From 8c2f3792492b3f0a4718183a9488e5a7ac6e3dbb Mon Sep 17 00:00:00 2001
From: Piotr Wielgolaski <pwielgolaski@gmail.com>
Date: Sat, 1 Jul 2017 16:59:23 +0200
Subject: [PATCH] add option to control if https should be secure

---
 .../auth/oauth/AuthenticationSchemeProperties.java     |  7 +++++++
 .../jetbrains/buildServer/auth/oauth/ConfigKey.java    |  3 ++-
 .../jetbrains/buildServer/auth/oauth/OAuthClient.java  |  2 +-
 .../buildServerResources/editOAuthSchemeProperties.jsp | 10 +++++++---
 4 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/src/main/java/jetbrains/buildServer/auth/oauth/AuthenticationSchemeProperties.java b/src/main/java/jetbrains/buildServer/auth/oauth/AuthenticationSchemeProperties.java
index 11ef99f..5f97358 100644
--- a/src/main/java/jetbrains/buildServer/auth/oauth/AuthenticationSchemeProperties.java
+++ b/src/main/java/jetbrains/buildServer/auth/oauth/AuthenticationSchemeProperties.java
@@ -8,6 +8,7 @@
 
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 
 public class AuthenticationSchemeProperties {
 
@@ -84,4 +85,10 @@ private Map<String, String> getSchemeProperties() {
         List<AuthModule<OAuthAuthenticationScheme>> aadAuthModules = loginConfiguration.getConfiguredAuthModules(OAuthAuthenticationScheme.class);
         return aadAuthModules.isEmpty() ? null : aadAuthModules.get(0).getProperties();
     }
+
+    public boolean isAllowInsecureHttps() {
+        return Optional.ofNullable(getProperty(ConfigKey.allowInsecureHttps))
+                .map(Boolean::valueOf)
+                .orElse(true);
+    }
 }
diff --git a/src/main/java/jetbrains/buildServer/auth/oauth/ConfigKey.java b/src/main/java/jetbrains/buildServer/auth/oauth/ConfigKey.java
index fae82f5..21f0fe6 100644
--- a/src/main/java/jetbrains/buildServer/auth/oauth/ConfigKey.java
+++ b/src/main/java/jetbrains/buildServer/auth/oauth/ConfigKey.java
@@ -9,5 +9,6 @@ public enum ConfigKey {
     clientId,
     clientSecret,
     scope,
-    hideLoginForm
+    hideLoginForm,
+    allowInsecureHttps
 }
diff --git a/src/main/java/jetbrains/buildServer/auth/oauth/OAuthClient.java b/src/main/java/jetbrains/buildServer/auth/oauth/OAuthClient.java
index 889f252..b91e660 100644
--- a/src/main/java/jetbrains/buildServer/auth/oauth/OAuthClient.java
+++ b/src/main/java/jetbrains/buildServer/auth/oauth/OAuthClient.java
@@ -17,7 +17,7 @@ public class OAuthClient {
 
     public OAuthClient(AuthenticationSchemeProperties properties) {
         this.properties = properties;
-        this.httpClient = HttpClientFactory.createClient(true);
+        this.httpClient = HttpClientFactory.createClient(properties.isAllowInsecureHttps());
     }
 
     public String getRedirectUrl(String state) {
diff --git a/src/main/resources/buildServerResources/editOAuthSchemeProperties.jsp b/src/main/resources/buildServerResources/editOAuthSchemeProperties.jsp
index 6c6ad69..6bda4f3 100644
--- a/src/main/resources/buildServerResources/editOAuthSchemeProperties.jsp
+++ b/src/main/resources/buildServerResources/editOAuthSchemeProperties.jsp
@@ -74,11 +74,15 @@
     <span class="grayNote">OAuth scope of this TeamCity server.</span>
 </div>
 <div>
-    <label width="100%" for="<%=ConfigKey.scope%>">Hide login form:</label><br/>
-    <prop:checkboxProperty style="width: 100%;" name="<%=ConfigKey.hideLoginForm.toString()%>"/><br/>
+    <prop:checkboxProperty uncheckedValue="false" name="<%=ConfigKey.hideLoginForm.toString()%>"/>
+    <label width="100%" for="<%=ConfigKey.hideLoginForm%>">Hide login form</label><br/>
     <span class="grayNote">Hide user/password login form on Teamcity login page.</span>
 </div>
-
+<div>
+    <prop:checkboxProperty uncheckedValue="false" name="<%=ConfigKey.allowInsecureHttps.toString()%>"/>
+    <label width="100%" for="<%=ConfigKey.allowInsecureHttps%>">Insecure https</label><br/>
+    <span class="grayNote">Allow insecure https access like invalid certificate (restart required)</span>
+</div>
 <script type="text/javascript">
     BS.TeamCityOAuth.init('#<%=ConfigKey.preset.toString()%>');
 </script>
\ No newline at end of file