Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Token insights - restore MyDistribution query, show separate synclist url #4198

Merged
merged 3 commits into from
Oct 31, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions src/api/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ export { GroupRoleAPI } from './group-role';
export { ImportAPI } from './import';
export { LegacyNamespaceAPI } from './legacy-namespace';
export { LegacyRoleAPI } from './legacy-role';
export { MyDistributionAPI } from './my-distribution';
export { MyNamespaceAPI } from './my-namespace';
export { MySyncListAPI } from './my-synclist';
export { NamespaceAPI } from './namespace';
Expand Down
7 changes: 7 additions & 0 deletions src/api/my-distribution.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
import { HubAPI } from './hub';

class API extends HubAPI {
apiPath = this.getUIPath('my-distributions/');
}

export const MyDistributionAPI = new API();
316 changes: 192 additions & 124 deletions src/containers/token/token-insights.tsx
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import { Trans, t } from '@lingui/macro';
import { Button, ClipboardCopyVariant } from '@patternfly/react-core';
import { Alert, Button, ClipboardCopyVariant } from '@patternfly/react-core';
import React from 'react';
import { MyDistributionAPI } from 'src/api';
import {
AlertList,
AlertType,
Expand All @@ -10,11 +11,13 @@ import {
closeAlertMixin,
} from 'src/components';
import { AppContext } from 'src/loaders/app-context';
import { RouteProps, withRouter } from 'src/utilities';
import { RouteProps, errorMessage, withRouter } from 'src/utilities';
import { getRepoURL } from 'src/utilities';

interface IState {
tokenData: {
alerts: AlertType[];
synclistBasePath?: string;
tokenData?: {
access_token: string;
expires_in: number;
id_token: string;
Expand All @@ -24,162 +27,227 @@ interface IState {
session_state: string;
token_type: string;
};
alerts: AlertType[];
}

class TokenInsights extends React.Component<RouteProps, IState> {
constructor(props) {
super(props);

this.state = {
tokenData: undefined,
alerts: [],
synclistBasePath: null,
tokenData: null,
};
}

componentDidMount() {
this.getTokenData();
this.getSynclistBasePath();
}

getTokenData() {
if (!window.insights?.chrome) {
// outside insights platform
return;
}

// this function will fail if chrome.auth.doOffline() hasn't been called
// so it never works the first time .. loadToken() causes a reload and then it works => no error handling
window.insights.chrome.auth.getOfflineToken().then((result) => {
this.setState({ tokenData: result.data });
});
window.insights.chrome.auth
.getOfflineToken()
.then(({ data: tokenData }) => this.setState({ tokenData }));
}

getSynclistBasePath() {
MyDistributionAPI.list()
.then(({ data }) => {
const syncDistro = data.data.find(({ base_path }) =>
base_path.includes('synclist'),
);
this.setState({
synclistBasePath: syncDistro?.base_path,
});
})
.catch((e) => {
const { status, statusText } = e.response;
this.setState({
synclistBasePath: null,
alerts: [
...this.state.alerts,
{
variant: 'danger',
title: t`Server URL could not be displayed.`,
description: errorMessage(status, statusText),
},
],
});
});
}

render() {
const { tokenData, alerts } = this.state;
const { alerts, synclistBasePath, tokenData } = this.state;
const renewTokenCmd = `curl https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token -d grant_type=refresh_token -d client_id="cloud-services" -d refresh_token="${
tokenData?.refresh_token ?? '{{ user_token }}'
}" --fail --silent --show-error --output /dev/null`;

