Skip to content

Backlog/add oauth2 OIDC corporate authentication to backend #1413

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 473 commits into
base: v11
Choose a base branch
from
Open

Backlog/add oauth2 OIDC corporate authentication to backend #1413

wants to merge 473 commits into from

Conversation

@mjabascal10
Copy link
Contributor

@mjabascal10 mjabascal10 commented Nov 17, 2025

PLEASE READ BEFORE CONTINUING

To help us understand your contribution, please include the following in your pull request:

  • A detailed explanation of the changes you've made.
  • The reasoning behind these changes.
  • A reference to the issue that this pull request addresses.

mjabascal10 and others added 30 commits October 23, 2025 16:09
@mjabascal10
feat(api_keys): enhance IP address management with validation and err…
8abce9e 
…or handling

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
feat(api_keys): add API key generation and expiration handling with u…
3f06c65 
…ser feedback

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
feat(api_keys): update API key modal for editing and improved deletio…
9ee4d9c 
…n confirmation

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@yllada
fix(agent): ensure proper closure of TCP and UDP listeners on disable
82c19c7
@mjabascal10
refactor(api_keys): change API key identifier type from UUID to Long …
d97830a 
…for consistency
@mjabascal10
feat(api_keys): simplify API key listing endpoint and enhance expirat…
fdbea5f 
…ion handling
@mjabascal10
feat(api_keys): improve API key listing with pagination, loading stat…
f1a088d 
…es, and expiration indicators

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
fix(login): prevent error when checking for blocked user JWT authoriz…
5e2ffc5 
…ation

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@osmontero
refactor(events): remove unused meter initialization in Analyze and s…
97c8434 
…tartQueue functions
@osmontero
Merge branch 'release/v11' of ssh://github.com/utmstack/UTMStack into…
a441574 
… release/v11
@mjabascal10
fix(alert): remove debug logs from ngOnInit method in alert entity di…
fd483a7 
…splay

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
feat(agent): add TLS connection option and update command generation …
5c48cc5 
…for syslog integrations

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
feat(api_keys): simplify API key listing endpoint and enhance expirat…
b9b555a 
…ion handling
@mjabascal10
feat(api_keys): simplify API key listing endpoint and enhance expirat…
b75f5e7 
…ion handling
@mjabascal10
feat(api_keys): simplify API key listing endpoint and enhance expirat…
fd36727 
…ion handling
@mjabascal10
feat(api_keys): simplify API key listing endpoint and enhance expirat…
850c1e4 
…ion handling
@mjabascal10
feat(api_keys): simplify API key listing endpoint and enhance expirat…
f45194a 
…ion handling
@mjabascal10
feat(api_keys): simplify API key listing endpoint and enhance expirat…
3cd54c4 
…ion handling
@mjabascal10
feat(api_keys): simplify API key listing endpoint and enhance expirat…
b3f8c68 
…ion handling
@mjabascal10
feat(api_keys): simplify API key listing endpoint and enhance expirat…
83118a9 
…ion handling
@mjabascal10
Update frontend/src/app/app-management/api-keys/shared/components/api…
4ce6306 
…-key-modal/api-key-modal.component.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mjabascal10
Update backend/src/main/java/com/park/utmstack/security/api_key/ApiKe…
c6c9b59 
…yFilter.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mjabascal10
feat(api_keys): simplify API key listing endpoint and enhance expirat…
da17219 
…ion handling
@mjabascal10
Merge branch 'release/v11' into backlog/api_key
6760e98 
# Conflicts:
#	backend/src/main/java/com/park/utmstack/config/Constants.java
@mjabascal10
feat(api_keys): enhance clipboard functionality with fallback support…
47fea36 
… and feedback

