Enable to switch context on kubeconfig

When user is logged in with kubeconfig, add selections for contexts included in kubeconfig
into user menu and enable to switch contexts included in kubeconfig.

This commit implements basic functionalities for switching contexts,
so to set dashboard-metrics-scraper host for each `cluster`, you need to describe it
as `sidecarHost` in `cluster` directive in kubeconfig.

Note: To test this with `npm run start*`, enlarge maximum http header size with
`export NODE_OPTIONS=--max-http-header-size=102400`.

Author: shu-mutou

aio/develop/run-npm-on-container.sh

@@ -26,6 +26,9 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 LOCAL_UID=$(id -u)
 LOCAL_GID=$(id -g)
 
+# Set max http header size for NodeJS
+NODE_OPTIONS=${NODE_OPTIONS:-"--max-http-header-size=102400"}
+
 # K8S_DASHBOARD_NPM_CMD will be passed into container and will be used
 # by run-npm-command.sh on container. Then the shell sciprt will run `npm`
 # command with K8S_DASHBOAD_NPM_CMD.
@@ -88,6 +91,7 @@ docker run \
   -e K8S_DASHBOARD_DEBUG=${K8S_DASHBOARD_DEBUG} \
   -e LOCAL_UID="${LOCAL_UID}" \
   -e LOCAL_GID="${LOCAL_GID}" \
+  -e NODE_OPTIONS="${NODE_OPTIONS}" \
   -p ${K8S_DASHBOARD_PORT}:${K8S_DASHBOARD_PORT} \
   -p ${K8S_DASHBOARD_DEBUG_PORT}:${K8S_DASHBOARD_DEBUG_PORT} \
   ${DOCKER_RUN_OPTS} \

i18n/de/messages.de.xlf

@@ -3020,7 +3020,7 @@
         <target>Anmelden</target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="linenumber">43</context>
         </context-group>
       </trans-unit>
       <trans-unit id="6426cc90184df1cdb238f45fce5220df8438ed62" datatype="html">
@@ -3029,7 +3029,7 @@
         <target>Abmelden</target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="linenumber">48</context>
         </context-group>
       </trans-unit>
       <trans-unit id="192867803de476e3137425685702cb44b3bb9981" datatype="html">

i18n/fr/messages.fr.xlf

@@ -3024,7 +3024,7 @@
         <target>Connexion</target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="linenumber">43</context>
         </context-group>
       </trans-unit>
       <trans-unit id="6426cc90184df1cdb238f45fce5220df8438ed62" datatype="html">
@@ -3033,7 +3033,7 @@
         <target>Déconnexion</target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="linenumber">48</context>
         </context-group>
       </trans-unit>
       <trans-unit id="192867803de476e3137425685702cb44b3bb9981" datatype="html">

i18n/ja/messages.ja.xlf

@@ -2750,7 +2750,7 @@
         <target>サインイン</target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="linenumber">43</context>
         </context-group>
       </trans-unit>
       <trans-unit id="6426cc90184df1cdb238f45fce5220df8438ed62" datatype="html">
@@ -2759,7 +2759,7 @@
         <target>サインアウト</target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="linenumber">48</context>
         </context-group>
       </trans-unit>
       <trans-unit id="192867803de476e3137425685702cb44b3bb9981" datatype="html">

i18n/ko/messages.ko.xlf

@@ -2805,7 +2805,7 @@
   </target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="linenumber">43</context>
         </context-group>
       </trans-unit>
       <trans-unit id="6426cc90184df1cdb238f45fce5220df8438ed62" datatype="html">
@@ -2815,7 +2815,7 @@
   </target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="linenumber">48</context>
         </context-group>
       </trans-unit>
       <trans-unit id="192867803de476e3137425685702cb44b3bb9981" datatype="html">

i18n/messages.xlf

@@ -2597,15 +2597,15 @@
   </source>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="linenumber">43</context>
         </context-group>
       </trans-unit>
       <trans-unit id="6426cc90184df1cdb238f45fce5220df8438ed62" datatype="html">
         <source>Sign out
   </source>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="linenumber">48</context>
         </context-group>
       </trans-unit>
       <trans-unit id="192867803de476e3137425685702cb44b3bb9981" datatype="html">

