15530: Fedlogin sends unsalted token

When logging into the head of the federation, use unsalted token for
authorizing to peer workbenches.

Dispatch validateSessions on startup (to ensure that peers are
"loggedIn" for multisite search.)

diff --git a/src/store/auth/auth-action-session.ts b/src/store/auth/auth-action-session.ts
index ca2e23269aff5a82578db3731bfb36d846069848..6af72e0c7e413bf5f5be384fe9e605a93e62016a 100644 (file)
--- a/src/store/auth/auth-action-session.ts
+++ b/src/store/auth/auth-action-session.ts
@@ -203,6 +203,7 @@ export const initSessions = (authService: AuthService, config: Config, user: Use
         const sessions = authService.buildSessions(config, user);
         authService.saveSessions(sessions);
         dispatch(authActions.SET_SESSIONS(sessions));
+        dispatch(validateSessions());
     };
 
 export const loadSiteManagerPanel = () =>

diff --git a/src/store/auth/auth-action.ts b/src/store/auth/auth-action.ts
index cccddb71d2ceb5f9d833fdde3be3b38719eb019c..e273d18c1b4327bb82c2c8ec4e4b170b9ed9c8d5 100644 (file)
--- a/src/store/auth/auth-action.ts
+++ b/src/store/auth/auth-action.ts
@@ -93,6 +93,7 @@ const init = (config: Config) => (dispatch: Dispatch, getState: () => RootState,
                 const remoteConfig = new Config();
                 remoteConfig.uuidPrefix = response.data.ClusterID;
                 remoteConfig.workbench2Url = response.data.Services.Workbench2.ExternalURL;
+                remoteConfig.loginCluster = response.data.Login.LoginCluster;
                 mapRemoteHosts(response.data, remoteConfig);
                 dispatch(authActions.REMOTE_CLUSTER_CONFIG({ config: remoteConfig }));
             });
@@ -111,10 +112,10 @@ export const saveUser = (user: UserResource) => (dispatch: Dispatch, getState: (
 };
 
 export const login = (uuidPrefix: string, homeCluster: string, loginCluster: string,
-                     remoteHosts: { [key: string]: string }) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
-    services.authService.login(uuidPrefix, homeCluster, loginCluster, remoteHosts);
-    dispatch(authActions.LOGIN());
-};
+    remoteHosts: { [key: string]: string }) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
+        services.authService.login(uuidPrefix, homeCluster, loginCluster, remoteHosts);
+        dispatch(authActions.LOGIN());
+    };
 
 export const logout = (deleteLinkData: boolean = false) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
     if (deleteLinkData) {

diff --git a/src/views/search-results-panel/search-results-panel-view.tsx b/src/views/search-results-panel/search-results-panel-view.tsx
index b82b174520ced7cf922d4fec423f3c0c0372051d..8cd25a5e2055b72b69c38cee989faf20b6d0fcd7 100644 (file)
--- a/src/views/search-results-panel/search-results-panel-view.tsx
+++ b/src/views/search-results-panel/search-results-panel-view.tsx
@@ -100,6 +100,7 @@ export const searchResultsPanelColumns: DataColumns<string> = [
 
 export const SearchResultsPanelView = (props: SearchResultsPanelProps) => {
     const homeCluster = props.user.uuid.substr(0, 5);
+    const loggedIn = props.sessions.filter((ss) => ss.loggedIn);
     return <DataExplorer
         id={SEARCH_RESULTS_PANEL_ID}
         onRowClick={props.onItemClick}
@@ -108,9 +109,9 @@ export const SearchResultsPanelView = (props: SearchResultsPanelProps) => {
         contextMenuColumn={false}
         hideSearchInput
         title={
-            props.localCluster === homeCluster ?
-                <div>Searching clusters: {props.sessions.filter((ss) => ss.loggedIn).map((ss) => <span key={ss.clusterId}> {ss.clusterId}</span>)}</div> :
-                <div>Searching local cluster {props.localCluster} only.  To search multiple clusters, <a href={props.remoteHostsConfig[homeCluster] && props.remoteHostsConfig[homeCluster].workbench2Url}> start from your home Workbench.</a></div>
+            (props.localCluster !== homeCluster && loggedIn.length === 1) ?
+                <div>Searching local cluster {props.localCluster} only.  To search multiple clusters, <a href={props.remoteHostsConfig[homeCluster] && props.remoteHostsConfig[homeCluster].workbench2Url}> start from your home Workbench.</a></div> :
+                <div>Searching clusters: {loggedIn.map((ss) => <span key={ss.clusterId}> {ss.clusterId}</span>)}</div>
         }
     />;
 };

diff --git a/src/views/workbench/fed-login.tsx b/src/views/workbench/fed-login.tsx
index 829fe17a4de48b3f535036d6c34f3c1fc5ff2497..be543a64a5bee708cdecfd0bb65f4853008c848a 100644 (file)
--- a/src/views/workbench/fed-login.tsx
+++ b/src/views/workbench/fed-login.tsx
@@ -41,7 +41,9 @@ export const FedLogin = connect(mapStateToProps)(
                             console.log(`Cluster ${k} does not define workbench2Url.  Federated login / cross-site linking to ${k} is unavailable.  Tell the admin of ${k} to set Services->Workbench2->ExternalURL in config.yml.`);
                             return;
                         }
-                        return <iframe key={k} src={`${remoteHostsConfig[k].workbench2Url}/fedtoken?api_token=${getSaltedToken(k, tokenUuid, token)}`} style={{
+                        const fedtoken = (remoteHostsConfig[k].loginCluster === localCluster)
+                            ? apiToken : getSaltedToken(k, tokenUuid, token);
+                        return <iframe key={k} src={`${remoteHostsConfig[k].workbench2Url}/fedtoken?api_token=${fedtoken}`} style={{
                             height: 0,
                             width: 0,
                             visibility: "hidden"