ui implementation of basic auth

andreaTP · andreaTP · commit ec7cc8190b64 · 2024-05-03T15:53:02.000+01:00
diff --git a/ui/ui-app/package-lock.json b/ui/ui-app/package-lock.json
diff --git a/ui/ui-app/package.json b/ui/ui-app/package.json
@@ -30,14 +30,15 @@
     "vite-tsconfig-paths": "4.3.2"
   },
   "dependencies": {
-    "@apicurio/data-models": "1.1.27",
     "@apicurio/common-ui-components": "2.0.0",
+    "@apicurio/data-models": "1.1.27",
     "@patternfly/patternfly": "5.3.0",
     "@patternfly/react-code-editor": "5.3.1",
     "@patternfly/react-core": "5.3.1",
     "@patternfly/react-icons": "5.3.1",
     "@patternfly/react-table": "5.3.1",
     "axios": "1.6.8",
+    "buffer": "^6.0.3",
     "luxon": "3.4.4",
     "oidc-client-ts": "3.0.1",
     "react": "18.3.1",
diff --git a/ui/ui-app/src/services/useAdminService.ts b/ui/ui-app/src/services/useAdminService.ts
@@ -148,7 +148,7 @@ const exportAs = async (config: ConfigService, auth: AuthService, filename: stri
     options.headers = {
         ...options.headers,
         "Accept": "application/zip"
-    }
+    };
 
     const endpoint: string = createEndpoint(baseHref, "/admin/export", {}, {
         forBrowser: true
@@ -172,7 +172,7 @@ const importFrom = async (config: ConfigService, auth: AuthService, file: string
     options.headers = {
         ...options.headers,
         "Accept": "application/zip"
-    }
+    };
     const endpoint: string = createEndpoint(baseHref, "/admin/import");
     return httpPost(endpoint, file, options,undefined, progressFunction);
 };
diff --git a/ui/ui-app/src/services/useGroupsService.ts b/ui/ui-app/src/services/useGroupsService.ts
@@ -2,8 +2,6 @@ import { ConfigService, useConfigService } from "@services/useConfigService.ts";
 import {
     createAuthOptions,
     createEndpoint,
-    createHeaders,
-    createOptions,
     httpDelete,
     httpGet,
     httpPostWithReturn,
@@ -71,42 +69,40 @@ export interface ClientGeneration {
 
 const createArtifact = async (config: ConfigService, auth: AuthService, data: CreateArtifactData): Promise<ArtifactMetaData> => {
     const baseHref: string = config.artifactsUrl();
-    const token: string | undefined = await auth.getToken();
     const endpoint: string = createEndpoint(baseHref, "/groups/:groupId/artifacts", { groupId: data.groupId });
     const options = await createAuthOptions(auth);
 
-    const headers: any = createHeaders(token);
     if (data.id) {
         options.headers = {
             ...options.headers,
             "X-Registry-ArtifactId": data.id
-        }
+        };
     }
     if (data.type) {
         options.headers = {
             ...options.headers,
             "X-Registry-ArtifactType": data.type
-        }
+        };
     }
     if (data.sha) {
         options.headers = {
             ...options.headers,
             "X-Registry-Hash-Algorithm": "SHA256",
             "X-Registry-Content-Hash": data.sha
-        }
+        };
     }
 
     if (data.fromURL) {
         options.headers = {
             ...options.headers,
             "Content-Type": "application/create.extended+json"
-        }
+        };
         data.content = `{ "content": "${data.fromURL}" }`;
     } else {
         options.headers = {
             ...options.headers,
             "Content-Type": contentType(data.type, data.content ? data.content : "")
-        }
+        };
     }
 
     return httpPostWithReturn<any, ArtifactMetaData>(endpoint, data.content, options);
@@ -122,12 +118,12 @@ const createArtifactVersion = async (config: ConfigService, auth: AuthService, g
         options.headers = {
             ...options.headers,
             "X-Registry-ArtifactType": data.type
-        }
+        };
     }
     options.headers = {
         ...options.headers,
         "Content-Type": contentType(data.type, data.content)
-    }
+    };
     return httpPostWithReturn<any, VersionMetaData>(endpoint, data.content, options);
 };
 
