From dcc139f3c3eaf3c09e1524c6721cd651e97bc237 Mon Sep 17 00:00:00 2001 From: Smruti Prakash Sahoo Date: Mon, 8 Jul 2024 15:52:00 +0530 Subject: [PATCH] feat(auth): Added username and password based basic authentication Signed-off-by: Smruti Prakash Sahoo --- .../users/components/UserAdministration.tsx | 2 +- .../admin/vendors/components/VendorsList.tsx | 2 +- .../components/components/ComponentsTable.tsx | 2 +- src/app/[locale]/ecc/components/ECC.tsx | 2 +- .../licenses/components/LicensePage.tsx | 2 +- .../[locale]/projects/components/Projects.tsx | 2 +- .../projects/detail/[id]/components/Ecc.tsx | 2 +- .../ObligationsView/LicenseObligation.tsx | 2 +- .../[id]/components/VulnerabilityTab.tsx | 2 +- .../VulnerabilityTrackingStatus.tsx | 2 +- .../components/Vulnerabilities.tsx | 2 +- src/app/api/auth/[...nextauth]/authOptions.ts | 29 ++++++++++++++++++- .../SelectAttachment/SelectAttachment.tsx | 2 +- src/services/auth.service.ts | 9 +++++- src/utils/api/api.util.ts | 2 +- 15 files changed, 49 insertions(+), 15 deletions(-) diff --git a/src/app/[locale]/admin/users/components/UserAdministration.tsx b/src/app/[locale]/admin/users/components/UserAdministration.tsx index d4d60075..bd849a34 100644 --- a/src/app/[locale]/admin/users/components/UserAdministration.tsx +++ b/src/app/[locale]/admin/users/components/UserAdministration.tsx @@ -123,7 +123,7 @@ export default function UserAdminstration() { ]) }, total: (data: EmbeddedUsers) => data.page.totalElements, - headers: { Authorization: `Bearer ${status === 'authenticated' ? session.user.access_token : ''}` }, + headers: { Authorization: `${status === 'authenticated' ? session.user.access_token : ''}` }, } const advancedSearch = [ diff --git a/src/app/[locale]/admin/vendors/components/VendorsList.tsx b/src/app/[locale]/admin/vendors/components/VendorsList.tsx index 803b2e30..8df804e5 100644 --- a/src/app/[locale]/admin/vendors/components/VendorsList.tsx +++ b/src/app/[locale]/admin/vendors/components/VendorsList.tsx @@ -88,7 +88,7 @@ export default function VendorsList() { ]) }, total: (data: EmbeddedVendors) => data.page.totalElements, - headers: { Authorization: `Bearer ${status === 'authenticated' ? session.user.access_token : ''}` }, + headers: { Authorization: `${status === 'authenticated' ? session.user.access_token : ''}` }, } return ( diff --git a/src/app/[locale]/components/components/ComponentsTable.tsx b/src/app/[locale]/components/components/ComponentsTable.tsx index 021c74f3..1f806347 100644 --- a/src/app/[locale]/components/components/ComponentsTable.tsx +++ b/src/app/[locale]/components/components/ComponentsTable.tsx @@ -112,7 +112,7 @@ function ComponentsTable({ setNumberOfComponent }: Props) { ]) }, total: (data: Embedded) => data.page.totalElements, - headers: { Authorization: `Bearer ${session.user.access_token}` }, + headers: { Authorization: `${session.user.access_token}` }, } } diff --git a/src/app/[locale]/ecc/components/ECC.tsx b/src/app/[locale]/ecc/components/ECC.tsx index 52212d20..d4c0e50a 100644 --- a/src/app/[locale]/ecc/components/ECC.tsx +++ b/src/app/[locale]/ecc/components/ECC.tsx @@ -87,7 +87,7 @@ export default function ECC() { ]) }, total: (data: EmbeddedECC) => data.page.totalElements, - headers: { Authorization: `Bearer ${status === 'authenticated' ? session.user.access_token : ''}` }, + headers: { Authorization: `${status === 'authenticated' ? session.user.access_token : ''}` }, } return ( diff --git a/src/app/[locale]/licenses/components/LicensePage.tsx b/src/app/[locale]/licenses/components/LicensePage.tsx index 9573d4b2..373ae1b1 100644 --- a/src/app/[locale]/licenses/components/LicensePage.tsx +++ b/src/app/[locale]/licenses/components/LicensePage.tsx @@ -67,7 +67,7 @@ function LicensePage() { ]) }, total: (data: Embedded) => data.page.totalElements, - headers: { Authorization: `Bearer ${status === 'authenticated' ? session.user.access_token : ''}` }, + headers: { Authorization: `${status === 'authenticated' ? session.user.access_token : ''}` }, } const columns = [ diff --git a/src/app/[locale]/projects/components/Projects.tsx b/src/app/[locale]/projects/components/Projects.tsx index 14bd4dee..ec13b931 100644 --- a/src/app/[locale]/projects/components/Projects.tsx +++ b/src/app/[locale]/projects/components/Projects.tsx @@ -238,7 +238,7 @@ function Project() { ]) }, total: (data: EmbeddedProjects) => data.page.totalElements, - headers: { Authorization: `Bearer ${session.user.access_token}` }, + headers: { Authorization: `${session.user.access_token}` }, } } diff --git a/src/app/[locale]/projects/detail/[id]/components/Ecc.tsx b/src/app/[locale]/projects/detail/[id]/components/Ecc.tsx index 87180dcb..035c5412 100644 --- a/src/app/[locale]/projects/detail/[id]/components/Ecc.tsx +++ b/src/app/[locale]/projects/detail/[id]/components/Ecc.tsx @@ -104,7 +104,7 @@ export default function EccDetails({ projectId }: { projectId: string }) { ]) }, total: (data: EmbeddedProjectReleaseEcc) => data.page.totalElements, - headers: { Authorization: `Bearer ${status === 'authenticated' ? session.user.access_token : ''}` }, + headers: { Authorization: `${status === 'authenticated' ? session.user.access_token : ''}` }, } return ( diff --git a/src/app/[locale]/projects/detail/[id]/components/Obligations/ObligationsView/LicenseObligation.tsx b/src/app/[locale]/projects/detail/[id]/components/Obligations/ObligationsView/LicenseObligation.tsx index 94a15d4f..196cc933 100644 --- a/src/app/[locale]/projects/detail/[id]/components/Obligations/ObligationsView/LicenseObligation.tsx +++ b/src/app/[locale]/projects/detail/[id]/components/Obligations/ObligationsView/LicenseObligation.tsx @@ -194,7 +194,7 @@ export default function LicenseObligation({ projectId }: { projectId: string }) return tableRows }, total: (data: ProjectObligationsList) => data.page.totalElements, - headers: { Authorization: `Bearer ${session.user.access_token}` }, + headers: { Authorization: `${session.user.access_token}` }, } } diff --git a/src/app/[locale]/projects/detail/[id]/components/VulnerabilityTab.tsx b/src/app/[locale]/projects/detail/[id]/components/VulnerabilityTab.tsx index 6bb2ad59..ffe76376 100644 --- a/src/app/[locale]/projects/detail/[id]/components/VulnerabilityTab.tsx +++ b/src/app/[locale]/projects/detail/[id]/components/VulnerabilityTab.tsx @@ -163,7 +163,7 @@ export default function VulnerabilityTab({ projectData }: { projectData: Project ]) }, total: (data: EmbeddedProjectVulnerabilities) => data.page.totalElements, - headers: { Authorization: `Bearer ${status === 'authenticated' ? session.user.access_token : ''}` }, + headers: { Authorization: `${status === 'authenticated' ? session.user.access_token : ''}` }, } } diff --git a/src/app/[locale]/projects/detail/[id]/components/VulnerabilityTrackingStatus.tsx b/src/app/[locale]/projects/detail/[id]/components/VulnerabilityTrackingStatus.tsx index 7745e780..da427fee 100644 --- a/src/app/[locale]/projects/detail/[id]/components/VulnerabilityTrackingStatus.tsx +++ b/src/app/[locale]/projects/detail/[id]/components/VulnerabilityTrackingStatus.tsx @@ -71,7 +71,7 @@ export default function VulnerabilityTrackingStatusComponent({ projectData }: { ]) }, total: (data: ProjectVulnerabilityTrackingStatus) => data.page.totalElements, - headers: { Authorization: `Bearer ${status === 'authenticated' ? session.user.access_token : ''}` }, + headers: { Authorization: `${status === 'authenticated' ? session.user.access_token : ''}` }, } } diff --git a/src/app/[locale]/vulnerabilities/components/Vulnerabilities.tsx b/src/app/[locale]/vulnerabilities/components/Vulnerabilities.tsx index 063e4b6a..0de03c84 100644 --- a/src/app/[locale]/vulnerabilities/components/Vulnerabilities.tsx +++ b/src/app/[locale]/vulnerabilities/components/Vulnerabilities.tsx @@ -137,7 +137,7 @@ function Vulnerabilities() { } }, total: (data: EmbeddedVulnerabilities) => data.page.totalElements, - headers: { Authorization: `Bearer ${session.user.access_token}` }, + headers: { Authorization: `${session.user.access_token}` }, } } diff --git a/src/app/api/auth/[...nextauth]/authOptions.ts b/src/app/api/auth/[...nextauth]/authOptions.ts index bd7f8283..efd7eb15 100644 --- a/src/app/api/auth/[...nextauth]/authOptions.ts +++ b/src/app/api/auth/[...nextauth]/authOptions.ts @@ -31,6 +31,34 @@ export const authOptions: NextAuthOptions = { username: username, password: password, } + + const authToken = await AuthService.generateBasicToken(userCredential) + + if (authToken === null) throw new Error('Error while fetching Auth Token') + + const response = await ApiUtils.GET(`users/${username}`, authToken) + if (response.status !== HttpStatus.OK) { + throw new Error('Error while fetching User Group') + } + const data = await response.json() + return { access_token: authToken, userGroup: data.userGroup, email: username} as any + } catch (e) { + console.error(e) + return null + } + }, + }), + CredentialsProvider({ + name: CREDENTIAL_PROVIDER, + credentials: {}, + async authorize(credentials) { + try { + const { username, password } = credentials as any + const userCredential: UserCredentialInfo = { + username: username, + password: password, + } + const authToken = await AuthService.generateToken(userCredential) if (authToken === null) throw new Error('Error while fetching Auth Token') @@ -61,7 +89,6 @@ export const authOptions: NextAuthOptions = { async session({ session, token }) { // Send properties to the client, like an access_token from a provider. session.user = token - return session }, }, diff --git a/src/components/Attachments/SelectAttachment/SelectAttachment.tsx b/src/components/Attachments/SelectAttachment/SelectAttachment.tsx index ea4fb460..b1b384d5 100644 --- a/src/components/Attachments/SelectAttachment/SelectAttachment.tsx +++ b/src/components/Attachments/SelectAttachment/SelectAttachment.tsx @@ -76,7 +76,7 @@ function SelectAttachment({ method: 'POST', body: formData, headers: { - Authorization: `Bearer ${session.user.access_token}`, + Authorization: `${session.user.access_token}`, }, }) .then((res) => res.json()) diff --git a/src/services/auth.service.ts b/src/services/auth.service.ts index 8f21828e..2b751498 100644 --- a/src/services/auth.service.ts +++ b/src/services/auth.service.ts @@ -78,8 +78,15 @@ const generateToken = async (userData: UserCredentialInfo) => { return sw360token } +const generateBasicToken = async (userData: UserCredentialInfo) => { + const credentials: string = Buffer.from(`${userData.username}:${userData.password}`).toString('base64') + const sw360token = `Basic ${credentials}` + return sw360token +} + const AuthService = { generateToken, + generateBasicToken, } -export default AuthService +export default AuthService \ No newline at end of file diff --git a/src/utils/api/api.util.ts b/src/utils/api/api.util.ts index 3d07c5c6..aa2d7d91 100644 --- a/src/utils/api/api.util.ts +++ b/src/utils/api/api.util.ts @@ -38,7 +38,7 @@ async function send({ } if (token) { - request_content.headers['Authorization'] = `Bearer ${token}` + request_content.headers['Authorization'] = `${token}` } if (signal) {