projects / arvados-workbench2.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
15064: Logging into home cluster logs into all federated clusters
[arvados-workbench2.git] / src / services / auth-service / auth-service.ts
1 // Copyright (C) The Arvados Authors. All rights reserved.
2 //
3 // SPDX-License-Identifier: AGPL-3.0
4
5 import { getUserFullname, User, UserPrefs, UserResource } from '~/models/user';
6 import { AxiosInstance } from "axios";
7 import { ApiActions } from "~/services/api/api-actions";
8 import * as uuid from "uuid/v4";
9 import { Session, SessionStatus } from "~/models/session";
10 import { Config } from "~/common/config";
11 import { uniqBy } from "lodash";
12
13 export const API_TOKEN_KEY = 'apiToken';
14 export const USER_EMAIL_KEY = 'userEmail';
15 export const USER_FIRST_NAME_KEY = 'userFirstName';
16 export const USER_LAST_NAME_KEY = 'userLastName';
17 export const USER_UUID_KEY = 'userUuid';
18 export const USER_OWNER_UUID_KEY = 'userOwnerUuid';
19 export const USER_IS_ADMIN = 'isAdmin';
20 export const USER_IS_ACTIVE = 'isActive';
21 export const USER_USERNAME = 'username';
22 export const USER_PREFS = 'prefs';
23
24 export interface UserDetailsResponse {
25     email: string;
26     first_name: string;
27     last_name: string;
28     uuid: string;
29     owner_uuid: string;
30     is_admin: boolean;
31     is_active: boolean;
32     username: string;
33     prefs: UserPrefs;
34 }
35
36 export class AuthService {
37
38     constructor(
39         protected apiClient: AxiosInstance,
40         protected baseUrl: string,
41         protected actions: ApiActions) { }
42
43     public saveApiToken(token: string) {
44         localStorage.setItem(API_TOKEN_KEY, token);
45     }
46
47     public removeApiToken() {
48         localStorage.removeItem(API_TOKEN_KEY);
49     }
50
51     public getApiToken() {
52         return localStorage.getItem(API_TOKEN_KEY) || undefined;
53     }
54
55     public getUuid() {
56         return localStorage.getItem(USER_UUID_KEY) || undefined;
57     }
58
59     public getOwnerUuid() {
60         return localStorage.getItem(USER_OWNER_UUID_KEY) || undefined;
61     }
62
63     public getIsAdmin(): boolean {
64         return localStorage.getItem(USER_IS_ADMIN) === 'true';
65     }
66
67     public getIsActive(): boolean {
68         return localStorage.getItem(USER_IS_ACTIVE) === 'true';
69     }
70
71     public getUser(): User | undefined {
72         const email = localStorage.getItem(USER_EMAIL_KEY);
73         const firstName = localStorage.getItem(USER_FIRST_NAME_KEY);
74         const lastName = localStorage.getItem(USER_LAST_NAME_KEY);
75         const uuid = this.getUuid();
76         const ownerUuid = this.getOwnerUuid();
77         const isAdmin = this.getIsAdmin();
78         const isActive = this.getIsActive();
79         const username = localStorage.getItem(USER_USERNAME);
80         const prefs = JSON.parse(localStorage.getItem(USER_PREFS) || '{"profile": {}}');
81
82         return email && firstName && lastName && uuid && ownerUuid && username && prefs
83             ? { email, firstName, lastName, uuid, ownerUuid, isAdmin, isActive, username, prefs }
84             : undefined;
85     }
86
87     public saveUser(user: User | UserResource) {
88         localStorage.setItem(USER_EMAIL_KEY, user.email);
89         localStorage.setItem(USER_FIRST_NAME_KEY, user.firstName);
90         localStorage.setItem(USER_LAST_NAME_KEY, user.lastName);
91         localStorage.setItem(USER_UUID_KEY, user.uuid);
92         localStorage.setItem(USER_OWNER_UUID_KEY, user.ownerUuid);
93         localStorage.setItem(USER_IS_ADMIN, JSON.stringify(user.isAdmin));
94         localStorage.setItem(USER_IS_ACTIVE, JSON.stringify(user.isActive));
95         localStorage.setItem(USER_USERNAME, user.username);
96         localStorage.setItem(USER_PREFS, JSON.stringify(user.prefs));
97     }
98
99     public removeUser() {
100         localStorage.removeItem(USER_EMAIL_KEY);
101         localStorage.removeItem(USER_FIRST_NAME_KEY);
102         localStorage.removeItem(USER_LAST_NAME_KEY);
103         localStorage.removeItem(USER_UUID_KEY);
104         localStorage.removeItem(USER_OWNER_UUID_KEY);
105         localStorage.removeItem(USER_IS_ADMIN);
106         localStorage.removeItem(USER_IS_ACTIVE);
107         localStorage.removeItem(USER_USERNAME);
108         localStorage.removeItem(USER_PREFS);
109     }
110
111     public login(uuidPrefix: string, homeCluster: string, remoteHosts: { [key: string]: string }) {
112         const currentUrl = `${window.location.protocol}//${window.location.host}/token`;
113         const homeClusterHost = remoteHosts[homeCluster];
114         window.location.assign(`https://${homeClusterHost}/login?${uuidPrefix !== homeCluster ? "remote=" + uuidPrefix + "&" : ""}return_to=${currentUrl}`);
115     }
116
117     public logout() {
118         const currentUrl = `${window.location.protocol}//${window.location.host}`;
119         window.location.assign(`${this.baseUrl || ""}/logout?return_to=${currentUrl}`);
120     }
121
122     public getUserDetails = (): Promise<User> => {
123         const reqId = uuid();
124         this.actions.progressFn(reqId, true);
125         return this.apiClient
126             .get<UserDetailsResponse>('/users/current')
127             .then(resp => {
128                 this.actions.progressFn(reqId, false);
129                 const prefs = resp.data.prefs.profile ? resp.data.prefs : { profile: {} };
130                 return {
131                     email: resp.data.email,
132                     firstName: resp.data.first_name,
133                     lastName: resp.data.last_name,
134                     uuid: resp.data.uuid,
135                     ownerUuid: resp.data.owner_uuid,
136                     isAdmin: resp.data.is_admin,
137                     isActive: resp.data.is_active,
138                     username: resp.data.username,
139                     prefs
140                 };
141             })
142             .catch(e => {
143                 this.actions.progressFn(reqId, false);
144                 this.actions.errorFn(reqId, e);
145                 throw e;
146             });
147     }
148
149     public getRootUuid() {
150         const uuid = this.getOwnerUuid();
151         const uuidParts = uuid ? uuid.split('-') : [];
152         return uuidParts.length > 1 ? `${uuidParts[0]}-${uuidParts[1]}` : undefined;
153     }
154
155     public getSessions(): Session[] {
156         try {
157             const sessions = JSON.parse(localStorage.getItem("sessions") || '');
158             return sessions;
159         } catch {
160             return [];
161         }
162     }
163
164     public saveSessions(sessions: Session[]) {
165         localStorage.setItem("sessions", JSON.stringify(sessions));
166     }
167
168     public buildSessions(cfg: Config, user?: User) {
169         const currentSession = {
170             clusterId: cfg.uuidPrefix,
171             remoteHost: cfg.rootUrl,
172             baseUrl: cfg.baseUrl,
173             username: getUserFullname(user),
174             email: user ? user.email : '',
175             token: this.getApiToken(),
176             loggedIn: true,
177             active: true,
178             status: SessionStatus.VALIDATED
179         } as Session;
180         const localSessions = this.getSessions();
181         const cfgSessions = Object.keys(cfg.remoteHosts).map(clusterId => {
182             const remoteHost = cfg.remoteHosts[clusterId];
183             return {
184                 clusterId,
185                 remoteHost,
186                 baseUrl: '',
187                 username: '',
188                 email: '',
189                 token: '',
190                 loggedIn: false,
191                 active: false,
192                 status: SessionStatus.INVALIDATED
193             } as Session;
194         });
195         const sessions = [currentSession]
196             .concat(localSessions)
197             .concat(cfgSessions);
198
199         const uniqSessions = uniqBy(sessions, 'clusterId');
200
201         return uniqSessions;
202     }
203 }