@deephaven/auth-plugins 0.44.1-beta.0 → 0.44.2-plugin-cleanup.3

package/README.md

@@ -8,6 +8,122 @@ Authentication plugins for Deephaven. Used by [AuthBootstrap](../app-utils/src/c
 npm install --save @deephaven/auth-plugins
 ```
 
+## Developing New Auth Plugins
+
+Export an `AuthPlugin` from a module to register an authentication plugin. Authentication plugins must implement the [AuthPlugin interface](./src/AuthPlugin.ts#L32). Authentication plugins can display a UI which then triggers how to login.
+
+The Web UI loads all plugins on initialization, and uses the first available authentication plugin for authenticating. A sequence diagram of this flow at a high level, where `AuthPlugin` is the first authentication plugin that returns true when the `isAvailable` method is called.
+
+```mermaid
+sequenceDiagram
+  participant U as User
+  participant W as Web UI
+  participant P as AuthPlugin
+  participant S as Server
+  U->>W: Open app
+  activate W
+    W->>S: Load plugin modules
+    S-->>W: PluginModule[]
+    W->>S: client.getAuthConfigValues()
+    S-->>W: Auth config [string, string][]
+    W->>W: Select first available AuthPlugin
+  deactivate W
+  W->>P: Login
+  P->>S: client.login()
+  S-->>P: Login success
+  P-->>W: Login success
+```
+
+## Examples
+
+Below are some sequence diagrams for some of the included Auth Plugins.
+
+#### Pre-shared Key ([AuthPluginPsk](./src/AuthPluginPsk.tsx))
+
+```mermaid
+sequenceDiagram
+  participant W as Web UI
+  participant P as AuthPluginPsk
+  participant J as JS API
+  W->>P: Login
+  alt Key in query string
+    P->>J: client.login(key)
+  else Prompt user for key
+    P->>P: Prompt for key
+    P->>J: client.login(key)
+  end
+  J-->>P: Login success
+  P-->>W: Login success
+```
+
+### Composite Password/Anonymous plugin
+
+Composite plugin giving the user the choice of logging in with a password or logging in anonymously
+
+```mermaid
+sequenceDiagram
+  participant W as Web UI
+  participant CP as CompositePlugin
+  participant AP as AnonymousPlugin
+  participant PP as PasswordPlugin
+  participant J as JS API
+  W->>CP: Login
+  CP->>CP: Prompt for authentication method
+  activate CP
+    alt Password login
+      activate PP
+        loop Until success
+          PP->>PP: Show Login UI
+          PP->>J: client.login(password)
+          alt Login success
+            J-->>PP: Login success
+          else Login failure
+            J-->>PP: Login failure
+            PP->>PP: Show login error
+          end
+        end
+        PP-->>CP: Login success
+      deactivate PP
+    else Anonymous login
+      activate AP
+        AP->>J: client.login(anonymous)
+        J-->>AP: Login success
+        AP-->>CP: Login success
+      deactivate AP
+    end
+    CP-->>W: Login success
+  deactivate CP
+```
+
+#### Auth0
+
+Translation of flow from https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow, showing which responsibilities login plugin handles. Note that the plugins need to be loaded initially prior to redirecting to the authorization prompt, and then again after redirecting back to the Web UI. For a specific example using Keycloak, see [AuthPluginKeycloak](https://github.com/deephaven/deephaven-js-plugins/tree/main/plugins/auth-keycloak).
+
+```mermaid
+sequenceDiagram
+  participant U as User
+  participant W as Web UI
+  participant S as Server
+  participant P as Auth0Plugin
+  participant T as Auth0 Tenant
+  participant J as JS API
+  U->>W: Open app
+  W->>W: Select first available AuthPlugin
+  W->>P: Login
+  P->>T: Authorization code request to /authorize
+  T->>U: Redirect to login/authorization prompt
+  U-->>T: Authenticate and Consent
+  T->>W: Authorization code
+  W->>W: Select first available AuthPlugin
+  W->>P: Login
+  P->>T: Authorization Code + Client ID + Client Secret to /oauth/token
+  T->>T: Validate Authorization Code + Client ID + Client Secret
+  T-->>P: ID Token and Access Token
+  P->>J: client.login(token)
+  J-->>P: Login success
+  P-->>W: Login success
+```
+
 # Legal Notices
 
 Deephaven Data Labs and any contributors grant you a license to the content of this repository under the Apache 2.0 License, see the [LICENSE](../../LICENSE) file.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@deephaven/auth-plugins",
-  "version": "0.44.1-beta.0+ba13c913",
+  "version": "0.44.2-plugin-cleanup.3+218cf522",
   "description": "Deephaven Auth Plugins",
   "keywords": [
     "Deephaven",
@@ -33,14 +33,14 @@
     "build:sass": "sass --embed-sources --load-path=../../node_modules ./src:./dist"
   },
   "dependencies": {
-    "@deephaven/components": "^0.44.1-beta.0+ba13c913",
-    "@deephaven/jsapi-bootstrap": "^0.44.1-beta.0+ba13c913",
-    "@deephaven/jsapi-components": "^0.44.1-beta.0+ba13c913",
-    "@deephaven/jsapi-types": "^0.44.1-beta.0+ba13c913",
-    "@deephaven/jsapi-utils": "^0.44.1-beta.0+ba13c913",
-    "@deephaven/log": "^0.44.1-beta.0+ba13c913",
-    "@deephaven/redux": "^0.44.1-beta.0+ba13c913",
-    "@deephaven/utils": "^0.44.1-beta.0+ba13c913",
+    "@deephaven/components": "^0.44.2-plugin-cleanup.3+218cf522",
+    "@deephaven/jsapi-bootstrap": "^0.44.2-plugin-cleanup.3+218cf522",
+    "@deephaven/jsapi-components": "^0.44.2-plugin-cleanup.3+218cf522",
+    "@deephaven/jsapi-types": "^0.44.2-plugin-cleanup.3+218cf522",
+    "@deephaven/jsapi-utils": "^0.44.2-plugin-cleanup.3+218cf522",
+    "@deephaven/log": "^0.44.2-plugin-cleanup.3+218cf522",
+    "@deephaven/redux": "^0.44.2-plugin-cleanup.3+218cf522",
+    "@deephaven/utils": "^0.44.2-plugin-cleanup.3+218cf522",
     "classnames": "^2.3.1",
     "js-cookie": "^3.0.5",
     "react-transition-group": "^4.4.2"
@@ -59,5 +59,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "ba13c9139b3b7a5f5d64d79069f1de9d4727eeb6"
+  "gitHead": "218cf5224bcba3734025749fe55b1161bc3bb4a6"
 }