i18n/zh-Hans/messages.zh-Hans.xlf

@@ -2805,7 +2805,7 @@
   </target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="linenumber">43</context>
         </context-group>
       </trans-unit>
       <trans-unit id="6426cc90184df1cdb238f45fce5220df8438ed62" datatype="html">
@@ -2815,7 +2815,7 @@
   </target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="linenumber">48</context>
         </context-group>
       </trans-unit>
       <trans-unit id="192867803de476e3137425685702cb44b3bb9981" datatype="html">

i18n/zh-Hant-HK/messages.zh-Hant-HK.xlf

@@ -2809,7 +2809,7 @@
   </target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="linenumber">43</context>
         </context-group>
       </trans-unit>
       <trans-unit id="6426cc90184df1cdb238f45fce5220df8438ed62" datatype="html">
@@ -2819,7 +2819,7 @@
   </target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="linenumber">48</context>
         </context-group>
       </trans-unit>
       <trans-unit id="192867803de476e3137425685702cb44b3bb9981" datatype="html">

i18n/zh-Hant/messages.zh-Hant.xlf

@@ -2809,7 +2809,7 @@
   </target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">37</context>
+          <context context-type="linenumber">43</context>
         </context-group>
       </trans-unit>
       <trans-unit id="6426cc90184df1cdb238f45fce5220df8438ed62" datatype="html">
@@ -2819,7 +2819,7 @@
   </target>
         <context-group purpose="location">
           <context context-type="sourcefile">../src/app/frontend/chrome/userpanel/template.html</context>
-          <context context-type="linenumber">42</context>
+          <context context-type="linenumber">48</context>
         </context-group>
       </trans-unit>
       <trans-unit id="192867803de476e3137425685702cb44b3bb9981" datatype="html">

package-lock.json

@@ -117,6 +117,7 @@
     "angular-page-visibility": "9.0.0",
     "ansi-to-html": "0.6.14",
     "c3": "0.7.18",
+    "camelcase-keys": "6.2.2",
     "core-js": "3.6.5",
     "d3": "5.16.0",
     "file-saver": "2.0.2",
@@ -126,6 +127,7 @@
     "ng-in-viewport": "6.1.1",
     "ngx-cookie-service": "3.0.4",
     "ngx-filter-pipe": "2.1.2",
+    "ngx-webstorage": "5.0.0",
     "normalize.css": "8.0.1",
     "roboto-fontface": "0.10.0",
     "rxjs": "6.6.0",

package.json

@@ -29,6 +29,9 @@ const (
 
 	// Expiration time (in seconds) of tokens generated by dashboard. Default: 15 min.
 	DefaultTokenTTL = 900
+
+	// Default user name for AuthInfo. This should be empty string in order not to match with user specified name.
+	DefaultUserName = ""
 )
 
 // AuthenticationModes represents auth modes supported by dashboard.
@@ -111,8 +114,8 @@ type TokenManager interface {
 //    - Kubeconfig based - Authenticates user based on kubeconfig file. Only token/basic modes are supported within
 // 		the kubeconfig file.
 type Authenticator interface {
-	// GetAuthInfo returns filled AuthInfo structure that can be used for K8S api client creation.
-	GetAuthInfo() (api.AuthInfo, error)
+	// GetAuthInfos returns filled AuthInfo structures that can be used for K8S api client creation.
+	GetAuthInfos() (map[string]api.AuthInfo, error)
 }
 
 // LoginSpec is extracted from request coming from Dashboard frontend during login request. It contains all the
@@ -127,21 +130,25 @@ type LoginSpec struct {
 	// KubeConfig is the content of users' kubeconfig file. It will be parsed and auth data will be extracted.
 	// Kubeconfig can not contain any paths. All data has to be provided within the file.
 	KubeConfig string `json:"kubeconfig,omitempty"`
+	// Server is API server endpoint
+	Server string `json:"server,omitempty"`
+	// CertificateAuthorityData is CA data for API server endpoint
+	CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"`
 }
 
