luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/ui/packages/consul-ui/app/adapters/oidc-provider.js

95 lines
2.4 KiB
JavaScript
Raw Normal View History

ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
import Adapter from './application';
import { inject as service } from '@ember/service';
ui: Move ember-data classes to use native JS classes/decorators (#9136) * ui: Upgrade ember-data models to use native classes/decorators * ui: Update remaining ember-data imports * ui: Move ember-data Adapters to use native classes * ui: Upgrade serializers to native classes/decorators * ui: remove meta from roles, they never had it to start with
2020-11-09 17:29:12 +00:00
export default class OidcProviderAdapter extends Adapter {
@service('env') env;
ui: Adds Partitions to the HTTP layer (#10447) This PR mainly adds partition to our HTTP adapter. Additionally and perhaps most importantly, we've also taken the opportunity to move our 'conditional namespaces' deeper into the app. The reason for doing this was, we like that namespaces should be thought of as required instead of conditional, 'special' things and would like the same thinking to be applied to partitions. Now, instead of using code throughout the app throughout the adapters to add/remove namespaces or partitions depending on whether they are enabled or not. As a UI engineer you just pretend that namespaces and partitions are always enabled, and we remove them for you deeper in the app, out of the way of you forgetting to treat these properties as a special case. Notes: Added a PartitionAbility while we were there (not used as yet) Started to remove the CONSTANT variables we had just for property names. I prefer that our adapters are as readable and straightforwards as possible, it just looks like HTTP. We'll probably remove our formatDatacenter method we use also at some point, it was mainly too make it look the same as our previous formatNspace, but now we don't have that, it instead now looks different! We enable parsing of partition in the UIs URL, but this is feature flagged so still does nothing just yet. All of the test changes were related to the fact that we were treating client.url as a function rather than a method, and now that we reference this in client.url (etc) it needs binding to client.
2021-09-15 17:09:55 +00:00
requestForQuery(request, { dc, ns, partition, index, uri }) {
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
return request`
GET /v1/internal/ui/oidc-auth-methods?${{ dc }}
ui: Move routes to use data-sources (#8321) * Add uri identifiers to all data source things and make them the same 1. Add uri identitifer to data-source service 2. Make <EventSource /> and <DataSource /> as close as possible 3. Add extra `.closed` method to get a list of inactive/closed/closing data-sources from elsewhere * Make the connections cleanup the least worst connection when required * Pass the uri/request id through all the things * Better user erroring * Make event sources close on error * Allow <DataLoader /> data slot to be configurable * Allow the <DataWriter /> removed state to be configurable * Don't error if meta is undefined * Stitch together all the repositories into the data-source/sink * Use data.source over repositories * Add missing <EventSource /> components * Fix up the views/templates * Disable all the old route based blocking query things * We still need the repo for the mixin for the moment * Don't default to default, default != ''
2020-07-17 13:42:45 +00:00
X-Request-ID: ${uri}
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
${{
ui: Adds Partitions to the HTTP layer (#10447) This PR mainly adds partition to our HTTP adapter. Additionally and perhaps most importantly, we've also taken the opportunity to move our 'conditional namespaces' deeper into the app. The reason for doing this was, we like that namespaces should be thought of as required instead of conditional, 'special' things and would like the same thinking to be applied to partitions. Now, instead of using code throughout the app throughout the adapters to add/remove namespaces or partitions depending on whether they are enabled or not. As a UI engineer you just pretend that namespaces and partitions are always enabled, and we remove them for you deeper in the app, out of the way of you forgetting to treat these properties as a special case. Notes: Added a PartitionAbility while we were there (not used as yet) Started to remove the CONSTANT variables we had just for property names. I prefer that our adapters are as readable and straightforwards as possible, it just looks like HTTP. We'll probably remove our formatDatacenter method we use also at some point, it was mainly too make it look the same as our previous formatNspace, but now we don't have that, it instead now looks different! We enable parsing of partition in the UIs URL, but this is feature flagged so still does nothing just yet. All of the test changes were related to the fact that we were treating client.url as a function rather than a method, and now that we reference this in client.url (etc) it needs binding to client.
2021-09-15 17:09:55 +00:00
ns,
partition,
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
index,
}}
`;
ui: Move ember-data classes to use native JS classes/decorators (#9136) * ui: Upgrade ember-data models to use native classes/decorators * ui: Update remaining ember-data imports * ui: Move ember-data Adapters to use native classes * ui: Upgrade serializers to native classes/decorators * ui: remove meta from roles, they never had it to start with
2020-11-09 17:29:12 +00:00
}
ui: Adds Partitions to the HTTP layer (#10447) This PR mainly adds partition to our HTTP adapter. Additionally and perhaps most importantly, we've also taken the opportunity to move our 'conditional namespaces' deeper into the app. The reason for doing this was, we like that namespaces should be thought of as required instead of conditional, 'special' things and would like the same thinking to be applied to partitions. Now, instead of using code throughout the app throughout the adapters to add/remove namespaces or partitions depending on whether they are enabled or not. As a UI engineer you just pretend that namespaces and partitions are always enabled, and we remove them for you deeper in the app, out of the way of you forgetting to treat these properties as a special case. Notes: Added a PartitionAbility while we were there (not used as yet) Started to remove the CONSTANT variables we had just for property names. I prefer that our adapters are as readable and straightforwards as possible, it just looks like HTTP. We'll probably remove our formatDatacenter method we use also at some point, it was mainly too make it look the same as our previous formatNspace, but now we don't have that, it instead now looks different! We enable parsing of partition in the UIs URL, but this is feature flagged so still does nothing just yet. All of the test changes were related to the fact that we were treating client.url as a function rather than a method, and now that we reference this in client.url (etc) it needs binding to client.
