
+}
+
+
+button {
+    border-radius: 8px;
+    border: 1px solid transparent;
+    padding: 0.6em 1.2em;
+    font-size: 1em;
+    font-weight: 500;
+    font-family: inherit;
+    background-color: #1a1a1a;
+    cursor: pointer;
+    transition: border-color 0.25s;
+}
+
+button:hover {
+    border-color: #646cff;
+}
+
+button:focus,
+button:focus-visible {
+    outline: 4px auto -webkit-focus-ring-color;
+}
+
+@media (prefers-color-scheme: light) {
+    :root {
+        color: #213547;
+        background-color: #ffffff;
+    }
+
+    a:hover {
+        color: #747bff;
+    }
+
+    button {
+        background-color: #f9f9f9;
+    }
+}
+
+.login-box {
+    background-color: #f2f6f7;
+    padding: 40px;
+    border-radius: 20px;
+    color: #607278;
+}
+
+body {
+    background: radial-gradient(100% 100% at 50% 0%, var(--color-etherpad) 0%, #003A47 100%) fixed
+}
+
+input {
+    border-radius: 8px;
+    border: 1px solid #d1d1d1;
+    padding: 0.6em 1.2em;
+    font-size: 1em;
+    font-weight: 500;
+    font-family: inherit;
+    background-color: #f9f9f9;
+    transition: border-color 0.25s;
+}
+
+.login-inner-box {
+    display: flex;
+    flex-direction: column;
+    gap: 10px;
+}
+
+.login-inner-box input[type=submit] {
+    background-color: var(--color-etherpad);
+    color: white;
+    border: none;
+    cursor: pointer;
+    margin-top: 20px;
+}
+
+.password-label {
+    position: relative;
+}
+
+.password-label svg {
+    position: absolute;
+    right: 10px;
+    top: 50%;
+    transform: translateY(-50%);
+    cursor: pointer;
+    width: 16px;
+}
+
+#eye-hide {
+    display: none;
+}
+
+label {
+    display: flex;
+}
+
+label input {
+    flex-grow: 1;
+}

ui/src/typescript.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="32" height="32" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 256"><path fill="#007ACC" d="M0 128v128h256V0H0z"></path><path fill="#FFF" d="m56.612 128.85l-.081 10.483h33.32v94.68h23.568v-94.68h33.321v-10.28c0-5.69-.122-10.444-.284-10.566c-.122-.162-20.4-.244-44.983-.203l-44.74.122l-.121 10.443Zm149.955-10.742c6.501 1.625 11.459 4.51 16.01 9.224c2.357 2.52 5.851 7.111 6.136 8.208c.08.325-11.053 7.802-17.798 11.988c-.244.162-1.22-.894-2.317-2.52c-3.291-4.795-6.745-6.867-12.028-7.233c-7.76-.528-12.759 3.535-12.718 10.321c0 1.992.284 3.17 1.097 4.795c1.707 3.536 4.876 5.649 14.832 9.956c18.326 7.883 26.168 13.084 31.045 20.48c5.445 8.249 6.664 21.415 2.966 31.208c-4.063 10.646-14.14 17.879-28.323 20.276c-4.388.772-14.79.65-19.504-.203c-10.28-1.828-20.033-6.908-26.047-13.572c-2.357-2.6-6.949-9.387-6.664-9.874c.122-.163 1.178-.813 2.356-1.504c1.138-.65 5.446-3.129 9.509-5.485l7.355-4.267l1.544 2.276c2.154 3.29 6.867 7.801 9.712 9.305c8.167 4.307 19.383 3.698 24.909-1.26c2.357-2.153 3.332-4.388 3.332-7.68c0-2.966-.366-4.266-1.91-6.501c-1.99-2.845-6.054-5.242-17.595-10.24c-13.206-5.69-18.895-9.224-24.096-14.832c-3.007-3.25-5.852-8.452-7.03-12.8c-.975-3.617-1.22-12.678-.447-16.335c2.723-12.76 12.353-21.659 26.25-24.3c4.51-.853 14.994-.528 19.424.569Z"></path></svg>

ui/src/vite-env.d.ts

@@ -0,0 +1 @@
+/// <reference types="vite/client" />

ui/tsconfig.json

@@ -0,0 +1,23 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "useDefineForClassFields": true,
+    "module": "ESNext",
+    "lib": ["ES2020", "DOM", "DOM.Iterable"],
+    "skipLibCheck": true,
+
+    /* Bundler mode */
+    "moduleResolution": "bundler",
+    "allowImportingTsExtensions": true,
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "noEmit": true,
+
+    /* Linting */
+    "strict": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true,
+    "noFallthroughCasesInSwitch": true
+  },
+  "include": ["src"]
+}

ui/vite.config.ts

@@ -0,0 +1,17 @@
+// vite.config.js
+import { resolve } from 'path'
+import { defineConfig } from 'vite'
+
+export default defineConfig({
+    base: '/views/',
+    build: {
+        outDir: resolve(__dirname, '../src/static/oidc'),
+        rollupOptions: {
+            input: {
+                main: resolve(__dirname, 'consent.html'),
+                nested: resolve(__dirname, 'login.html'),
+            },
+        },
+        emptyOutDir: true,
+    },
+})