From 1125569811b7ed174453cdf6b799cb57ae2e9375 Mon Sep 17 00:00:00 2001
From: Yann Stepienik <azukaar@gmail.com>
Date: Tue, 6 Jun 2023 18:05:12 +0100
Subject: [PATCH] [release] v0.6.0 - OpenID

---
 client/src/pages/authentication/openid.jsx              | 3 +--
 client/src/pages/config/routes/routeman.jsx             | 9 ++++++++-
 client/src/pages/config/users/containerPicker.jsx       | 3 ---
 client/src/pages/newInstall/newInstall.jsx              | 3 +++
 client/src/pages/openid/openid-edit.jsx                 | 2 +-
 client/src/pages/openid/openid-list.jsx                 | 6 +++++-
 client/src/pages/servapps/containers/docker-compose.jsx | 2 +-
 client/src/pages/servapps/containers/newServiceForm.jsx | 3 ---
 package.json                                            | 2 +-
 src/authorizationserver/oauth2.go                       | 3 +--
 src/authorizationserver/oauth2_auth.go                  | 1 +
 src/authorizationserver/oauth2_user.go                  | 7 +++++++
 12 files changed, 29 insertions(+), 15 deletions(-)

diff --git a/client/src/pages/authentication/openid.jsx b/client/src/pages/authentication/openid.jsx
index ff9ac9e..1756d34 100644
--- a/client/src/pages/authentication/openid.jsx
+++ b/client/src/pages/authentication/openid.jsx
@@ -44,9 +44,8 @@ const OpenID = () => {
   const selfHostname = selfprotocol + (new URL(window.location.href).hostname) + (selfport ? ":" + selfport : "")
 
   const onchange = (e, scope) => {
-    console.log(scope)
     if (e.target.checked) {
-      setCheckedScopes([...checkedScopes,scope])
+      setCheckedScopes([...checkedScopes, scope])
     } else {
       setCheckedScopes(checkedScopes.filter((scope) => scope != scope))
     }
diff --git a/client/src/pages/config/routes/routeman.jsx b/client/src/pages/config/routes/routeman.jsx
index 76646a6..a8db8e0 100644
--- a/client/src/pages/config/routes/routeman.jsx
+++ b/client/src/pages/config/routes/routeman.jsx
@@ -39,14 +39,21 @@ const checkHost = debounce((host, setHostError) => {
     }).catch((err) => {
       setHostError(err.message)
     });
+  } else {
+    setHostError(null);
   }
 }, 500)
 
 const RouteManagement = ({ routeConfig, routeNames, TargetContainer, noControls = false, lockTarget = false, title, setRouteConfig, submitButton = false, newRoute }) => {
   const [openModal, setOpenModal] = React.useState(false);
   const [hostError, setHostError] = React.useState(null);
- 
 
+  React.useEffect(() => {
+    if(routeConfig && routeConfig.Host) {
+      checkHost(routeConfig.Host, setHostError);
+    }
+  }, [])
+ 
   return <div style={{ maxWidth: '1000px', width: '100%', margin: '', position: 'relative' }}>
     <RestartModal openModal={openModal} setOpenModal={setOpenModal} />
     
diff --git a/client/src/pages/config/users/containerPicker.jsx b/client/src/pages/config/users/containerPicker.jsx
index 3ad49bd..dc8cbdf 100644
--- a/client/src/pages/config/users/containerPicker.jsx
+++ b/client/src/pages/config/users/containerPicker.jsx
@@ -78,8 +78,6 @@ export function CosmosContainerPicker({formik, nameOnly, lockTarget, TargetConta
     })
     setPortsOptions(portsTemp)
 
-    console.log(targetResult)
-
     if(targetResult.port == '') {
         targetResult.port = '80'
         
@@ -119,7 +117,6 @@ export function CosmosContainerPicker({formik, nameOnly, lockTarget, TargetConta
   }
 
   const onContainerChange = (newContainer) => {
-    console.log(newContainer)
     if(loading) return;
     targetResult.container = newContainer.Names[0]
     targetResult.containerObject = newContainer
diff --git a/client/src/pages/newInstall/newInstall.jsx b/client/src/pages/newInstall/newInstall.jsx
index 83f40e6..7ed5fd0 100644
--- a/client/src/pages/newInstall/newInstall.jsx
+++ b/client/src/pages/newInstall/newInstall.jsx
@@ -40,6 +40,9 @@ const debounce = (func, wait) => {
         setHostError(err.message)
         setHostIp(null)
       });
+    } else {
+        setHostError(null);
+        setHostIp(null);
     }
   }, 500)
 
diff --git a/client/src/pages/openid/openid-edit.jsx b/client/src/pages/openid/openid-edit.jsx
index 811f255..022bf1a 100644
--- a/client/src/pages/openid/openid-edit.jsx
+++ b/client/src/pages/openid/openid-edit.jsx
@@ -28,7 +28,7 @@ const OpenIdEditModal = ({ clientId, openNewModal, setOpenNewModal, config, onSu
     });
   }
 
-  const clientConfig = Object.values(config.OpenIDClients).find((c) => c.id === clientId);
+  const clientConfig = config.OpenIDClients && Object.values(config.OpenIDClients).find((c) => c.id === clientId);
 
   return <>
     <RestartModal openModal={openRestartModal} setOpenModal={setOpenRestartModal} />
diff --git a/client/src/pages/openid/openid-list.jsx b/client/src/pages/openid/openid-list.jsx
index b0c8874..1cd462c 100644
--- a/client/src/pages/openid/openid-list.jsx
+++ b/client/src/pages/openid/openid-list.jsx
@@ -115,7 +115,6 @@ const OpenIdList = () => {
   const generateNewSecret = (clientIdToUpdate) => {
     let newSecret = Math.random().toString(36).substring(2, 24) + Math.random().toString(36).substring(2, 15);
     let encryptedSecret = bcrypt.hashSync(newSecret, 10);
-    console.log(newSecret, encryptedSecret)
     let index = clients.findIndex((r) => r.id === clientIdToUpdate);
     clients[index].secret = encryptedSecret;
     save(updateRoutes(clients));
@@ -181,6 +180,11 @@ const OpenIdList = () => {
         </DialogActions>
       </Dialog>}
 
