Skip to content

Sign in with Microsoft #698

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 41 commits into
base: master
Choose a base branch
from
Open

Sign in with Microsoft #698

wants to merge 41 commits into from
+1,251 −49

Conversation

barna-isaac
Copy link
Contributor

This is still a work in progress. I've opened a PR because I wanted to see if the tests pass.

Pull Request Check List

  • Unit Tests & Regression Tests Added (Optional)
  • Removed Unnecessary Logs/System.Outs/Comments/TODOs
  • Added enough Logging to monitor expected behaviour change
  • Security - Injection - everything run by an interpreter (SQL, OS...) is either validated or escaped
  • Security - Data Exposure - PII is not stored or sent unencrypted
  • Security - Data Exposure - Test any altered or created endpoints using swagger
  • Security - Access Control - Check authorisation on every new endpoint
  • Security - New dependency - configured sensibly not relying on defaults
  • Security - New dependency - Searched for any know vulnerabilities
  • Security - New dependency - Signed up team to mailing list
  • Security - New dependency - Added to dependency list
  • DB schema changes - postgres-rutherford-create-script updated
  • DB schema changes - upgrade script created matching create script
  • Updated Release Procedure & Documentation (& Considered Implications to Previous Versions)
  • Peer-Reviewed

@barna-isaac
initial version, account linking confirmed working
cf6a2f5
@barna-isaac
get email address from token
4c858d0 
token will only contain this field if it's requested in scopes
@barna-isaac
verify token signature
be4b899 
this just checks that the token was signed using one of the keys listed
by the key server. still need to validate the token contents.
@barna-isaac
validate aud, iat, nbf, exp
28c0757
@codecov Codecov
Copy link

codecov bot commented May 30, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 84.92063% with 19 lines in your changes missing coverage. Please review.

Project coverage is 36.30%. Comparing base (57e4f2c) to head (6a5fac7).
Report is 18 commits behind head on master.

Files with missing lines Patch % Lines
.../cam/cl/dtg/segue/auth/MicrosoftAuthenticator.java 89.07% 11 Missing and 2 partials ⚠️
...e/configuration/SegueGuiceConfigurationModule.java 0.00% 6 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #698      +/-   ##
==========================================
+ Coverage   35.87%   36.30%   +0.42%     
==========================================
  Files         528      536       +8     
  Lines       23487    23723     +236     
  Branches     2850     2869      +19     
==========================================
+ Hits         8427     8613     +186     
- Misses      14198    14246      +48     
- Partials      862      864       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 2, 2025
View reviewed changes
src/test/java/uk/ac/cam/cl/dtg/segue/auth/MicrosoftAuthenticatorTest.java
}

public static class TestEmailClaim extends TestInvalidPayloadField {
String claim() {

Check notice

Code scanning / CodeQL

Missing Override annotation Note test

This method overrides
TestNonEmptyClaim.claim
Loading
; it is advisable to add an Override annotation.
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 4, 2025
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 5, 2025
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 6, 2025
View reviewed changes
barna-isaac added 13 commits June 9, 2025 16:24
@barna-isaac
use non-static cache
4ef6394 
Playing around with the server a little bit, I see lots of instances of
MicrosoftAuthenticator being created (and, interestingly, each log-in
request creates a new instance), but the instance being used is always
the same: the one that's been passed in to userAuthenticationManager,
which is a singleton. It's possible that my local app is uses less
threads than the live app, but even on the live app. However, because
the exchange and token access happen while serving the same request,
I think it's guaranteed that we only ever access the cache from within
the same thread.
@barna-isaac
cache jwks keys for an hour
78c7795
@barna-isaac
handle authentication code errors
54b49b2 
when an authentication code cannot be extracted from the callback,
return an error rather than just throwing 500
@barna-isaac
adjust test case name
9d9d4ef
@barna-isaac
Revert "adjust test case name"
8a0bdd4 
This reverts commit 9d9d4ef.
@barna-isaac
run shared test suite
e107116
@barna-isaac
test extractAuthCode
ef363aa
@barna-isaac
adjust error handling for getUserInfo
af724ab 
use our own exceptions, with our own messages. this way, we avoid
leaking potentially sensitive information to an attacker.
@barna-isaac
handle errors in constructor
bfc2703
@barna-isaac
stop requesting the offline_access scope
2e32a1a 
MSAL4J automatically requested this. A string-replace worked for
removing the scope from the authorization URL, but the `/token` endpoint
also needs scopes, and I didn't find an easy way to modify the behavior
of `.acquireToken`. I ended up just using the same lib used
 for Raspberry PI and Google authentication.
@barna-isaac
stop exposing code exchange errors
984d278
@barna-isaac
tests: valid token contains expiration
51ba006
@barna-isaac
use oid in place of sub
733f156
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 13, 2025
View reviewed changes
src/test/java/uk/ac/cam/cl/dtg/segue/auth/MicrosoftAuthenticatorTest.java
}

public static class TestOidClaim extends TestUUIDClaim {
String claim() {

Check notice

Code scanning / CodeQL

Missing Override annotation Note test

This method overrides
TestNonEmptyClaim.claim
Loading
; it is advisable to add an Override annotation.
src/test/java/uk/ac/cam/cl/dtg/segue/auth/MicrosoftAuthenticatorTest.java
}

public static class TestTidClaim extends TestUUIDClaim {
String claim() {

Check notice

Code scanning / CodeQL

Missing Override annotation Note test

This method overrides
TestNonEmptyClaim.claim
Loading
; it is advisable to add an Override annotation.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@barna-isaac