return (
<React.Fragment>
<>
<AlertList alerts={alerts} closeAlert={(i) => this.closeAlert(i)} />
<BaseHeader title={t`Connect to Hub`} />
<Main>
<section className='body pf-c-content'>
<h2>{t`Connect Private Automation Hub`}</h2>
<p>
<Trans>
Use the Server URL below to sync certified collections to the
Red Hat Certified repository in your private Automation Hub. If
you wish to sync validated content, you can add a remote with a
server url pointed to the validated repo.
</Trans>
</p>
</section>
<section className='body pf-c-content'>
<h2>{t`Connect the ansible-galaxy client`}</h2>
<p>
<Trans>
Documentation on how to configure the{' '}
<code>ansible-galaxy</code> client can be found{' '}
<a href={UI_DOCS_URL} target='_blank' rel='noreferrer'>
here
</a>
. Use the following parameters to configure the client.
</Trans>
</p>
</section>
<section className='body pf-c-content'>
<h2>{t`Offline token`}</h2>
<p>
<Trans>
Use this token to authenticate clients that need to download
content from Automation Hub. This is a secret token used to
protect your content. Store your API token in a secure location.
</Trans>
</p>
{tokenData ? (
<div>
<ClipboardCopy>{tokenData.refresh_token}</ClipboardCopy>
</div>
) : (
<div>
<Button
onClick={() => this.loadToken()}
>{t`Load token`}</Button>
</div>
)}
<div
className='pf-c-content'
style={{ paddingTop: 'var(--pf-global--spacer--md)' }}
>
<span>
<section className='pf-c-content'>
<section className='body'>
<h2>{t`Connect Private Automation Hub`}</h2>
<p>
<Trans>
The token will expire after 30 days of inactivity. Run the
command below periodically to prevent your token from
expiring.
Use the Server URL below to sync certified collections to the
Red Hat Certified repository in your private Automation Hub.
If you wish to sync validated content, you can add a remote
with a server url pointed to the validated repo.
</Trans>
</span>
<ClipboardCopy
isCode
isReadOnly
variant={ClipboardCopyVariant.expansion}
>
{renewTokenCmd}
</ClipboardCopy>
</div>
<h2>{t`Manage tokens`}</h2>
<Trans>
To revoke a token or see all of your tokens, visit the{' '}
<a
href='https://sso.redhat.com/auth/realms/redhat-external/account/#/applications'
target='_blank'
rel='noreferrer'
>
offline API token management
</a>{' '}
page.
</Trans>
</section>
<section className='body pf-c-content'>
<h2>{t`Server URL`}</h2>
<p>
<Trans>
Use this URL to configure the API endpoints that clients need to
download certified content from Automation Hub. Synclists are
deprecated in AAP 2.4 and will be removed in a future release,
instead use client-side requirements.yml, see AAP 2.4
documentation.
</Trans>
</p>
<ClipboardCopy isReadOnly>
{getRepoURL('published', true)}
</ClipboardCopy>
</section>
<section className='body pf-c-content'>
<h2>{t`SSO URL`}</h2>
<p>
<Trans>
Use this URL to configure the authentication URLs that clients
need to download content from Automation Hub.
</Trans>
</p>
<ClipboardCopy isReadOnly>
https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
</ClipboardCopy>
</section>
<section className='body pf-c-content'>
<h2>{t`CRC public key`}</h2>
<p>
</p>
</section>
<section className='body'>
<h2>{t`Connect the ansible-galaxy client`}</h2>
<p>
<Trans>
Documentation on how to configure the{' '}
<code>ansible-galaxy</code> client can be found{' '}
<a href={UI_DOCS_URL} target='_blank' rel='noreferrer'>
here
</a>
. Use the following parameters to configure the client.
</Trans>
</p>
</section>
<section className='body'>
<h2>{t`Offline token`}</h2>
<p>
<Trans>
Use this token to authenticate clients that need to download
content from Automation Hub. This is a secret token used to
protect your content. Store your API token in a secure
location.
</Trans>
</p>
{tokenData ? (
<div>
<ClipboardCopy>{tokenData.refresh_token}</ClipboardCopy>
</div>
) : (
<div>
<Button
onClick={() => this.loadToken()}
>{t`Load token`}</Button>
</div>
)}
<div style={{ paddingTop: 'var(--pf-global--spacer--md)' }}>
<span>
<Trans>
The token will expire after 30 days of inactivity. Run the
command below periodically to prevent your token from
expiring.
</Trans>
</span>
<ClipboardCopy
isCode
isReadOnly
variant={ClipboardCopyVariant.expansion}
>
{renewTokenCmd}
</ClipboardCopy>
</div>
<h2>{t`Manage tokens`}</h2>
<Trans>
We use a number of keys to sign our software packages. The
necessary public keys are included in the relevant products and
are used to automatically verify software updates. You can also
verify the packages manually using the keys on this page. More
information can be found{' '}
To revoke a token or see all of your tokens, visit the{' '}
<a
href='https://access.redhat.com/security/team/key'
href='https://sso.redhat.com/auth/realms/redhat-external/account/#/applications'
target='_blank'
rel='noreferrer'
>
here.
</a>
offline API token management
</a>{' '}
page.
</Trans>
</p>
</section>
<section className='body'>
<h2>{t`Server URL`}</h2>
<p>
<Trans>
Use this URL to configure the API endpoints that clients need
to download <strong>certified</strong> content from Automation
Hub.{' '}
</Trans>
</p>
<ClipboardCopy isReadOnly>
{getRepoURL('published', true)}
</ClipboardCopy>
<p style={{ paddingTop: 'var(--pf-global--spacer--md)' }}>
<Trans>
Use this URL for <strong>validated</strong> content from
Automation Hub.{' '}
</Trans>
</p>
<ClipboardCopy isReadOnly>
{getRepoURL('validated')}
</ClipboardCopy>
<p style={{ paddingTop: 'var(--pf-global--spacer--md)' }}>
<Trans>
Synclists are deprecated in AAP 2.4 and will be removed in a
future release, use client-side <code>requirements.yml</code>{' '}
instead.
<br />
If you&apos;re using sync toggles with AAP 2.3 or older, you
will need to use a different URL:
</Trans>
</p>
{synclistBasePath ? (
<ClipboardCopy isReadOnly>
{getRepoURL(synclistBasePath)}
</ClipboardCopy>
) : (
<Alert
variant='danger'
isInline
title={t`Synclist distribution was not found.`}
className='hub-content-alert-fix'
/>
)}
</section>
<section className='body'>
<h2>{t`SSO URL`}</h2>
<p>
<Trans>
Use this URL to configure the authentication URLs that clients
need to download content from Automation Hub.
</Trans>
</p>
<ClipboardCopy isReadOnly>
https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
</ClipboardCopy>
</section>
<section className='body'>
<h2>{t`CRC public key`}</h2>
<p>
<Trans>
We use a number of keys to sign our software packages. The
necessary public keys are included in the relevant products
and are used to automatically verify software updates. You can
also verify the packages manually using the keys on this page.
More information can be found{' '}
<a
href='https://access.redhat.com/security/team/key'
target='_blank'
rel='noreferrer'
>
here.
</a>
</Trans>
</p>
</section>
</section>
</Main>
</React.Fragment>
</>
);
}

Expand Down
Loading
Loading