X-Git-Url: https://git.arvados.org/arvados-workbench2.git/blobdiff_plain/d4afb5d44f63394461ff1571039a74b3462d8ae6..4d3c5f5861ea4c1d5e8491517806651cdfeab57f:/src/store/auth/auth-action-session.ts

diff --git a/src/store/auth/auth-action-session.ts b/src/store/auth/auth-action-session.ts
index ae698192..7e81f2d9 100644
--- a/src/store/auth/auth-action-session.ts
+++ b/src/store/auth/auth-action-session.ts
@@ -3,47 +3,62 @@
 // SPDX-License-Identifier: AGPL-3.0
 
 import { Dispatch } from "redux";
-import { setBreadcrumbs } from "~/store/breadcrumbs/breadcrumbs-actions";
-import { RootState } from "~/store/store";
-import { ServiceRepository } from "~/services/services";
-import Axios from "axios";
-import { getUserFullname, User } from "~/models/user";
-import { authActions } from "~/store/auth/auth-action";
-import { Config, ClusterConfigJSON, CLUSTER_CONFIG_PATH, DISCOVERY_DOC_PATH, ARVADOS_API_PATH } from "~/common/config";
-import { normalizeURLPath } from "~/common/url";
-import { Session, SessionStatus } from "~/models/session";
-import { progressIndicatorActions } from "~/store/progress-indicator/progress-indicator-actions";
-import { AuthService, UserDetailsResponse } from "~/services/auth-service/auth-service";
-import * as jsSHA from "jssha";
-
-const getClusterInfo = async (origin: string): Promise<{ clusterId: string, baseUrl: string } | null> => {
-    // Try the new public config endpoint
+import { setBreadcrumbs } from "store/breadcrumbs/breadcrumbs-actions";
+import { RootState } from "store/store";
+import { ServiceRepository, createServices, setAuthorizationHeader } from "services/services";
+import Axios, { AxiosInstance } from "axios";
+import { User, getUserDisplayName } from "models/user";
+import { authActions } from "store/auth/auth-action";
+import {
+    Config, ClusterConfigJSON, CLUSTER_CONFIG_PATH, DISCOVERY_DOC_PATH,
+    buildConfig, mockClusterConfigJSON
+} from "common/config";
+import { normalizeURLPath } from "common/url";
+import { Session, SessionStatus } from "models/session";
+import { progressIndicatorActions } from "store/progress-indicator/progress-indicator-actions";
+import { AuthService } from "services/auth-service/auth-service";
+import { snackbarActions, SnackbarKind } from "store/snackbar/snackbar-actions";
+import jsSHA from "jssha";
+
+const getClusterConfig = async (origin: string, apiClient: AxiosInstance): Promise<Config | null> => {
+    let configFromDD: Config | undefined;
     try {
-        const config = (await Axios.get<ClusterConfigJSON>(`${origin}/${CLUSTER_CONFIG_PATH}`)).data;
-        return {
-            clusterId: config.ClusterID,
-            baseUrl: normalizeURLPath(`${config.Services.Controller.ExternalURL}/${ARVADOS_API_PATH}`)
+        const dd = (await apiClient.get<any>(`${origin}/${DISCOVERY_DOC_PATH}`)).data;
+        configFromDD = {
+            baseUrl: normalizeURLPath(dd.baseUrl),
+            keepWebServiceUrl: dd.keepWebServiceUrl,
+            keepWebInlineServiceUrl: dd.keepWebInlineServiceUrl,
+            remoteHosts: dd.remoteHosts,
+            rootUrl: dd.rootUrl,
+            uuidPrefix: dd.uuidPrefix,
+            websocketUrl: dd.websocketUrl,
+            workbenchUrl: dd.workbenchUrl,
+            workbench2Url: dd.workbench2Url,
+            loginCluster: "",
+            vocabularyUrl: "",
+            fileViewersConfigUrl: "",
+            clusterConfig: mockClusterConfigJSON({}),
+            apiRevision: parseInt(dd.revision, 10),
         };
     } catch { }
 
-    // Fall back to discovery document
+    // Try public config endpoint
     try {
-        const config = (await Axios.get<any>(`${origin}/${DISCOVERY_DOC_PATH}`)).data;
-        return {
-            clusterId: config.uuidPrefix,
-            baseUrl: normalizeURLPath(config.baseUrl)
-        };
+        const config = (await apiClient.get<ClusterConfigJSON>(`${origin}/${CLUSTER_CONFIG_PATH}`)).data;
+        return { ...buildConfig(config), apiRevision: configFromDD ? configFromDD.apiRevision : 0 };
     } catch { }
 
