Skip to content

Commit

Permalink
Token insights - restore MyDistribution query, show separate synclist…
Browse files Browse the repository at this point in the history 
… url (#4198)

* token-insights: change .body.pf-c-content* into .pf-c-content > .body*

* Token insights - restore MyDistribution query, show separate synclist url

No-Issue

* token-insights: add validated
  • Loading branch information
@himdel
himdel authored Oct 31, 2023
1 parent 4007571 commit b6c0f2c
Show file tree
Hide file tree
Showing 4 changed files with 209 additions and 124 deletions.
1 change: 1 addition & 0 deletions src/api/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ export { GroupRoleAPI } from './group-role';
export { ImportAPI } from './import';
export { LegacyNamespaceAPI } from './legacy-namespace';
export { LegacyRoleAPI } from './legacy-role';
export { MyDistributionAPI } from './my-distribution';
export { MyNamespaceAPI } from './my-namespace';
export { MySyncListAPI } from './my-synclist';
export { NamespaceAPI } from './namespace';
Expand Down
7 changes: 7 additions & 0 deletions src/api/my-distribution.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
import { HubAPI } from './hub';

class API extends HubAPI {
apiPath = this.getUIPath('my-distributions/');
}

export const MyDistributionAPI = new API();
316 changes: 192 additions & 124 deletions src/containers/token/token-insights.tsx
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import { Trans, t } from '@lingui/macro';
import { Button, ClipboardCopyVariant } from '@patternfly/react-core';
import { Alert, Button, ClipboardCopyVariant } from '@patternfly/react-core';
import React from 'react';
import { MyDistributionAPI } from 'src/api';
import {
AlertList,
AlertType,
Expand All @@ -10,11 +11,13 @@ import {
closeAlertMixin,
} from 'src/components';
import { AppContext } from 'src/loaders/app-context';
import { RouteProps, withRouter } from 'src/utilities';
import { RouteProps, errorMessage, withRouter } from 'src/utilities';
import { getRepoURL } from 'src/utilities';

interface IState {
tokenData: {
alerts: AlertType[];
synclistBasePath?: string;
tokenData?: {
access_token: string;
expires_in: number;
id_token: string;
Expand All @@ -24,162 +27,227 @@ interface IState {
session_state: string;
token_type: string;
};
alerts: AlertType[];
}

class TokenInsights extends React.Component<RouteProps, IState> {
constructor(props) {
super(props);

this.state = {
tokenData: undefined,
alerts: [],
synclistBasePath: null,
tokenData: null,
};
}

componentDidMount() {
this.getTokenData();
this.getSynclistBasePath();
}

getTokenData() {
if (!window.insights?.chrome) {
// outside insights platform
return;
}

// this function will fail if chrome.auth.doOffline() hasn't been called
// so it never works the first time .. loadToken() causes a reload and then it works => no error handling
window.insights.chrome.auth.getOfflineToken().then((result) => {
this.setState({ tokenData: result.data });
});
window.insights.chrome.auth
.getOfflineToken()
.then(({ data: tokenData }) => this.setState({ tokenData }));
}

getSynclistBasePath() {
MyDistributionAPI.list()
.then(({ data }) => {
const syncDistro = data.data.find(({ base_path }) =>
base_path.includes('synclist'),
);
this.setState({
synclistBasePath: syncDistro?.base_path,
});
})
.catch((e) => {
const { status, statusText } = e.response;
this.setState({
synclistBasePath: null,
alerts: [
...this.state.alerts,
{
variant: 'danger',
title: t`Server URL could not be displayed.`,
description: errorMessage(status, statusText),
},
],
});
});
}

render() {
const { tokenData, alerts } = this.state;
const { alerts, synclistBasePath, tokenData } = this.state;
const renewTokenCmd = `curl https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token -d grant_type=refresh_token -d client_id="cloud-services" -d refresh_token="${
tokenData?.refresh_token ?? '{{ user_token }}'
}" --fail --silent --show-error --output /dev/null`;

