[release] v0.6.0 - OpenID

2023-06-06 18:05:12 +01:00 · 2023-06-06 18:05:12 +01:00 · 1125569811
parent 1970f14eac
commit 1125569811
12 changed files with 29 additions and 15 deletions
--- a/client/src/pages/authentication/openid.jsx
+++ b/client/src/pages/authentication/openid.jsx
@ -44,9 +44,8 @@ const OpenID = () => {
  const selfHostname = selfprotocol + (new URL(window.location.href).hostname) + (selfport ? ":" + selfport : "")

  const onchange = (e, scope) => {
-    console.log(scope)
    if (e.target.checked) {
-      setCheckedScopes([...checkedScopes,scope])
+      setCheckedScopes([...checkedScopes, scope])
    } else {
      setCheckedScopes(checkedScopes.filter((scope) => scope != scope))
    }
--- a/client/src/pages/config/routes/routeman.jsx
+++ b/client/src/pages/config/routes/routeman.jsx
@ -39,14 +39,21 @@ const checkHost = debounce((host, setHostError) => {
    }).catch((err) => {
      setHostError(err.message)
    });
+  } else {
+    setHostError(null);
  }
 }, 500)

 const RouteManagement = ({ routeConfig, routeNames, TargetContainer, noControls = false, lockTarget = false, title, setRouteConfig, submitButton = false, newRoute }) => {
  const [openModal, setOpenModal] = React.useState(false);
  const [hostError, setHostError] = React.useState(null);
- 

+  React.useEffect(() => {
+    if(routeConfig && routeConfig.Host) {
+      checkHost(routeConfig.Host, setHostError);
+    }
+  }, [])
+ 
  return <div style={{ maxWidth: '1000px', width: '100%', margin: '', position: 'relative' }}>
    <RestartModal openModal={openModal} setOpenModal={setOpenModal} />
    
--- a/client/src/pages/config/users/containerPicker.jsx
+++ b/client/src/pages/config/users/containerPicker.jsx
@ -78,8 +78,6 @@ export function CosmosContainerPicker({formik, nameOnly, lockTarget, TargetConta
    })
    setPortsOptions(portsTemp)

-    console.log(targetResult)
-
    if(targetResult.port == '') {
        targetResult.port = '80'
        
@ -119,7 +117,6 @@ export function CosmosContainerPicker({formik, nameOnly, lockTarget, TargetConta
  }

  const onContainerChange = (newContainer) => {
-    console.log(newContainer)
    if(loading) return;
    targetResult.container = newContainer.Names[0]
    targetResult.containerObject = newContainer
--- a/client/src/pages/newInstall/newInstall.jsx
+++ b/client/src/pages/newInstall/newInstall.jsx
@ -40,6 +40,9 @@ const debounce = (func, wait) => {
        setHostError(err.message)
        setHostIp(null)
      });
+    } else {
+        setHostError(null);
+        setHostIp(null);
    }
  }, 500)

--- a/client/src/pages/openid/openid-edit.jsx
+++ b/client/src/pages/openid/openid-edit.jsx
@ -28,7 +28,7 @@ const OpenIdEditModal = ({ clientId, openNewModal, setOpenNewModal, config, onSu
    });
  }

-  const clientConfig = Object.values(config.OpenIDClients).find((c) => c.id === clientId);
+  const clientConfig = config.OpenIDClients && Object.values(config.OpenIDClients).find((c) => c.id === clientId);

  return <>
    <RestartModal openModal={openRestartModal} setOpenModal={setOpenRestartModal} />
--- a/client/src/pages/openid/openid-list.jsx
+++ b/client/src/pages/openid/openid-list.jsx
@ -115,7 +115,6 @@ const OpenIdList = () => {
  const generateNewSecret = (clientIdToUpdate) => {
    let newSecret = Math.random().toString(36).substring(2, 24) + Math.random().toString(36).substring(2, 15);
    let encryptedSecret = bcrypt.hashSync(newSecret, 10);
-    console.log(newSecret, encryptedSecret)
    let index = clients.findIndex((r) => r.id === clientIdToUpdate);
    clients[index].secret = encryptedSecret;
    save(updateRoutes(clients));
@ -181,6 +180,11 @@ const OpenIdList = () => {
        </DialogActions>
      </Dialog>}

