import { Dispatch } from "redux";
import { setBreadcrumbs } from "~/store/breadcrumbs/breadcrumbs-actions";
import { RootState } from "~/store/store";
-import { ServiceRepository } from "~/services/services";
-import Axios from "axios";
-import { getUserFullname, User } from "~/models/user";
+import { ServiceRepository, createServices, setAuthorizationHeader } from "~/services/services";
+import Axios, { AxiosInstance } from "axios";
+import { User, getUserDisplayName } from "~/models/user";
import { authActions } from "~/store/auth/auth-action";
-import { Config, DISCOVERY_URL } from "~/common/config";
+import {
+ Config, ClusterConfigJSON, CLUSTER_CONFIG_PATH, DISCOVERY_DOC_PATH,
+ buildConfig, mockClusterConfigJSON
+} from "~/common/config";
+import { normalizeURLPath } from "~/common/url";
import { Session, SessionStatus } from "~/models/session";
import { progressIndicatorActions } from "~/store/progress-indicator/progress-indicator-actions";
-import { AuthService, UserDetailsResponse } from "~/services/auth-service/auth-service";
+import { AuthService } from "~/services/auth-service/auth-service";
+import { snackbarActions, SnackbarKind } from "~/store/snackbar/snackbar-actions";
import * as jsSHA from "jssha";
-const getRemoteHostBaseUrl = async (remoteHost: string): Promise<string | null> => {
- let url = remoteHost;
- if (url.indexOf('://') < 0) {
- url = 'https://' + url;
- }
- const origin = new URL(url).origin;
- let baseUrl: string | null = null;
+const getClusterConfig = async (origin: string, apiClient: AxiosInstance): Promise<Config | null> => {
+ let configFromDD: Config | undefined;
+ try {
+ const dd = (await apiClient.get<any>(`${origin}/${DISCOVERY_DOC_PATH}`)).data;
+ configFromDD = {
+ baseUrl: normalizeURLPath(dd.baseUrl),
+ keepWebServiceUrl: dd.keepWebServiceUrl,
+ remoteHosts: dd.remoteHosts,
+ rootUrl: dd.rootUrl,
+ uuidPrefix: dd.uuidPrefix,
+ websocketUrl: dd.websocketUrl,
+ workbenchUrl: dd.workbenchUrl,
+ workbench2Url: dd.workbench2Url,
+ loginCluster: "",
+ vocabularyUrl: "",
+ fileViewersConfigUrl: "",
+ clusterConfig: mockClusterConfigJSON({}),
+ apiRevision: parseInt(dd.revision, 10),
+ };
+ } catch { }
+ // Try public config endpoint
try {
- const resp = await Axios.get<Config>(`${origin}/${DISCOVERY_URL}`);
- baseUrl = resp.data.baseUrl;
- } catch (err) {
- try {
- const resp = await Axios.get<any>(`${origin}/status.json`);
- baseUrl = resp.data.apiBaseURL;
- } catch (err) {
- }
- }
+ const config = (await apiClient.get<ClusterConfigJSON>(`${origin}/${CLUSTER_CONFIG_PATH}`)).data;
+ return { ...buildConfig(config), apiRevision: configFromDD ? configFromDD.apiRevision : 0 };
+ } catch { }
- if (baseUrl && baseUrl[baseUrl.length - 1] === '/') {
- baseUrl = baseUrl.substr(0, baseUrl.length - 1);
+ // Fall back to discovery document
+ if (configFromDD !== undefined) {
+ return configFromDD;
}
- return baseUrl;
+ return null;
};
-const getUserDetails = async (baseUrl: string, token: string): Promise<UserDetailsResponse> => {
- const resp = await Axios.get<UserDetailsResponse>(`${baseUrl}/users/current`, {
- headers: {
- Authorization: `OAuth2 ${token}`
- }
- });
- return resp.data;
-};
+const getRemoteHostConfig = async (remoteHost: string, useApiClient?: AxiosInstance): Promise<Config | null> => {
+ const apiClient = useApiClient || Axios.create({ headers: {} });
-const getTokenUuid = async (baseUrl: string, token: string): Promise<string> => {
- if (token.startsWith("v2/")) {
- const uuid = token.split("/")[1];
- return Promise.resolve(uuid);
+ let url = remoteHost;
+ if (url.indexOf('://') < 0) {
+ url = 'https://' + url;
}
+ const origin = new URL(url).origin;
