Merge pull request #572 from lowcoder-org/link-oauth-providers-for-existing-users

Link Oauth Providers Feature For Existing Users

Author: FalkWolsky

server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/config/AuthProperties.java

@@ -28,6 +28,7 @@ public class AuthProperties {
     private Oauth2Simple google = new Oauth2Simple();
     private Oauth2Simple github = new Oauth2Simple();
     private ApiKey apiKey = new ApiKey();
+    private Boolean workspaceCreation;
 
     @Getter
     @Setter

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/AuthenticationController.java

@@ -46,7 +46,7 @@ public Mono<ResponseView<Boolean>> formLogin(@RequestBody FormLoginRequest formL
                                                  ServerWebExchange exchange) {
         return authenticationApiService.authenticateByForm(formLoginRequest.loginId(), formLoginRequest.password(),
                         formLoginRequest.source(), formLoginRequest.register(), formLoginRequest.authId(), orgId)
-                .flatMap(user -> authenticationApiService.loginOrRegister(user, exchange, invitationId))
+                .flatMap(user -> authenticationApiService.loginOrRegister(user, exchange, invitationId, Boolean.FALSE))
                 .thenReturn(ResponseView.success(true));
     }
 
@@ -63,7 +63,20 @@ public Mono<ResponseView<Boolean>> loginWithThirdParty(
             @RequestParam String orgId,
             ServerWebExchange exchange) {
         return authenticationApiService.authenticateByOauth2(authId, source, code, redirectUrl, orgId)
-                .flatMap(authUser -> authenticationApiService.loginOrRegister(authUser, exchange, invitationId))
+                .flatMap(authUser -> authenticationApiService.loginOrRegister(authUser, exchange, invitationId, Boolean.FALSE))
+                .thenReturn(ResponseView.success(true));
+    }
+
+    @Override
+    public Mono<ResponseView<Boolean>> linkAccountWithThirdParty(
+            @RequestParam(required = false) String authId,
+            @RequestParam(required = false) String source,
+            @RequestParam String code,
+            @RequestParam String redirectUrl,
+            @RequestParam String orgId,
+            ServerWebExchange exchange) {
+        return authenticationApiService.authenticateByOauth2(authId, source, code, redirectUrl, orgId)
+                .flatMap(authUser -> authenticationApiService.loginOrRegister(authUser, exchange, null, Boolean.TRUE))
                 .thenReturn(ResponseView.success(true));
     }
 

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/AuthenticationEndpoints.java

@@ -69,6 +69,24 @@ public Mono<ResponseView<Boolean>> loginWithThirdParty(
             @RequestParam String orgId,
             ServerWebExchange exchange);
 
+	/**
+	 * Link current account with third party auth provider
+	 */
+	@Operation(
+			tags = TAG_AUTHENTICATION,
+			operationId = "linkAccountWithTP",
+			summary = "Link current account with third party auth provider",
+			description = "Authenticate a Lowcoder User using third-party login credentials and link to the existing session/account"
+	)
+	@PostMapping("/tp/link")
+	public Mono<ResponseView<Boolean>> linkAccountWithThirdParty(
+			@RequestParam(required = false) String authId,
+			@RequestParam(required = false) String source,
+			@RequestParam String code,
+			@RequestParam String redirectUrl,
+			@RequestParam String orgId,
+			ServerWebExchange exchange);
+
 	@Operation(
 			tags = TAG_AUTHENTICATION,
 		    operationId = "logout",

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiService.java

@@ -16,7 +16,7 @@ public interface AuthenticationApiService {
 
     Mono<AuthUser> authenticateByOauth2(String authId, String source, String code, String redirectUrl, String orgId);
 
-    Mono<Void> loginOrRegister(AuthUser authUser, ServerWebExchange exchange, String invitationId);
+    Mono<Void> loginOrRegister(AuthUser authUser, ServerWebExchange exchange, String invitationId, boolean linKExistingUser);
 
     Mono<Boolean> enableAuthConfig(AuthConfigRequest authConfigRequest);
 

