Authentication enhancement - Support for username password based authentication (#8)

1. Added username + password support where instead of browser, plugin prompts for credentials
2. Fixed issue that token expiration logic was flawed. Now, when token actually expires, it will be renewed using refresh token.

Author: cx-umesh-waghode

Common/Code/Constants.cs

@@ -1,21 +1,34 @@
 namespace Common
 {
-    public class Constants
-    {
-        public const string COL_NAME_NUMBER = "No.";
-        public const string COL_NAME_STATUS = "Status";
-        public const string COL_NAME_SOURCE_FOLDER = "Source Folder";
-        public const string COL_NAME_SOURCE_FILE_NAME = "Source Filename";
-        public const string COL_NAME_SOURCE_LINE = "Source Line";
-        public const string COL_NAME_SOURCE_OBJECT = "Source Object";
-        public const string COL_NAME_DEST_FOLDER = "Destination Folder";
-        public const string COL_NAME_DEST_FILE_NAME = "Destination Filename";
-        public const string COL_NAME_DEST_LINE = "Destination Line";
-        public const string COL_NAME_DEST_OBJECT = "Destination Object";
-        public const string COL_NAME_SHOW_PATH = "Result State";
-        public const string COL_NAME_SEVERITY = "Severity";
-        public const string COL_NAME_ASSIGN = "Assigned User";
-        public const string COL_NAME_REMARK = "Comment";
+	public class Constants
+	{
+		#region AuthTypeUserpassword
+
+		public const string AuthenticationaType_DefaultValue = "access_control";
+		public const string AuthenticationaType_UserNamePassword = "username_password";
+
+		public const string USERNAME_KEY = "username";
+		public const string PASSWORD_KEY = "password";
+		public const string PASSWORD_GRANT_TYPE = "password";
+		public const string CLIENT_SECRET_KEY = "client_secret";
+		public const string SCOPE_VALUE_CREDS = "sast_api sast-permissions access_control_api sast_rest_api offline_access";
+
+		#endregion AuthTypeUserpassword
+
+		public const string COL_NAME_NUMBER = "No.";
+		public const string COL_NAME_STATUS = "Status";
+		public const string COL_NAME_SOURCE_FOLDER = "Source Folder";
+		public const string COL_NAME_SOURCE_FILE_NAME = "Source Filename";
+		public const string COL_NAME_SOURCE_LINE = "Source Line";
+		public const string COL_NAME_SOURCE_OBJECT = "Source Object";
+		public const string COL_NAME_DEST_FOLDER = "Destination Folder";
+		public const string COL_NAME_DEST_FILE_NAME = "Destination Filename";
+		public const string COL_NAME_DEST_LINE = "Destination Line";
+		public const string COL_NAME_DEST_OBJECT = "Destination Object";
+		public const string COL_NAME_SHOW_PATH = "Result State";
+		public const string COL_NAME_SEVERITY = "Severity";
+		public const string COL_NAME_ASSIGN = "Assigned User";
+		public const string COL_NAME_REMARK = "Comment";
 
 		public const string ERR_TITLE = "Error Message";
 		public const string ERR_UNKNOWN = "Cannot establish connection with the server. Unknown error.";
@@ -24,6 +37,8 @@ public class Constants
 
 		public const string CLIENT_ID_KEY = "client_id";
 		public const string CLIENT_VALUE = "ide_client";
+		public const string CLIENT_VALUE_ROPC = "resource_owner_client";
+		public const string CLIENT_SECRET_ROPC = "014DF517-39D1-4453-B7B3-9930C563627C";
 		public const string SCOPE_KEY = "scope";
 		public const string CODE_KEY = "code";
 		public const string GRANT_TYPE_KEY = "grant_type";

Common/Common.csproj.user

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|AnyCPU'">
+    <StartArguments>/rootsuffix Exp</StartArguments>
+    <StartAction>Program</StartAction>
+    <StartProgram>C:\Program Files %28x86%29\Microsoft Visual Studio\2019\Professional\Common7\IDE\devenv.exe</StartProgram>
+    <StartWorkingDirectory>C:\Program Files %28x86%29\Microsoft Visual Studio\2019\Professional\Common7\IDE\</StartWorkingDirectory>
+  </PropertyGroup>
+</Project>

CxViewerAction/CommonActions.cs

@@ -185,6 +185,7 @@ public void ExecuteSystemCommand(string commandName, string args)
         /// <returns></returns>
         public Entities.Project GetSelectedProject()
         {
+            Logger.Create().Debug("GetSelectedProject(): Find selected project.");
             string projectName, projectPath;
             Array projects = (Array)_applicationObject.ActiveSolutionProjects;
 
