luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/ui/app/models/mfa-method.js
Jordan Reimer 7da2085fa3
MFA Config (#15200) 
* adds mirage factories for mfa methods and login enforcement

* adds mirage handler for mfa config endpoints

* adds mirage identity manager for uuids

* updates mfa test to use renamed mfaLogin mirage handler

* updates mfa login workflow for push methods (#15214)

* MFA Login Enforcement Model (#15244)

* adds mfa login enforcement model, adapter and serializer

* updates mfa methods to hasMany realtionship and transforms property names

* updates login enforcement adapter to use urlForQuery over buildURL

* Model for mfa method (#15218)

* Model for mfa method

* Added adapter and serializer for mfa method

- Updated mfa method model
- Basic route to handle list view
- Added MFA to access nav

* Show landing page if methods are not configured

* Updated adapter,serializer

- Backend is adding new endpoint to list all the mfa methods

* Updated landing page

- Added MFA diagram
- Created helper to resolve full path for assets like images

* Remove ember assign

* Fixed failing test

* MFA method and enforcement list view (#15353)

* MFA method and enforcement list view

- Added new route for list views
- List mfa methods along with id, type and icon
- Added client side pagination to list views

* Throw error if method id is not present

* MFA Login Enforcement Form (#15410)

* adds mfa login enforcement form and header components and radio card component

* skips login enforcement form tests for now

* adds jsdoc annotations for mfa-login-enforcement-header component

* adds error handling when fetching identity targets in login enforcement form component

* updates radio-card label elements

* MFA Login Enforcement Create and Edit routes (#15422)

* adds mfa login enforcement form and header components and radio card component

* skips login enforcement form tests for now

* updates to login enforcement form to fix issues hydrating methods and targets from model when editing

* updates to mfa-config mirage handler and login enforcement handler

* fixes issue with login enforcement serializer normalizeItems method throwing error on save

* updates to mfa route structure

* adds login enforcement create and edit routes

* MFA Login Enforcement Read Views (#15462)

* adds login enforcement read views

* skip mfa-method-list-item test for now

* MFA method form (#15432)

* MFA method form

- Updated model for form attributes
- Form for editing, creating mfa methods

* Added comments

* Update model for mfa method

* Refactor buildURL in mfa method adapter

* Update adapter to handle mfa create

* Fixed adapter to handle create mfa response

* Sidebranch: MFA end user setup (#15273)

* initial setup of components and route

* fix navbar

* replace parent component with controller

* use auth service to return entity id

* adapter and some error handling:

* clean up adapter and handle warning

* wip

* use library for qrCode generation

* clear warning and QR code display fix

* flow for restart setup

* add documentation

* clean up

* fix warning issue

* handle root user

* remove comment

* update copy

* fix margin

* address comment

* MFA Guided Setup Route (#15479)

* adds mfa method create route with type selection workflow

* updates mfa method create route links to use DocLink component

* MFA Guided Setup Config View (#15486)

* adds mfa guided setup config view

* resets type query param on mfa method create route exit

* hide next button if type is not selected in mfa method create route

* updates to sure correct state when changing mfa method type in guided setup

* Enforcement view at MFA method level (#15485)

- List enforcements for each mfa method
- Delete MFA method if no enforcements are present
- Moved method, enforcement list item component to mfa folder

* MFA Login Enforcement Validations (#15498)

* adds model and form validations for mfa login enforcements

* updates mfa login enforcement validation messages

* updates validation message for mfa login enforcement targets

* adds transition action to configure mfa button on landing page

* unset enforcement on preference change in mfa guided setup workflow

* Added validations for mfa method model (#15506)

* UI/mfa breadcrumbs and small fixes (#15499)

* add active class when on index

* breadcrumbs

* remove box-shadow to match designs

* fix refresh load mfa-method

* breadcrumb create

* add an empty state the enforcements list view

* change to beforeModel

* UI/mfa small bugs (#15522)

* remove pagintion and fix on methods list view

* fix enforcements

* Fix label for value on radio-card (#15542)

* MFA Login Enforcement Component Tests (#15539)

* adds tests for mfa-login-enforcement-header component

* adds tests for mfa-login-enforcement-form component

* Remove default values from mfa method model (#15540)

- use passcode had a default value, as a result it was being sent
with all the mfa method types during save and edit flows..

* UI/mfa small cleanup (#15549)

* data-test-mleh -> data-test-mfa

* Only one label per radio card

* Remove unnecessary async

* Simplify boolean logic

* Make mutation clear

* Revert "data-test-mleh -> data-test-mfa"

This reverts commit 31430df7bb42580a976d082667cb6ed1f09c3944.

