From ff250a202a0fd5926103407e347c2b24a73048b3 Mon Sep 17 00:00:00 2001
From: Chaim Lev-Ari <chiptus@users.noreply.github.com>
Date: Wed, 5 Aug 2020 13:13:23 +0300
Subject: [PATCH] feat(extensions): remove oauth extension (#4156)

* feat(oauth): remove oauth providers

* feat(extensions): remove references to oauth extension
---
 api/exec/extension.go                         |  7 +--
 api/http/proxy/factory/factory.go             |  5 +-
 api/portainer.go                              |  2 +-
 .../oauth-provider-selector-controller.js     | 33 ----------
 .../oauth-settings-controller.js              | 60 +------------------
 .../oauth-settings/oauth-settings.html        | 46 +++-----------
 6 files changed, 15 insertions(+), 138 deletions(-)

diff --git a/api/exec/extension.go b/api/exec/extension.go
index d70cd98bb..036cfc01a 100644
--- a/api/exec/extension.go
+++ b/api/exec/extension.go
@@ -26,9 +26,8 @@ var extensionDownloadBaseURL = portainer.AssetsServerURL + "/extensions/"
 var extensionVersionRegexp = regexp.MustCompile(`\d+(\.\d+)+`)
 
 var extensionBinaryMap = map[portainer.ExtensionID]string{
-	portainer.RegistryManagementExtension:  "extension-registry-management",
-	portainer.OAuthAuthenticationExtension: "extension-oauth-authentication",
-	portainer.RBACExtension:                "extension-rbac",
+	portainer.RegistryManagementExtension: "extension-registry-management",
+	portainer.RBACExtension:               "extension-rbac",
 }
 
 // ExtensionManager represents a service used to
@@ -114,8 +113,6 @@ func (manager *ExtensionManager) InstallExtension(extension *portainer.Extension
 	switch extension.ID {
 	case portainer.RegistryManagementExtension:
 		extension.Name = "Registry Manager"
-	case portainer.OAuthAuthenticationExtension:
-		extension.Name = "External Authentication"
 	case portainer.RBACExtension:
 		extension.Name = "Role-Based Access Control"
 	}
diff --git a/api/http/proxy/factory/factory.go b/api/http/proxy/factory/factory.go
index e3e4c1e3b..3068a8cea 100644
--- a/api/http/proxy/factory/factory.go
+++ b/api/http/proxy/factory/factory.go
@@ -17,9 +17,8 @@ import (
 const azureAPIBaseURL = "https://management.azure.com"
 
 var extensionPorts = map[portainer.ExtensionID]string{
-	portainer.RegistryManagementExtension:  "7001",
-	portainer.OAuthAuthenticationExtension: "7002",
-	portainer.RBACExtension:                "7003",
+	portainer.RegistryManagementExtension: "7001",
+	portainer.RBACExtension:               "7003",
 }
 
 type (
diff --git a/api/portainer.go b/api/portainer.go
index 4226bb778..b87666e17 100644
--- a/api/portainer.go
+++ b/api/portainer.go
@@ -1257,7 +1257,7 @@ const (
 	_ ExtensionID = iota
 	// RegistryManagementExtension represents the registry management extension
 	RegistryManagementExtension
-	// OAuthAuthenticationExtension represents the OAuth authentication extension
+	// OAuthAuthenticationExtension represents the OAuth authentication extension (Deprecated)
 	OAuthAuthenticationExtension
 	// RBACExtension represents the RBAC extension
 	RBACExtension
diff --git a/app/portainer/oauth/components/oauth-providers-selector/oauth-provider-selector-controller.js b/app/portainer/oauth/components/oauth-providers-selector/oauth-provider-selector-controller.js
index 6d7afc099..32a527120 100644
--- a/app/portainer/oauth/components/oauth-providers-selector/oauth-provider-selector-controller.js
+++ b/app/portainer/oauth/components/oauth-providers-selector/oauth-provider-selector-controller.js
@@ -2,39 +2,6 @@ angular.module('portainer.oauth').controller('OAuthProviderSelectorController',
   var ctrl = this;
 