@@ -193,6 +194,7 @@ public Entities.Project GetSelectedProject()
             //Context menu are displayed on project item in solution explorer
             if (_applicationObject.SelectedItems != null)
             {
+                Logger.Create().Debug("Looping for SelectedItems ");
                 foreach (SelectedItem selectedItem in _applicationObject.SelectedItems)
                 {
                     if (selectedItem.ProjectItem != null)

CxViewerAction/CxViewerAction.csproj

@@ -393,6 +393,12 @@
     <Compile Include="Views\Shapes\TableLayout.cs">
       <SubType>Component</SubType>
     </Compile>
+    <Compile Include="Views\SubmitUserFrm.cs">
+      <SubType>Form</SubType>
+    </Compile>
+    <Compile Include="Views\SubmitUserFrm.designer.cs">
+      <DependentUpon>SubmitUserFrm.cs</DependentUpon>
+    </Compile>
     <Compile Include="Views\UploadFrm.cs">
       <SubType>Form</SubType>
     </Compile>
@@ -602,6 +608,9 @@
       <DependentUpon>ScanProcessFrm.cs</DependentUpon>
       <SubType>Designer</SubType>
     </EmbeddedResource>
+    <EmbeddedResource Include="Views\SubmitUserFrm.resx">
+      <DependentUpon>SubmitUserFrm.cs</DependentUpon>
+    </EmbeddedResource>
     <EmbeddedResource Include="Views\UploadFrm.resx">
       <DependentUpon>UploadFrm.cs</DependentUpon>
       <SubType>Designer</SubType>

CxViewerAction/Entities/LoginData.cs

@@ -24,7 +24,7 @@ public class LoginData : IEntity
         #region [Private Constants]
 
         /// <summary>
-        /// Full service path url format
+        /// Full service path url format 
         /// </summary>
         private const string _baseFormat = "http{0}://{1}";
         private const string _servicePathFormat = "{0}/Cxwebinterface/CxWsResolver.asmx";
@@ -36,7 +36,8 @@ public class LoginData : IEntity
         private string _serverDomain = null;
         private string _server = null;
         private string _serverBaseUri = null;
-        private bool _ssl = false;        
+        private bool _ssl = false;
+        private string _authenticationType = "access_control";
 
         private EntityId _id;
         private bool _isLogging;
@@ -57,15 +58,15 @@ public class LoginData : IEntity
         private bool _disableConnectionOptimizations = false;
 
         SerializableDictionary<string, string> _perspectives;
-        
+
         private List<BindProject> bindedProjects;
-		private bool _saveSastScan;
-		private bool _manageResultsComment;
-		private bool _manageResultsExploitability;
+        private bool _saveSastScan;
+        private bool _manageResultsComment;
+        private bool _manageResultsExploitability;
 
-		#endregion
+        #endregion
 
-		#region [ Constructors ]
+        #region [ Constructors ]
 
         private static LoginData loginDataInstance;
 
@@ -139,7 +140,7 @@ public string Server
                 return string.Format(_servicePathFormat, _serverBaseUri);
             }
             set { _server = value; }
-        }              
+        }
 
         public string ServerBaseUri
         {
@@ -171,6 +172,16 @@ public bool Ssl
             set { _ssl = value; }
         }
 
+        /// <summary>
+        /// Gets or sets value indicating that Authenticationa Type Log in Form Or User Submit Form throw htts protocol
+        /// </summary>
+        public string AuthenticationType
+        {
+            get { return _authenticationType; }
+            set { _authenticationType = value; }
+        }
+
+
         /// <summary>
         /// Get or set Entity prorepty
         /// </summary>
@@ -233,8 +244,8 @@ public string UnboundRunID
         {
             get { return unboundRunID; }
             set { unboundRunID = value; }
-        }     
-        
+        }
+
         public List<BindProject> BindedProjects
         {
             get { return bindedProjects; }
@@ -260,19 +271,19 @@ public bool DisableConnectionOptimizations
             set { _disableConnectionOptimizations = value; }
         }
 
-		public bool SaveSastScan { get => _saveSastScan; set => _saveSastScan = value; }
-		public bool ManageResultsComment { get => _manageResultsComment; set => _manageResultsComment = value; }
-		public bool ManageResultsExploitability { get => _manageResultsExploitability; set => _manageResultsExploitability = value; }
+        public bool SaveSastScan { get => _saveSastScan; set => _saveSastScan = value; }
+        public bool ManageResultsComment { get => _manageResultsComment; set => _manageResultsComment = value; }
+        public bool ManageResultsExploitability { get => _manageResultsExploitability; set => _manageResultsExploitability = value; }
 