- const resp = await Axios.get(`${baseUrl}/api_client_authorizations`, {
- headers: {
- Authorization: `OAuth2 ${token}`
- },
- data: {
- filters: JSON.stringify([['api_token', '=', token]])
+ // Maybe it is an API server URL, try fetching config and discovery doc
+ let r = await getClusterConfig(origin, apiClient);
+ if (r !== null) {
+ return r;
+ }
+
+ // Maybe it is a Workbench2 URL, try getting config.json
+ try {
+ r = await getClusterConfig((await apiClient.get<any>(`${origin}/config.json`)).data.API_HOST, apiClient);
+ if (r !== null) {
+ return r;
+ }
+ } catch { }
+
+ // Maybe it is a Workbench1 URL, try getting status.json
+ try {
+ r = await getClusterConfig((await apiClient.get<any>(`${origin}/status.json`)).data.apiBaseURL, apiClient);
+ if (r !== null) {
+ return r;
}
- });
+ } catch { }
- return resp.data.items[0].uuid;
+ return null;
};
-const getSaltedToken = (clusterId: string, tokenUuid: string, token: string) => {
+const invalidV2Token = "Must be a v2 token";
+
+export const getSaltedToken = (clusterId: string, token: string) => {
const shaObj = new jsSHA("SHA-1", "TEXT");
- let secret = token;
- if (token.startsWith("v2/")) {
- secret = token.split("/")[2];
+ const [ver, uuid, secret] = token.split("/");
+ if (ver !== "v2") {
+ throw new Error(invalidV2Token);
}
- shaObj.setHMACKey(secret, "TEXT");
- shaObj.update(clusterId);
- const hmac = shaObj.getHMAC("HEX");
- return `v2/${tokenUuid}/${hmac}`;
+ let salted = secret;
+ if (uuid.substr(0, 5) !== clusterId) {
+ shaObj.setHMACKey(secret, "TEXT");
+ shaObj.update(clusterId);
+ salted = shaObj.getHMAC("HEX");
+ }
+ return `v2/${uuid}/${salted}`;
};
-const clusterLogin = async (clusterId: string, baseUrl: string, activeSession: Session): Promise<{user: User, token: string}> => {
- const tokenUuid = await getTokenUuid(activeSession.baseUrl, activeSession.token);
- const saltedToken = getSaltedToken(clusterId, tokenUuid, activeSession.token);
- const user = await getUserDetails(baseUrl, saltedToken);
- return {
- user: {
- firstName: user.first_name,
- lastName: user.last_name,
- uuid: user.uuid,
- ownerUuid: user.owner_uuid,
- email: user.email,
- isAdmin: user.is_admin,
- identityUrl: user.identity_url,
- prefs: user.prefs
- },
- token: saltedToken
- };
-};
+export const getActiveSession = (sessions: Session[]): Session | undefined => sessions.find(s => s.active);
-const getActiveSession = (sessions: Session[]): Session | undefined => sessions.find(s => s.active);
+export const validateCluster = async (config: Config, useToken: string):
+ Promise<{ user: User; token: string }> => {
-export const validateCluster = async (remoteHost: string, clusterId: string, activeSession: Session): Promise<{ user: User; token: string, baseUrl: string }> => {
- const baseUrl = await getRemoteHostBaseUrl(remoteHost);
- if (!baseUrl) {
- return Promise.reject(`Could not find base url for ${remoteHost}`);
- }
- const { user, token } = await clusterLogin(clusterId, baseUrl, activeSession);
- return { baseUrl, user, token };
+ const saltedToken = getSaltedToken(config.uuidPrefix, useToken);
+
+ const svc = createServices(config, { progressFn: () => { }, errorFn: () => { } });
+ setAuthorizationHeader(svc, saltedToken);
+
+ const user = await svc.authService.getUserDetails();
+ return {
+ user,
+ token: saltedToken,
+ };
};
-export const validateSession = (session: Session, activeSession: Session) =>
+export const validateSession = (session: Session, activeSession: Session, useApiClient?: AxiosInstance) =>
async (dispatch: Dispatch): Promise<Session> => {
dispatch(authActions.UPDATE_SESSION({ ...session, status: SessionStatus.BEING_VALIDATED }));
session.loggedIn = false;