   this.providers = [
-    {
-      authUrl: 'https://login.microsoftonline.com/TENANT_ID/oauth2/authorize',
-      accessTokenUrl: 'https://login.microsoftonline.com/TENANT_ID/oauth2/token',
-      resourceUrl: 'https://graph.windows.net/TENANT_ID/me?api-version=2013-11-08',
-      userIdentifier: 'userPrincipalName',
-      scopes: 'id,email,name',
-      name: 'microsoft',
-      label: 'Microsoft',
-      description: 'Microsoft OAuth provider',
-      icon: 'fab fa-microsoft',
-    },
-    {
-      authUrl: 'https://accounts.google.com/o/oauth2/auth',
-      accessTokenUrl: 'https://accounts.google.com/o/oauth2/token',
-      resourceUrl: 'https://www.googleapis.com/oauth2/v1/userinfo?alt=json',
-      userIdentifier: 'email',
-      scopes: 'profile email',
-      name: 'google',
-      label: 'Google',
-      description: 'Google OAuth provider',
-      icon: 'fab fa-google',
-    },
-    {
-      authUrl: 'https://github.com/login/oauth/authorize',
-      accessTokenUrl: 'https://github.com/login/oauth/access_token',
-      resourceUrl: 'https://api.github.com/user',
-      userIdentifier: 'login',
-      scopes: 'id email name',
-      name: 'github',
-      label: 'Github',
-      description: 'Github OAuth provider',
-      icon: 'fab fa-github',
-    },
     {
       authUrl: '',
       accessTokenUrl: '',
diff --git a/app/portainer/oauth/components/oauth-settings/oauth-settings-controller.js b/app/portainer/oauth/components/oauth-settings/oauth-settings-controller.js
index ba1424956..84b8634f9 100644
--- a/app/portainer/oauth/components/oauth-settings/oauth-settings-controller.js
+++ b/app/portainer/oauth/components/oauth-settings/oauth-settings-controller.js
@@ -1,75 +1,19 @@
-import _ from 'lodash-es';
-
 angular.module('portainer.oauth').controller('OAuthSettingsController', function OAuthSettingsController() {
   var ctrl = this;
 
   this.state = {
     provider: {},
-    overrideConfiguration: false,
-    microsoftTenantID: '',
   };
 
-  this.$onInit = onInit;
-  this.onSelectProvider = onSelectProvider;
-  this.onMicrosoftTenantIDChange = onMicrosoftTenantIDChange;
-  this.useDefaultProviderConfiguration = useDefaultProviderConfiguration;
+  this.$onInit = $onInit;
 