-		#endregion [ Properties ]
+        #endregion [ Properties ]
 
-		#region [ Public Methods ]
+        #region [ Public Methods ]
 
-		/// <summary>
-		/// Verify if user enter all data to start auth verification
-		/// </summary>
-		/// <returns></returns>
-		public bool CanLog()
+        /// <summary>
+        /// Verify if user enter all data to start auth verification
+        /// </summary>
+        /// <returns></returns>
+        public bool CanLog()
         {
             return (String.IsNullOrEmpty(this.Server)) ? false : true;
         }
@@ -298,7 +309,7 @@ public void AddProjectPerspective(string project, string perspective)
                 Perspectives.Add(project, perspective);
         }
 
-       
+
 
         /// <summary>
         /// Clear user auth data

CxViewerAction/Helpers/BackgroundWorkerHelper.cs

@@ -112,6 +112,8 @@ public bool DoWork(string message)
             {
                 try
                 {
+                    Logger.Create().Debug("DoWork" + message);
+
                     if (Invoke(message, waitView) || canceling)
                     {
                         success = true;
@@ -153,7 +155,8 @@ public bool DoWork(string message)
             {
                 try
                 {
-                    ErrorFrm frmError = new ErrorFrm(errorMessage, delegate(object o, EventArgs e) { executionResult = Invoke("Reconnection...", waitView); }, _doReloginFunc);
+                    Logger.Create().Debug("DoWork - Reconnection " + message);
+                    ErrorFrm frmError = new ErrorFrm(errorMessage, delegate (object o, EventArgs e) { executionResult = Invoke("Reconnection...", waitView); }, _doReloginFunc);
                     DialogResult res = frmError.ShowDialog();
 
                     if (res == DialogResult.Cancel)

CxViewerAction/Helpers/BindProjectHelper.cs

@@ -153,7 +153,9 @@ static void BindSelectedProject(LoginResult loginResult, Entities.Project projec
                     isThrewError = true;
                     return;
                 }
+                Logger.Create().Debug("Getting project display data.");
                 cxWSResponseProjectsDisplayData = client.ServiceClient.GetProjectsDisplayData(loginResult.SessionId);
+                Logger.Create().Debug("Received project display data. Count "+ cxWSResponseProjectsDisplayData.projectList.Length);
 
             }, loginResult.AuthenticationData.ReconnectInterval * 1000, loginResult.AuthenticationData.ReconnectCount);
 
@@ -229,7 +231,7 @@ static void BindSelectedProject(LoginResult loginResult, Entities.Project projec
                                        isNewProject = true;
                                    }
 
-
+                                   Logger.Create().Info("Getting Scans display data for selected project " + selectedProjectId);
                                    CxWSResponseScansDisplayData cxWSResponseScansDisplayData = PerspectiveHelper.GetScansDisplayData(selectedProjectId);
                                    if (cxWSResponseScansDisplayData.ScanList.Length == 0)
                                    {
@@ -239,6 +241,7 @@ static void BindSelectedProject(LoginResult loginResult, Entities.Project projec
                                        return;
                                    }
 
+                                   Logger.Create().Info("Received Scans display data for selected project. Count " + cxWSResponseScansDisplayData.ScanList.Length);
                                    foreach (ScanDisplayData item in cxWSResponseScansDisplayData.ScanList)
                                    {
 

CxViewerAction/Helpers/ConfigurationHelper.cs

@@ -1,4 +1,5 @@
-using CxViewerAction.CxVSWebService;
+using Common;
+using CxViewerAction.CxVSWebService;
 using CxViewerAction.Entities.WebServiceEntity;
 using CxViewerAction.Services;
 using System;
@@ -11,6 +12,7 @@ internal class ConfigurationHelper : IConfigurationHelper
     {
         public ConfigurationResult GetConfigurationList(string sessionId, BackgroundWorkerHelper bg, CxWebServiceClient client)
         {
+            Logger.Create().Debug("Getting configuration list.");
             ConfigurationResult configuration = null;
             bg.DoWorkFunc = delegate(object obj)
             {
@@ -31,6 +33,7 @@ public ConfigurationResult GetConfigurationList(string sessionId, BackgroundWork
             if (!bg.DoWork("Receive Configuration list..."))
                 return null;
 
+            Logger.Create().Debug("Configuration list received. " + configuration.ToString());
             return configuration;
         }
     }