Difference between revisions of "Service Logins"
(Created page with "Service Logins allow for easy management of credentials to third-party systems. == Problem == Service Logins are an easy solution to one problem, that occurs almost every tim...") |
|||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | Service Logins allow for easy management of credentials to third-party systems. | + | Service Logins allow for easy management of credentials to third-party systems. They were introduced in server version 3.6. {{Version/ServerSince|3.6.0}} |
== Problem == | == Problem == | ||
Line 5: | Line 5: | ||
== Features == | == Features == | ||
− | + | <code>SERVICE_LOGIN</code> is the root class of the system, deriving directly from <code>SYSTEM_OBJECT</code>. This MetaClass and its derivates are located in the namespace <code>System.Main.ServiceLogin</code>. In addition to that, there are derivates for the following derivates located in the namespace <code>Custom.Main.ServiceLogin</code>. These are intended to be used by customizers because of their ease of access by code (same class name as MetaClass name). | |
− | + | {| class="wikitable" | |
− | + | |'''MetaClass''' | |
− | + | |'''Properties''' | |
− | + | |- | |
− | + | | | |
− | + | <code>SERVICE_LOGIN</code> | |
− | + | | | |
− | + | ''No Properties'' | |
− | + | |- | |
− | + | | | |
− | + | <code>TOKEN_AUTH_SERVICE_LOGIN</code> | |
− | + | | | |
− | + | * <code>TOKEN</code> * | |
− | + | |- | |
− | + | | | |
− | + | <code>BASIC_AUTH_SERVICE_LOGIN</code> | |
− | + | | | |
+ | * <code>USERNAME</code> | ||
+ | * <code>PASSWORD</code> * | ||
+ | |- | ||
+ | | | ||
+ | <code>WINDOWS_AUTH_SERVICE_LOGIN</code> | ||
+ | | | ||
+ | * <code>DOMAIN</code> | ||
+ | * <code>USERNAME</code> | ||
+ | * <code>PASSWORD</code> * | ||
+ | |- | ||
+ | | | ||
+ | <code>OAUTH2_AUTH_SERVICE_LOGIN</code> | ||
+ | | | ||
+ | * <code>TENANT_ID</code> | ||
+ | * <code>CLIENT_ID</code> | ||
+ | * <code>CLIENT_SECRET</code> * | ||
+ | * <code>CLIENT_CERTIFICATE</code> * | ||
+ | * <code>IDP_URL</code> | ||
+ | * <code>GRANT_TYPE</code> | ||
+ | * <code>SCOPE</code> | ||
+ | |} | ||
− | The fields with the asterisk (*) are password fields that encrypt the text and store the result in the database. To get the decrypted counterpart, the C# field <SECRETNAME>_DECRYPTED (e.g. TOKEN_DECRYPTED) needs to be accessed. | + | The fields with the asterisk (*) are password fields that encrypt the text and store the result in the database. To get the decrypted counterpart, the C# field <code><SECRETNAME>_DECRYPTED</code> (e.g. <code>TOKEN_DECRYPTED</code>) needs to be accessed. All of the ServiceLogin-related properties can be accessed via custom code (or interface code, respectively) either using <code>PascalCase</code> or <code>SCREAMING_SNAKE_CASE</code>. |
Latest revision as of 14:50, 11 November 2021
Service Logins allow for easy management of credentials to third-party systems. They were introduced in server version 3.6.
Problem
Service Logins are an easy solution to one problem, that occurs almost every time an interface to a third-party system is required: Where to put the credentials? If the interface makes use of Windows Authentication, it's no issue, as WebClient.UseDefaultCredentials
will make use of the user the program/service opened. However, in almost all other cases, there's no way around either putting the credentials into the custom code (insecure, as it can be decompiled rather easily...) or creating properties on some MetaClass (that will be plain-text). EncryptedText
properties won't work, as there's no way of getting to the plain-text password (that's required for the login to the external system) without using Reflection.
Features
SERVICE_LOGIN
is the root class of the system, deriving directly from SYSTEM_OBJECT
. This MetaClass and its derivates are located in the namespace System.Main.ServiceLogin
. In addition to that, there are derivates for the following derivates located in the namespace Custom.Main.ServiceLogin
. These are intended to be used by customizers because of their ease of access by code (same class name as MetaClass name).
MetaClass | Properties |
|
No Properties |
|
|
|
|
|
|
|
|
The fields with the asterisk (*) are password fields that encrypt the text and store the result in the database. To get the decrypted counterpart, the C# field <SECRETNAME>_DECRYPTED
(e.g. TOKEN_DECRYPTED
) needs to be accessed. All of the ServiceLogin-related properties can be accessed via custom code (or interface code, respectively) either using PascalCase
or SCREAMING_SNAKE_CASE
.