Package jetbrains.buildServer.serverSide.oauth

Class OAuthProvider

    • Constructor Detail

      • OAuthProvider

        public OAuthProvider()

    • Method Detail

      • describeConnection

        @NotNull
public String describeConnection​(@NotNull
                                 OAuthConnectionDescriptor connection)
        Returns:
        human friendly description of OAuth connection

      • describeConnectionForUI

        @NotNull
public String describeConnectionForUI​(@NotNull
                                      OAuthConnectionDescriptor connection)
        Will be combined with getAdditionalUIConnectionDescription return value
        Parameters:
        connection -
        Returns:
        Description of OAuth connection for ui

      • getAdditionalUIConnectionDescription

        @NotNull
public String getAdditionalUIConnectionDescription​(@NotNull
                                                   OAuthConnectionDescriptor connection)
        Will not be escaped, and so should not include any unvalidated user input
        Parameters:
        connection -
        Returns:
        Additional description for ui

      • getTokenStorageId

        @NotNull
public String getTokenStorageId​(@NotNull
                                OAuthConnectionDescriptor connection)
        Returns an id of the token storage used by connection. Depending on the connection type multiple connections can use the same token storage. In case of OAuth2 apps, this id may be based on the client/application id of the OAuth2 app configured in a third party system.
        Parameters:
        connection - descriptor
        Returns:
        token storage id

      • buildCompoundTokenStorageId

        @NotNull
protected String buildCompoundTokenStorageId​(@NotNull
                                             String prefix,
                                             @NotNull
                                             String suffix)

      • getPropertiesProcessor

        @Nullable
public PropertiesProcessor getPropertiesProcessor()
        Specified by:
        getPropertiesProcessor in interface ConnectionProvider
        Returns:
        processor for connection provider parameters. Properties processor performs validation function and is called when connection is edited or created.

      • getDefaultProperties

        @Nullable
public Map<String,​String> getDefaultProperties()
        Specified by:
        getDefaultProperties in interface ConnectionProvider
        Returns:
        all default parameters related to this ConnectionProvider. Defaults for all possible parameter names.

      • isTokenRefreshSupported

        public boolean isTokenRefreshSupported()

      • getTokenPopupPath

        public String getTokenPopupPath()

      • isAcquiringTokenSupported

        public boolean isAcquiringTokenSupported()
        Whether acquiring tokens is supported for this provider. See also: JSP Tag oauth:obtainToken
        Returns:
        true, if supported
        Since:
        2023.05

      • isAcquiringTokenSupportedForConnection

        public boolean isAcquiringTokenSupportedForConnection​(@NotNull
                                                      OAuthConnectionDescriptor connection)
        Whether acquiring tokens is supported using this connection in particular. Defaults to isAcquiringTokenSupported(). See also: JSP Tag oauth:obtainToken
        Parameters:
        connection - the connection in question
        Returns:
        true, if supported
        Since:
        2023.09

      • isSuitableToken

        public boolean isSuitableToken​(@NotNull
                               OAuthToken token,
                               @NotNull
                               TokenIntent intent)

      • getScopeForIntent

        @Nullable
public String getScopeForIntent​(@NotNull
                                OAuthConnectionDescriptor connection,
                                @NotNull
                                TokenIntent intent)
        Returns the provider-specific OAuth scope to request for the given token intent.
        Parameters:
        connection - the connection to be used for issuing the token
        intent - the intended token usage
        Returns:
        specific OAuth scope, if any
        Since:
        2024.03

      • isCapabilitiesSupported

        public boolean isCapabilitiesSupported()
        Whether this provider supports resolving of ConnectionCapability for individual connections.
        Returns:
        true if supported
        Since:
        2023.07

      • isCapabilitiesEnabledForProject

        public boolean isCapabilitiesEnabledForProject​(@NotNull
                                               SProject project)
        Whether capabilities (if supported) are enabled in the scope of the given project.
        Parameters:
        project - project scope
        Returns:
        true if enabled
        Since:
        2023.07

      • getCapabilitiesUrl

        @Nullable
public String getCapabilitiesUrl()
        Get the URL to rendering the dynamic description of a connection's capabilities. Can only be used if capabilities are supported by this provider.
        Returns:
        relative URL or null if not supported
        Since:
        2023.07

      • isAccessibleEntitiesSupported

        public boolean isAccessibleEntitiesSupported()
        Whether this provider supports the "accessible entities" field of the OAuthToken record.
        Returns:
        false, by default
        Since:
        2024.03

      • applyAccessibleEntities

        @NotNull
public OAuthToken applyAccessibleEntities​(@NotNull
                                          SUser user,
                                          @NotNull
                                          OAuthConnectionDescriptor connection,
                                          @NotNull
                                          OAuthToken token,
                                          @NotNull
                                          List<String> accessibleEntities)
        Apply the requested accessible entities restriction to the token. Unless this provider supports accessible entities, this is a no-op. See isAccessibleEntitiesSupported()
        Parameters:
        user - the current user
        connection - the connection used to issue the token
        token - the issued OAuth token
        accessibleEntities - the requested accessible entity restrictions
        Returns:
        the potentially altered token
        Since:
        2024.03

      • getProviderTypeForUniqueRedirect

        @NotNull
public String getProviderTypeForUniqueRedirect()
        Returns the provider type to be included in unique redirect URLs.
        Returns:
        URL-compatible provider type
        Since:
        2024.03
        See Also:
        isUniqueRedirectsSupported()

      • getFallbackRedirectPath

        @Nullable
public String getFallbackRedirectPath()
        Returns the path to be included in redirect URLs. Normally this should be the access token controller path. This will be used as a fallback if this provider does not support unique redirect URLs. This will be used as a fallback if a connection does not have a redirect ID parameter.
        Returns:
        a controller path starting with a slash
        Since:
        2024.03
        See Also:
        isUniqueRedirectsSupported()

      • getAccessibleEntitiesEndpoint

        @Nullable
public String getAccessibleEntitiesEndpoint()
        Get the relative endpoint URL to the provider-specific REST service to manage accessible entities. Such a service is only available if this provider supports accessible entities. See isAccessibleEntitiesSupported()
        Returns:
        a relative endpoint URL
        Since:
        2024.03

      • getTokenUsageParamsForVcsRoot

        @NotNull
public Map<String,​String> getTokenUsageParamsForVcsRoot​(@NotNull
                                                              OAuthConnectionDescriptor connection,
                                                              @NotNull
                                                              OAuthToken token)
        Returns the necessary parameters for usage of the provided token for authentication in a SVcsRoot. By default, this provides the following values:
        oauthUsername
        OauthToken#getOauthLogin
        tokenType
        refreshable (if refreshable tokens are enabled)
        Parameters:
        connection - the token's connection
        token - the token to be potentially used on a VCS root
        Returns:
        mutable map of parameters
        Since:
        2024.07