feat(server,web): OIDC Implementation (#884)

* chore: merge

* feat: nullable password

* feat: server debugger

* chore: regenerate api

* feat: auto-register flag

* refactor: oauth endpoints

* chore: regenerate api

* fix: default scope configuration

* refactor: pass in redirect uri from client

* chore: docs

* fix: bugs

* refactor: auth services and user repository

* fix: select password

* fix: tests

* fix: get signing algorithm from discovery document

* refactor: cookie constants

* feat: oauth logout

* test: auth services

* fix: query param check

* fix: regenerate open-api

mobile/openapi/lib/model/logout_response_dto.dart

@@ -14,25 +14,31 @@ class LogoutResponseDto {
   /// Returns a new [LogoutResponseDto] instance.
   LogoutResponseDto({
     required this.successful,
+    required this.redirectUri,
   });
 
   bool successful;
 
+  String redirectUri;
+
   @override
   bool operator ==(Object other) => identical(this, other) || other is LogoutResponseDto &&
-     other.successful == successful;
+     other.successful == successful &&
+     other.redirectUri == redirectUri;
 
   @override
   int get hashCode =>
     // ignore: unnecessary_parenthesis
-    (successful.hashCode);
+    (successful.hashCode) +
+    (redirectUri.hashCode);
 
   @override
-  String toString() => 'LogoutResponseDto[successful=$successful]';
+  String toString() => 'LogoutResponseDto[successful=$successful, redirectUri=$redirectUri]';
 
   Map<String, dynamic> toJson() {
     final _json = <String, dynamic>{};
       _json[r'successful'] = successful;
+      _json[r'redirectUri'] = redirectUri;
     return _json;
   }
 
@@ -56,6 +62,7 @@ class LogoutResponseDto {
 
       return LogoutResponseDto(
         successful: mapValueOfType<bool>(json, r'successful')!,
+        redirectUri: mapValueOfType<String>(json, r'redirectUri')!,
       );
     }
     return null;
@@ -106,6 +113,7 @@ class LogoutResponseDto {
   /// The list of required keys that must be present in a JSON.
   static const requiredKeys = <String>{
     'successful',
+    'redirectUri',
   };
 }
 

mobile/openapi/lib/model/o_auth_callback_dto.dart

@@ -0,0 +1,111 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.12
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class OAuthCallbackDto {
+  /// Returns a new [OAuthCallbackDto] instance.
+  OAuthCallbackDto({
+    required this.url,
+  });
+
+  String url;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is OAuthCallbackDto &&
+     other.url == url;
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (url.hashCode);
+
+  @override
+  String toString() => 'OAuthCallbackDto[url=$url]';
+
+  Map<String, dynamic> toJson() {
+    final _json = <String, dynamic>{};
+      _json[r'url'] = url;
+    return _json;
+  }
+
+  /// Returns a new [OAuthCallbackDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static OAuthCallbackDto? fromJson(dynamic value) {
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      // Ensure that the map contains the required keys.
+      // Note 1: the values aren't checked for validity beyond being non-null.
+      // Note 2: this code is stripped in release mode!
+      assert(() {
+        requiredKeys.forEach((key) {
+          assert(json.containsKey(key), 'Required key "OAuthCallbackDto[$key]" is missing from JSON.');
+          assert(json[key] != null, 'Required key "OAuthCallbackDto[$key]" has a null value in JSON.');
+        });
+        return true;
+      }());
+
+      return OAuthCallbackDto(
+        url: mapValueOfType<String>(json, r'url')!,
+      );
+    }
+    return null;
+  }
+
+  static List<OAuthCallbackDto>? listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <OAuthCallbackDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = OAuthCallbackDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, OAuthCallbackDto> mapFromJson(dynamic json) {
+    final map = <String, OAuthCallbackDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = OAuthCallbackDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of OAuthCallbackDto-objects as value to a dart map
+  static Map<String, List<OAuthCallbackDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<OAuthCallbackDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = OAuthCallbackDto.listFromJson(entry.value, growable: growable,);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'url',
+  };
+}
+

