From f0cdbb00b3cf9f4d07ea6418b9a1577df223dcc3 Mon Sep 17 00:00:00 2001 From: wenincode Date: Wed, 19 Oct 2022 17:26:25 -0600 Subject: [PATCH 1/2] Pre-populate partition on sso login --- .../consul/token/selector/index.hbs | 2 + .../app/components/auth-form/index.hbs | 292 ++++++++---------- .../app/components/oidc-select/index.hbs | 237 +++++++------- .../app/components/oidc-select/index.js | 7 +- .../consul-ui/tests/acceptance/login.feature | 34 ++ .../tests/lib/page-object/visitable.js | 2 + .../consul-ui/tests/steps/assertions/dom.js | 8 + 7 files changed, 297 insertions(+), 285 deletions(-) diff --git a/ui/packages/consul-acls/app/components/consul/token/selector/index.hbs b/ui/packages/consul-acls/app/components/consul/token/selector/index.hbs index dd372e95c8..8d74f947ec 100644 --- a/ui/packages/consul-acls/app/components/consul/token/selector/index.hbs +++ b/ui/packages/consul-acls/app/components/consul/token/selector/index.hbs @@ -51,8 +51,10 @@ /> {{#if (can "use SSO")}} + {{log (concat "Partition Parent: " @partition)}} -{{#let - (hash - State=State - Guard=Guard - Action=ChartAction - dispatch=dispatch - state=state - ) -as |chart|}} -{{#let - (hash - reset=(action dispatch "RESET") - focus=this.focus - disabled=(state-matches state "loading") - error=(queue - (action dispatch "ERROR") - (action (mut this.error) value="error.errors.firstObject") - ) - submit=(queue - (action (mut this.value)) - (action dispatch "SUBMIT") - ) - ) -as |exported|}} - - {{!TODO: Call this reset or similar }} - -
- -{{#if (can 'use SSO')}} - + {{#let + (hash State=State Guard=Guard Action=ChartAction dispatch=dispatch state=state) + as |chart| + }} + {{#let + (hash + reset=(action dispatch 'RESET') + focus=this.focus + disabled=(state-matches state 'loading') + error=(queue + (action dispatch 'ERROR') (action (mut this.error) value='error.errors.firstObject') ) - (hash - label='SSO' - selected=(state-matches tabState 'sso') - ) - }} - @onclick={{queue (action tabDispatch) (action dispatch "RESET")}} - /> -{{/if}} - - {{#if this.error.status}} - - -

- {{#if this.value.Name}} - {{#if (eq this.error.status '403')}} - Consul login failed
- We received a token from your OIDC provider but could not log in to Consul with it. - {{else if (eq this.error.status '401')}} - Could not log in to provider
- The OIDC provider has rejected this access token. Please have an administrator check your auth method configuration. - {{else if (eq this.error.status '499')}} - SSO log in window closed
- The OIDC provider window was closed. Please try again. - {{else}} - Error
- {{this.error.detail}} - {{/if}} - {{else}} - {{#if (eq this.error.status '403')}} - Invalid token
- The token entered does not exist. Please enter a valid token to log in. - {{else if (eq this.error.status '404')}} - No providers
- No SSO providers are configured for that Partition. - {{else}} - Error
- {{this.error.detail}} - {{/if}} - {{/if}} -

-
-
- {{/if}} -
- -
-
-
- - Log in - -
-
+ +
+
+ +
+ + Log in + +
+
- - Contact your administrator for login credentials. - + {{yield (assign exported (hash Method=TabState))}} + + + Contact your administrator for login credentials. + +
+ +