return (
<React.Fragment>
<>
<AlertList alerts={alerts} closeAlert={(i) => this.closeAlert(i)} />
<BaseHeader title={t`Connect to Hub`} />
<Main>
<section className='body pf-c-content'>
<h2>{t`Connect Private Automation Hub`}</h2>
<p>
<Trans>
Use the Server URL below to sync certified collections to the
Red Hat Certified repository in your private Automation Hub. If
you wish to sync validated content, you can add a remote with a
server url pointed to the validated repo.
</Trans>
</p>
</section>
<section className='body pf-c-content'>
<h2>{t`Connect the ansible-galaxy client`}</h2>
<p>
<Trans>
Documentation on how to configure the{' '}
<code>ansible-galaxy</code> client can be found{' '}
<a href={UI_DOCS_URL} target='_blank' rel='noreferrer'>
here
</a>
. Use the following parameters to configure the client.
</Trans>
</p>
</section>
<section className='body pf-c-content'>
<h2>{t`Offline token`}</h2>
<p>
<Trans>
Use this token to authenticate clients that need to download
content from Automation Hub. This is a secret token used to
protect your content. Store your API token in a secure location.
</Trans>
</p>
{tokenData ? (
<div>
<ClipboardCopy>{tokenData.refresh_token}</ClipboardCopy>
</div>
) : (
<div>
<Button
onClick={() => this.loadToken()}
>{t`Load token`}</Button>
</div>
)}
<div
className='pf-c-content'
style={{ paddingTop: 'var(--pf-global--spacer--md)' }}
>
<span>
<section className='pf-c-content'>
<section className='body'>
<h2>{t`Connect Private Automation Hub`}</h2>
<p>
<Trans>
The token will expire after 30 days of inactivity. Run the
command below periodically to prevent your token from
expiring.
Use the Server URL below to sync certified collections to the
Red Hat Certified repository in your private Automation Hub.
If you wish to sync validated content, you can add a remote
with a server url pointed to the validated repo.
</Trans>
</span>
<ClipboardCopy
isCode
isReadOnly
variant={ClipboardCopyVariant.expansion}
>
{renewTokenCmd}
</ClipboardCopy>
</div>
<h2>{t`Manage tokens`}</h2>
<Trans>
To revoke a token or see all of your tokens, visit the{' '}
<a
href='https://sso.redhat.com/auth/realms/redhat-external/account/#/applications'
target='_blank'
rel='noreferrer'
>
offline API token management
</a>{' '}
page.
</Trans>
</section>
<section className='body pf-c-content'>
<h2>{t`Server URL`}</h2>
<p>
<Trans>
Use this URL to configure the API endpoints that clients need to
download certified content from Automation Hub. Synclists are
deprecated in AAP 2.4 and will be removed in a future release,
instead use client-side requirements.yml, see AAP 2.4
documentation.
</Trans>
</p>
<ClipboardCopy isReadOnly>
{getRepoURL('published', true)}
</ClipboardCopy>
</section>
<section className='body pf-c-content'>
<h2>{t`SSO URL`}</h2>
<p>
<Trans>
Use this URL to configure the authentication URLs that clients
need to download content from Automation Hub.
</Trans>
</p>
<ClipboardCopy isReadOnly>
https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
</ClipboardCopy>
</section>
<section className='body pf-c-content'>
<h2>{t`CRC public key`}</h2>
<p>
</p>
</section>
<section className='body'>
<h2>{t`Connect the ansible-galaxy client`}</h2>
<p>
<Trans>
Documentation on how to configure the{' '}
<code>ansible-galaxy</code> client can be found{' '}
<a href={UI_DOCS_URL} target='_blank' rel='noreferrer'>
here
</a>
. Use the following parameters to configure the client.
</Trans>
</p>
</section>
<section className='body'>
<h2>{t`Offline token`}</h2>
<p>
<Trans>
Use this token to authenticate clients that need to download
content from Automation Hub. This is a secret token used to
protect your content. Store your API token in a secure
location.
</Trans>
</p>
{tokenData ? (
<div>
<ClipboardCopy>{tokenData.refresh_token}</ClipboardCopy>
</div>
) : (
<div>
<Button
onClick={() => this.loadToken()}
>{t`Load token`}</Button>
</div>
)}
<div style={{ paddingTop: 'var(--pf-global--spacer--md)' }}>
<span>
<Trans>
The token will expire after 30 days of inactivity. Run the
command below periodically to prevent your token from
expiring.
</Trans>
</span>
<ClipboardCopy
isCode
isReadOnly
variant={ClipboardCopyVariant.expansion}
>
{renewTokenCmd}
</ClipboardCopy>
</div>
<h2>{t`Manage tokens`}</h2>
<Trans>
We use a number of keys to sign our software packages. The
necessary public keys are included in the relevant products and
are used to automatically verify software updates. You can also
verify the packages manually using the keys on this page. More
information can be found{' '}
To revoke a token or see all of your tokens, visit the{' '}
<a
href='https://access.redhat.com/security/team/key'
href='https://sso.redhat.com/auth/realms/redhat-external/account/#/applications'
target='_blank'
rel='noreferrer'
>
here.
</a>
offline API token management
</a>{' '}
page.
</Trans>
</p>
</section>
<section className='body'>
<h2>{t`Server URL`}</h2>
<p>
<Trans>
Use this URL to configure the API endpoints that clients need
to download <strong>certified</strong> content from Automation
Hub.{' '}
</Trans>
</p>
<ClipboardCopy isReadOnly>
{getRepoURL('published', true)}
</ClipboardCopy>
<p style={{ paddingTop: 'var(--pf-global--spacer--md)' }}>
<Trans>
Use this URL for <strong>validated</strong> content from
Automation Hub.{' '}
</Trans>
</p>
<ClipboardCopy isReadOnly>
{getRepoURL('validated')}
</ClipboardCopy>
<p style={{ paddingTop: 'var(--pf-global--spacer--md)' }}>
<Trans>
Synclists are deprecated in AAP 2.4 and will be removed in a
future release, use client-side <code>requirements.yml</code>{' '}
instead.
<br />
If you&apos;re using sync toggles with AAP 2.3 or older, you
will need to use a different URL:
</Trans>
</p>
{synclistBasePath ? (
<ClipboardCopy isReadOnly>
{getRepoURL(synclistBasePath)}
</ClipboardCopy>
) : (
<Alert
variant='danger'
isInline
title={t`Synclist distribution was not found.`}
className='hub-content-alert-fix'
/>
)}
</section>
<section className='body'>
<h2>{t`SSO URL`}</h2>
<p>
<Trans>
Use this URL to configure the authentication URLs that clients
need to download content from Automation Hub.
</Trans>
</p>
<ClipboardCopy isReadOnly>
https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
</ClipboardCopy>
</section>
<section className='body'>
<h2>{t`CRC public key`}</h2>
<p>
<Trans>
We use a number of keys to sign our software packages. The
necessary public keys are included in the relevant products
and are used to automatically verify software updates. You can
also verify the packages manually using the keys on this page.
More information can be found{' '}
<a
href='https://access.redhat.com/security/team/key'
target='_blank'
rel='noreferrer'
>
here.
</a>
</Trans>
</p>
</section>
</section>
</Main>
</React.Fragment>
</>
);
}

Expand Down
Loading

0 comments on commit b6c0f2c

Please sign in to comment.