 // AuthResponse is returned from our backend as a response for login/refresh requests. It contains generated JWEToken
 // and a list of non-critical errors such as 'Failed authentication'.
 type AuthResponse struct {
-	// JWEToken is a token generated during login request that contains AuthInfo data in the payload.
-	JWEToken string `json:"jweToken"`
+	// JWETokens are tokens generated during login request that contains AuthInfo data in the payload.
+	JWETokens map[string]string `json:"jweTokens"`
 	// Errors are a list of non-critical errors that happened during login request.
 	Errors []error `json:"errors"`
 }
 
 // TokenRefreshSpec contains token that is required by token refresh operation.
 type TokenRefreshSpec struct {
 	// JWEToken is a token generated during login request that contains AuthInfo data in the payload.
-	JWEToken string `json:"jweToken"`
+	JWETokens map[string]string `json:"jweTokens"`
 }
 
 // LoginModesResponse contains list of auth modes supported by dashboard.

src/app/backend/auth/api/types.go

@@ -26,10 +26,12 @@ type basicAuthenticator struct {
 }
 
 // GetAuthInfo implements Authenticator interface. See Authenticator for more information.
-func (self *basicAuthenticator) GetAuthInfo() (api.AuthInfo, error) {
-	return api.AuthInfo{
-		Username: self.username,
-		Password: self.password,
+func (self *basicAuthenticator) GetAuthInfos() (map[string]api.AuthInfo, error) {
+	return map[string]api.AuthInfo{
+		authApi.DefaultUserName: {
+			Username: self.username,
+			Password: self.password,
+		},
 	}, nil
 }
 

src/app/backend/auth/basic.go

@@ -16,6 +16,7 @@ package auth
 
 import (
 	"net/http"
+	"net/url"
 
 	"github.com/emicklei/go-restful"
 
@@ -64,6 +65,21 @@ func (self AuthHandler) handleLogin(request *restful.Request, response *restful.
 		return
 	}
 
+	cookie, err := request.Request.Cookie("server")
+	if err == nil && len(cookie.Value) > 0 {
+		server, err := url.QueryUnescape(cookie.Value)
+		if err == nil {
+			loginSpec.Server = server
+		}
+	}
+	cookie, err = request.Request.Cookie("certificateAuthorityData")
+	if err == nil && len(cookie.Value) > 0 {
+		ca, err := url.QueryUnescape(cookie.Value)
+		if err == nil {
+			loginSpec.CertificateAuthorityData = ca
+		}
+	}
+
 	loginResponse, err := self.manager.Login(loginSpec)
 	if err != nil {
 		response.AddHeader("Content-Type", "text/plain")
@@ -86,16 +102,20 @@ func (self *AuthHandler) handleJWETokenRefresh(request *restful.Request, respons
 		return
 	}
 
-	refreshedJWEToken, err := self.manager.Refresh(tokenRefreshSpec.JWEToken)
-	if err != nil {
-		response.AddHeader("Content-Type", "text/plain")
-		response.WriteErrorString(errors.HandleHTTPError(err), err.Error()+"\n")
-		return
+	refreshedJWETokens := map[string]string{}
+	for userName, token := range tokenRefreshSpec.JWETokens {
+		refreshedJWEToken, err := self.manager.Refresh(token)
+		if err != nil {
+			response.AddHeader("Content-Type", "text/plain")
+			response.WriteErrorString(errors.HandleHTTPError(err), err.Error()+"\n")
+			return
+		}
+		refreshedJWETokens[userName] = refreshedJWEToken
 	}
 
 	response.WriteHeaderAndEntity(http.StatusOK, &authApi.AuthResponse{
-		JWEToken: refreshedJWEToken,
-		Errors:   make([]error, 0),
+		JWETokens: refreshedJWETokens,
+		Errors:    make([]error, 0),
 	})
 }