apache
diff --git a/‎api/src/main/java/com/cloud/user/AccountService.java‎
Lines changed: 2 additions & 0 deletions b/‎api/src/main/java/com/cloud/user/AccountService.java‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎api/src/main/java/com/cloud/user/User.java‎
Lines changed: 1 addition & 1 deletion b/‎api/src/main/java/com/cloud/user/User.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎api/src/main/java/org/apache/cloudstack/api/ApiConstants.java‎
Lines changed: 5 additions & 0 deletions b/‎api/src/main/java/org/apache/cloudstack/api/ApiConstants.java‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎api/src/main/java/org/apache/cloudstack/api/command/user/ssh/CreateSSHKeyPairCmd.java‎
Lines changed: 1 addition & 2 deletions b/‎api/src/main/java/org/apache/cloudstack/api/command/user/ssh/CreateSSHKeyPairCmd.java‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎api/src/main/java/org/apache/cloudstack/api/command/user/userdata/ListUserDataCmd.java‎
Lines changed: 1 addition & 2 deletions b/‎api/src/main/java/org/apache/cloudstack/api/command/user/userdata/ListUserDataCmd.java‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎api/src/main/java/org/apache/cloudstack/api/command/user/userdata/RegisterUserDataCmd.java‎
Lines changed: 1 addition & 2 deletions b/‎api/src/main/java/org/apache/cloudstack/api/command/user/userdata/RegisterUserDataCmd.java‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎api/src/main/java/org/apache/cloudstack/auth/UserOAuth2Authenticator.java‎
Lines changed: 53 additions & 0 deletions b/‎api/src/main/java/org/apache/cloudstack/auth/UserOAuth2Authenticator.java‎
Lines changed: 53 additions & 0 deletions
diff --git a/‎client/pom.xml‎
Lines changed: 5 additions & 0 deletions b/‎client/pom.xml‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎core/src/main/resources/META-INF/cloudstack/core/spring-core-registry-core-context.xml‎
Lines changed: 2 additions & 2 deletions b/‎core/src/main/resources/META-INF/cloudstack/core/spring-core-registry-core-context.xml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎engine/schema/src/main/java/com/cloud/user/dao/UserAccountDao.java‎
Lines changed: 2 additions & 0 deletions b/‎engine/schema/src/main/java/com/cloud/user/dao/UserAccountDao.java‎
Lines changed: 2 additions & 0 deletions
@@ -70,6 +70,8 @@ User createUser(String userName, String password, String firstName, String lastN
 
     UserAccount getActiveUserAccount(String username, Long domainId);
 
+    List<UserAccount> getActiveUserAccountByEmail(String email, Long domainId);
+
     UserAccount updateUser(UpdateUserCmd updateUserCmd);
 
     Account getActiveAccountById(long accountId);
 
@@ -24,7 +24,7 @@ public interface User extends OwnedBy, InternalIdentity {
 
     // UNKNOWN and NATIVE can be used interchangeably
     public enum Source {
-        LDAP, SAML2, SAML2DISABLED, UNKNOWN, NATIVE
+        OAUTH2, LDAP, SAML2, SAML2DISABLED, UNKNOWN, NATIVE
     }
 
     public static final long UID_SYSTEM = 1;
 
@@ -595,6 +595,8 @@ public class ApiConstants {
     public static final String SERVICE_CAPABILITY_LIST = "servicecapabilitylist";
     public static final String CAN_CHOOSE_SERVICE_CAPABILITY = "canchooseservicecapability";
     public static final String PROVIDER = "provider";
+    public static final String OAUTH_PROVIDER = "oauthprovider";
+    public static final String OAUTH_SECRET_KEY = "secretkey";
     public static final String MANAGED = "managed";
     public static final String CAPACITY_BYTES = "capacitybytes";
     public static final String CAPACITY_IOPS = "capacityiops";
@@ -1069,6 +1071,9 @@ public class ApiConstants {
     public static final String VNF_CONFIGURE_MANAGEMENT = "vnfconfiguremanagement";
     public static final String VNF_CIDR_LIST = "vnfcidrlist";
 
+    public static final String CLIENT_ID = "clientid";
+    public static final String REDIRECT_URI = "redirecturi";
+
     /**
      * This enum specifies IO Drivers, each option controls specific policies on I/O.
      * Qemu guests support "threads" and "native" options Since 0.8.8 ; "io_uring" is supported Since 6.3.0 (QEMU 5.0).
 
