0357790fb8
* fix default rendering of svg and allow plugins access to mount tune form * add auth-jwt component * add callback route, and allow it to be navigated to on load * add jwt as a supported auth method * use auth-jwt component and implement intial oidc flow * allow wrapping un-authed requests * pass redirect_url and properly redirect with the wrapped token * popup for login * center popup window and move to localStorage events for cross window communication because of IE11 * access window via a getter on the auth-form component * show OIDC provider name on the button * fetch default role on render of the auth-jwt component * simplify auth-form template * style callback page * refetch auth_url when path changes for auth-jwt component * fix glimmer error on alias metadata, and add back popup-metadata component * fix link in metadata page * add logo-edition component and remove use of partial for logo svg * render oidc callback template on the loading page if we're going there * add docs icon and change timeout on the auth form * move OIDC auth specific things to auth-jwt component * start to add branded buttons for OIDC providers * add google button * finish branded buttons * update glyph for error messages * update tests for auth screen not showing tabs, add adapter tests and new auth jwt tests * start auth-jwt tests * simplify auth-jwt * remove negative top margin on AlertInline * only preventDefault if there's an event * fill out tests * sort out some naming * feedback on templates and styles * clear error when starting OIDC auth and call for new auth_url * also allow 'oidc' as the auth method type * handle namespaces with OIDC auth * review feedback * use new getters in popup-metadata
74 lines
2 KiB
JavaScript
74 lines
2 KiB
JavaScript
import { inject as service } from '@ember/service';
|
|
import { get } from '@ember/object';
|
|
import Mixin from '@ember/object/mixin';
|
|
import RSVP from 'rsvp';
|
|
const INIT = 'vault.cluster.init';
|
|
const UNSEAL = 'vault.cluster.unseal';
|
|
const AUTH = 'vault.cluster.auth';
|
|
const CLUSTER = 'vault.cluster';
|
|
const OIDC_CALLBACK = 'vault.cluster.oidc-callback';
|
|
const DR_REPLICATION_SECONDARY = 'vault.cluster.replication-dr-promote';
|
|
|
|
export { INIT, UNSEAL, AUTH, CLUSTER, DR_REPLICATION_SECONDARY };
|
|
|
|
export default Mixin.create({
|
|
auth: service(),
|
|
|
|
transitionToTargetRoute(transition) {
|
|
const targetRoute = this.targetRouteName(transition);
|
|
if (targetRoute && targetRoute !== this.routeName) {
|
|
return this.transitionTo(targetRoute);
|
|
}
|
|
|
|
return RSVP.resolve();
|
|
},
|
|
|
|
beforeModel() {
|
|
return this.transitionToTargetRoute();
|
|
},
|
|
|
|
clusterModel() {
|
|
return this.modelFor(CLUSTER);
|
|
},
|
|
|
|
authToken() {
|
|
return get(this, 'auth.currentToken');
|
|
},
|
|
|
|
hasKeyData() {
|
|
return !!get(this.controllerFor(INIT), 'keyData');
|
|
},
|
|
|
|
targetRouteName(transition) {
|
|
const cluster = this.clusterModel();
|
|
const isAuthed = this.authToken();
|
|
if (get(cluster, 'needsInit')) {
|
|
return INIT;
|
|
}
|
|
if (this.hasKeyData() && this.routeName !== UNSEAL && this.routeName !== AUTH) {
|
|
return INIT;
|
|
}
|
|
if (get(cluster, 'sealed')) {
|
|
return UNSEAL;
|
|
}
|
|
if (get(cluster, 'dr.isSecondary')) {
|
|
return DR_REPLICATION_SECONDARY;
|
|
}
|
|
if (!isAuthed) {
|
|
if ((transition && transition.targetName === OIDC_CALLBACK) || this.routeName === OIDC_CALLBACK) {
|
|
return OIDC_CALLBACK;
|
|
}
|
|
return AUTH;
|
|
}
|
|
if (
|
|
(!get(cluster, 'needsInit') && this.routeName === INIT) ||
|
|
(!get(cluster, 'sealed') && this.routeName === UNSEAL) ||
|
|
(!get(cluster, 'dr.isSecondary') && this.routeName === DR_REPLICATION_SECONDARY) ||
|
|
(isAuthed && this.routeName === AUTH)
|
|
) {
|
|
return CLUSTER;
|
|
}
|
|
return null;
|
|
},
|
|
});
|