+    // Fall back to discovery document
+    if (configFromDD !== undefined) {
+        return configFromDD;
+    }
+
     return null;
 };
 
-interface RemoteHostInfo {
-    clusterId: string;
-    baseUrl: string;
-}
+export const getRemoteHostConfig = async (remoteHost: string, useApiClient?: AxiosInstance): Promise<Config | null> => {
+    const apiClient = useApiClient || Axios.create({ headers: {} });
 
-const getRemoteHostInfo = async (remoteHost: string): Promise<RemoteHostInfo | null> => {
     let url = remoteHost;
     if (url.indexOf('://') < 0) {
         url = 'https://' + url;
@@ -51,14 +66,14 @@ const getRemoteHostInfo = async (remoteHost: string): Promise<RemoteHostInfo | n
     const origin = new URL(url).origin;
 
     // Maybe it is an API server URL, try fetching config and discovery doc
-    let r = getClusterInfo(origin);
+    let r = await getClusterConfig(origin, apiClient);
     if (r !== null) {
         return r;
     }
 
     // Maybe it is a Workbench2 URL, try getting config.json
     try {
-        r = getClusterInfo((await Axios.get<any>(`${origin}/config.json`)).data.API_HOST);
+        r = await getClusterConfig((await apiClient.get<any>(`${origin}/config.json`)).data.API_HOST, apiClient);
         if (r !== null) {
             return r;
         }
@@ -66,7 +81,7 @@ const getRemoteHostInfo = async (remoteHost: string): Promise<RemoteHostInfo | n
 
     // Maybe it is a Workbench1 URL, try getting status.json
     try {
-        r = getClusterInfo((await Axios.get<any>(`${origin}/status.json`)).data.apiBaseURL);
+        r = await getClusterConfig((await apiClient.get<any>(`${origin}/status.json`)).data.apiBaseURL, apiClient);
         if (r !== null) {
             return r;
         }
@@ -75,23 +90,16 @@ const getRemoteHostInfo = async (remoteHost: string): Promise<RemoteHostInfo | n
     return null;
 };
 
-const getUserDetails = async (baseUrl: string, token: string): Promise<UserDetailsResponse> => {
-    const resp = await Axios.get<UserDetailsResponse>(`${baseUrl}/users/current`, {
-        headers: {
-            Authorization: `OAuth2 ${token}`
-        }
-    });
-    return resp.data;
-};
+const invalidV2Token = "Must be a v2 token";
 
 export const getSaltedToken = (clusterId: string, token: string) => {
     const shaObj = new jsSHA("SHA-1", "TEXT");
     const [ver, uuid, secret] = token.split("/");
     if (ver !== "v2") {
-        throw new Error("Must be a v2 token");
+        throw new Error(invalidV2Token);
     }
     let salted = secret;
-    if (uuid.substr(0, 5) !== clusterId) {
+    if (uuid.substring(0, 5) !== clusterId) {
         shaObj.setHMACKey(secret, "TEXT");
         shaObj.update(clusterId);
         salted = shaObj.getHMAC("HEX");
@@ -101,62 +109,70 @@ export const getSaltedToken = (clusterId: string, token: string) => {
 
 export const getActiveSession = (sessions: Session[]): Session | undefined => sessions.find(s => s.active);
 
-export const validateCluster = async (info: RemoteHostInfo, useToken: string):
+export const validateCluster = async (config: Config, useToken: string):
     Promise<{ user: User; token: string }> => {
 
-    const saltedToken = getSaltedToken(info.clusterId, useToken);
-    const user = await getUserDetails(info.baseUrl, saltedToken);
+    const saltedToken = getSaltedToken(config.uuidPrefix, useToken);
+
+    const svc = createServices(config, { progressFn: () => { }, errorFn: () => { } });
+    setAuthorizationHeader(svc, saltedToken);
+
+    const user = await svc.authService.getUserDetails(false);
     return {
-        user: {
-            firstName: user.first_name,
-            lastName: user.last_name,
-            uuid: user.uuid,
-            ownerUuid: user.owner_uuid,
-            email: user.email,
-            isAdmin: user.is_admin,
-            isActive: user.is_active,
-            username: user.username,
-            prefs: user.prefs
-        },
+        user,
         token: saltedToken,
     };
 };
 