2021-09-15 17:09:55 +00:00
requestForQueryRecord(request, { dc, ns, partition, id }) {
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
if (typeof id === 'undefined') {
throw new Error('You must specify an id');
}
return request`
ui: Adds Partitions to the HTTP layer (#10447) This PR mainly adds partition to our HTTP adapter. Additionally and perhaps most importantly, we've also taken the opportunity to move our 'conditional namespaces' deeper into the app. The reason for doing this was, we like that namespaces should be thought of as required instead of conditional, 'special' things and would like the same thinking to be applied to partitions. Now, instead of using code throughout the app throughout the adapters to add/remove namespaces or partitions depending on whether they are enabled or not. As a UI engineer you just pretend that namespaces and partitions are always enabled, and we remove them for you deeper in the app, out of the way of you forgetting to treat these properties as a special case. Notes: Added a PartitionAbility while we were there (not used as yet) Started to remove the CONSTANT variables we had just for property names. I prefer that our adapters are as readable and straightforwards as possible, it just looks like HTTP. We'll probably remove our formatDatacenter method we use also at some point, it was mainly too make it look the same as our previous formatNspace, but now we don't have that, it instead now looks different! We enable parsing of partition in the UIs URL, but this is feature flagged so still does nothing just yet. All of the test changes were related to the fact that we were treating client.url as a function rather than a method, and now that we reference this in client.url (etc) it needs binding to client.
2021-09-15 17:09:55 +00:00
POST /v1/acl/oidc/auth-url?${{ dc, ns, partition }}
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
Cache-Control: no-store
${{
AuthMethod: id,
UI: Improved Login/Logout flow inc SSO support (#7790) * 6 new components for new login/logout flow, plus SSO support UI Components: 1. AuthDialog: Wraps/orchestrates AuthForm and AuthProfile 2. AuthForm: Authorization form shown when logged out. 3. AuthProfile: Simple presentational component to show the users 'Profile' 4. OidcSelect: A 'select' component for selecting an OIDC provider, dynamically uses either a single select menu or multiple buttons depending on the amount of providers Data Components: 1. JwtSource: Given an OIDC provider URL this component will request a token from the provider and fire an donchange event when it has been retrieved. Used by TokenSource. 2. TokenSource: Given a oidc provider name or a Consul SecretID, TokenSource will use whichever method/API requests required to retrieve Consul ACL Token, which is emitted to the onchange event handler. Very basic README documentation included here, which is likely to be refined somewhat. * CSS required for new auth/SSO UI components * Remaining app code required to tie the new auth/SSO work together * CSS code required to help tie the auth/SSO work together * Test code in order to get current tests passing with new auth/SSO flow ..plus extremely basics/skipped rendering tests for the new components * Treat the secret received from the server as the truth Previously we've always treated what the user typed as the truth, this breaks down when using SSO as the user doesn't type anything to retrieve a token. Therefore we change this so that we use the secret in the API response as the truth. * Make sure removing an dom tree from a buffer only removes its own tree
2020-05-11 15:37:11 +00:00
RedirectURI: `${this.env.var('CONSUL_BASE_UI_URL')}/oidc/callback`,
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
}}
`;
ui: Move ember-data classes to use native JS classes/decorators (#9136) * ui: Upgrade ember-data models to use native classes/decorators * ui: Update remaining ember-data imports * ui: Move ember-data Adapters to use native classes * ui: Upgrade serializers to native classes/decorators * ui: remove meta from roles, they never had it to start with
2020-11-09 17:29:12 +00:00
}
ui: Adds Partitions to the HTTP layer (#10447) This PR mainly adds partition to our HTTP adapter. Additionally and perhaps most importantly, we've also taken the opportunity to move our 'conditional namespaces' deeper into the app. The reason for doing this was, we like that namespaces should be thought of as required instead of conditional, 'special' things and would like the same thinking to be applied to partitions. Now, instead of using code throughout the app throughout the adapters to add/remove namespaces or partitions depending on whether they are enabled or not. As a UI engineer you just pretend that namespaces and partitions are always enabled, and we remove them for you deeper in the app, out of the way of you forgetting to treat these properties as a special case. Notes: Added a PartitionAbility while we were there (not used as yet) Started to remove the CONSTANT variables we had just for property names. I prefer that our adapters are as readable and straightforwards as possible, it just looks like HTTP. We'll probably remove our formatDatacenter method we use also at some point, it was mainly too make it look the same as our previous formatNspace, but now we don't have that, it instead now looks different! We enable parsing of partition in the UIs URL, but this is feature flagged so still does nothing just yet. All of the test changes were related to the fact that we were treating client.url as a function rather than a method, and now that we reference this in client.url (etc) it needs binding to client.