@@ -236,7 +232,7 @@ const getArtifactVersionContent = async (config: ConfigService, auth: AuthServic
     options.headers = {
         ...options.headers,
         "Accept": "*"
-    }
+    };
     options.maxContentLength = 5242880; // TODO 5MB hard-coded, make this configurable?
     options.responseType = "text";
     options.transformResponse = (data: any) => data;
@@ -263,9 +259,8 @@ const getArtifactRules = async (config: ConfigService, auth: AuthService, groupI
 
     console.info("[GroupsService] Getting the list of rules for artifact: ", groupId, artifactId);
     const baseHref: string = config.artifactsUrl();
-    const token: string | undefined = await auth.getToken();
     const endpoint: string = createEndpoint(baseHref, "/groups/:groupId/artifacts/:artifactId/rules", { groupId, artifactId });
-    const options = createOptions(createHeaders(token));
+    const options = await createAuthOptions(auth);
     return httpGet<string[]>(endpoint, options).then( ruleTypes => {
         return Promise.all(ruleTypes.map(rt => getArtifactRule(config, auth, groupId, artifactId, rt)));
     });
@@ -275,13 +270,12 @@ const getArtifactRule = async (config: ConfigService, auth: AuthService, groupId
     groupId = normalizeGroupId(groupId);
 
     const baseHref: string = config.artifactsUrl();
-    const token: string | undefined = await auth.getToken();
     const endpoint: string = createEndpoint(baseHref, "/groups/:groupId/artifacts/:artifactId/rules/:rule", {
         groupId,
         artifactId,
         rule: type
     });
-    const options = createOptions(createHeaders(token));
+    const options = await createAuthOptions(auth);
     return httpGet<Rule>(endpoint, options);
 };
 
@@ -291,13 +285,12 @@ const createArtifactRule = async (config: ConfigService, auth: AuthService, grou
     console.info("[GroupsService] Creating rule:", type);
 
     const baseHref: string = config.artifactsUrl();
-    const token: string | undefined = await auth.getToken();
     const endpoint: string = createEndpoint(baseHref, "/groups/:groupId/artifacts/:artifactId/rules", { groupId, artifactId });
     const body: Rule = {
         config: configValue,
         type
     };
-    const options = createOptions(createHeaders(token));
+    const options = await createAuthOptions(auth);
     return httpPostWithReturn(endpoint, body, options);
 };
 
@@ -306,14 +299,13 @@ const updateArtifactRule = async (config: ConfigService, auth: AuthService, grou
 
     console.info("[GroupsService] Updating rule:", type);
     const baseHref: string = config.artifactsUrl();
-    const token: string | undefined = await auth.getToken();
     const endpoint: string = createEndpoint(baseHref, "/groups/:groupId/artifacts/:artifactId/rules/:rule", {
         groupId,
         artifactId,
         "rule": type
     });
     const body: Rule = { config: configValue, type };
-    const options = createOptions(createHeaders(token));
+    const options = await createAuthOptions(auth);
     return httpPutWithReturn<Rule, Rule>(endpoint, body, options);
 };
 
@@ -322,13 +314,12 @@ const deleteArtifactRule = async (config: ConfigService, auth: AuthService, grou
 
     console.info("[GroupsService] Deleting rule:", type);
     const baseHref: string = config.artifactsUrl();
-    const token: string | undefined = await auth.getToken();
     const endpoint: string = createEndpoint(baseHref, "/groups/:groupId/artifacts/:artifactId/rules/:rule", {
         groupId,
         artifactId,
         "rule": type
     });
-    const options = createOptions(createHeaders(token));
+    const options = await createAuthOptions(auth);
     return httpDelete(endpoint, options);
 };
 