-export const validateSession = (session: Session, activeSession: Session) =>
+export const validateSession = (session: Session, activeSession: Session, useApiClient?: AxiosInstance) =>
     async (dispatch: Dispatch): Promise<Session> => {
         dispatch(authActions.UPDATE_SESSION({ ...session, status: SessionStatus.BEING_VALIDATED }));
         session.loggedIn = false;
 
-        const setupSession = (baseUrl: string, user: User, token: string) => {
+        const setupSession = (baseUrl: string, user: User, token: string, apiRevision: number) => {
             session.baseUrl = baseUrl;
             session.token = token;
             session.email = user.email;
+            session.userIsActive = user.isActive;
             session.uuid = user.uuid;
-            session.name = getUserFullname(user);
+            session.name = getUserDisplayName(user);
             session.loggedIn = true;
+            session.apiRevision = apiRevision;
         };
 
-        const info = await getRemoteHostInfo(session.remoteHost);
-        if (!info) {
-            throw new Error(`Could not get config for ${session.remoteHost}`);
-        }
-        try {
-            const { user, token } = await validateCluster(info, session.token);
-            setupSession(info.baseUrl, user, token);
-        } catch {
+        let fail: Error | null = null;
+        const config = await getRemoteHostConfig(session.remoteHost, useApiClient);
+        if (config !== null) {
+            dispatch(authActions.REMOTE_CLUSTER_CONFIG({ config }));
             try {
-                const { user, token } = await validateCluster(info, activeSession.token);
-                setupSession(info.baseUrl, user, token);
-            } catch { }
+                const { user, token } = await validateCluster(config, session.token);
+                setupSession(config.baseUrl, user, token, config.apiRevision);
+            } catch (e) {
+                fail = new Error(`Getting current user for ${session.remoteHost}: ${e.message}`);
+                try {
+                    const { user, token } = await validateCluster(config, activeSession.token);
+                    setupSession(config.baseUrl, user, token, config.apiRevision);
+                    fail = null;
+                } catch (e2) {
+                    if (e.message === invalidV2Token) {
+                        fail = new Error(`Getting current user for ${session.remoteHost}: ${e2.message}`);
+                    }
+                }
+            }
+        } else {
+            fail = new Error(`Could not get config for ${session.remoteHost}`);
         }
-
         session.status = SessionStatus.VALIDATED;
         dispatch(authActions.UPDATE_SESSION(session));
 
+        if (fail) {
+            throw fail;
+        }
+
         return session;
     };
 
-export const validateSessions = () =>
+export const validateSessions = (useApiClient?: AxiosInstance) =>
     async (dispatch: Dispatch<any>, getState: () => RootState, services: ServiceRepository) => {
         const sessions = getState().auth.sessions;
         const activeSession = getActiveSession(sessions);
@@ -164,14 +180,44 @@ export const validateSessions = () =>
             dispatch(progressIndicatorActions.START_WORKING("sessionsValidation"));
             for (const session of sessions) {
                 if (session.status === SessionStatus.INVALIDATED) {
-                    await dispatch(validateSession(session, activeSession));
+                    try {
+			/* Here we are dispatching a function, not an
+			   action.  This is legal (it calls the
+			   function with a 'Dispatch' object as the
+			   first parameter) but the typescript
+			   annotations don't understand this case, so
+			   we get an error from typescript unless
+			   override it using Dispatch<any>.  This
+			   pattern is used in a bunch of different
+			   places in Workbench2. */
+                        await dispatch(validateSession(session, activeSession, useApiClient));
+                    } catch (e) {
+                        // Don't do anything here.  User may get
+                        // spammed with multiple messages that are not
+                        // helpful.  They can see the individual
+                        // errors by going to site manager and trying
+                        // to toggle the session.
+                    }
                 }
             }
-            services.authService.saveSessions(sessions);
+            services.authService.saveSessions(getState().auth.sessions);
             dispatch(progressIndicatorActions.STOP_WORKING("sessionsValidation"));
         }
     };
 
