+const getTokenUuid = async (baseUrl: string, token: string): Promise<string> => {
+ if (token.startsWith("v2/")) {
+ const uuid = token.split("/")[1];
+ return Promise.resolve(uuid);
+ }
+
+ const resp = await Axios.get(`${baseUrl}api_client_authorizations`, {
+ headers: {
+ Authorization: `OAuth2 ${token}`
+ },
+ data: {
+ filters: JSON.stringify([['api_token', '=', token]])
+ }
+ });
+
+ return resp.data.items[0].uuid;
+};
+
+const getSaltedToken = (clusterId: string, tokenUuid: string, token: string) => {
+ const shaObj = new jsSHA("SHA-1", "TEXT");
+ let secret = token;
+ if (token.startsWith("v2/")) {
+ secret = token.split("/")[2];
+ }
+ shaObj.setHMACKey(secret, "TEXT");
+ shaObj.update(clusterId);
+ const hmac = shaObj.getHMAC("HEX");
+ return `v2/${tokenUuid}/${hmac}`;
+};
+
+const clusterLogin = async (clusterId: string, baseUrl: string, activeSession: Session): Promise<{ user: User, token: string }> => {
+ const tokenUuid = await getTokenUuid(activeSession.baseUrl, activeSession.token);
+ const saltedToken = getSaltedToken(clusterId, tokenUuid, activeSession.token);
+ const user = await getUserDetails(baseUrl, saltedToken);
+ return {
+ user: {
+ firstName: user.first_name,
+ lastName: user.last_name,
+ uuid: user.uuid,
+ ownerUuid: user.owner_uuid,
+ email: user.email,
+ isAdmin: user.is_admin,
+ identityUrl: user.identity_url,
+ prefs: user.prefs
+ },
+ token: saltedToken
+ };
+};
+
+export const getActiveSession = (sessions: Session[]): Session | undefined => sessions.find(s => s.active);
+
+export const validateCluster = async (remoteHost: string, clusterId: string, activeSession: Session): Promise<{ user: User; token: string, baseUrl: string }> => {
+ const baseUrl = await getRemoteHostBaseUrl(remoteHost);
+ if (!baseUrl) {
+ return Promise.reject(`Could not find base url for ${remoteHost}`);
+ }
+ const { user, token } = await clusterLogin(clusterId, baseUrl, activeSession);
+ return { baseUrl, user, token };
+};
+
+export const validateSession = (session: Session, activeSession: Session) =>
+ async (dispatch: Dispatch): Promise<Session> => {
+ dispatch(authActions.UPDATE_SESSION({ ...session, status: SessionStatus.BEING_VALIDATED }));
+ session.loggedIn = false;
+ try {
+ const { baseUrl, user, token } = await validateCluster(session.remoteHost, session.clusterId, activeSession);
+ session.baseUrl = baseUrl;
+ session.token = token;
+ session.email = user.email;
+ session.username = getUserFullname(user);
+ session.loggedIn = true;
+ } catch {
+ session.loggedIn = false;
+ } finally {
+ session.status = SessionStatus.VALIDATED;
+ dispatch(authActions.UPDATE_SESSION(session));
+ }
+ return session;
+ };
+
+export const validateSessions = () =>