Oktaauth (#10)

* Fix to allow dynamic oauth paths
* Update generated README

---------

Co-authored-by: Dave Galey <[email protected]>
Co-authored-by: Keyfactor <[email protected]>
Co-authored-by: Brian Hill <[email protected]>

Author: 4 people

AWSOktaTester/Models/AuthResponse.cs

@@ -1,4 +1,18 @@
-using Newtonsoft.Json;
+// Copyright 2023 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using Newtonsoft.Json;
 
 namespace AWSOktaTester.Models
 {

AWSOktaTester/Program.cs

@@ -1,4 +1,18 @@
-using System;
+// Copyright 2023 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
 using System.Text;
 using Amazon;
 using Amazon.CertificateManager;

CHANGELOG.md

@@ -0,0 +1,9 @@
+1.2.0
+* Added OTKA Auth Path to support Authentication Servers outside of the default server.
+
+1.1.0
+* Added AWS IAM Authentication support with Roles
+
+1.0.0
+* Convert to Universal Orchestrator Framework
+* Added OKTA Authentication Support

README.md

@@ -1,6 +1,18 @@
-using System;
-using System.ComponentModel;
+// Copyright 2023 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
 
+using System.ComponentModel;
 using Newtonsoft.Json;
 
 namespace Keyfactor.AnyAgent.AwsCertificateManager
@@ -25,6 +37,10 @@ public class OktaCustomFields : CustomFields
 		[JsonProperty("scope")]
 		[DefaultValue(false)]
 		public string Scope { get; set; }
+
+        [JsonProperty("oauthpath")]
+        [DefaultValue("/oauth2/default/v1/token")]
+        public string OAuthPath { get; set; }
 	}
 
 	public class IAMCustomFields : CustomFields

aws-orchestrator-core/CustomFields.cs

@@ -1,20 +1,27 @@
-using Amazon;
+// Copyright 2023 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using Amazon;
 using Amazon.CertificateManager;
 using Amazon.CertificateManager.Model;
 using Amazon.Runtime.Internal.Util;
 using Amazon.SecurityToken.Model;
-
-using Keyfactor.AnyAgent.AwsCertificateManager.Models;
 using Keyfactor.Logging;
 using Keyfactor.Orchestrators.Common.Enums;
 using Keyfactor.Orchestrators.Extensions;
-
 using Microsoft.Extensions.Logging;
-
 using Newtonsoft.Json;
-
-using RestSharp;
-
 using System;
 using System.Collections.Generic;
 using System.Linq;

aws-orchestrator-core/Jobs/IAM/Inventory.cs

@@ -1,30 +1,36 @@
-using System;
+// Copyright 2023 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
 using System.IO;
 using System.Linq;
 using System.Net;
 using System.Text;
-
 using Amazon;
 using Amazon.CertificateManager;
 using Amazon.CertificateManager.Model;
 using Amazon.Runtime.Internal.Util;
 using Amazon.SecurityToken.Model;
-
-using Keyfactor.AnyAgent.AwsCertificateManager.Models;
 using Keyfactor.Logging;
 using Keyfactor.Orchestrators.Common.Enums;
 using Keyfactor.Orchestrators.Extensions;
-
 using Microsoft.Extensions.Logging;
-
 using Newtonsoft.Json;
-
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.OpenSsl;
 using Org.BouncyCastle.Pkcs;
 
-using RestSharp;
-
 namespace Keyfactor.AnyAgent.AwsCertificateManager.Jobs.IAM
 {
 	public class Management : IManagementJobExtension

aws-orchestrator-core/Jobs/IAM/Management.cs

@@ -1,20 +1,29 @@
-using Amazon;
+// Copyright 2023 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using Amazon;
 using Amazon.CertificateManager;
 using Amazon.CertificateManager.Model;
 using Amazon.Runtime.Internal.Util;
 using Amazon.SecurityToken.Model;
-
 using Keyfactor.AnyAgent.AwsCertificateManager.Models;
 using Keyfactor.Logging;
 using Keyfactor.Orchestrators.Common.Enums;
 using Keyfactor.Orchestrators.Extensions;
-
 using Microsoft.Extensions.Logging;
-
 using Newtonsoft.Json;
-
 using RestSharp;
-
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -165,7 +174,7 @@ private AuthResponse OktaAuthenticate(InventoryJobConfiguration config)
 			try
 			{
 				_logger.MethodEntry();
-				var oktaAuthUrl = $"https://{config.CertificateStoreDetails.ClientMachine}/oauth2/default/v1/token";
+				var oktaAuthUrl = $"https://{config.CertificateStoreDetails.ClientMachine}{CustomFields.OAuthPath}";
 				_logger.LogTrace($"Custom Field List: {CustomFields}");
 				_logger.LogTrace($"Okta Auth URL: {oktaAuthUrl}");
 

aws-orchestrator-core/Jobs/Okta/Inventory.cs

@@ -1,24 +1,33 @@
-using System;
+// Copyright 2023 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
 using System.IO;
 using System.Linq;
 using System.Net;
 using System.Text;
-
 using Amazon;
 using Amazon.CertificateManager;
 using Amazon.CertificateManager.Model;
 using Amazon.Runtime.Internal.Util;
 using Amazon.SecurityToken.Model;
-
 using Keyfactor.AnyAgent.AwsCertificateManager.Models;
 using Keyfactor.Logging;
 using Keyfactor.Orchestrators.Common.Enums;
 using Keyfactor.Orchestrators.Extensions;
-
 using Microsoft.Extensions.Logging;
-
 using Newtonsoft.Json;
-
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.OpenSsl;
 using Org.BouncyCastle.Pkcs;
@@ -311,7 +320,7 @@ private AuthResponse OktaAuthenticate(ManagementJobConfiguration config)
 			{
 				_logger.MethodEntry();
 
-				var oktaAuthUrl = $"https://{config.CertificateStoreDetails.ClientMachine}/oauth2/default/v1/token";
+				var oktaAuthUrl = $"https://{config.CertificateStoreDetails.ClientMachine}{CustomFields.OAuthPath}";
 				_logger.LogTrace($"Custom Field List: {CustomFields}");
 				_logger.LogTrace($"Okta Auth URL: {oktaAuthUrl}");
 

aws-orchestrator-core/Jobs/Okta/Management.cs

@@ -1,4 +1,18 @@
-using Newtonsoft.Json;
+// Copyright 2023 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using Newtonsoft.Json;
 
 namespace Keyfactor.AnyAgent.AwsCertificateManager.Models
 {

aws-orchestrator-core/Models/AuthResponse.cs

@@ -1,5 +1,18 @@
-using System;
+// Copyright 2023 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
 
+using System;
 using Amazon;
 using Amazon.Runtime;
 using Amazon.Runtime.Internal.Util;