- try {
- const { baseUrl, user, token } = await validateCluster(session.remoteHost, session.clusterId, activeSession);
+
+ const setupSession = (baseUrl: string, user: User, token: string, apiRevision: number) => {
session.baseUrl = baseUrl;
session.token = token;
session.email = user.email;
- session.username = getUserFullname(user);
+ session.userIsActive = user.isActive;
+ session.uuid = user.uuid;
+ session.name = getUserDisplayName(user);
session.loggedIn = true;
- } catch {
- session.loggedIn = false;
- } finally {
- session.status = SessionStatus.VALIDATED;
- dispatch(authActions.UPDATE_SESSION(session));
+ session.apiRevision = apiRevision;
+ };
+
+ let fail: Error | null = null;
+ const config = await getRemoteHostConfig(session.remoteHost, useApiClient);
+ if (config !== null) {
+ dispatch(authActions.REMOTE_CLUSTER_CONFIG({ config }));
+ try {
+ const { user, token } = await validateCluster(config, session.token);
+ setupSession(config.baseUrl, user, token, config.apiRevision);
+ } catch (e) {
+ fail = new Error(`Getting current user for ${session.remoteHost}: ${e.message}`);
+ try {
+ const { user, token } = await validateCluster(config, activeSession.token);
+ setupSession(config.baseUrl, user, token, config.apiRevision);
+ fail = null;
+ } catch (e2) {
+ if (e.message === invalidV2Token) {
+ fail = new Error(`Getting current user for ${session.remoteHost}: ${e2.message}`);
+ }
+ }
+ }
+ } else {
+ fail = new Error(`Could not get config for ${session.remoteHost}`);
}
+ session.status = SessionStatus.VALIDATED;
+ dispatch(authActions.UPDATE_SESSION(session));
+
+ if (fail) {
+ throw fail;
+ }
+
return session;
};
-export const validateSessions = () =>
+export const validateSessions = (useApiClient?: AxiosInstance) =>
async (dispatch: Dispatch<any>, getState: () => RootState, services: ServiceRepository) => {
const sessions = getState().auth.sessions;
const activeSession = getActiveSession(sessions);
dispatch(progressIndicatorActions.START_WORKING("sessionsValidation"));
for (const session of sessions) {
if (session.status === SessionStatus.INVALIDATED) {
- await dispatch(validateSession(session, activeSession));
+ try {
+ /* Here we are dispatching a function, not an
+ action. This is legal (it calls the
+ function with a 'Dispatch' object as the
+ first parameter) but the typescript
+ annotations don't understand this case, so
+ we get an error from typescript unless
+ override it using Dispatch<any>. This
+ pattern is used in a bunch of different
+ places in Workbench2. */
+ await dispatch(validateSession(session, activeSession, useApiClient));
+ } catch (e) {
+ dispatch(snackbarActions.OPEN_SNACKBAR({
+ message: e.message,
+ kind: SnackbarKind.ERROR
+ }));
+ }
}
}
- services.authService.saveSessions(sessions);
+ services.authService.saveSessions(getState().auth.sessions);
dispatch(progressIndicatorActions.STOP_WORKING("sessionsValidation"));
}
};
-export const addSession = (remoteHost: string) =>
+export const addRemoteConfig = (remoteHost: string) =>
+ async (dispatch: Dispatch<any>, getState: () => RootState, services: ServiceRepository) => {
+ const config = await getRemoteHostConfig(remoteHost);
+ if (!config) {
+ dispatch(snackbarActions.OPEN_SNACKBAR({
+ message: `Could not get config for ${remoteHost}`,
+ kind: SnackbarKind.ERROR
+ }));
+ return;
+ }
+ dispatch(authActions.REMOTE_CLUSTER_CONFIG({ config }));
+ };
+
+export const addSession = (remoteHost: string, token?: string, sendToLogin?: boolean) =>
async (dispatch: Dispatch<any>, getState: () => RootState, services: ServiceRepository) => {
const sessions = getState().auth.sessions;
const activeSession = getActiveSession(sessions);
