2017-09-19 14:47:10 +00:00
<section class="section">
<h1 class="title">Access Control Tokens</h1>
<div class="columns">
<div class="column is-two-thirds">
<p class="message">Clusters that use Access Control Lists require tokens to perform certain tasks. By providing a token <strong>Secret ID</strong>, each future request will be authenticated, potentially authorizing read access to additional information. By providing a token <strong>Accessor ID</strong>, the policies and rules for the token will be listed.</p>
<div class="notification is-info">
<div class="columns">
<div class="column">
<h3 class="title is-4">Token Storage</h3>
<p>To protect Secret IDs, tokens are stored client-side in <a href="https://developer.mozilla.org/en-US/docs/Web/API/Window/sessionStorage">session storage</a>. Your ACL token is automatically cleared from storage upon closing your browser window. You can also manually clear your token instead.</p>
</div>
<div class="column is-centered is-minimum">
<button class="button is-info" {{ action "clearTokenProperties" }} >Clear Token</button>
</div>
</div>
</div>
2017-10-13 22:18:05 +00:00
{{ # if ( not tokenIsValid ) }}
<div class="field">
<label class="label">Secret ID</label>
<div class="control">
2018-01-05 20:59:36 +00:00
<input
class="input"
type="text"
placeholder="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
value= {{ token .secret }}
oninput= {{ action ( mut secret ) value = "target.value" }}
data-test-token-secret>
2017-10-13 22:18:05 +00:00
</div>
<p class="help">Sent with every request to determine authorization</p>
2017-09-19 14:47:10 +00:00
</div>
2018-01-05 20:59:36 +00:00
<p class="content"><button data-test-token-submit class="button is-primary" {{ action "verifyToken" }} >Set Token</button></p>
2017-10-13 22:18:05 +00:00
{{ / if }}
{{ # if tokenIsValid }}
2018-01-05 20:59:36 +00:00
<div data-test-token-success class="notification is-success">
2017-10-13 22:18:05 +00:00
<div class="columns">
<div class="column">
<h3 class="title is-4">Token Authenticated!</h3>
<p>Your token is valid and authorized for the following policies.</p>
</div>
</div>
</div>
{{ / if }}
{{ # if tokenIsInvalid }}
2018-01-05 20:59:36 +00:00
<div data-test-token-error class="notification is-danger">
2017-10-13 22:18:05 +00:00
<div class="columns">
<div class="column">
<h3 class="title is-4">Token Failed to Authenticate</h3>
2017-10-14 19:42:14 +00:00
<p>The token secret you have provided does not match an existing token.</p>
2017-10-13 22:18:05 +00:00
</div>
</div>
</div>
{{ / if }}
{{ # if tokenRecord }}
<h3 class="title is-4">Token: {{ tokenRecord .name }} </h3>
<div class="content">
<div>AccessorID: <code> {{ tokenRecord .accessor }} </code></div>
<div>SecretID: <code> {{ tokenRecord .secret }} </code></div>
</div>
<h3 class="title is-4">Policies</h3>
{{ # if ( eq tokenRecord .type "management" ) }}
2018-01-05 20:59:36 +00:00
<div data-test-token-management-message class="boxed-section">
2017-10-13 22:18:05 +00:00
<div class="boxed-section-body has-centered-text">
The management token has all permissions
</div>
</div>
{{ else }}
{{ # each tokenRecord .policies as | policy | }}
2018-01-05 20:59:36 +00:00
<div data-test-token-policy class="boxed-section">
<div data-test-policy-name class="boxed-section-head">
2017-10-13 22:18:05 +00:00
{{ policy .name }}
</div>
<div class="boxed-section-body">
2018-01-05 20:59:36 +00:00
<p data-test-policy-description class="content">
2017-10-13 22:18:05 +00:00
{{ # if policy .description }}
{{ policy .description }}
{{ else }}
<em>No description</em>
{{ / if }}
</p>
2018-01-05 20:59:36 +00:00
<pre><code data-test-policy-rules> {{ policy .rules }} </code></pre>
2017-10-13 22:18:05 +00:00
</div>
</div>
{{ / each }}
{{ / if }}
{{ / if }}
2017-09-19 14:47:10 +00:00
</div>
</div>
</section>