+      
+      <Alert severity="warning" icon={<WarningOutlined />}>
+        This is an experimental feature. It is recommended to use with caution. Please report any issue you find!
+      </Alert>
+
       {clients && <PrettyTableView
         data={clients}
         getKey={(r) => r.id}
diff --git a/client/src/pages/servapps/containers/docker-compose.jsx b/client/src/pages/servapps/containers/docker-compose.jsx
index db6fc31..29c50a3 100644
--- a/client/src/pages/servapps/containers/docker-compose.jsx
+++ b/client/src/pages/servapps/containers/docker-compose.jsx
@@ -240,7 +240,7 @@ const DockerComposeImport = ({ refresh }) => {
         <DialogContentText>
           {step === 0 && <Stack spacing={2}>
             <Alert severity="warning" icon={<WarningOutlined />}>
-              This is a highly experimental feature. It is recommended to use with caution.
+        This is an experimental feature. It is recommended to use with caution. Please report any issue you find!
             </Alert>
 
             <UploadButtons
diff --git a/client/src/pages/servapps/containers/newServiceForm.jsx b/client/src/pages/servapps/containers/newServiceForm.jsx
index a2fae05..c59813d 100644
--- a/client/src/pages/servapps/containers/newServiceForm.jsx
+++ b/client/src/pages/servapps/containers/newServiceForm.jsx
@@ -109,8 +109,6 @@ const NewDockerServiceForm = () => {
     </Button>
     </Stack>
 
-    console.log(containerInfo)
-
   return <div>
     <Stack spacing={1}>
       <Stack direction="row" spacing={1} alignItems="center">
@@ -269,7 +267,6 @@ const NewDockerServiceForm = () => {
           title: 'Storage',
           disabled: maxTab < 1,
           children: <Stack spacing={2}><VolumeContainerSetup newContainer containerInfo={containerInfo} OnChange={(values) => {
-            console.log(values)
             const newValues = {
               ...containerInfo,
               HostConfig: {
diff --git a/package.json b/package.json
index 50ddbae..8b7a282 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "cosmos-server",
-  "version": "0.6.0-unstable2",
+  "version": "0.6.0",
   "description": "",
   "main": "test-server.js",
   "bugs": {
diff --git a/src/authorizationserver/oauth2.go b/src/authorizationserver/oauth2.go
index 0a7b69e..985b288 100644
--- a/src/authorizationserver/oauth2.go
+++ b/src/authorizationserver/oauth2.go
@@ -46,7 +46,7 @@ func Init() {
 			ID:             client.ID,
 			Secret:         []byte(client.Secret),
 			RedirectURIs:   []string{client.Redirect},
-			Scopes:         []string{"openid", "email"},
+			Scopes:         []string{"openid", "email", "profile", "offline", "roles", "groups", "address", "phone", "role"},
 			ResponseTypes:  []string{"id_token", "code", "token", "id_token token", "code id_token", "code token", "code id_token token"},
 			GrantTypes:     []string{"implicit", "refresh_token", "authorization_code", "password", "client_credentials"},
 		}
@@ -121,7 +121,6 @@ func newSession(user string, req *http.Request) *openid.DefaultSession {
 		Claims: &jwt.IDTokenClaims{
 			Issuer:      hostname,
 			Subject:     user,
-			// Audience:    []string{"https://my-client.my-application.com"},
 			ExpiresAt:   time.Now().Add(time.Hour * 6),
 			IssuedAt:    time.Now(),
 			RequestedAt: time.Now(),
diff --git a/src/authorizationserver/oauth2_auth.go b/src/authorizationserver/oauth2_auth.go
index 4d0d1e6..cb02c57 100644
--- a/src/authorizationserver/oauth2_auth.go
+++ b/src/authorizationserver/oauth2_auth.go
@@ -42,6 +42,7 @@ func authEndpoint(rw http.ResponseWriter, req *http.Request) {
 	// Now we need to get a response. This is the place where the AuthorizeEndpointHandlers kick in and start processing the request.
 	// NewAuthorizeResponse is capable of running multiple response type handlers which in turn enables this library
 	// to support open id connect.
+
 	response, err := oauth2.NewAuthorizeResponse(ctx, ar, mySessionData)
 
 	// Catch any errors, e.g.:
diff --git a/src/authorizationserver/oauth2_user.go b/src/authorizationserver/oauth2_user.go
index bb8f097..f474354 100644
--- a/src/authorizationserver/oauth2_user.go
+++ b/src/authorizationserver/oauth2_user.go
@@ -16,6 +16,7 @@ type oidcUser struct {
 	Name string `json:"name"`
 	Username string `json:"username"`
 	Nickname string `json:"nickname"`
+	Role string `json:"role"`
 	Email string `json:"email"`
 	Subject string `json:"sub"`
 	IssuedAt int64 `json:"iat"`
@@ -82,6 +83,12 @@ func userInfosEndpoint(rw http.ResponseWriter, req *http.Request) {
 	if ar.GetGrantedScopes().Has("email") {
 		baseToken.Email = user.Email
 	}
+
+	if user.Role == utils.ADMIN {
+		baseToken.Role = "admin"
+	} else {
+		baseToken.Role = "user"
+	}
 	
 	json.NewEncoder(rw).Encode(baseToken)
 }