//
// SPDX-License-Identifier: AGPL-3.0
-import { ofType, unionize, UnionOf } from '~/common/unionize';
+import { ofType, unionize, UnionOf } from 'common/unionize';
import { Dispatch } from "redux";
import { RootState } from "../store";
-import { ServiceRepository } from "~/services/services";
-import { SshKeyResource } from '~/models/ssh-key';
-import { User } from "~/models/user";
-import { Session } from "~/models/session";
-import { Config } from '~/common/config';
-import { matchTokenRoute, matchFedTokenRoute } from '~/routes/routes';
-import { createServices, setAuthorizationHeader } from "~/services/services";
-import { cancelLinking } from '~/store/link-account-panel/link-account-panel-actions';
-import { progressIndicatorActions } from "~/store/progress-indicator/progress-indicator-actions";
-import { WORKBENCH_LOADING_SCREEN } from '~/store/workbench/workbench-actions';
-import { addRemoteConfig } from './auth-action-session';
-import { getTokenV2 } from '~/models/api-client-authorization';
+import { ServiceRepository } from "services/services";
+import { SshKeyResource } from 'models/ssh-key';
+import { User } from "models/user";
+import { Session } from "models/session";
+import { Config } from 'common/config';
+import { matchTokenRoute, matchFedTokenRoute } from 'routes/routes';
+import { createServices, setAuthorizationHeader } from "services/services";
+import { cancelLinking } from 'store/link-account-panel/link-account-panel-actions';
+import { progressIndicatorActions } from "store/progress-indicator/progress-indicator-actions";
+import { WORKBENCH_LOADING_SCREEN } from 'store/workbench/workbench-actions';
+import { addRemoteConfig, getRemoteHostConfig } from './auth-action-session';
+import { getTokenV2 } from 'models/api-client-authorization';
export const authActions = unionize({
LOGIN: {},
LOGOUT: ofType<{ deleteLinkData: boolean }>(),
SET_CONFIG: ofType<{ config: Config }>(),
SET_EXTRA_TOKEN: ofType<{ extraApiToken: string, extraApiTokenExpiration?: Date }>(),
+ RESET_EXTRA_TOKEN: {},
INIT_USER: ofType<{ user: User, token: string, tokenExpiration?: Date }>(),
USER_DETAILS_REQUEST: {},
USER_DETAILS_SUCCESS: ofType<User>(),
REMOTE_CLUSTER_CONFIG: ofType<{ config: Config }>(),
});
-export const initAuth = (config: Config) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
+export const initAuth = (config: Config) => async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository): Promise<any> => {
// Cancel any link account ops in progress unless the user has
// just logged in or there has been a successful link operation
const data = services.linkAccountService.getLinkOpStatus();
- if (!matchTokenRoute(location.pathname) &&
- (!matchFedTokenRoute(location.pathname)) && data === undefined) {
- dispatch<any>(cancelLinking()).then(() => {
- dispatch<any>(init(config));
- });
- } else {
- dispatch<any>(init(config));
+ if (!matchTokenRoute(window.location.pathname) &&
+ (!matchFedTokenRoute(window.location.pathname)) && data === undefined) {
+ await dispatch<any>(cancelLinking());
}
+ return dispatch<any>(init(config));
};
-const init = (config: Config) => (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
+const init = (config: Config) => async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
const remoteHosts = () => getState().auth.remoteHosts;
const token = services.authService.getApiToken();
let homeCluster = services.authService.getHomeCluster();
if (token && token !== "undefined") {
dispatch(progressIndicatorActions.START_WORKING(WORKBENCH_LOADING_SCREEN));
- dispatch<any>(saveApiToken(token)).then(() => {
- dispatch(progressIndicatorActions.STOP_WORKING(WORKBENCH_LOADING_SCREEN));
- }).catch(() => {
+ try {
+ await dispatch<any>(saveApiToken(token));
+ } finally {
dispatch(progressIndicatorActions.STOP_WORKING(WORKBENCH_LOADING_SCREEN));
- });
+ }
}
};
};
export const saveApiToken = (token: string) => async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository): Promise<any> => {
- const config = dispatch<any>(getConfig);
+ let config: any;
+ const tokenParts = token.split('/');
+ const auth = getState().auth;
+ config = dispatch<any>(getConfig);
+
+ // If federated token, get user & token data from the token issuing cluster
+ if (tokenParts.length === 3 && tokenParts[1].substring(0, 5) !== auth.localCluster) {
+ config = await getRemoteHostConfig(auth.remoteHosts[tokenParts[1].substring(0, 5)]);
+ }
+
const svc = createServices(config, { progressFn: () => { }, errorFn: () => { } });
setAuthorizationHeader(svc, token);
try {
export const getNewExtraToken = (reuseStored: boolean = false) =>
async (dispatch: Dispatch, getState: () => RootState, services: ServiceRepository) => {
- if (reuseStored && getState().auth.extraApiToken !== undefined) {
- return getState().auth.extraApiToken;
+ const extraToken = getState().auth.extraApiToken;
+ if (reuseStored && extraToken !== undefined) {
+ const config = dispatch<any>(getConfig);
+ const svc = createServices(config, { progressFn: () => { }, errorFn: () => { } });
+ setAuthorizationHeader(svc, extraToken);
+ try {
+ // Check the extra token's validity before using it. Refresh its
+ // expiration date just in case it changed.
+ const client = await svc.apiClientAuthorizationService.get('current');
+ dispatch(authActions.SET_EXTRA_TOKEN({
+ extraApiToken: extraToken,
+ extraApiTokenExpiration: client.expiresAt ? new Date(client.expiresAt): undefined,
+ }));
+ return extraToken;
+ } catch (e) {
+ dispatch(authActions.RESET_EXTRA_TOKEN());
+ }
}
const user = getState().auth.user;
const loginCluster = getState().auth.config.clusterConfig.Login.LoginCluster;
projects / arvados.git / blobdiff