UI - add JWT auth, remove alias metadata (#4986)

* remove the ability to edit metadata on entity aliases
* add JWT auth method in the UI
This commit is contained in:
Matthew Irish 2018-07-24 17:35:31 -05:00 committed by GitHub
parent 4261618d10
commit 5b00b4b10a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 59 additions and 62 deletions

View file

@ -1,29 +0,0 @@
import Base from './_popup-base';
import Ember from 'ember';
const { computed } = Ember;
export default Base.extend({
model: computed.alias('params.firstObject'),
key: computed('params', function() {
return this.get('params').objectAt(1);
}),
messageArgs(model, key) {
return [model, key];
},
successMessage(model, key) {
return `Successfully removed '${key}' from metadata`;
},
errorMessage(e, model, key) {
let error = e.errors ? e.errors.join(' ') : e.message;
return `There was a problem removing '${key}' from the metadata - ${error}`;
},
transaction(model, key) {
let metadata = model.get('metadata');
delete metadata[key];
model.set('metadata', { ...metadata });
return model.save();
},
});

View file

@ -21,16 +21,21 @@ const MOUNTABLE_AUTH_METHODS = [
value: 'gcp',
type: 'gcp',
},
{
displayName: 'Kubernetes',
value: 'kubernetes',
type: 'kubernetes',
},
{
displayName: 'GitHub',
value: 'github',
type: 'github',
},
{
displayName: 'JWT/OIDC',
value: 'jwt',
type: 'jwt',
},
{
displayName: 'Kubernetes',
value: 'kubernetes',
type: 'kubernetes',
},
{
displayName: 'LDAP',
value: 'ldap',

View file

@ -33,6 +33,12 @@ const TABS_FOR_SETTINGS = {
routeParams: ['vault.cluster.settings.auth.configure.section', 'configuration'],
},
],
jwt: [
{
label: 'Configuration',
routeParams: ['vault.cluster.settings.auth.configure.section', 'configuration'],
},
],
kubernetes: [
{
label: 'Configuration',

View file

@ -0,0 +1,40 @@
import Ember from 'ember';
import DS from 'ember-data';
import AuthConfig from '../auth-config';
import fieldToAttrs from 'vault/utils/field-to-attrs';
const { attr } = DS;
const { computed } = Ember;
export default AuthConfig.extend({
oidcDiscoveryUrl: attr('string', {
label: 'OIDC discovery URL',
helpText:
'The OIDC discovery URL, without any .well-known component (base path). Cannot be used with jwt_validation_pubkeys',
}),
oidcDiscoveryCaPem: attr('string', {
label: 'OIDC discovery CA PEM',
editType: 'file',
helpText:
'The CA certificate or chain of certificates, in PEM format, to use to validate connections to the OIDC Discovery URL. If not set, system certificates are used',
}),
jwtValidationPubkeys: attr({
label: 'JWT validation public keys',
editType: 'stringArray',
}),
boundIssuer: attr('string', {
helpText: 'The value against which to match the iss claim in a JWT',
}),
fieldGroups: computed(function() {
const groups = [
{
default: ['oidcDiscoveryUrl'],
},
{
'JWT Options': ['oidcDiscoveryCaPem', 'jwtValidationPubkeys', 'boundIssuer'],
},
];
return fieldToAttrs(this, groups);
}),
});

View file

@ -34,7 +34,7 @@ export default AuthConfig.extend({
default: ['host', 'secret'],
},
{
Options: ['port', 'nasPort', 'dialTimeout', 'unregisteredUserPolicies'],
'RADIUS Options': ['port', 'nasPort', 'dialTimeout', 'unregisteredUserPolicies'],
},
];
return fieldToAttrs(this, groups);

View file

@ -7,7 +7,7 @@ const { computed } = Ember;
export default IdentityModel.extend({
parentType: 'entity',
formFields: ['name', 'mountAccessor', 'metadata'],
formFields: ['name', 'mountAccessor'],
entity: belongsTo('identity/entity', { readOnly: true, async: false }),
name: attr('string'),

View file

@ -13,6 +13,7 @@ export default Ember.Route.extend(UnloadModelRoute, {
'azure-configuration': 'auth-config/azure',
'github-configuration': 'auth-config/github',
'gcp-configuration': 'auth-config/gcp',
'jwt-configuration': 'auth-config/jwt',
'kubernetes-configuration': 'auth-config/kubernetes',
'ldap-configuration': 'auth-config/ldap',
'okta-configuration': 'auth-config/okta',

View file

@ -32,7 +32,6 @@
{{/if}}
</div>
</div>
{{#if (and (eq mode "edit") model.canDelete)}}
{{#confirm-action
buttonClasses="button is-ghost"
@ -43,6 +42,5 @@
Delete
{{/confirm-action}}
{{/if}}
</div>
</form>

View file

@ -10,9 +10,6 @@
{{value}}
</div>
<div class="column has-text-right">
{{#if model.canEdit}}
{{identity/popup-metadata params=(array model key)}}
{{/if}}
</div>
</div>
</div>

View file

@ -1,21 +0,0 @@
{{#popup-menu name="metadata-edit-menu"}}
<nav class="menu">
<ul class="menu-list">
<li class="action">
{{#confirm-action
confirmButtonClasses="button is-primary"
confirmButtonText="Remove"
buttonClasses="link is-destroy"
onConfirmAction=(action "performTransaction" model key)
confirmMessage=(concat "Are you sure you want to remove " key "?")
showConfirm=(get this (concat "shouldDelete-" key))
class=(if (get this (concat "shouldDelete-" key)) "message is-block is-warning is-outline")
containerClasses="message-body is-block"
messageClasses="is-block"
}}
Remove
{{/confirm-action}}
</li>
</ul>
</nav>
{{/popup-menu}}