luxolus/open-nomad
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
open-nomad/ui/app/routes/application.js
Phil Renaud ffd16dfec6
[ui, epic] SSO and Auth improvements (#15110) 
* Top nav auth dropdown (#15055)

* Basic dropdown styles

* Some cleanup

* delog

* Default nomad hover state styles

* Component separation-of-concerns and acceptance tests for auth dropdown

* lintfix

* [ui, sso] Handle token expiry 500s (#15073)

* Handle error states generally

* Dont direct, just redirect

* no longer need explicit error on controller

* Redirect on token-doesnt-exist

* Forgot to import our time lib

* Linting on _blank

* Redirect tests

* changelog

* [ui, sso] warn user about pending token expiry (#15091)

* Handle error states generally

* Dont direct, just redirect

* no longer need explicit error on controller

* Linting on _blank

* Custom notification actions and shift the template to within an else block

* Lintfix

* Make the closeAction optional

* changelog

* Add a mirage token that will always expire in 11 minutes

* Test for token expiry with ember concurrency waiters

* concurrency handling for earlier test, and button redirect test

* [ui] if ACLs are disabled, remove the Sign In link from the top of the UI (#15114)

* Remove top nav link if ACLs disabled

* Change to an enabled-by-default model since you get no agent config when ACLs are disabled but you lack a token

* PR feedback addressed; down with double negative conditionals

* lintfix

* ember getter instead of ?.prop

* [SSO] Auth Methods and Mock OIDC Flow (#15155)

* Big ol first pass at a redirect sign in flow

* dont recursively add queryparams on redirect

* Passing state and code qps

* In which I go off the deep end and embed a faux provider page in the nomad ui

* Buggy but self-contained flow

* Flow auto-delay added and a little more polish to resetting token

* secret passing turned to accessor passing

* Handle SSO Failure

* General cleanup and test fix

* Lintfix

* SSO flow acceptance tests

* Percy snapshots added

* Explicitly note the OIDC test route is mirage only

* Handling failure case for complete-auth

* Leentfeex

* Tokens page styles (#15273)

* styling and moving columns around

* autofocus and enter press handling

* Styles refined

* Split up manager and regular tests

* Standardizing to a binary status state

* Serialize auth-methods response to use "name" as primary key (#15380)

* Serializer for unique-by-name

* Use @classic because of class extension
2022-11-28 10:44:52 -05:00

158 lines
3.8 KiB
JavaScript
Raw Blame History

/* eslint-disable ember/no-controller-access-in-routes */
import { inject as service } from '@ember/service';
import { later, next } from '@ember/runloop';
import Route from '@ember/routing/route';
import { AbortError } from '@ember-data/adapter/error';
import RSVP from 'rsvp';
import { action } from '@ember/object';
import classic from 'ember-classic-decorator';
@classic
export default class ApplicationRoute extends Route {
@service config;
@service system;
@service store;
@service token;
@service router;
queryParams = {
region: {
refreshModel: true,
},
};
resetController(controller, isExiting) {
if (isExiting) {
controller.set('error', null);
}
}
async beforeModel(transition) {
let promises;
// service:router#transitionTo can cause this to rerun because of refreshModel on
// the region query parameter, this skips rerunning the detection/loading queries.
if (transition.queryParamsOnly) {
promises = Promise.resolve(true);
} else {
let exchangeOneTimeToken;
if (transition.to.queryParams.ott) {
exchangeOneTimeToken = this.get('token').exchangeOneTimeToken(
transition.to.queryParams.ott
);
} else {
exchangeOneTimeToken = Promise.resolve(true);
}
try {
await exchangeOneTimeToken;
} catch (e) {
this.controllerFor('application').set('error', e);
}
const fetchSelfTokenAndPolicies = this.get(
'token.fetchSelfTokenAndPolicies'
)
.perform()
.catch();
const fetchLicense = this.get('system.fetchLicense').perform().catch();
const checkFuzzySearchPresence = this.get(
'system.checkFuzzySearchPresence'
)
.perform()
.catch();
promises = await RSVP.all([
this.get('system.regions'),
this.get('system.defaultRegion'),
fetchLicense,
fetchSelfTokenAndPolicies,
checkFuzzySearchPresence,
]);
}
if (!this.get('system.shouldShowRegions')) return promises;
const queryParam = transition.to.queryParams.region;
const defaultRegion = this.get('system.defaultRegion.region');
const currentRegion = this.get('system.activeRegion') || defaultRegion;
// Only reset the store if the region actually changed
if (
(queryParam && queryParam !== currentRegion) ||
(!queryParam && currentRegion !== defaultRegion)
) {
this.store.unloadAll();
}
this.set('system.activeRegion', queryParam || defaultRegion);
return promises;
}
// Model is being used as a way to propagate the region and
// one time token query parameters for use in setupController.
model(
{ region },
{
to: {
queryParams: { ott },
},
}
) {
return {
region,
hasOneTimeToken: ott,
};
}
setupController(controller, { region, hasOneTimeToken }) {
if (region === this.get('system.defaultRegion.region')) {
next(() => {
controller.set('region', null);
});
}
super.setupController(...arguments);
if (hasOneTimeToken) {
// Hack to force clear the OTT query parameter
later(() => {
controller.set('oneTimeToken', '');
}, 500);
}
}
@action
didTransition() {
if (!this.get('config.isTest')) {
window.scrollTo(0, 0);
}
}
@action
willTransition() {
this.controllerFor('application').set('error', null);
}
@action
error(error) {
if (!(error instanceof AbortError)) {
if (
error.errors?.any(
(e) =>
e.detail === 'ACL token expired' ||
e.detail === 'ACL token not found'
)
) {
this.router.transitionTo('settings.tokens');
} else {
this.controllerFor('application').set('error', error);
}
}
}
}
Reference in a new issue View git blame Copy permalink