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java

@@ -29,6 +29,7 @@
 import org.lowcoder.domain.user.model.*;
 import org.lowcoder.domain.user.service.UserService;
 import org.lowcoder.sdk.auth.AbstractAuthConfig;
+import org.lowcoder.sdk.config.AuthProperties;
 import org.lowcoder.sdk.exception.BizError;
 import org.lowcoder.sdk.exception.BizException;
 import org.lowcoder.sdk.util.CookieHelper;
@@ -85,6 +86,9 @@ public class AuthenticationApiServiceImpl implements AuthenticationApiService {
     @Autowired
     private JWTUtils jwtUtils;
 
+    @Autowired
+    private AuthProperties authProperties;
+
     @Override
     public Mono<AuthUser> authenticateByForm(String loginId, String password, String source, boolean register, String authId, String orgId) {
         return authenticate(authId, source, new FormAuthRequestContext(loginId, password, register, orgId));
@@ -130,8 +134,8 @@ protected Mono<AuthUser> authenticate(String authId, @Deprecated String source,
 
     @Override
     public Mono<Void> loginOrRegister(AuthUser authUser, ServerWebExchange exchange,
-            String invitationId) {
-        return updateOrCreateUser(authUser)
+                                      String invitationId, boolean linKExistingUser) {
+        return updateOrCreateUser(authUser, linKExistingUser)
                 .delayUntil(user -> ReactiveSecurityContextHolder.getContext()
                         .doOnNext(securityContext -> securityContext.setAuthentication(AuthenticationUtils.toAuthentication(user))))
                 // save token and set cookie
@@ -142,7 +146,9 @@ public Mono<Void> loginOrRegister(AuthUser authUser, ServerWebExchange exchange,
                 })
                 // after register
                 .delayUntil(user -> {
-                    if (user.getIsNewUser()) {
+                    boolean createWorkspace =
+                            authUser.getOrgId() == null && StringUtils.isBlank(invitationId) && authProperties.getWorkspaceCreation();
+                    if (user.getIsNewUser() && createWorkspace) {
                         return onUserRegister(user);
                     }
                     return Mono.empty();
@@ -160,7 +166,13 @@ public Mono<Void> loginOrRegister(AuthUser authUser, ServerWebExchange exchange,
                 .then(businessEventPublisher.publishUserLoginEvent(authUser.getSource()));
     }
 
-    private Mono<User> updateOrCreateUser(AuthUser authUser) {
+    private Mono<User> updateOrCreateUser(AuthUser authUser, boolean linkExistingUser) {
+
+        if(linkExistingUser) {
+            return sessionUserService.getVisitor()
+                    .flatMap(user -> userService.addNewConnectionAndReturnUser(user.getId(), authUser.toAuthConnection()));
+        }
+
         return findByAuthUserSourceAndRawId(authUser).zipWith(findByAuthUserRawId(authUser))
                 .flatMap(tuple -> {
 

server/api-service/lowcoder-server/src/main/resources/application-lowcoder.yml

@@ -3,9 +3,9 @@ spring:
     mongodb:
       authentication-database: admin
       auto-index-creation: false
-      uri: mongodb://lowcoder:secret123@localhost:27017/lowcoder?authSource=admin
+      uri: mongodb://192.168.8.103:27017/lowcoder?authSource=admin
     redis:
-      url: redis://localhost:6379
+      url: redis://192.168.8.103:6379
   main:
     allow-bean-definition-overriding: true
     allow-circular-references: true
@@ -61,4 +61,5 @@ auth:
     secret: 5a41b090758b39b226603177ef48d73ae9839dd458ccb7e66f7e7cc028d5a50b
   email:
     enable: true
-    enable-register: true
+    enable-register: true
+  workspace-creation: false

server/api-service/lowcoder-server/src/main/resources/selfhost/ce/application-selfhost.yml

@@ -13,6 +13,7 @@ auth:
   email:
     enable: ${LOGIN_CHANNEL_EMAIL:true}
     enable-register: ${ENABLE_USER_SIGN_UP:true}
+  workspace-creation: ${LOWCODER_CREATE_SIGNUP_WORKSPACE:true}
 
 spring:
   data:

server/api-service/lowcoder-server/src/main/resources/selfhost/ce/application.yml

@@ -4,6 +4,7 @@ auth:
   email:
     enable: true
     enable-register: ${ENABLE_USER_SIGN_UP:true}
+  workspace-creation: ${LOWCODER_CREATE_SIGNUP_WORKSPACE:true}
 
 spring:
   data: