From 9dba31fe669117b284a1334a9a545c588c158008 Mon Sep 17 00:00:00 2001 From: Aneela Chagarlamudi Date: Tue, 13 Aug 2024 12:30:04 +0200 Subject: [PATCH] Add sso flow --- pkg/assets/static/redirectpage.js | 75 +++++++++++++++++++++++++++---- 1 file changed, 67 insertions(+), 8 deletions(-) diff --git a/pkg/assets/static/redirectpage.js b/pkg/assets/static/redirectpage.js index fd72f727..a11b93c9 100644 --- a/pkg/assets/static/redirectpage.js +++ b/pkg/assets/static/redirectpage.js @@ -1,16 +1,16 @@ +// this is where we load our config from +const configURL = "/api/v1/authconfig"; const queryString = window.location.search; const urlParams = new URLSearchParams(queryString); const link = urlParams.get("link"); const keyword = urlParams.get("keyword"); const selectedId = urlParams.get("selectedId"); const consoleUrl = "https://console.redhat.com/openshift/sandbox"; -const baseUrl = `https://${data.consoleURL}/`; -const appendedUrl = `${link}/ns/${data.defaultUserNamespace}`; + const params = { keyword, selectedId, }; -const redirectUrl = new URL(baseUrl + appendedUrl); Object.keys(params).forEach((key) => { if (params[key]) { @@ -19,8 +19,11 @@ Object.keys(params).forEach((key) => { }); function handleSuccess(data) { + const baseUrl = `https://${data.consoleURL}/`; + const appendedUrl = `${link}/ns/${data.defaultUserNamespace}`; + const redirectUrl = new URL(baseUrl + appendedUrl); if (data.status != "ready") { - window.location.href = "https://console.redhat.com/openshift/sandbox"; + window.location.href = consoleUrl; } else { window.location.href = link === "notebookController" @@ -32,16 +35,72 @@ function handleSuccess(data) { } function handleError() { - window.location.href = "https://console.redhat.com/openshift/sandbox"; + window.location.href = consoleUrl; } -if (keycloak) { +fetch(configURL) + .then(response => response.json()) + .then(data => { + loadAuthLibrary( + data["auth-client-library-url"], + function () { + console.log("client library load success!"); + var clientConfig = JSON.parse(data["auth-client-config"]); + console.log( + "using client configuration: " + JSON.stringify(clientConfig) + ); + keycloak = new Keycloak(clientConfig); + keycloak + .init({ + onLoad: "check-sso", + silentCheckSsoRedirectUri: + window.location.origin + "/silent-check-sso.html", + }) + .then(function (authenticated) { + if (authenticated == true) { + console.log("user is authenticated"); + // start 15s interval token refresh. + intervalRefRefresh = setInterval(refreshToken, 15000); + keycloak + .loadUserInfo() + .then(function (data) { + console.log("retrieved user info.."); + idToken = keycloak.idToken; + showUser( + data.preferred_username, + data.sub, + data.original_sub + ); + }) + .catch(function () { + console.log("Failed to pull in user data"); + showError("Failed to pull in user data."); + handleError(); + }); + } else { + console.log("user not authenticated"); + hideUser(); + hideAll(); + idToken = null; + show("state-getstarted"); + handleError(); + } + }) + .catch(function () { + console.log("Failed to initialize authorization"); + showError("Failed to initialize authorization."); + handleError(); + }); + }) + }); + +if (idToken) { fetch( "registration-service-toolchain-host-operator.apps.sandbox.x8i5.p1.openshiftapps.com/api/v1/signup", { method: "GET", headers: { - Authorization: "Bearer" + keycloak.token, + Authorization: "Bearer" + idToken, }, } ) @@ -49,5 +108,5 @@ if (keycloak) { .then((data) => handleSuccess(data)) .catch((error) => handleError(error)); } else { - login(); + getJSON(); }