-  function onMicrosoftTenantIDChange() {
-    var tenantID = ctrl.state.microsoftTenantID;
-
-    ctrl.settings.AuthorizationURI = _.replace('https://login.microsoftonline.com/TENANT_ID/oauth2/authorize', 'TENANT_ID', tenantID);
-    ctrl.settings.AccessTokenURI = _.replace('https://login.microsoftonline.com/TENANT_ID/oauth2/token', 'TENANT_ID', tenantID);
-    ctrl.settings.ResourceURI = _.replace('https://graph.windows.net/TENANT_ID/me?api-version=2013-11-08', 'TENANT_ID', tenantID);
-  }
-
-  function useDefaultProviderConfiguration() {
-    ctrl.settings.AuthorizationURI = ctrl.state.provider.authUrl;
-    ctrl.settings.AccessTokenURI = ctrl.state.provider.accessTokenUrl;
-    ctrl.settings.ResourceURI = ctrl.state.provider.resourceUrl;
-    ctrl.settings.UserIdentifier = ctrl.state.provider.userIdentifier;
-    ctrl.settings.Scopes = ctrl.state.provider.scopes;
-
-    if (ctrl.state.provider.name === 'microsoft' && ctrl.state.microsoftTenantID !== '') {
-      onMicrosoftTenantIDChange();
-    }
-  }
-
-  function useExistingConfiguration() {
-    var provider = ctrl.state.provider;
-    ctrl.settings.AuthorizationURI = ctrl.settings.AuthorizationURI === '' ? provider.authUrl : ctrl.settings.AuthorizationURI;
-    ctrl.settings.AccessTokenURI = ctrl.settings.AccessTokenURI === '' ? provider.accessTokenUrl : ctrl.settings.AccessTokenURI;
-    ctrl.settings.ResourceURI = ctrl.settings.ResourceURI === '' ? provider.resourceUrl : ctrl.settings.ResourceURI;
-    ctrl.settings.UserIdentifier = ctrl.settings.UserIdentifier === '' ? provider.userIdentifier : ctrl.settings.UserIdentifier;
-    ctrl.settings.Scopes = ctrl.settings.Scopes === '' ? provider.scopes : ctrl.settings.Scopes;
-
-    if (provider.name === 'microsoft' && ctrl.state.microsoftTenantID !== '') {
-      onMicrosoftTenantIDChange();
-    }
-  }
-
-  function onSelectProvider(provider, overrideConfiguration) {
-    ctrl.state.provider = provider;
-
-    if (overrideConfiguration) {
-      useDefaultProviderConfiguration();
-    } else {
-      useExistingConfiguration();
-    }
-  }
-
-  function onInit() {
+  function $onInit() {
     if (ctrl.settings.RedirectURI === '') {
       ctrl.settings.RedirectURI = window.location.origin;
     }
 
     if (ctrl.settings.AuthorizationURI !== '') {
       ctrl.state.provider.authUrl = ctrl.settings.AuthorizationURI;
-
-      if (ctrl.settings.AuthorizationURI.indexOf('login.microsoftonline.com') > -1) {
-        var tenantID = ctrl.settings.AuthorizationURI.match(/login.microsoftonline.com\/(.*?)\//)[1];
-        ctrl.state.microsoftTenantID = tenantID;
-        onMicrosoftTenantIDChange();
-      }
     }
   }
 });
diff --git a/app/portainer/oauth/components/oauth-settings/oauth-settings.html b/app/portainer/oauth/components/oauth-settings/oauth-settings.html
index 0050835e9..f6703c812 100644
--- a/app/portainer/oauth/components/oauth-settings/oauth-settings.html
+++ b/app/portainer/oauth/components/oauth-settings/oauth-settings.html
@@ -39,30 +39,11 @@
     </div>
   </div>
 
-  <oauth-providers-selector on-select="($ctrl.onSelectProvider)" provider="$ctrl.state.provider"></oauth-providers-selector>
-
   <div class="col-sm-12 form-section-title">OAuth Configuration</div>
 
-  <div class="form-group" ng-if="$ctrl.state.provider.name == 'microsoft'">
-    <label for="oauth_microsoft_tenant_id" class="col-sm-3 col-lg-2 control-label text-left">
-      Tenant ID
-      <portainer-tooltip position="bottom" message="ID of the Azure Directory you wish to authenticate against. Also known as the Directory ID"></portainer-tooltip>
-    </label>
-    <div class="col-sm-9 col-lg-10">
-      <input
-        type="text"
-        class="form-control"
-        id="oauth_microsoft_tenant_id"
-        placeholder="xxxxxxxxxxxxxxxxxxxx"
-        ng-model="$ctrl.state.microsoftTenantID"
-        ng-change="$ctrl.onMicrosoftTenantIDChange()"
-      />
-    </div>
-  </div>
-
   <div class="form-group">
     <label for="oauth_client_id" class="col-sm-3 col-lg-2 control-label text-left">
-      {{ $ctrl.state.provider.name == 'microsoft' ? 'Application ID' : 'Client ID' }}
+      Client ID
       <portainer-tooltip position="bottom" message="Public identifier of the OAuth application"></portainer-tooltip>
     </label>
     <div class="col-sm-9 col-lg-10">
@@ -72,14 +53,14 @@
 
