1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
5 import { ofType, unionize, UnionOf } from '~/common/unionize';
6 import { Dispatch } from "redux";
7 import { AxiosInstance } from "axios";
8 import { RootState } from "../store";
9 import { ServiceRepository } from "~/services/services";
10 import { SshKeyResource } from '~/models/ssh-key';
11 import { User, UserResource } from "~/models/user";
12 import { Session } from "~/models/session";
13 import { getClusterConfigURL, Config, ClusterConfigJSON, mapRemoteHosts } from '~/common/config';
14 import { initSessions } from "~/store/auth/auth-action-session";
15 import { cancelLinking } from '~/store/link-account-panel/link-account-panel-actions';
16 import { matchTokenRoute, matchFedTokenRoute } from '~/routes/routes';
17 import Axios from "axios";
18 import { AxiosError } from "axios";
20 export const authActions = unionize({
21 SAVE_API_TOKEN: ofType<string>(),
22 SAVE_USER: ofType<UserResource>(),
25 CONFIG: ofType<{ config: Config }>(),
26 INIT: ofType<{ user: User, token: string }>(),
27 USER_DETAILS_REQUEST: {},
28 USER_DETAILS_SUCCESS: ofType<User>(),
29 SET_SSH_KEYS: ofType<SshKeyResource[]>(),
30 ADD_SSH_KEY: ofType<SshKeyResource>(),
31 REMOVE_SSH_KEY: ofType<string>(),
32 SET_HOME_CLUSTER: ofType<string>(),
33 SET_SESSIONS: ofType<Session[]>(),
34 ADD_SESSION: ofType<Session>(),
35 REMOVE_SESSION: ofType<string>(),
36 UPDATE_SESSION: ofType<Session>(),
37 REMOTE_CLUSTER_CONFIG: ofType<{ config: Config }>(),
40 export function setAuthorizationHeader(services: ServiceRepository, token: string) {
41 services.apiClient.defaults.headers.common = {
42 Authorization: `OAuth2 ${token}`
44 services.webdavClient.defaults.headers = {
45 Authorization: `OAuth2 ${token}`
49 function removeAuthorizationHeader(client: AxiosInstance) {
50 delete client.defaults.headers.common.Authorization;
53 export const initAuth = (config: Config) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
54 // Cancel any link account ops in progress unless the user has
55 // just logged in or there has been a successful link operation
56 const data = services.linkAccountService.getLinkOpStatus();
57 if (!matchTokenRoute(location.pathname) && (!matchFedTokenRoute(location.pathname)) && data === undefined) {
58 dispatch<any>(cancelLinking()).then(() => {
59 dispatch<any>(init(config));
63 dispatch<any>(init(config));
67 const init = (config: Config) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
68 const user = services.authService.getUser();
69 const token = services.authService.getApiToken();
70 let homeCluster = services.authService.getHomeCluster();
72 setAuthorizationHeader(services, token);
74 if (homeCluster && !config.remoteHosts[homeCluster]) {
75 homeCluster = undefined;
77 dispatch(authActions.CONFIG({ config }));
78 dispatch(authActions.SET_HOME_CLUSTER(config.loginCluster || homeCluster || config.uuidPrefix));
80 dispatch(authActions.INIT({ user, token }));
81 dispatch<any>(initSessions(services.authService, config, user));
82 dispatch<any>(getUserDetails()).then((user: User) => {
83 dispatch(authActions.INIT({ user, token }));
84 }).catch((err: AxiosError) => {
87 if (err.response.status === 401) {
88 logout()(dispatch, getState, services);
93 Object.keys(config.remoteHosts).map((k) => {
94 Axios.get<ClusterConfigJSON>(getClusterConfigURL(config.remoteHosts[k]))
96 const remoteConfig = new Config();
97 remoteConfig.uuidPrefix = response.data.ClusterID;
98 remoteConfig.workbench2Url = response.data.Services.Workbench2.ExternalURL;
99 remoteConfig.loginCluster = response.data.Login.LoginCluster;
100 mapRemoteHosts(response.data, remoteConfig);
101 dispatch(authActions.REMOTE_CLUSTER_CONFIG({ config: remoteConfig }));
106 export const saveApiToken = (token: string) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
107 services.authService.saveApiToken(token);
108 setAuthorizationHeader(services, token);
109 dispatch(authActions.SAVE_API_TOKEN(token));
112 export const saveUser = (user: UserResource) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
113 services.authService.saveUser(user);
114 dispatch(authActions.SAVE_USER(user));
117 export const login = (uuidPrefix: string, homeCluster: string, loginCluster: string,
118 remoteHosts: { [key: string]: string }) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
119 services.authService.login(uuidPrefix, homeCluster, loginCluster, remoteHosts);
120 dispatch(authActions.LOGIN());
123 export const logout = (deleteLinkData: boolean = false) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
124 if (deleteLinkData) {
125 services.linkAccountService.removeAccountToLink();
127 services.authService.removeApiToken();
128 services.authService.removeUser();
129 removeAuthorizationHeader(services.apiClient);
130 services.authService.logout();
131 dispatch(authActions.LOGOUT());
134 export const getUserDetails = () => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository): Promise<User> => {
135 dispatch(authActions.USER_DETAILS_REQUEST());
136 return services.authService.getUserDetails().then(user => {
137 services.authService.saveUser(user);
138 dispatch(authActions.USER_DETAILS_SUCCESS(user));
143 export type AuthAction = UnionOf<typeof authActions>;