OAuth Authentication for Eclipse IDE Extension to Access Duo Agent Platform

Problem to Solve

A customer is trying to eliminate Personal Access Token (PAT) usage across their organization for security and compliance reasons. Currently, developers need to use PATs to connect Eclipse to GitLab for Duo Agent Platform (DAP), which creates a security and compliance issue.

Proposal

Implement OAuth 2.0 authentication support for the Eclipse IDE extension to access Duo Agent Platform (DAP) features, eliminating the need for Personal Access Tokens.

Key capabilities needed:

• OAuth 2.0 authentication flow (authorization code with PKCE)
• Support for SSO/MFA policies
• Support for GitLab.com, Self-Managed, and Dedicated instances
• Secure token storage using Eclipse Secure Storage
• Token refresh for long-running IDE sessions
• Cross-platform support (Windows, macOS, Linux)

Supported versions:

• Eclipse 2023-06 (4.28) and later

Intended Users

• Developers using Eclipse who need to access DAP features

Further Details

Customer context:

• Customer is trying to eliminate PAT usage across their organization
• Developers currently need PATs to connect Eclipse to GitLab for DAP
• This creates a security/compliance issue for the organization
• Without this, the customer is essentially blocked on using DAP in their IDE