   <div class="form-group">
     <label for="oauth_client_secret" class="col-sm-3 col-lg-2 control-label text-left">
-      {{ $ctrl.state.provider.name == 'microsoft' ? 'Application key' : 'Client secret' }}
+      Client secret
     </label>
     <div class="col-sm-9 col-lg-10">
       <input type="password" class="form-control" id="oauth_client_secret" ng-model="$ctrl.settings.ClientSecret" placeholder="xxxxxxxxxxxxxxxxxxxx" />
     </div>
   </div>
 
-  <div class="form-group" ng-if="$ctrl.state.provider.name == 'custom' || $ctrl.state.overrideConfiguration">
+  <div class="form-group">
     <label for="oauth_authorization_uri" class="col-sm-3 col-lg-2 control-label text-left">
       Authorization URL
       <portainer-tooltip
@@ -92,7 +73,7 @@
     </div>
   </div>
 
-  <div class="form-group" ng-if="$ctrl.state.provider.name == 'custom' || $ctrl.state.overrideConfiguration">
+  <div class="form-group">
     <label for="oauth_access_token_uri" class="col-sm-3 col-lg-2 control-label text-left">
       Access token URL
       <portainer-tooltip position="bottom" message="URL used by Portainer to exchange a valid OAuth authentication code for an access token"></portainer-tooltip>
@@ -102,7 +83,7 @@
     </div>
   </div>
 
-  <div class="form-group" ng-if="$ctrl.state.provider.name == 'custom' || $ctrl.state.overrideConfiguration">
+  <div class="form-group">
     <label for="oauth_resource_uri" class="col-sm-3 col-lg-2 control-label text-left">
       Resource URL
       <portainer-tooltip position="bottom" message="URL used by Portainer to retrieve information about the authenticated user"></portainer-tooltip>
@@ -112,7 +93,7 @@
     </div>
   </div>
 
-  <div class="form-group" ng-if="$ctrl.state.provider.name == 'custom' || $ctrl.state.overrideConfiguration">
+  <div class="form-group">
     <label for="oauth_redirect_uri" class="col-sm-3 col-lg-2 control-label text-left">
       Redirect URL
       <portainer-tooltip
@@ -125,7 +106,7 @@
     </div>
   </div>
 
-  <div class="form-group" ng-if="$ctrl.state.provider.name == 'custom' || $ctrl.state.overrideConfiguration">
+  <div class="form-group">
     <label for="oauth_user_identifier" class="col-sm-3 col-lg-2 control-label text-left">
       User identifier
       <portainer-tooltip
@@ -138,7 +119,7 @@
     </div>
   </div>
 
-  <div class="form-group" ng-if="$ctrl.state.provider.name == 'custom' || $ctrl.state.overrideConfiguration">
+  <div class="form-group">
     <label for="oauth_scopes" class="col-sm-3 col-lg-2 control-label text-left">
       Scopes
       <portainer-tooltip
@@ -150,15 +131,4 @@
       <input type="text" class="form-control" id="oauth_scopes" ng-model="$ctrl.settings.Scopes" placeholder="id,email,name" />
     </div>
   </div>
-
-  <div class="form-group" ng-if="$ctrl.state.provider.name != 'custom'">
-    <div class="col-sm-12">
-      <a class="small interactive" ng-if="!$ctrl.state.overrideConfiguration" ng-click="$ctrl.state.overrideConfiguration = true;">
-        <i class="fa fa-wrench space-right" aria-hidden="true"></i> Override default configuration
-      </a>
-      <a class="small interactive" ng-if="$ctrl.state.overrideConfiguration" ng-click="$ctrl.state.overrideConfiguration = false; $ctrl.useDefaultProviderConfiguration()">
-        <i class="fa fa-cogs space-right" aria-hidden="true"></i> Use default configuration
-      </a>
-    </div>
-  </div>
 </div>