2021-09-15 17:09:55 +00:00
requestForAuthorize(request, { dc, ns, partition, id, code, state }) {
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
if (typeof id === 'undefined') {
throw new Error('You must specify an id');
}
if (typeof code === 'undefined') {
throw new Error('You must specify an code');
}
if (typeof state === 'undefined') {
throw new Error('You must specify an state');
}
return request`
ui: Adds Partitions to the HTTP layer (#10447) This PR mainly adds partition to our HTTP adapter. Additionally and perhaps most importantly, we've also taken the opportunity to move our 'conditional namespaces' deeper into the app. The reason for doing this was, we like that namespaces should be thought of as required instead of conditional, 'special' things and would like the same thinking to be applied to partitions. Now, instead of using code throughout the app throughout the adapters to add/remove namespaces or partitions depending on whether they are enabled or not. As a UI engineer you just pretend that namespaces and partitions are always enabled, and we remove them for you deeper in the app, out of the way of you forgetting to treat these properties as a special case. Notes: Added a PartitionAbility while we were there (not used as yet) Started to remove the CONSTANT variables we had just for property names. I prefer that our adapters are as readable and straightforwards as possible, it just looks like HTTP. We'll probably remove our formatDatacenter method we use also at some point, it was mainly too make it look the same as our previous formatNspace, but now we don't have that, it instead now looks different! We enable parsing of partition in the UIs URL, but this is feature flagged so still does nothing just yet. All of the test changes were related to the fact that we were treating client.url as a function rather than a method, and now that we reference this in client.url (etc) it needs binding to client.
2021-09-15 17:09:55 +00:00
POST /v1/acl/oidc/callback?${{ dc, ns, partition }}
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
Cache-Control: no-store
${{
AuthMethod: id,
Code: code,
State: state,
}}
`;
ui: Move ember-data classes to use native JS classes/decorators (#9136) * ui: Upgrade ember-data models to use native classes/decorators * ui: Update remaining ember-data imports * ui: Move ember-data Adapters to use native classes * ui: Upgrade serializers to native classes/decorators * ui: remove meta from roles, they never had it to start with
2020-11-09 17:29:12 +00:00
}
requestForLogout(request, { id }) {
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
if (typeof id === 'undefined') {
throw new Error('You must specify an id');
}
return request`
POST /v1/acl/logout
Cache-Control: no-store
X-Consul-Token: ${id}
`;
ui: Move ember-data classes to use native JS classes/decorators (#9136) * ui: Upgrade ember-data models to use native classes/decorators * ui: Update remaining ember-data imports * ui: Move ember-data Adapters to use native classes * ui: Upgrade serializers to native classes/decorators * ui: remove meta from roles, they never had it to start with
2020-11-09 17:29:12 +00:00
}
authorize(store, type, id, snapshot) {
ui: Replaces old request method with rpc. (#8298) `rpc` is used to define how to make a HTTP request/response messages. This used to be called 'request' but the term is overused and sounded like only one leg of the message, so the naming was moved to `rpc` a while ago, this cleans up the places where we still used the old term.
2020-07-13 13:23:15 +00:00
return this.rpc(
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
function(adapter, request, serialized, unserialized) {
return adapter.requestForAuthorize(request, serialized, unserialized);
},
function(serializer, respond, serialized, unserialized) {
return serializer.respondForAuthorize(respond, serialized, unserialized);
},
snapshot,
type.modelName
);
ui: Move ember-data classes to use native JS classes/decorators (#9136) * ui: Upgrade ember-data models to use native classes/decorators * ui: Update remaining ember-data imports * ui: Move ember-data Adapters to use native classes * ui: Upgrade serializers to native classes/decorators * ui: remove meta from roles, they never had it to start with
2020-11-09 17:29:12 +00:00
}
logout(store, type, id, snapshot) {
ui: Replaces old request method with rpc. (#8298) `rpc` is used to define how to make a HTTP request/response messages. This used to be called 'request' but the term is overused and sounded like only one leg of the message, so the naming was moved to `rpc` a while ago, this cleans up the places where we still used the old term.
2020-07-13 13:23:15 +00:00
return this.rpc(
ui: Model Layer for SSO Support (#7771) * ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
2020-05-05 16:29:35 +00:00
function(adapter, request, serialized, unserialized) {
return adapter.requestForLogout(request, serialized, unserialized);
},
function(serializer, respond, serialized, unserialized) {
// its ok to return nothing here for the moment at least
return {};
},
snapshot,
type.modelName
);
ui: Move ember-data classes to use native JS classes/decorators (#9136) * ui: Upgrade ember-data models to use native classes/decorators * ui: Update remaining ember-data imports * ui: Move ember-data Adapters to use native classes * ui: Upgrade serializers to native classes/decorators * ui: remove meta from roles, they never had it to start with
2020-11-09 17:29:12 +00:00
}
}