2017-09-19 14:47:10 +00:00
<section class="section">
<h1 class="title">Access Control Tokens</h1>
<div class="columns">
<div class="column is-two-thirds">
<p class="message">Clusters that use Access Control Lists require tokens to perform certain tasks. By providing a token <strong>Secret ID</strong>, each future request will be authenticated, potentially authorizing read access to additional information. By providing a token <strong>Accessor ID</strong>, the policies and rules for the token will be listed.</p>
<div class="notification is-info">
<div class="columns">
<div class="column">
<h3 class="title is-4">Token Storage</h3>
<p>To protect Secret IDs, tokens are stored client-side in <a href="https://developer.mozilla.org/en-US/docs/Web/API/Window/sessionStorage">session storage</a>. Your ACL token is automatically cleared from storage upon closing your browser window. You can also manually clear your token instead.</p>
</div>
<div class="column is-centered is-minimum">
<button class="button is-info" {{ action "clearTokenProperties" }} >Clear Token</button>
</div>
</div>
</div>
2017-10-13 22:18:05 +00:00
{{ # if ( not tokenIsValid ) }}
<div class="field">
<label class="label">Secret ID</label>
<div class="control">
<input class="input token-secret" type="text" placeholder="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" value= {{ token .secret }} oninput= {{ action ( mut secret ) value = "target.value" }} >
</div>
<p class="help">Sent with every request to determine authorization</p>
2017-09-19 14:47:10 +00:00
</div>
2017-10-14 18:53:48 +00:00
<p class="content"><button class="button is-primary token-submit" {{ action "verifyToken" }} >Set Token</button></p>
2017-10-13 22:18:05 +00:00
{{ / if }}
{{ # if tokenIsValid }}
2017-10-14 18:53:48 +00:00
<div class="notification is-success token-success">
2017-10-13 22:18:05 +00:00
<div class="columns">
<div class="column">
<h3 class="title is-4">Token Authenticated!</h3>
<p>Your token is valid and authorized for the following policies.</p>
</div>
</div>
</div>
{{ / if }}
{{ # if tokenIsInvalid }}
2017-10-14 18:53:48 +00:00
<div class="notification is-danger token-error">
2017-10-13 22:18:05 +00:00
<div class="columns">
<div class="column">
<h3 class="title is-4">Token Failed to Authenticate</h3>
2017-10-14 19:42:14 +00:00
<p>The token secret you have provided does not match an existing token.</p>
2017-10-13 22:18:05 +00:00
</div>
</div>
</div>
{{ / if }}
{{ # if tokenRecord }}
<h3 class="title is-4">Token: {{ tokenRecord .name }} </h3>
<div class="content">
<div>AccessorID: <code> {{ tokenRecord .accessor }} </code></div>
<div>SecretID: <code> {{ tokenRecord .secret }} </code></div>
</div>
<h3 class="title is-4">Policies</h3>
{{ # if ( eq tokenRecord .type "management" ) }}
2017-10-14 18:53:48 +00:00
<div class="boxed-section token-management-message">
2017-10-13 22:18:05 +00:00
<div class="boxed-section-body has-centered-text">
The management token has all permissions
</div>
</div>
{{ else }}
{{ # each tokenRecord .policies as | policy | }}
2017-10-14 18:53:48 +00:00
<div class="boxed-section token-policy">
2017-10-13 22:18:05 +00:00
<div class="boxed-section-head">
{{ policy .name }}
</div>
<div class="boxed-section-body">
<p class="content">
{{ # if policy .description }}
{{ policy .description }}
{{ else }}
<em>No description</em>
{{ / if }}
</p>
<pre><code> {{ policy .rules }} </code></pre>
</div>
</div>
{{ / each }}
{{ / if }}
{{ / if }}
2017-09-19 14:47:10 +00:00
</div>
</div>
</section>
