adding endpoint to get provider id for org slug

selfcontained · selfcontained · commit f51fef7b3662 · 2023-03-27T21:37:58.000Z
diff --git a/components/dashboard/src/login/SSOLoginForm.tsx b/components/dashboard/src/login/SSOLoginForm.tsx
@@ -6,21 +6,23 @@
 
 import { useMutation } from "@tanstack/react-query";
 import { FC, useCallback, useState } from "react";
+import Alert from "../components/Alert";
 import { Button } from "../components/Button";
 import { TextInputField } from "../components/forms/TextInputField";
+import { getGitpodService } from "../service/service";
 
 export const SSOLoginForm: FC = () => {
     const [orgSlug, setOrgSlug] = useState("");
+    const [error, setError] = useState("");
+
     // TODO: remove this
     const [loginUrl, setLoginUrl] = useState("");
 
     const exchangeSlug = useMutation({
         mutationFn: async ({ slug }: { slug: string }) => {
             // make api call to get provider id by slug
             // return provider id
-            await new Promise((resolve) => setTimeout(resolve, 2000));
-
-            return { id: "sample-id" };
+            return await getGitpodService().server.getSSOLoginID(slug);
         },
     });
 
@@ -29,10 +31,16 @@ export const SSOLoginForm: FC = () => {
             e.preventDefault();
 
             // make api call to get provider id by slug
-            const { id } = await exchangeSlug.mutateAsync({ slug: orgSlug });
+            const resp = await exchangeSlug.mutateAsync({ slug: orgSlug });
+            const loginId = resp?.id;
+
+            // No SSO configured for provided slug
+            if (!loginId) {
+                setError("It looks like SSO has not been configured for that organization.");
+            }
 
             // create sso login url with provider id
-            const loginUrl = `/oidc/start/?id=${id}`;
+            const loginUrl = `/oidc/start/?id=${loginId}`;
             setLoginUrl(loginUrl);
 
             // openAuthorize window for sso w/ login url
@@ -49,6 +57,7 @@ export const SSOLoginForm: FC = () => {
                     Continue with SSO
                 </Button>
                 {loginUrl && <p>{loginUrl}</p>}
+                {error && <Alert type="info">{error}</Alert>}
             </div>
         </form>
     );
diff --git a/components/gitpod-db/src/auth-provider-entry-db.ts b/components/gitpod-db/src/auth-provider-entry-db.ts
@@ -21,6 +21,7 @@ export interface AuthProviderEntryDB {
     findAllHosts(): Promise<string[]>;
     findByHost(host: string): Promise<AuthProviderEntry | undefined>;
     findById(id: string): Promise<AuthProviderEntry | undefined>;
+    findByOrgSlug(slug: string): Promise<AuthProviderEntry | undefined>;
     findByUserId(userId: string): Promise<AuthProviderEntry[]>;
     findByOrgId(organizationId: string): Promise<AuthProviderEntry[]>;
 }
diff --git a/components/gitpod-db/src/typeorm/auth-provider-entry-db-impl.ts b/components/gitpod-db/src/typeorm/auth-provider-entry-db-impl.ts
@@ -11,6 +11,7 @@ import { AuthProviderEntry } from "@gitpod/gitpod-protocol";
 import { AuthProviderEntryDB } from "../auth-provider-entry-db";
 import { DBAuthProviderEntry } from "./entity/db-auth-provider-entry";
 import { DBIdentity } from "./entity/db-identity";
+import { DBTeam } from "./entity/db-team";
 import { createHash } from "crypto";
 
 @injectable()
@@ -88,6 +89,17 @@ export class AuthProviderEntryDBImpl implements AuthProviderEntryDB {
         return repo.findOne(id);
     }
 