mobile/openapi/lib/model/o_auth_config_dto.dart

@@ -0,0 +1,111 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.12
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class OAuthConfigDto {
+  /// Returns a new [OAuthConfigDto] instance.
+  OAuthConfigDto({
+    required this.redirectUri,
+  });
+
+  String redirectUri;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is OAuthConfigDto &&
+     other.redirectUri == redirectUri;
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (redirectUri.hashCode);
+
+  @override
+  String toString() => 'OAuthConfigDto[redirectUri=$redirectUri]';
+
+  Map<String, dynamic> toJson() {
+    final _json = <String, dynamic>{};
+      _json[r'redirectUri'] = redirectUri;
+    return _json;
+  }
+
+  /// Returns a new [OAuthConfigDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static OAuthConfigDto? fromJson(dynamic value) {
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      // Ensure that the map contains the required keys.
+      // Note 1: the values aren't checked for validity beyond being non-null.
+      // Note 2: this code is stripped in release mode!
+      assert(() {
+        requiredKeys.forEach((key) {
+          assert(json.containsKey(key), 'Required key "OAuthConfigDto[$key]" is missing from JSON.');
+          assert(json[key] != null, 'Required key "OAuthConfigDto[$key]" has a null value in JSON.');
+        });
+        return true;
+      }());
+
+      return OAuthConfigDto(
+        redirectUri: mapValueOfType<String>(json, r'redirectUri')!,
+      );
+    }
+    return null;
+  }
+
+  static List<OAuthConfigDto>? listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <OAuthConfigDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = OAuthConfigDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, OAuthConfigDto> mapFromJson(dynamic json) {
+    final map = <String, OAuthConfigDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = OAuthConfigDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of OAuthConfigDto-objects as value to a dart map
+  static Map<String, List<OAuthConfigDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<OAuthConfigDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = OAuthConfigDto.listFromJson(entry.value, growable: growable,);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'redirectUri',
+  };
+}
+

mobile/openapi/lib/model/o_auth_config_response_dto.dart

@@ -0,0 +1,145 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.12
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class OAuthConfigResponseDto {
+  /// Returns a new [OAuthConfigResponseDto] instance.
+  OAuthConfigResponseDto({
+    required this.enabled,
+    this.url,
+    this.buttonText,
+  });
+
+  bool enabled;
+
+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  String? url;
+
+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  String? buttonText;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is OAuthConfigResponseDto &&
+     other.enabled == enabled &&
+     other.url == url &&
+     other.buttonText == buttonText;
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (enabled.hashCode) +
+    (url == null ? 0 : url!.hashCode) +
+    (buttonText == null ? 0 : buttonText!.hashCode);
+
+  @override
+  String toString() => 'OAuthConfigResponseDto[enabled=$enabled, url=$url, buttonText=$buttonText]';
+
+  Map<String, dynamic> toJson() {
+    final _json = <String, dynamic>{};
+      _json[r'enabled'] = enabled;
+    if (url != null) {
+      _json[r'url'] = url;
+    } else {
+      _json[r'url'] = null;
+    }
+    if (buttonText != null) {
+      _json[r'buttonText'] = buttonText;
+    } else {
+      _json[r'buttonText'] = null;
+    }
+    return _json;
+  }
+
+  /// Returns a new [OAuthConfigResponseDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static OAuthConfigResponseDto? fromJson(dynamic value) {
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      // Ensure that the map contains the required keys.
+      // Note 1: the values aren't checked for validity beyond being non-null.
+      // Note 2: this code is stripped in release mode!
+      assert(() {
+        requiredKeys.forEach((key) {
+          assert(json.containsKey(key), 'Required key "OAuthConfigResponseDto[$key]" is missing from JSON.');
+          assert(json[key] != null, 'Required key "OAuthConfigResponseDto[$key]" has a null value in JSON.');
+        });
+        return true;
+      }());
+
+      return OAuthConfigResponseDto(
+        enabled: mapValueOfType<bool>(json, r'enabled')!,
+        url: mapValueOfType<String>(json, r'url'),
+        buttonText: mapValueOfType<String>(json, r'buttonText'),
+      );
+    }
+    return null;
+  }
+
+  static List<OAuthConfigResponseDto>? listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <OAuthConfigResponseDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = OAuthConfigResponseDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, OAuthConfigResponseDto> mapFromJson(dynamic json) {
+    final map = <String, OAuthConfigResponseDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = OAuthConfigResponseDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of OAuthConfigResponseDto-objects as value to a dart map
+  static Map<String, List<OAuthConfigResponseDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<OAuthConfigResponseDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = OAuthConfigResponseDto.listFromJson(entry.value, growable: growable,);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'enabled',
+  };
+}
+