open-vault/ui/app/adapters/auth-method.js

64 lines
1.7 KiB
JavaScript
Raw Normal View History

import { assign } from '@ember/polyfills';
import { get, set } from '@ember/object';
2018-04-03 14:16:57 +00:00
import ApplicationAdapter from './application';
import DS from 'ember-data';
export default ApplicationAdapter.extend({
url(path) {
const url = `${this.buildURL()}/auth`;
return path ? url + '/' + path : url;
},
// used in updateRecord on the model#tune action
pathForType() {
return 'mounts/auth';
},
findAll(store, type, sinceToken, snapshotRecordArray) {
let isUnauthenticated = get(snapshotRecordArray || {}, 'adapterOptions.unauthenticated');
if (isUnauthenticated) {
let url = `/${this.urlPrefix()}/internal/ui/mounts`;
return this.ajax(url, 'GET', {
unauthenticated: true,
})
.then(result => {
return {
data: result.data.auth,
};
})
.catch(() => {
UI namespaces (#5119) * add namespace sidebar item * depend on ember-inflector directly * list-view and list-item components * fill out components and render empty namespaces page * list namespaces in access * add menu contextual component to list item * popup contextual component * full crud for namespaces * add namespaces service and picker component * split application and vault.cluster templates and controllers, add namespace query param, add namespace-picker to vault.namespace template * remove usage of href-to * remove ember-href-to from deps * add ember-responsive * start styling the picker and link to appropriate namespaces, use ember-responsive to render picker in different places based on the breakpoint * get query param working and save ns to authdata when authenticating, feed through ns in application adapter * move to observer on the controller for setting state on the service * set state in the beforeModel hook and clear the ember data model cache * nav to secrets on change and make error handling more resilient utilizing the method that atlas does to eagerly update URLs * add a list of sys endpoints in a helper * hide header elements if not in the root namespace * debounce namespace input on auth, fix 404 for auth method fetch, move auth method fetch to a task on the auth-form component and refretch on namespace change * fix display of supported engines and exclusion of sys and identity engines * don't fetch replication status if you're in a non-root namespace * hide seal sub-menu if not in the root namespace * don't autocomplete auth form inputs * always send some requests to the root namespace * use methodType and engineType instead of type in case there it is ns_ prefixed * use sys/internal/ui/namespaces to fetch the list in the dropdown * don't use model for namespace picker and always make the request to the token namespace * fix header handling for fetch calls * use namespace-reminder component on creation and edit forms throughout the application * add namespace-reminder to the console * add flat * add deepmerge for creating the tree in the menu * delayed rendering for animation timing * design and code feedback on the first round * white text in the namespace picker * fix namespace picker issues with root keys * separate path-to-tree * add tests for path-to-tree util * hide picker if you're in the root ns and you can't access other namespaces * show error message if you enter invalid characters for namespace path * return a different model if we dont have the namespaces feature and show upgrade page * if a token has a namespace_path, use that as the root user namespace and transition them there on login * use token namespace for user, but use specified namespace to log in * always renew tokens in the token namespace * fix edition-badge test
2018-08-16 17:48:24 +00:00
return {
data: {},
};
});
}
2018-04-03 14:16:57 +00:00
return this.ajax(this.url(), 'GET').catch(e => {
if (e instanceof DS.AdapterError) {
set(e, 'policyPath', 'sys/auth');
2018-04-03 14:16:57 +00:00
}
throw e;
});
},
createRecord(store, type, snapshot) {
const serializer = store.serializerFor(type.modelName);
const data = serializer.serialize(snapshot);
const path = snapshot.attr('path');
return this.ajax(this.url(path), 'POST', { data }).then(() => {
// ember data doesn't like 204s if it's not a DELETE
return {
data: assign({}, data, { path: path + '/', id: path }),
2018-04-03 14:16:57 +00:00
};
});
},
urlForDeleteRecord(id, modelName, snapshot) {
return this.url(snapshot.id);
},
UI - jwt auth (#6188) * fix default rendering of svg and allow plugins access to mount tune form * add auth-jwt component * add callback route, and allow it to be navigated to on load * add jwt as a supported auth method * use auth-jwt component and implement intial oidc flow * allow wrapping un-authed requests * pass redirect_url and properly redirect with the wrapped token * popup for login * center popup window and move to localStorage events for cross window communication because of IE11 * access window via a getter on the auth-form component * show OIDC provider name on the button * fetch default role on render of the auth-jwt component * simplify auth-form template * style callback page * refetch auth_url when path changes for auth-jwt component * fix glimmer error on alias metadata, and add back popup-metadata component * fix link in metadata page * add logo-edition component and remove use of partial for logo svg * render oidc callback template on the loading page if we're going there * add docs icon and change timeout on the auth form * move OIDC auth specific things to auth-jwt component * start to add branded buttons for OIDC providers * add google button * finish branded buttons * update glyph for error messages * update tests for auth screen not showing tabs, add adapter tests and new auth jwt tests * start auth-jwt tests * simplify auth-jwt * remove negative top margin on AlertInline * only preventDefault if there's an event * fill out tests * sort out some naming * feedback on templates and styles * clear error when starting OIDC auth and call for new auth_url * also allow 'oidc' as the auth method type * handle namespaces with OIDC auth * review feedback * use new getters in popup-metadata
2019-02-14 15:39:19 +00:00
exchangeOIDC(path, state, code) {
return this.ajax(`/v1/auth/${path}/oidc/callback`, 'GET', { data: { state, code } });
},
2018-04-03 14:16:57 +00:00
});