- if (activeSession) {
- const clusterId = remoteHost.match(/^(\w+)\./)![1];
- if (sessions.find(s => s.clusterId === clusterId)) {
- return Promise.reject("Cluster already exists");
+ let useToken: string | null = null;
+ if (token) {
+ useToken = token;
+ } else if (activeSession) {
+ useToken = activeSession.token;
+ }
+
+ if (useToken) {
+ const config = await getRemoteHostConfig(remoteHost);
+ if (!config) {
+ dispatch(snackbarActions.OPEN_SNACKBAR({
+ message: `Could not get config for ${remoteHost}`,
+ kind: SnackbarKind.ERROR
+ }));
+ return;
}
+
try {
- const { baseUrl, user, token } = await validateCluster(remoteHost, clusterId, activeSession);
+ dispatch(authActions.REMOTE_CLUSTER_CONFIG({ config }));
+ const { user, token } = await validateCluster(config, useToken);
const session = {
loggedIn: true,
status: SessionStatus.VALIDATED,
active: false,
email: user.email,
- username: getUserFullname(user),
+ userIsActive: user.isActive,
+ name: getUserDisplayName(user),
+ uuid: user.uuid,
+ baseUrl: config.baseUrl,
+ clusterId: config.uuidPrefix,
remoteHost,
- baseUrl,
- clusterId,
- token
+ token,
+ apiRevision: config.apiRevision,
};
- dispatch(authActions.ADD_SESSION(session));
+ if (sessions.find(s => s.clusterId === config.uuidPrefix)) {
+ await dispatch(authActions.UPDATE_SESSION(session));
+ } else {
+ await dispatch(authActions.ADD_SESSION(session));
+ }
services.authService.saveSessions(getState().auth.sessions);
return session;
- } catch (e) {
+ } catch {
+ if (sendToLogin) {
+ const rootUrl = new URL(config.baseUrl);
+ rootUrl.pathname = "";
+ window.location.href = `${rootUrl.toString()}/login?return_to=` + encodeURI(`${window.location.protocol}//${window.location.host}/add-session?baseURL=` + encodeURI(rootUrl.toString()));
+ return;
+ }
}
}
- return Promise.reject("Could not validate cluster");
+ return Promise.reject(new Error("Could not validate cluster"));
};
-export const toggleSession = (session: Session) =>
+
+export const removeSession = (clusterId: string) =>
async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
- let s = { ...session };
+ await dispatch(authActions.REMOVE_SESSION(clusterId));
+ services.authService.saveSessions(getState().auth.sessions);
+ };
+
+export const toggleSession = (session: Session) =>
+ async (dispatch: Dispatch<any>, getState: () => RootState, services: ServiceRepository) => {
+ const s: Session = { ...session };
if (session.loggedIn) {
s.loggedIn = false;
+ dispatch(authActions.UPDATE_SESSION(s));
} else {
const sessions = getState().auth.sessions;
const activeSession = getActiveSession(sessions);
if (activeSession) {
- s = await dispatch<any>(validateSession(s, activeSession)) as Session;
+ try {
+ await dispatch(validateSession(s, activeSession));
+ } catch (e) {
+ dispatch(snackbarActions.OPEN_SNACKBAR({
+ message: e.message,
+ kind: SnackbarKind.ERROR
+ }));
+ s.loggedIn = false;
+ dispatch(authActions.UPDATE_SESSION(s));
+ }
}
}
- dispatch(authActions.UPDATE_SESSION(s));
services.authService.saveSessions(getState().auth.sessions);
};
export const initSessions = (authService: AuthService, config: Config, user: User) =>
(dispatch: Dispatch<any>) => {
const sessions = authService.buildSessions(config, user);
- authService.saveSessions(sessions);
dispatch(authActions.SET_SESSIONS(sessions));
+ dispatch(validateSessions(authService.getApiClient()));
};
export const loadSiteManagerPanel = () =>
async (dispatch: Dispatch<any>) => {
try {
- dispatch(setBreadcrumbs([{ label: 'Site Manager'}]));
+ dispatch(setBreadcrumbs([{ label: 'Site Manager' }]));
dispatch(validateSessions());
} catch (e) {
return;
projects / arvados-workbench2.git / blobdiff