CLDR-18165 cla: github sso: generate login url

- add LoginManager to manage the sso
srl295 · Dec 12, 2024 · bfe4838 · bfe4838
1 parent e8589bc
commit bfe4838
Show file tree

Hide file tree

Showing 4 changed files with 98 additions and 0 deletions.
diff --git a/tools/cldr-apps/src/main/java/org/unicode/cldr/web/api/Auth.java b/tools/cldr-apps/src/main/java/org/unicode/cldr/web/api/Auth.java
@@ -26,6 +26,8 @@
 import org.unicode.cldr.web.UserRegistry.LogoutException;
 import org.unicode.cldr.web.UserRegistry.User;
 import org.unicode.cldr.web.WebContext;
+import org.unicode.cldr.web.auth.LoginFactory.LoginIntent;
+import org.unicode.cldr.web.auth.LoginManager;
 
 @Path("/auth")
 @Tag(name = "auth", description = "APIs for authentication")
@@ -324,4 +326,38 @@ public static CookieSession getSession(String session) {
     public static Response noSessionResponse() {
         return Response.status(Status.UNAUTHORIZED).build();
     }
+
+    @Path("/oauth/url")
+    @GET
+    @Operation(summary = "get login URL", description = "Get OAuth URL.")
+    @APIResponses(
+            value = {
+                @APIResponse(
+                        responseCode = "200",
+                        description = "OK",
+                        content =
+                                @Content(
+                                        mediaType = "application/json",
+                                        schema = @Schema(implementation = OAuthURL.class))),
+                @APIResponse(responseCode = "404", description = "Cannot auth"),
+                @APIResponse(responseCode = "417", description = "Invalid parameter"),
+            })
+    public Response oauthUrl() {
+        final String url = LoginManager.getInstance().getLoginString(LoginIntent.cla);
+        if (url == null) {
+            return Response.status(404).build();
+        } else {
+            OAuthURL u = new OAuthURL(url);
+            return Response.ok(u).build();
+        }
+    }
+
+    public static final class OAuthURL {
+        @Schema(description = "URL for login")
+        public String url;
+
+        private OAuthURL(String url) {
+            this.url = url;
+        }
+    }
 }
diff --git a/tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/GithubLoginFactory.java b/tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/GithubLoginFactory.java
@@ -114,4 +114,11 @@ private String getClientJwt() {
                 .setIssuer(GITHUB_CLIENT_ID)
                 .compact();
     }
+
+    @Override
+    public String getLoginUrl(LoginIntent intent) {
+        return String.format(
+                "https://github.com/login/oauth/authorize?client_id=%s",
+                GITHUB_CLIENT_ID); // TODO: redirect_uri
+    }
 }
diff --git a/tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/LoginFactory.java b/tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/LoginFactory.java
@@ -2,6 +2,21 @@
 
 /** a LoginFactory is a type of login management that can be used with the ST */
 public abstract class LoginFactory {
+
+    public enum LoginIntent {
+        // /** for access to the ST. Not implemented yet. */
+        // sso,
+        /** for CLA assertion */
+        cla,
+    };
+
     /** return true if this factory is all ready for use */
     public abstract boolean valid();
+
+    /**
+     * Get the URL for the login link. TODO: Probably need more context here eventually.
+     *
+     * @param intent what type of login link to generate.
+     */
+    public abstract String getLoginUrl(LoginIntent intent);
 }
diff --git a/tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/LoginManager.java b/tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/LoginManager.java
@@ -0,0 +1,40 @@
+package org.unicode.cldr.web.auth;
+
+import java.util.logging.Logger;
+import org.unicode.cldr.web.SurveyLog;
+
+public class LoginManager {
+
+    static final Logger logger = SurveyLog.forClass(LoginManager.class);
+
+    public static final LoginManager getInstance() {
+        return Helper.INSTANCE;
+    }
+
+    private static final class Helper {
+
+        static final LoginManager INSTANCE = new LoginManager();
+    }
+
+    // Simple implementation for now.
+    public LoginManager() {
+        try {
+            github = new GithubLoginFactory();
+            if (!github.valid()) {
+                logger.info("Github login not valid");
+                github = null;
+            }
+            logger.info("Github login available");
+        } catch (Throwable t) {
+            SurveyLog.logException(t, "trying to setup GitHub");
+            github = null;
+        }
+    }
+
+    GithubLoginFactory github = null;
+
+    public String getLoginString(LoginFactory.LoginIntent intent) {
+        if (github == null) return null;
+        return github.getLoginUrl(intent);
+    }
+}