@@ -95,5 +95,4 @@ public void execute() {
         response.setObjectName("keypair");
         setResponseObject(response);
     }
-
-    }
+}
@@ -76,5 +76,4 @@ public void execute() {
         response.setResponseName(getCommandName());
         setResponseObject(response);
     }
-
-    }
+}
@@ -142,5 +142,4 @@ public void execute() throws ResourceUnavailableException, InsufficientCapacityE
         response.setObjectName(ApiConstants.USER_DATA);
         setResponseObject(response);
     }
-
-    }
+}
@@ -0,0 +1,53 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.auth;
+
+import com.cloud.utils.component.Adapter;
+import com.cloud.utils.exception.CloudRuntimeException;
+
+public interface UserOAuth2Authenticator extends Adapter {
+    /**
+     * Returns the unique name of the provider
+     * @return returns provider name
+     */
+    String getName();
+
+    /**
+     * Returns description about the OAuth2 provider plugin
+     * @return returns description
+     */
+    String getDescription();
+
+    /**
+     * Verifies if the logged in user is
+     * @return returns true if its valid user
+     */
+    boolean verifyUser(String email, String secretCode);
+
+    /**
+     * Verifies the code provided by provider and fetches email
+     * @return returns email
+     */
+    String verifyCodeAndFetchEmail(String secretCode);
+
+
+    /**
+     * Fetches email using the accessToken
+     * @return returns email
+     */
+    String getUserEmailAddress() throws CloudRuntimeException;
+}
@@ -161,6 +161,11 @@
             <artifactId>cloud-plugin-user-authenticator-md5</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.apache.cloudstack</groupId>
+            <artifactId>cloud-plugin-user-authenticator-oauth2</artifactId>
+            <version>${project.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.apache.cloudstack</groupId>
             <artifactId>cloud-plugin-user-authenticator-pbkdf2</artifactId>
 
@@ -33,7 +33,7 @@
         class="org.apache.cloudstack.spring.lifecycle.registry.ExtensionRegistry">
         <property name="orderConfigKey" value="user.authenticators.order" />
         <property name="excludeKey" value="user.authenticators.exclude" />
-        <property name="orderConfigDefault" value="PBKDF2,SHA256SALT,MD5,LDAP,SAML2,PLAINTEXT" />
+        <property name="orderConfigDefault" value="PBKDF2,SHA256SALT,MD5,LDAP,SAML2,PLAINTEXT,OAUTH2" />
     </bean>
 
     <bean id="userTwoFactorAuthenticatorsRegistry"
@@ -47,7 +47,7 @@
           class="org.apache.cloudstack.spring.lifecycle.registry.ExtensionRegistry">
         <property name="orderConfigKey" value="pluggableApi.authenticators.order" />
         <property name="excludeKey" value="pluggableApi.authenticators.exclude" />
-        <property name="orderConfigDefault" value="SAML2Auth" />
+        <property name="orderConfigDefault" value="SAML2Auth,OAUTH2Auth" />
     </bean>
 
     <bean id="userPasswordEncodersRegistry"
 
@@ -27,6 +27,8 @@ public interface UserAccountDao extends GenericDao<UserAccountVO, Long> {
 
     UserAccount getUserAccount(String username, Long domainId);
 
+    List<UserAccountVO> getUserAccountByEmail(String email, Long domainId);
+
     boolean validateUsernameInDomain(String username, Long domainId);
 
     UserAccount getUserByApiKey(String apiKey);
Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ public interface User extends OwnedBy, InternalIdentity {`
`24`	`24`
`25`	`25`	`// UNKNOWN and NATIVE can be used interchangeably`
`26`	`26`	`public enum Source {`
`27`		`- LDAP, SAML2, SAML2DISABLED, UNKNOWN, NATIVE`
	`27`	`+ OAUTH2, LDAP, SAML2, SAML2DISABLED, UNKNOWN, NATIVE`
`28`	`28`	`}`
`29`	`29`
`30`	`30`	`public static final long UID_SYSTEM = 1;`
Original file line number	Diff line number	Diff line change
`@@ -95,5 +95,4 @@ public void execute() {`
`95`	`95`	`response.setObjectName("keypair");`
`96`	`96`	`setResponseObject(response);`
`97`	`97`	`}`
`98`		`-`
`99`		`- }`
	`98`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -76,5 +76,4 @@ public void execute() {`
`76`	`76`	`response.setResponseName(getCommandName());`
`77`	`77`	`setResponseObject(response);`
`78`	`78`	`}`
`79`		`-`
`80`		`- }`
	`79`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -142,5 +142,4 @@ public void execute() throws ResourceUnavailableException, InsufficientCapacityE`
`142`	`142`	`response.setObjectName(ApiConstants.USER_DATA);`
`143`	`143`	`setResponseObject(response);`
`144`	`144`	`}`
`145`		`-`
`146`		`- }`
	`145`	`+}`