Add support to ExternalJWT Auth for external user linking

2016-10-27 15:34:03 -04:00 · 2016-10-27 15:34:03 -04:00 · fbb524e34e
commit fbb524e34e
parent f9ee8d2bef
5 changed files with 268 additions and 41 deletions
--- a/static/directives/config/config-setup-tool.html
+++ b/static/directives/config/config-setup-tool.html
@ -573,20 +573,6 @@
        </div>

        <table class="config-table" ng-if="config.AUTHENTICATION_TYPE == 'JWT'">
-          <tr>
-            <td>User Verification Endpoint:</td>
-            <td>
-              <span class="config-string-field" binding="config.JWT_VERIFY_ENDPOINT"
-                    pattern="http(s)?://.+"></span>
-              <div class="help-text">
-              The URL (starting with http or https) on the JWT authentication server for verifying username and password credentials.
-              </div>
-
-              <div class="help-text" style="margin-top: 6px;">
-              Credentials will be sent in the <code>Authorization</code> header as Basic Auth, and this endpoint should return <code>200 OK</code> on success (or a <code>4**</code> otherwise).
-              </div>
-            </td>
-          </tr>
          <tr>
            <td>Authentication Issuer:</td>
            <td>
@ -606,6 +592,50 @@
              </div
            </td>
          </tr>
+          <tr>
+            <td>User Verification Endpoint:</td>
+            <td>
+              <span class="config-string-field" binding="config.JWT_VERIFY_ENDPOINT"
+                    pattern="http(s)?://.+"></span>
+              <div class="help-text">
+              The URL (starting with http or https) on the JWT authentication server for verifying username and password credentials.
+              </div>
+
+              <div class="help-text" style="margin-top: 6px;">
+              Credentials will be sent in the <code>Authorization</code> header as Basic Auth, and this endpoint should return <code>200 OK</code> on success (or a <code>4**</code> otherwise).
+              </div>
+            </td>
+          </tr>
+          <tr>
+            <td>User Query Endpoint:</td>
+            <td>
+              <span class="config-string-field" binding="config.JWT_QUERY_ENDPOINT"
+                    pattern="http(s)?://.+" is-optional="true"></span>
+              <div class="help-text">
+              The URL (starting with http or https) on the JWT authentication server for looking up
+              users based on a prefix query. This is optional.
+              </div>
+
+              <div class="help-text" style="margin-top: 6px;">
+              The prefix query will be sent as a query parameter with name <code>query</code>.
+              </div>
+            </td>
+          </tr>
+          <tr>
+            <td>User Lookup Endpoint:</td>
+            <td>
+              <span class="config-string-field" binding="config.JWT_GETUSER_ENDPOINT"
+                    pattern="http(s)?://.+" is-optional="true"></span>
+              <div class="help-text">
+              The URL (starting with http or https) on the JWT authentication server for looking up
+              a user by username or email address.
+              </div>
+
+              <div class="help-text" style="margin-top: 6px;">
+              The username or email address will be sent as a query parameter with name <code>username</code>.
+              </div>
+            </td>
+          </tr>
        </table>

        <!-- LDAP Authentication -->