+export const addRemoteConfig = (remoteHost: string) =>
+    async (dispatch: Dispatch<any>, getState: () => RootState, services: ServiceRepository) => {
+        const config = await getRemoteHostConfig(remoteHost);
+        if (!config) {
+            dispatch(snackbarActions.OPEN_SNACKBAR({
+                message: `Could not get config for ${remoteHost}`,
+                kind: SnackbarKind.ERROR
+            }));
+            return;
+        }
+        dispatch(authActions.REMOTE_CLUSTER_CONFIG({ config }));
+    };
+
 export const addSession = (remoteHost: string, token?: string, sendToLogin?: boolean) =>
     async (dispatch: Dispatch<any>, getState: () => RootState, services: ServiceRepository) => {
         const sessions = getState().auth.sessions;
@@ -184,70 +230,92 @@ export const addSession = (remoteHost: string, token?: string, sendToLogin?: boo
         }
 
         if (useToken) {
-            const info = await getRemoteHostInfo(remoteHost);
-            if (!info) {
-                return Promise.reject(`Could not get config for ${remoteHost}`);
+            const config = await getRemoteHostConfig(remoteHost);
+            if (!config) {
+                dispatch(snackbarActions.OPEN_SNACKBAR({
+                    message: `Could not get config for ${remoteHost}`,
+                    kind: SnackbarKind.ERROR
+                }));
+                return;
             }
 
             try {
-                const { user, token } = await validateCluster(info, useToken);
+                dispatch(authActions.REMOTE_CLUSTER_CONFIG({ config }));
+                const { user, token } = await validateCluster(config, useToken);
                 const session = {
                     loggedIn: true,
                     status: SessionStatus.VALIDATED,
                     active: false,
                     email: user.email,
-                    name: getUserFullname(user),
+                    userIsActive: user.isActive,
+                    name: getUserDisplayName(user),
                     uuid: user.uuid,
-                    baseUrl: info.baseUrl,
-                    clusterId: info.clusterId,
+                    baseUrl: config.baseUrl,
+                    clusterId: config.uuidPrefix,
                     remoteHost,
-                    token
+                    token,
+                    apiRevision: config.apiRevision,
                 };
 
-                if (sessions.find(s => s.clusterId === info.clusterId)) {
-                    dispatch(authActions.UPDATE_SESSION(session));
+                if (sessions.find(s => s.clusterId === config.uuidPrefix)) {
+                    await dispatch(authActions.UPDATE_SESSION(session));
                 } else {
-                    dispatch(authActions.ADD_SESSION(session));
+                    await dispatch(authActions.ADD_SESSION(session));
                 }
                 services.authService.saveSessions(getState().auth.sessions);
 
                 return session;
             } catch {
                 if (sendToLogin) {
-                    const rootUrl = new URL(info.baseUrl);
+                    const rootUrl = new URL(config.baseUrl);
                     rootUrl.pathname = "";
                     window.location.href = `${rootUrl.toString()}/login?return_to=` + encodeURI(`${window.location.protocol}//${window.location.host}/add-session?baseURL=` + encodeURI(rootUrl.toString()));
                     return;
                 }
             }
         }
-        return Promise.reject("Could not validate cluster");
+        return Promise.reject(new Error("Could not validate cluster"));
     };
 
-export const toggleSession = (session: Session) =>
+
+export const removeSession = (clusterId: string) =>
     async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
-        let s = { ...session };
+        await dispatch(authActions.REMOVE_SESSION(clusterId));
+        services.authService.saveSessions(getState().auth.sessions);
+    };
+
+export const toggleSession = (session: Session) =>
+    async (dispatch: Dispatch<any>, getState: () => RootState, services: ServiceRepository) => {
+        const s: Session = { ...session };
 
         if (session.loggedIn) {
             s.loggedIn = false;
+            dispatch(authActions.UPDATE_SESSION(s));
         } else {
             const sessions = getState().auth.sessions;
             const activeSession = getActiveSession(sessions);
             if (activeSession) {
-                s = await dispatch<any>(validateSession(s, activeSession)) as Session;
+                try {
+                    await dispatch(validateSession(s, activeSession));
+                } catch (e) {
+                    dispatch(snackbarActions.OPEN_SNACKBAR({
+                        message: e.message,
+                        kind: SnackbarKind.ERROR
+                    }));
+                    s.loggedIn = false;
+                    dispatch(authActions.UPDATE_SESSION(s));
+                }
             }
         }
 
-        dispatch(authActions.UPDATE_SESSION(s));
         services.authService.saveSessions(getState().auth.sessions);
     };
 
 export const initSessions = (authService: AuthService, config: Config, user: User) =>
     (dispatch: Dispatch<any>) => {
         const sessions = authService.buildSessions(config, user);
-        authService.saveSessions(sessions);
         dispatch(authActions.SET_SESSIONS(sessions));
-        dispatch(validateSessions());
+        dispatch(validateSessions(authService.getApiClient()));
     };
 
 export const loadSiteManagerPanel = () =>