Skip to content

feat: Users - Managed & OIDC #55

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nscuro merged 12 commits into from
Jan 2, 2026
Merged

feat: Users - Managed & OIDC #55

nscuro merged 12 commits into from
Jan 2, 2026
+724 −13

Conversation

@SolarFactories
Copy link

@SolarFactories SolarFactories commented Dec 14, 2025
edited
Loading

New Endpoint Bindings

  • HealthService.Health - GET /health.
  • OIDCService.RemoveTeamMapping2 - DELETE /api/v1/oidc/group/{groupUuid}/team/{teamUuid}/mapping.
    • Alternative to OIDCService.RemoveTeamMapping, which uses DELETE /api/v1/oidc/mapping/{uuid} from a OIDCMapping.UUID.
  • OIDCService.GetAllUsers - GET /api/v1/user/oidc.
  • OIDCService.CreateUser - PUT /api/v1/user/oidc.
  • OIDCService.DeleteUser - DELETE /api/v1/user/oidc.
  • OIDCService.Login - POST /api/v1/user/oidc/login.
    • To obtain a DependencyTrack Bearer Token, from Identity Provider OIDC Tokens.
  • PermissionService.AddPermissionToUser - POST /api/v1/permission/{permission}/user/{username}.
  • PermissionService.RemovePermissionFromUser - DELETE /api/v1/permission/{permission}/user/{username}.
  • UserService.GetAllManaged - GET /api/v1/user/managed.
  • UserService.CreateManaged - PUT /api/v1/user/managed.
  • UserService.UpdateManaged - POST /api/v1/user/managed.
  • UserService.DeleteManaged - DELETE /api/v1/user/managed.
  • UserService.AddTeamToUser - POST /api/v1/user/{username}/membership.
  • UserService.RemoveTeamFromUser - DELETE /api/v1/user/{username}/membership.
  • UserService.GetSelf - GET /api/v1/user/self.
  • UserService.UpdateSelf - POST /api/v1/user/self.

Fixes

Misc

  • Add minimum API version checks to methods in OIDCService.
  • Add tests for OIDCService, UserService, AboutService.
  • Add -timeout 15m to make test, due to pipeline timing out on tests.
  • Add new HealthService to contain Health check bindings.

API Coverage

  • Raises API Coverage on 4.13.6 from 122 / 220 (55.5%) to 137 / 220 (62.3%) on endpoints.
    • /health is not counted in difference due to not being listed in /api/openapi.json.

@SolarFactories
Added Health API Method, with successful unit test. Added relevant st…
5694b17 
…ructs to model data.

Signed-off-by: SolarFactories <[email protected]>
@SolarFactories
Added CRUD methods for managed users, along with unit tests.
f786ba2 
Signed-off-by: SolarFactories <[email protected]>
@SolarFactories
Added series of methods for user management for managed user teams, a…
744f774 
…nd OIDC user management, and current user.

Signed-off-by: SolarFactories <[email protected]>
@SolarFactories
Add minimum API version checks to methods.
8ed2176 
Signed-off-by: SolarFactories <[email protected]>
@SolarFactories
Add tests for most of OIDCService.
5637b6a 
Signed-off-by: SolarFactories <[email protected]>
@SolarFactories
Removed OIDCService.GetAllGroups, and OIDCService.GetAllTeamsOf from …
0c8d263 
…returning pages, instead of lists - to match the data returned from API - as API endpoints are not paginated - also removed passing PageOptions due to not being paginated. Updated tests accordingly. Removed SubjectIdentifier in test for creating OIDCUser, as only username is used by API.

Signed-off-by: SolarFactories <[email protected]>
@owasp-dt-bot
Copy link

owasp-dt-bot commented Dec 14, 2025
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@SolarFactories SolarFactories changed the title Users - Managed & OIDC feat/fix: Users - Managed & OIDC Dec 15, 2025
@SolarFactories SolarFactories changed the title feat/fix: Users - Managed & OIDC feat: Users - Managed & OIDC Dec 15, 2025
bilimuho05stack
bilimuho05stack reviewed Dec 30, 2025
View reviewed changes
Copy link

@bilimuho05stack bilimuho05stack left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Help

nscuro
nscuro requested changes Jan 2, 2026
View reviewed changes
Copy link
Member

@nscuro nscuro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a small nit about the health functions, otherwise looks good!

@nscuro nscuro added the enhancement New feature or request label Jan 2, 2026
@SolarFactories SolarFactories requested a review from nscuro January 2, 2026 13:13
@nscuro nscuro merged commit a2654e3 into DependencyTrack:main Jan 2, 2026
4 checks passed
@SolarFactories SolarFactories deleted the users-managed-oidc branch January 2, 2026 14:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nscuro nscuro nscuro approved these changes

+1 more reviewer

@bilimuho05stack bilimuho05stack bilimuho05stack left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@SolarFactories @owasp-dt-bot @nscuro @bilimuho05stack