* updates mfa login enforcement form to only display auth method types for current mounts as targets (#15547)

* remove token type (#15548)

* remove token type

* conditional param

* removes type from mfa method payload and fixes bug transitioning to method route on save success

* removes punctuation from mfa form error message string match

* updates qr-code component invocation to angle bracket

* Re-trigger CI jobs with empty commit

Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com>
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Co-authored-by: Michele Degges <mdeggies@gmail.com>
2022-05-20 18:40:16 -06:00

169 lines
4.3 KiB
JavaScript
Raw Blame History

import Model, { attr } from '@ember-data/model';
import { capitalize } from '@ember/string';
import { expandAttributeMeta } from 'vault/utils/field-to-attrs';
import { withModelValidations } from 'vault/decorators/model-validations';
import { isPresent } from '@ember/utils';
const METHOD_PROPS = {
common: [],
duo: ['username_format', 'secret_key', 'integration_key', 'api_hostname', 'push_info', 'use_passcode'],
okta: ['username_format', 'mount_accessor', 'org_name', 'api_token', 'base_url', 'primary_email'],
totp: ['issuer', 'period', 'key_size', 'qr_size', 'algorithm', 'digits', 'skew', 'max_validation_attempts'],
pingid: [
'username_format',
'settings_file_base64',
'use_signature',
'idp_url',
'admin_url',
'authenticator_url',
'org_alias',
],
};
const REQUIRED_PROPS = {
duo: ['secret_key', 'integration_key', 'api_hostname'],
okta: ['org_name', 'api_token'],
totp: ['issuer'],
pingid: ['settings_file_base64'],
};
const validators = Object.keys(REQUIRED_PROPS).reduce((obj, type) => {
REQUIRED_PROPS[type].forEach((prop) => {
obj[`${prop}`] = [
{
message: `${prop.replace(/_/g, ' ')} is required`,
validator(model) {
return model.type === type ? isPresent(model[prop]) : true;
},
},
];
});
return obj;
}, {});
@withModelValidations(validators)
export default class MfaMethod extends Model {
// common
@attr('string') type;
@attr('string', {
label: 'Username format',
subText: 'How to map identity names to MFA method names. ',
})
username_format;
@attr('string', {
label: 'Namespace',
})
namespace_id;
@attr('string') mount_accessor;
// PING ID
@attr('string', {
label: 'Settings file',
subText: 'A base-64 encoded third party setting file retrieved from the PingIDs configuration page.',
})
settings_file_base64;
@attr('boolean') use_signature;
@attr('string') idp_url;
@attr('string') admin_url;
@attr('string') authenticator_url;
@attr('string') org_alias;
// OKTA
@attr('string', {
label: 'Organization name',
subText: 'Name of the organization to be used in the Okta API.',
})
org_name;
@attr('string', {
label: 'Okta API key',
})
api_token;
@attr('string', {
label: 'Base URL',
subText:
'If set, will be used as the base domain for API requests. Example are okta.com, oktapreview.com and okta-emea.com.',
})
base_url;
@attr('boolean') primary_email;
// DUO
@attr('string', {
label: 'Duo secret key',
sensitive: true,
})
secret_key;
@attr('string', {
label: 'Duo integration key',
sensitive: true,
})
integration_key;
@attr('string', {
label: 'Duo API hostname',
})
api_hostname;
@attr('string', {
label: 'Duo push information',
subText: 'Additional information displayed to the user when the push is presented to them.',
})
push_info;
@attr('boolean', {
label: 'Passcode reminder',
subText: 'If this is turned on, the user is reminded to use the passcode upon MFA validation.',
})
use_passcode;
// TOTP
@attr('string', {
label: 'Issuer',
subText: 'The human-readable name of the keys issuing organization.',
})
issuer;
@attr({
label: 'Period',
editType: 'ttl',
subText: 'How long each generated TOTP is valid.',
})
period;
@attr('number', {
label: 'Key size',
subText: 'The size in bytes of the Vault generated key.',
})
key_size;
@attr('number', {
label: 'QR size',
subText: 'The pixel size of the generated square QR code.',
})
qr_size;
@attr('string', {
label: 'Algorithm',
possibleValues: ['SHA1', 'SHA256', 'SHA512'],
subText: 'The hashing algorithm used to generate the TOTP code.',
})
algorithm;
@attr('number', {
label: 'Digits',
possibleValues: [6, 8],
subText: 'The number digits in the generated TOTP code.',
})
digits;
@attr('number', {
label: 'Skew',
possibleValues: [0, 1],
subText: 'The number of delay periods allowed when validating a TOTP token.',
})
skew;
@attr('number') max_validation_attempts;
get name() {
return this.type === 'totp' ? this.type.toUpperCase() : capitalize(this.type);
}
get formFields() {
return [...METHOD_PROPS.common, ...METHOD_PROPS[this.type]];
}
get attrs() {
return expandAttributeMeta(this, this.formFields);
}
}
Reference in a new issue View git blame Copy permalink