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
feat(api_key): enhance ApiKeyFilter with improved logging and validat…
e73b24c 
…ion checks
@mjabascal10
feat(api_key): enhance ApiKeyFilter with improved logging and validat…
a1d08cd 
…ion checks
@AlexSanchez-bit @mjabascal10
fix[frontend](web_console): sanitized password parameter to admit all…
201bbbd 
… utf8 characters even url structure ones
@AlexSanchez-bit @mjabascal10
feat[backend](api-keys): added api keys dto, controllers and entities
38c4bf7
@AlexSanchez-bit @mjabascal10
feat[backend](api_keys): added api keys
5fa8b22
mjabascal10 and others added 14 commits November 13, 2025 15:40
@mjabascal10
feat(identity-provider): add OAuth2/OpenID Connect provider management
f1a56c7 
Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
feat: implement service to automatically assign asset groups to alerts
a418f77
@mjabascal10
feat(identity-provider): add OAuth2/OpenID Connect provider management
ff92207 
Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
Merge remote-tracking branch 'origin/backlog/add-oauth2-oidc-corporat…
ba38590 
…e-authentication-to-backend' into backlog/add-oauth2-oidc-corporate-authentication-to-backend
@mjabascal10
feat(oauth2): enhance corporate authentication with additional fields…
be1efde 
… and event handling
@mjabascal10
Merge remote-tracking branch 'origin/backlog/add-oauth2-oidc-corporat…
d6cd03e 
…e-authentication-to-backend' into backlog/add-oauth2-oidc-corporate-authentication-to-backend
@JocLRojas
feat: add CrowdStrike plugin core implementation
4821977
@JocLRojas
feat: add gRPC configuration management for CrowdStrike
df67d52
@mjabascal10
feat(oauth2): enhance corporate authentication with additional fields…
7e9cf7c 
… and event handling
@mjabascal10
feat(oauth2): enhance corporate authentication with additional fields…
9f33152 
… and event handling
@mjabascal10
feat(identity-provider): add OAuth2/OpenID Connect provider management
3fbd456 
Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
Merge remote-tracking branch 'origin/backlog/add-oauth2-oidc-corporat…
69e27ec 
…e-authentication-to-backend' into backlog/add-oauth2-oidc-corporate-authentication-to-backend
@mjabascal10
feat(oauth2): enhance corporate authentication with additional fields…
8cf74ea 
… and event handling
@mjabascal10
feat(identity-provider): add OAuth2/OpenID Connect provider management
a0b5e36 
Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10 mjabascal10 requested a review from Copilot November 17, 2025 20:11
@mjabascal10
Merge remote-tracking branch 'origin/backlog/add-oauth2-oidc-corporat…
c6dec4d 
…e-authentication-to-backend' into backlog/add-oauth2-oidc-corporate-authentication-to-backend
Copilot AI reviewed Nov 17, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR implements OAuth2/OIDC corporate authentication to the backend, enabling users to authenticate with external identity providers (Google, Microsoft) in addition to the existing username/password authentication.

Key changes:

  • Adds backend support for OAuth2/OIDC authentication flows with dynamic provider configuration
  • Creates a new frontend UI for identity provider management in admin settings
  • Implements login provider selection on the login page

Reviewed Changes

Copilot reviewed 57 out of 57 changed files in this pull request and generated 10 comments.

Show a summary per file
File Description
frontend/src/environments/environment.ts Switches server URL from production IP to localhost for development
frontend/src/app/shared/utm-shared.module.ts Registers new LoginProvidersComponent in shared module
frontend/src/app/shared/services/login-provider.service.ts Service to fetch active providers and initiate OAuth login flows
frontend/src/app/shared/components/auth/login/login.component.ts Adds OAuth error handling and lifecycle management for login flow
frontend/src/app/shared/components/auth/login-providers/* New component displaying OAuth provider buttons on login page
frontend/src/app/app-management/identity-provider/* Complete provider management UI with CRUD operations
backend/src/main/resources/config/liquibase/changelog/20251029001-add-identity-provider-config.xml Database schema for storing identity provider configurations
backend/src/main/java/com/park/utmstack/web/rest/idp_provider/* REST endpoints for provider management and login provider listing
backend/src/main/java/com/park/utmstack/security/oauth/* OAuth2 authentication handlers and custom user service
backend/src/main/java/com/park/utmstack/config/oauth/* Dynamic OAuth2 client registration from database
backend/pom.xml Adds spring-boot-starter-oauth2-client dependency

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

mjabascal10 and others added 12 commits November 17, 2025 15:23
@mjabascal10
refactor: update version info handling and clean up community module …
ffb080c 
…display

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
Merge remote-tracking branch 'origin/release/v11' into release/v11
2e02597
@mjabascal10
Update frontend/src/app/shared/components/auth/login/login.component.ts
ba899a5 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mjabascal10
Update frontend/src/app/shared/components/auth/login-providers/login-…
d2a325a 
…providers.component.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mjabascal10
Update backend/src/main/java/com/park/utmstack/config/SecurityConfigu…
0ab0720 
…ration.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mjabascal10
Update backend/src/main/java/com/park/utmstack/service/idp_provider/I…
ac996e2 
…dentityProviderService.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mjabascal10
Update frontend/src/app/app-management/identity-provider/shared/compo…
4dde3a0 
…nents/provider-form/provider-form.component.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@mjabascal10
Merge remote-tracking branch 'origin/release/v11' into backlog/add-oa…
36e9bd3 
…uth2-oidc-corporate-authentication-to-backend
@mjabascal10
feat(oauth2): enhance corporate authentication with additional fields…
6a55410 
… and event handling
@mjabascal10
refactor: simplify request structure and improve provider toggle logic
acc827d 
Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
@mjabascal10
Merge remote-tracking branch 'origin/backlog/add-oauth2-oidc-corporat…
ecdf6e3 
…e-authentication-to-backend' into backlog/add-oauth2-oidc-corporate-authentication-to-backend
@mjabascal10
feat(oauth2): implement enterprise version handling for identity prov…
d7076b4 
…iders

Signed-off-by: Manuel Abascal <mjabascal10@gmail.com>
Base automatically changed from release/v11 to v11 November 20, 2025 20:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@mjabascal10 @yllada @osmontero @AlexSanchez-bit @Kbayero @JocLRojas