+ + + + {{/let}} + {{/let}} - - - - - - -{{/let}} -{{/let}} - \ No newline at end of file diff --git a/ui/packages/consul-ui/app/components/oidc-select/index.hbs b/ui/packages/consul-ui/app/components/oidc-select/index.hbs index 1a3ef815c2..3c9d4cb876 100644 --- a/ui/packages/consul-ui/app/components/oidc-select/index.hbs +++ b/ui/packages/consul-ui/app/components/oidc-select/index.hbs @@ -1,134 +1,117 @@ - -{{#let - (hash - State=State - Guard=Guard - Action=ChartAction - dispatch=dispatch - state=state - ) -as |chart|}} + + {{#let + (hash State=State Guard=Guard Action=ChartAction dispatch=dispatch state=state) + as |chart| + }} -
- - - - - - - Choose different Partition - - - - - - - {{! this belongs to the outer StateChart but we need }} - {{! to understand validation state }} - - - Choose provider - - - - - - - - - - - {{#if (lt this.items.length 3)}} - -
    - {{#each this.items as |item|}} -
  • - - Continue with {{or item.DisplayName item.Name}}{{#if (not-eq item.Namespace 'default')}} ({{item.Namespace}}){{/if}} - -
  • - {{/each}} -
- - {{else}} - - {{#let (or this.provider (object-at 0 this.items)) as |item|}} - - - <:option as |option|> - - {{or option.item.DisplayName option.item.Name}}{{#if (not-eq option.item.Namespace 'default')}} ({{option.item.Namespace}}){{/if}} - - - +
+ + + + - Log in + Choose different Partition + - {{/let}} - {{/if}} - + + + + {{! this belongs to the outer StateChart but we need }} + {{! to understand validation state }} + + + Choose provider + + + + + + + + + + + {{#if (lt this.items.length 3)}} + +
    + {{#each this.items as |item|}} +
  • + + Continue with + {{or item.DisplayName item.Name}}{{#if (not-eq item.Namespace 'default')}} + ({{item.Namespace}}){{/if}} + +
  • + {{/each}} +
+ + {{else}} + + {{#let (or this.provider (object-at 0 this.items)) as |item|}} + + + <:option as |option|> + + {{or option.item.DisplayName option.item.Name}}{{#if + (not-eq option.item.Namespace 'default') + }} ({{option.item.Namespace}}){{/if}} + + + + + + Log in + + + {{/let}} + {{/if}} +
-{{/let}} - \ No newline at end of file + {{/let}} + diff --git a/ui/packages/consul-ui/app/components/oidc-select/index.js b/ui/packages/consul-ui/app/components/oidc-select/index.js index 03e24ba7de..4fb78062d4 100644 --- a/ui/packages/consul-ui/app/components/oidc-select/index.js +++ b/ui/packages/consul-ui/app/components/oidc-select/index.js @@ -4,9 +4,14 @@ import { tracked } from '@glimmer/tracking'; import chart from './chart.xstate'; export default class OidcSelect extends Component { - @tracked partition = ''; + @tracked partition = 'default'; + constructor() { super(...arguments); this.chart = chart; + + if (this.args.partition) { + this.partition = this.args.partition; + } } } diff --git a/ui/packages/consul-ui/tests/acceptance/login.feature b/ui/packages/consul-ui/tests/acceptance/login.feature index 17a4ab82b5..a2bed62a84 100644 --- a/ui/packages/consul-ui/tests/acceptance/login.feature +++ b/ui/packages/consul-ui/tests/acceptance/login.feature @@ -41,6 +41,7 @@ Feature: login --- And I click login on the navigation And I click "[data-test-tab=tab_sso] button" + Then the "[name='partition']" input should have the value "default" And I type "partition" into "[name=partition]" And I click ".oidc-select button" Then a GET request was made to "/v1/internal/ui/oidc-auth-methods?dc=dc-1&ns=@namespace&partition=partition" @@ -49,3 +50,36 @@ Feature: login And a POST request was made to "/v1/acl/oidc/callback?dc=dc-1&ns=@!namespace&partition=partition" And "[data-notification]" has the "notification-authorize" class And "[data-notification]" has the "success" class + Scenario: Logging in via SSO with a partition chosen + Given 1 datacenter model with the value "dc-1" + And SSO is enabled + And partitions are enabled + And 1 partition model with the value "_example-partition" + And 1 oidcProvider model from yaml + --- + - DisplayName: Okta + Name: okta + Kind: okta + --- + When I visit the services page for yaml + --- + dc: dc-1 + partition: example-partition + --- + And the "okta" oidcProvider responds with from yaml + --- + state: state-123456789/abcdefghijklmnopqrstuvwxyz + code: code-abcdefghijklmnopqrstuvwxyz/123456789 + --- + And I click login on the navigation + And I click "[data-test-tab=tab_sso] button" + Then the "[name='partition']" input should have the value "example-partition" + And I type "partition" into "[name=partition]" + And I click ".oidc-select button" + Then a GET request was made to "/v1/internal/ui/oidc-auth-methods?dc=dc-1&ns=@namespace&partition=partition" + And I click ".okta-oidc-provider" + Then a POST request was made to "/v1/acl/oidc/auth-url?dc=dc-1&ns=@!namespace&partition=partition" + And a POST request was made to "/v1/acl/oidc/callback?dc=dc-1&ns=@!namespace&partition=partition" + And "[data-notification]" has the "notification-authorize" class + And "[data-notification]" has the "success" class + diff --git a/ui/packages/consul-ui/tests/lib/page-object/visitable.js b/ui/packages/consul-ui/tests/lib/page-object/visitable.js index 05c8067802..fbea0a56e3 100644 --- a/ui/packages/consul-ui/tests/lib/page-object/visitable.js +++ b/ui/packages/consul-ui/tests/lib/page-object/visitable.js @@ -66,6 +66,8 @@ export function visitable(path, encoder = encodeURIComponent) { let path = paths.shift(); if (typeof dynamicSegmentsAndQueryParams.nspace !== 'undefined') { path = `/:nspace${path}`; + } else if (typeof dynamicSegmentsAndQueryParams.partition !== 'undefined') { + path = `/:partition${path}`; } params = assign({}, dynamicSegmentsAndQueryParams); let fullPath; diff --git a/ui/packages/consul-ui/tests/steps/assertions/dom.js b/ui/packages/consul-ui/tests/steps/assertions/dom.js index b4727055c6..d508911e66 100644 --- a/ui/packages/consul-ui/tests/steps/assertions/dom.js +++ b/ui/packages/consul-ui/tests/steps/assertions/dom.js @@ -85,5 +85,13 @@ export default function (scenario, assert, pauseUntil, find, currentURL, clipboa }) .then(['the title should be "$title"'], function (title) { assert.equal(document.title, title, `Expected the document.title to equal "${title}"`); + }) + .then(['the "$selector" input should have the value "$value"'], function (selector, value) { + const $el = find(selector); + assert.equal( + $el.value, + value, + `Expected the input at ${selector} to have value ${value}, but it had ${$el.value}` + ); }); } From 88670b2a120160662fce4ea839b6778d5082d2ac Mon Sep 17 00:00:00 2001 From: wenincode Date: Thu, 20 Oct 2022 16:23:53 -0600 Subject: [PATCH 2/2] Remove extra partition test --- .../consul/token/selector/index.hbs | 1 - .../consul-ui/tests/acceptance/login.feature | 33 ------------------- .../tests/lib/page-object/visitable.js | 2 -- 3 files changed, 36 deletions(-) diff --git a/ui/packages/consul-acls/app/components/consul/token/selector/index.hbs b/ui/packages/consul-acls/app/components/consul/token/selector/index.hbs index 8d74f947ec..599aeae6cb 100644 --- a/ui/packages/consul-acls/app/components/consul/token/selector/index.hbs +++ b/ui/packages/consul-acls/app/components/consul/token/selector/index.hbs @@ -51,7 +51,6 @@ /> {{#if (can "use SSO")}} - {{log (concat "Partition Parent: " @partition)}}