11454: Do federated logins by requesting the current user object

instead of the classic login flow.
When the user is inactive on the remote cluster, label the session
properly and exclude it from SessionDB.loadActive()'s results.

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <ldipentima@veritasgenetics.com>

diff --git a/apps/workbench/app/assets/javascripts/components/search.js b/apps/workbench/app/assets/javascripts/components/search.js
index 5cb292bd7ab7709a3004278a7e1a20810e389c0e..9a23648dc3c45676984aba14c72aab8d03756d08 100644 (file)
--- a/apps/workbench/app/assets/javascripts/components/search.js
+++ b/apps/workbench/app/assets/javascripts/components/search.js
@@ -154,8 +154,6 @@ window.Search = {
         })
     },
     view: function(vnode) {
-        // FIXME: The line below seems superfluous
-        // var sessions = vnode.state.sessionDB.loadAll()
         return m('form', {
             onsubmit: function() {
                 vnode.state.searchActive(vnode.state.searchEntered())

diff --git a/apps/workbench/app/assets/javascripts/components/sessions.js b/apps/workbench/app/assets/javascripts/components/sessions.js
index e7cc5055734d4edaa2144d7eb4d704ec7e737736..964f89a09390ca4e66be8cb3481536e2c2252a20 100644 (file)
--- a/apps/workbench/app/assets/javascripts/components/sessions.js
+++ b/apps/workbench/app/assets/javascripts/components/sessions.js
@@ -38,7 +38,9 @@ window.SessionsTable = {
                         var session = sessions[uuidPrefix]
                         return m('tr', [
                             session.token && session.user ? [
-                                m('td', m('span.label.label-success', 'logged in')),
+                                m('td', session.user.is_active ?
+                                    m('span.label.label-success', 'logged in') :
+                                    m('span.label.label-warning', 'inactive')),
                                 m('td', {title: session.baseURL}, uuidPrefix),
                                 m('td', session.user.username),
                                 m('td', session.user.email),

diff --git a/apps/workbench/app/assets/javascripts/models/session_db.js b/apps/workbench/app/assets/javascripts/models/session_db.js
index 77fddcb51baab00ce865fd9680e16c98b9d02261..52d8930f93815e6329d2ebe1764c85663a40a463 100644 (file)
--- a/apps/workbench/app/assets/javascripts/models/session_db.js
+++ b/apps/workbench/app/assets/javascripts/models/session_db.js
@@ -25,7 +25,7 @@ window.SessionDB = function(rhosts) {
         loadActive: function() {
             var sessions = db.loadAll()
             Object.keys(sessions).forEach(function(key) {
-                if (!sessions[key].token)
+                if (!sessions[key].token || !sessions[key].user.is_active)
                     delete sessions[key]
             })
             return sessions
@@ -91,7 +91,18 @@ window.SessionDB = function(rhosts) {
                     (dd.remoteHostsViaDNS && apiHostname.indexOf('arvadosapi.com') >= 0)) {
                     // Federated identity login via salted token
                     db.saltedToken(dd.uuidPrefix).then(function(token) {
-                        document.location = baseURL + 'login?return_to=' + encodeURIComponent(document.location.href.replace(/\?.*/, '')+'?baseURL='+encodeURIComponent(baseURL)) + '&api_token='+encodeURIComponent(token)
+                        m.request(baseURL+'arvados/v1/users/current', {
+                            headers: {
+                                authorization: 'Bearer '+token,
+                            },
+                        }).then(function(user) {
+                            var remoteSession = {
+                                user: user,
+                                baseURL: baseURL,
+                                token: token
+                            }
+                            db.save(user.owner_uuid.slice(0, 5), remoteSession)
+                        })
                     })
                 } else {
                     // Classic login