+    async findByOrgSlug(slug: string): Promise<AuthProviderEntry | undefined> {
+        const repo = await this.getAuthProviderRepo();
+        const query = repo
+            .createQueryBuilder("auth_provider")
+            .leftJoin(DBTeam, "organization", "organization.id = auth_provider.organizationId")
+            .where(`organization.slug = :slug`, { slug })
+            .andWhere("auth_provider.status = :status", { status: "verified" })
+            .andWhere("auth_provider.deleted != true");
+        return query.getOne();
+    }
+
     async findByUserId(ownerId: string): Promise<AuthProviderEntry[]> {
         const repo = await this.getAuthProviderRepo();
         const query = repo
diff --git a/components/gitpod-protocol/src/gitpod-service.ts b/components/gitpod-protocol/src/gitpod-service.ts
@@ -98,6 +98,7 @@ export interface GitpodServer extends JsonRpcServer<GitpodClient>, AdminServer,
     getConfiguration(): Promise<Configuration>;
     getToken(query: GitpodServer.GetTokenSearchOptions): Promise<Token | undefined>;
     getGitpodTokenScopes(tokenHash: string): Promise<string[]>;
+    getSSOLoginID(slug: string): Promise<{ id: string } | undefined>;
     /**
      * @deprecated
      */
diff --git a/components/server/src/auth/auth-provider-service.ts b/components/server/src/auth/auth-provider-service.ts
@@ -166,6 +166,11 @@ export class AuthProviderService {
         return await this.authProviderDB.storeAuthProvider(authProvider as AuthProviderEntry, true);
     }
 
+    // get org auth provider by slug
+    async getOrgAuthProviderBySlug(slug: string): Promise<AuthProviderEntry | undefined> {
+        return await this.authProviderDB.findByOrgSlug(slug);
+    }
+
     protected initializeNewProvider(newEntry: AuthProviderEntry.NewEntry): AuthProviderEntry {
         const { host, type, clientId, clientSecret } = newEntry;
         let urls;
diff --git a/components/server/src/auth/rate-limiter.ts b/components/server/src/auth/rate-limiter.ts
@@ -239,6 +239,7 @@ const defaultFunctions: FunctionsConfig = {
     updateWorkspaceTimeoutSetting: { group: "default", points: 1 },
     getIDToken: { group: "default", points: 1 },
     reportErrorBoundary: { group: "default", points: 1 },
+    getSSOLoginID: { group: "default", points: 1 },
 };
 
 function getConfig(config: RateLimiterConfig): RateLimiterConfig {
diff --git a/components/server/src/workspace/gitpod-server-impl.ts b/components/server/src/workspace/gitpod-server-impl.ts
@@ -609,6 +609,24 @@ export class GitpodServerImpl implements GitpodServerWithTracing, Disposable {
         return result;
     }
 
+    // TODO: Make a response type for this method
+    public async getSSOLoginID(ctx: TraceContext, slug: string): Promise<{ id: string } | undefined> {
+        // Lookup auth provider by org slug
+        if (!slug) {
+            throw new ResponseError(ErrorCodes.BAD_REQUEST, "slug must be provided");
+        }
+
+        // return id of auth provider as login id
+        const provider = await this.authProviderService.getOrgAuthProviderBySlug(slug);
+        if (!provider) {
+            return;
+        }
+
+        return {
+            id: provider.id,
+        };
+    }
+
     public async getConfiguration(ctx: TraceContext): Promise<Configuration> {
         return {
             garbageCollectionStartDate: this.config.workspaceGarbageCollection.startDate,

Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,7 @@ export interface AuthProviderEntryDB {`
`21`	`21`	`findAllHosts(): Promise<string[]>;`
`22`	`22`	`findByHost(host: string): Promise<AuthProviderEntry \| undefined>;`
`23`	`23`	`findById(id: string): Promise<AuthProviderEntry \| undefined>;`
	`24`	`+ findByOrgSlug(slug: string): Promise<AuthProviderEntry \| undefined>;`
`24`	`25`	`findByUserId(userId: string): Promise<AuthProviderEntry[]>;`
`25`	`26`	`findByOrgId(organizationId: string): Promise<AuthProviderEntry[]>;`
`26`	`27`	`}`