+      
+      <Alert severity="warning" icon={<WarningOutlined />}>
+        This is an experimental feature. It is recommended to use with caution. Please report any issue you find!
+      </Alert>
+
      {clients && <PrettyTableView
        data={clients}
        getKey={(r) => r.id}
--- a/client/src/pages/servapps/containers/docker-compose.jsx
+++ b/client/src/pages/servapps/containers/docker-compose.jsx
@ -240,7 +240,7 @@ const DockerComposeImport = ({ refresh }) => {
        <DialogContentText>
          {step === 0 && <Stack spacing={2}>
            <Alert severity="warning" icon={<WarningOutlined />}>
-              This is a highly experimental feature. It is recommended to use with caution.
+        This is an experimental feature. It is recommended to use with caution. Please report any issue you find!
            </Alert>

            <UploadButtons
--- a/client/src/pages/servapps/containers/newServiceForm.jsx
+++ b/client/src/pages/servapps/containers/newServiceForm.jsx
@ -109,8 +109,6 @@ const NewDockerServiceForm = () => {
    </Button>
    </Stack>

-    console.log(containerInfo)
-
  return <div>
    <Stack spacing={1}>
      <Stack direction="row" spacing={1} alignItems="center">
@ -269,7 +267,6 @@ const NewDockerServiceForm = () => {
          title: 'Storage',
          disabled: maxTab < 1,
          children: <Stack spacing={2}><VolumeContainerSetup newContainer containerInfo={containerInfo} OnChange={(values) => {
-            console.log(values)
            const newValues = {
              ...containerInfo,
              HostConfig: {
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "cosmos-server",
-  "version": "0.6.0-unstable2",
+  "version": "0.6.0",
  "description": "",
  "main": "test-server.js",
  "bugs": {
--- a/src/authorizationserver/oauth2.go
+++ b/src/authorizationserver/oauth2.go
@ -46,7 +46,7 @@ func Init() {
 			ID:             client.ID,
 			Secret:         []byte(client.Secret),
 			RedirectURIs:   []string{client.Redirect},
-			Scopes:         []string{"openid", "email"},
+			Scopes:         []string{"openid", "email", "profile", "offline", "roles", "groups", "address", "phone", "role"},
 			ResponseTypes:  []string{"id_token", "code", "token", "id_token token", "code id_token", "code token", "code id_token token"},
 			GrantTypes:     []string{"implicit", "refresh_token", "authorization_code", "password", "client_credentials"},
 		}
@ -121,7 +121,6 @@ func newSession(user string, req *http.Request) *openid.DefaultSession {
 		Claims: &jwt.IDTokenClaims{
 			Issuer:      hostname,
 			Subject:     user,
-			// Audience:    []string{"https://my-client.my-application.com"},
 			ExpiresAt:   time.Now().Add(time.Hour * 6),
 			IssuedAt:    time.Now(),
 			RequestedAt: time.Now(),
--- a/src/authorizationserver/oauth2_auth.go
+++ b/src/authorizationserver/oauth2_auth.go
@ -42,6 +42,7 @@ func authEndpoint(rw http.ResponseWriter, req *http.Request) {
 	// Now we need to get a response. This is the place where the AuthorizeEndpointHandlers kick in and start processing the request.
 	// NewAuthorizeResponse is capable of running multiple response type handlers which in turn enables this library
 	// to support open id connect.
+
 	response, err := oauth2.NewAuthorizeResponse(ctx, ar, mySessionData)

 	// Catch any errors, e.g.:
--- a/src/authorizationserver/oauth2_user.go
+++ b/src/authorizationserver/oauth2_user.go
@ -16,6 +16,7 @@ type oidcUser struct {
 	Name string `json:"name"`
 	Username string `json:"username"`
 	Nickname string `json:"nickname"`
+	Role string `json:"role"`
 	Email string `json:"email"`
 	Subject string `json:"sub"`
 	IssuedAt int64 `json:"iat"`
@ -82,6 +83,12 @@ func userInfosEndpoint(rw http.ResponseWriter, req *http.Request) {
 	if ar.GetGrantedScopes().Has("email") {
 		baseToken.Email = user.Email
 	}
+
+	if user.Role == utils.ADMIN {
+		baseToken.Role = "admin"
+	} else {
+		baseToken.Role = "user"
+	}
 	
 	json.NewEncoder(rw).Encode(baseToken)
 }