Skip to content

OAuth #628

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mewilker merged 35 commits into from
Jan 27, 2026
Merged

OAuth #628

mewilker merged 35 commits into from
Jan 27, 2026

Conversation

@mewilker
Copy link
Contributor

@mewilker mewilker commented Jan 20, 2026

Overview

This PR is an overhall of the authentication. Currently, we use CAS protocol to redirect students to the BYU sign-in. This change will use OAuth to authenticate and grab an identity token.

Details

  • Added Client Secret to startup arguments
  • Authetication now redirects to BYU's OpenID API endpoint

Testing

  • Added/updated unit tests
  • Tested edge cases
  • Manual testing (if needed)

Future Work

In order to reduce the number of changes to the code, the autograder will still make it's own tokens to call the authenticated endpoints. However, it may be a good idea to refactor and rely completely on the BYU granted tokens.

Additional Notes

Please ensure that you can use the new setup. I made big changes to the code here, and I want to make sure new devs can follow the instructions. Please comment if you feel there are additions to the documentation that would be helpful. I will not go through all the specifics: there is BYU documentation for that.

I have notifications for this change to go live on January 27th. Please try to have your feedback in before then.

@mewilker
startup now requires a client-id for oauth
e4dd20b
@mewilker
successfully retrieves an api token
e96329c 
however the authentication still will not work
@mewilker
add dummy to docker compose for client id
a645adb
@mewilker
pull openid data from the source and read the jwt token for identity
dab83ee
@mewilker
Rename CasController.java to RedirectController and updated documenta…
122ed07 
…tion
@mewilker
Rename CasService to Authentiaction Service as CAS protocol is no lon…
0fb9199 
…ger used. Updated documentation
@mewilker
fix documentation typo
f10d921
@mewilker
add logic for multiple keys
ff14d71
@mewilker
add documentation to getting-started.md
1bf1866
@mewilker
improve validation for AuthenticationService.java
9fdce15
@mewilker
move appropriate get request logic to NetworkUtils
f897f64
@mewilker
fix url encoding
72a3eba
@mewilker
throw unauthorized exception when the callback is not called with a c…
a89cdb9 
…ode and secure http cookie
@mewilker
remove unused code and improve documentation
54cc3d3
@mewilker
move the status code check into the function that makes the request
497119c
@mewilker
extract all possible networking logic
708838a
@mewilker
create AuthenticationService unit tests
47b5edc
@mewilker
add test for authorization url
f300702
@mewilker
fix not checking if cache time was above 0
4de5a34
@mewilker
create key pair helper functions for testing
b163302
@mewilker
fix readJWKs to not return anything
426d5cc
@mewilker
add helper function to generate token with given key
0dfe754
@mewilker
fix static issues introduced within JwtUtils
550ae2c
@mewilker
add unit tests to JwtUtils for multiple keys
580a62b
@mewilker
fix imports and redundant variables
68182dd
@mewilker mewilker requested a review from a team January 20, 2026 02:59
@mewilker mewilker self-assigned this Jan 20, 2026
ZakkeryDaRebel
ZakkeryDaRebel reviewed Jan 20, 2026
View reviewed changes
hkamm123
hkamm123 reviewed Jan 22, 2026
View reviewed changes
Maillman
Maillman reviewed Jan 22, 2026
View reviewed changes
Copy link
Contributor

@Maillman Maillman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work! I was able to run the autograder locally, and everything is working as it should! There are a couple of minor things I've noticed, and some suggestions for some parts of the code. But overall, this looks great!
Thanks, Makenna!!!

@mewilker
Copy link
Contributor Author

mewilker commented Jan 22, 2026

Thank you for the feedback @Maillman! Glad you were able to get it going. Do you have any complaints about the process of getting running on your machine?

@Maillman
Copy link
Contributor

Maillman commented Jan 23, 2026

@mewilker I don't have any personal complaints about getting it set up. The process felt pretty smooth for me!

@mewilker mewilker requested a review from Maillman January 27, 2026 00:24
TheDavSmasher
TheDavSmasher approved these changes Jan 27, 2026
View reviewed changes
Copy link
Collaborator

@TheDavSmasher TheDavSmasher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've already suggested everything I could see and think of so looks good to me

@mewilker mewilker merged commit ff06618 into main Jan 27, 2026
3 checks passed
@mewilker mewilker deleted the oauth branch January 27, 2026 20:59
@mewilker mewilker mentioned this pull request Jan 29, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hkamm123 hkamm123 hkamm123 left review comments

@Maillman Maillman Maillman approved these changes

@TheDavSmasher TheDavSmasher TheDavSmasher approved these changes

@ZakkeryDaRebel ZakkeryDaRebel Awaiting requested review from ZakkeryDaRebel

Assignees

@mewilker mewilker

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@mewilker @Maillman @hkamm123 @ZakkeryDaRebel @TheDavSmasher