luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/ui/app/routes/vault/cluster.js
Matthew Irish 0357790fb8
UI - jwt auth (#6188) 
* fix default rendering of svg and allow plugins access to mount tune form

* add auth-jwt component

* add callback route, and allow it to be navigated to on load

* add jwt as a supported auth method

* use auth-jwt component and implement intial oidc flow

* allow wrapping un-authed requests

* pass redirect_url and properly redirect with the wrapped token

* popup for login

* center popup window and move to localStorage events for cross window communication because of IE11

* access window via a getter on the auth-form component

* show OIDC provider name on the button

* fetch default role on render of the auth-jwt component

* simplify auth-form template

* style callback page

* refetch auth_url when path changes for auth-jwt component

* fix glimmer error on alias metadata, and add back popup-metadata component

* fix link in metadata page

* add logo-edition component and remove use of partial for logo svg

* render oidc callback template on the loading page if we're going there

* add docs icon and change timeout on the auth form

* move OIDC auth specific things to auth-jwt component

* start to add branded buttons for OIDC providers

* add google button

* finish branded buttons

* update glyph for error messages

* update tests for auth screen not showing tabs, add adapter tests and new auth jwt tests

* start auth-jwt tests

* simplify auth-jwt

* remove negative top margin on AlertInline

* only preventDefault if there's an event

* fill out tests

* sort out some naming

* feedback on templates and styles

* clear error when starting OIDC auth and call for new auth_url

* also allow 'oidc' as the auth method type

* handle namespaces with OIDC auth

* review feedback

* use new getters in popup-metadata
2019-02-14 09:39:19 -06:00

119 lines
3.4 KiB
JavaScript
Raw Blame History

import { inject as service } from '@ember/service';
import { computed } from '@ember/object';
import { reject } from 'rsvp';
import Route from '@ember/routing/route';
import { getOwner } from '@ember/application';
import { task, timeout } from 'ember-concurrency';
import Ember from 'ember';
import ClusterRoute from 'vault/mixins/cluster-route';
import ModelBoundaryRoute from 'vault/mixins/model-boundary-route';
const POLL_INTERVAL_MS = 10000;
export default Route.extend(ModelBoundaryRoute, ClusterRoute, {
namespaceService: service('namespace'),
version: service(),
permissions: service(),
store: service(),
auth: service(),
currentCluster: service(),
modelTypes: computed(function() {
return ['node', 'secret', 'secret-engine'];
}),
globalNamespaceModels: computed(function() {
return ['node', 'cluster'];
}),
queryParams: {
namespaceQueryParam: {
refreshModel: true,
},
},
getClusterId(params) {
const { cluster_name } = params;
const cluster = this.modelFor('vault').findBy('name', cluster_name);
return cluster ? cluster.get('id') : null;
},
clearNonGlobalModels() {
// this method clears all of the ember data cached models except
// the model types blacklisted in `globalNamespaceModels`
let store = this.store;
let modelsToKeep = this.get('globalNamespaceModels');
for (let model of getOwner(this)
.lookup('data-adapter:main')
.getModelTypes()) {
let { name } = model;
if (modelsToKeep.includes(name)) {
return;
}
store.unloadAll(name);
}
},
beforeModel() {
const params = this.paramsFor(this.routeName);
this.clearNonGlobalModels();
this.get('namespaceService').setNamespace(params.namespaceQueryParam);
const id = this.getClusterId(params);
if (id) {
this.get('auth').setCluster(id);
this.get('permissions').getPaths.perform();
return this.get('version').fetchFeatures();
} else {
return reject({ httpStatus: 404, message: 'not found', path: params.cluster_name });
}
},
model(params) {
const id = this.getClusterId(params);
return this.get('store').findRecord('cluster', id);
},
poll: task(function*() {
while (true) {
// when testing, the polling loop causes promises to never settle so acceptance tests hang
// to get around that, we just disable the poll in tests
if (Ember.testing) {
return;
}
yield timeout(POLL_INTERVAL_MS);
try {
yield this.controller.model.reload();
yield this.transitionToTargetRoute();
} catch (e) {
// we want to keep polling here
}
}
})
.cancelOn('deactivate')
.keepLatest(),
afterModel(model, transition) {
this._super(...arguments);
this.get('currentCluster').setCluster(model);
// Check that namespaces is enabled and if not,
// clear the namespace by transition to this route w/o it
if (this.get('namespaceService.path') && !this.get('version.hasNamespaces')) {
return this.transitionTo(this.routeName, { queryParams: { namespace: '' } });
}
return this.transitionToTargetRoute(transition);
},
setupController() {
this._super(...arguments);
this.poll.perform();
},
actions: {
error(e) {
if (e.httpStatus === 503 && e.errors[0] === 'Vault is sealed') {
this.refresh();
}
return true;
},
},
});
Reference in a new issue View git blame Copy permalink