@@ -337,9 +328,8 @@ const deleteArtifact = async (config: ConfigService, auth: AuthService, groupId:
 
     console.info("[GroupsService] Deleting artifact:", groupId, artifactId);
     const baseHref: string = config.artifactsUrl();
-    const token: string | undefined = await auth.getToken();
     const endpoint: string = createEndpoint(baseHref, "/groups/:groupId/artifacts/:artifactId", { groupId, artifactId });
-    const options = createOptions(createHeaders(token));
+    const options = await createAuthOptions(auth);
     return httpDelete(endpoint, options);
 };
 
diff --git a/ui/ui-app/src/services/useUserService.ts b/ui/ui-app/src/services/useUserService.ts
@@ -1,6 +1,6 @@
 import { UserInfo } from "@models/userInfo.model.ts";
 import { AuthService, useAuth } from "@apicurio/common-ui-components";
-import { createEndpoint, createHeaders, createOptions, httpGet } from "@utils/rest.utils.ts";
+import { createAuthOptions, createEndpoint, httpGet } from "@utils/rest.utils.ts";
 import { ConfigService, useConfigService } from "@services/useConfigService.ts";
 
 let currentUserInfo: UserInfo = {
@@ -21,8 +21,7 @@ const updateCurrentUser = async (config: ConfigService, auth: AuthService): Prom
     if (isAuthenticated) {
         // TODO cache the response for a few minutes to limit the # of times this is called per minute??
         const endpoint: string = createEndpoint(config.artifactsUrl(), "/users/me");
-        const token: string | undefined = await auth.getToken();
-        const options = createOptions(createHeaders(token));
+        const options = await createAuthOptions(auth);
         return httpGet<UserInfo>(endpoint, options).then(userInfo => {
             currentUserInfo = userInfo;
             return userInfo;
@@ -41,7 +40,7 @@ const isObacEnabled = (config: ConfigService): boolean => {
 };
 
 const isUserAdmin = (config: ConfigService, auth: AuthService): boolean => {
-    if (!auth.isAuthEnabled()) {
+    if (!auth.isOidcAuthEnabled() && !auth.isBasicAuthEnabled()) {
         return true;
     }
     if (!isRbacEnabled(config) && !isObacEnabled(config)) {
@@ -51,7 +50,7 @@ const isUserAdmin = (config: ConfigService, auth: AuthService): boolean => {
 };
 
 const isUserDeveloper = (config: ConfigService, auth: AuthService, resourceOwner?: string): boolean => {
-    if (!auth.isAuthEnabled()) {
+    if (!auth.isOidcAuthEnabled() && !auth.isBasicAuthEnabled()) {
         return true;
     }
     if (!isRbacEnabled(config) && !isObacEnabled(config)) {
diff --git a/ui/ui-app/src/utils/rest.utils.ts b/ui/ui-app/src/utils/rest.utils.ts
@@ -1,6 +1,7 @@
 import axios, { AxiosRequestConfig } from "axios";
 import { ContentTypes } from "@models/contentTypes.model.ts";
 import { AuthService } from "@apicurio/common-ui-components";
+import { Buffer } from "buffer";
 
 const AXIOS = axios.create();
 
@@ -113,7 +114,8 @@ export async function createAuthOptions(auth: AuthService): Promise<AxiosRequest
         return createOptions(createHeaders(token));
     } else if (auth.isBasicAuthEnabled()) {
         const creds = auth.getUsernameAndPassword();
-        const headers = { "Authorization": `Basic ${Buffer.from(`${creds?.username}:${creds?.password}`, 'base64')}`};
+        const base64Credentials = Buffer.from(`${creds?.username}:${creds?.password}`, "ascii").toString("base64");
+        const headers = { "Authorization": `Basic ${base64Credentials}` };
         return createOptions(headers);
     } else {
         return Promise.resolve({});
diff --git a/ui/ui-app/vite.config.ts b/ui/ui-app/vite.config.ts
@@ -8,7 +8,12 @@ export default defineConfig({
     plugins: [react(), tsconfigPaths()],
     server: {
         port: PORT
-    }
+    },
+    // START: To use npm link
+    // optimizeDeps: {
+    //     exclude: ['@apicurio/common-ui-components'],
+    // },
+    // END: To use npm link
     // define: {
     //     "process.platform": {}
     // }
