WIP: front-end form for openid configuration

app/frontend/src/javascript/api/auth-provider.ts

@@ -0,0 +1,31 @@
+import { AuthenticationProvider } from '../models/authentication-provider';
+import { AxiosResponse } from 'axios';
+import apiClient from './clients/api-client';
+
+export default class AuthProviderAPI {
+  static async index (): Promise<Array<AuthenticationProvider>> {
+    const res: AxiosResponse<Array<AuthenticationProvider>> = await apiClient.get('/api/auth_providers');
+    return res?.data;
+  }
+
+  static async get (id: number): Promise<AuthenticationProvider> {
+    const res: AxiosResponse<AuthenticationProvider> = await apiClient.get(`/api/auth_providers/${id}`);
+    return res?.data;
+  }
+
+  static async create (authProvider: AuthenticationProvider): Promise<AuthenticationProvider> {
+    const res: AxiosResponse<AuthenticationProvider> = await apiClient.post('/api/auth_providers', authProvider);
+    return res?.data;
+  }
+
+  static async update (authProvider: AuthenticationProvider): Promise<AuthenticationProvider> {
+    const res: AxiosResponse<AuthenticationProvider> = await apiClient.put(`/api/auth_providers/${authProvider.id}`, authProvider);
+    return res?.data;
+  }
+
+  static async delete (id: number): Promise<void> {
+    await apiClient.delete(`/api/auth_providers/${id}`);
+  }
+
+  static async mappingFields(): Promise<>
+}

app/frontend/src/javascript/components/authentication-provider/provider-form.tsx

@@ -0,0 +1,27 @@
+import React from 'react';
+import { useForm, SubmitHandler } from 'react-hook-form';
+import { AuthenticationProvider } from '../../models/authentication-provider';
+
+interface ProviderFormProps {
+  provider?: AuthenticationProvider,
+  onError: (message: string) => void,
+  onSuccess: (message: string) => void,
+}
+
+export const ProviderForm: React.FC<ProviderFormProps> = ({ provider, onError, onSuccess }) => {
+  const { handleSubmit } = useForm<AuthenticationProvider>({ defaultValues: { ...provider } });
+
+  const onSubmit: SubmitHandler<AuthenticationProvider> = (data: AuthenticationProvider) => {
+    if (data) {
+      onSuccess('Provider created successfully');
+    } else {
+      onError('Failed to created provider');
+    }
+  };
+
+  return (
+    <form className="provider-form" onSubmit={handleSubmit(onSubmit)}>
+
+    </form>
+  );
+};

app/frontend/src/javascript/models/authentication-provider.ts

@@ -0,0 +1,68 @@
+export interface AuthenticationProvider {
+  id?: number,
+  name: string,
+  status: 'active' | 'previous' | 'pending'
+  providable_type: 'DatabaseProvider' | 'OAuth2Provider' | 'OpenIdConnectProvider',
+  strategy_name: string
+  auth_provider_mappings_attributes: Array<AuthenticationProviderMapping>,
+  providable_attributes?: OAuth2Provider | OpenIdConnectProvider
+}
+
+export interface AuthenticationProviderMapping {
+  id?: number,
+  local_model: 'user' | 'profile',
+  local_field: string,
+  api_field: string,
+  api_endpoint: string,
+  api_data_type: 'json',
+  transformation: {
+    type: 'string' | 'text' | 'date' | 'integer' | 'boolean',
+    format: 'iso8601' | 'rfc2822' | 'rfc3339' | 'timestamp-s' | 'timestamp-ms',
+    true_value: string,
+    false_value: string,
+    mapping: {
+      from: string,
+      to: number
+    }
+  }
+}
+
+export interface OAuth2Provider {
+  id?: string,
+  base_url: string,
+  token_endpoint: string,
+  authorization_endpoint: string,
+  profile_url: string,
+  client_id: string,
+  client_secret: string,
+  scopes: string
+}
+
+export interface OpenIdConnectProvider {
+  id?: string,
+  issuer: string,
+  discovery: boolean,
+  client_auth_method?: string,
+  scope?: string,
+  response_type?: 'code' | 'id_token',
+  response_mode?: 'query' | 'fragment' | 'form_post' | 'web_message',
+  display?: 'page' | 'popup' | 'touch' | 'wap',
+  prompt?: 'none' | 'login' | 'consent' | 'select_account',
+  send_scope_to_token_endpoint?: string,
+  post_logout_redirect_uri?: string,
+  uid_field?: string,
+  extra_authorize_params?: string,
+  allow_authorize_params?: string,
+  client__identifier: string,
+  client__secret: string,
+  client__redirect_uri?: string,
+  client__scheme: 'http' | 'https',
+  client__host: string,
+  client__port: number,
+  client__authorization_endpoint?: string,
+  client__token_endpoint?: string,
+  client__userinfo_endpoint?: string,
+  client__jwks_uri?: string,
+  client__end_session_endpoint?: string,
+  profile_url?: string
+}

app/models/auth_provider.rb

@@ -13,7 +13,7 @@ class AuthProvider < ApplicationRecord
     end
   end
 
-  PROVIDABLE_TYPES = %w[DatabaseProvider OAuth2Provider].freeze
+  PROVIDABLE_TYPES = %w[DatabaseProvider OAuth2Provider OpenIdConnectProvider].freeze
 
   belongs_to :providable, polymorphic: true, dependent: :destroy
   accepts_nested_attributes_for :providable

app/models/open_id_connect_provider.rb

@@ -6,12 +6,11 @@ class OpenIdConnectProvider < ApplicationRecord
   has_one :auth_provider, as: :providable
 
   validates :issuer, presence: true
-  validates :client_identifier, presence: true
-  validates :client_secret, presence: true
-  validates :client_host, presence: true
-
-  validates :client_scheme, inclusion: { in: %w[http https] }
-  validates :client_port, numericality: { only_integer: true, greater_than: 0, less_than: 65_535 }
+  validates :client__identifier, presence: true
+  validates :client__secret, presence: true
+  validates :client__host, presence: true
+  validates :client__scheme, inclusion: { in: %w[http https] }
+  validates :client__port, numericality: { only_integer: true, greater_than: 0, less_than: 65_535 }
   validates :response_type, inclusion: { in: %w[code id_token], allow_nil: true }
   validates :response_mode, inclusion: { in: %w[query fragment form_post web_message], allow_nil: true }
   validates :display, inclusion: { in: %w[page popup touch wap], allow_nil: true }