Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/main' into fixes-saml-login-flow
Browse files Browse the repository at this point in the history
  • Loading branch information
DarshitChanpura committed Mar 26, 2024
2 parents b9b9911 + aa77c59 commit 87ac6e0
Show file tree
Hide file tree
Showing 4 changed files with 107 additions and 7 deletions.
1 change: 1 addition & 0 deletions MAINTAINERS.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ This document contains a list of maintainers in this repo. See [opensearch-proje
| Craig Perkins | [cwperks](https://github.com/cwperks) | Amazon |
| Ryan Liang | [RyanL1997](https://github.com/RyanL1997) | Amazon |
| Stephen Crawford | [scrawfor99](https://github.com/scrawfor99) | Amazon |
| Derek Ho | [derek-ho](https://github.com/derek-ho) | Amazon |

## Emeritus

Expand Down
46 changes: 43 additions & 3 deletions public/apps/configuration/constants.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -145,24 +145,64 @@ export const CLUSTER_PERMISSIONS: string[] = [
'cluster:admin/opensearch/ql/async_query/result',
'cluster:admin/opensearch/ql/async_query/delete',
'cluster:admin/opensearch/ppl',
'cluster:admin/opensearch/ml/agents/delete',
'cluster:admin/opensearch/ml/agents/get',
'cluster:admin/opensearch/ml/agents/register',
'cluster:admin/opensearch/ml/agents/search',
'cluster:admin/opensearch/ml/config/get',
'cluster:admin/opensearch/ml/create_connector',
'cluster:admin/opensearch/ml/connectors/get',
'cluster:admin/opensearch/ml/connectors/search',
'cluster:admin/opensearch/ml/connectors/update',
'cluster:admin/opensearch/ml/controllers/create',
'cluster:admin/opensearch/ml/controllers/delete',
'cluster:admin/opensearch/ml/controllers/deploy',
'cluster:admin/opensearch/ml/controllers/get',
'cluster:admin/opensearch/ml/controllers/undeploy',
'cluster:admin/opensearch/ml/controllers/update',
'cluster:admin/opensearch/ml/create_model_meta',
'cluster:admin/opensearch/ml/execute',
'cluster:admin/opensearch/ml/load_model',
'cluster:admin/opensearch/ml/load_model_on_nodes',
'cluster:admin/opensearch/ml/deploy_model',
'cluster:admin/opensearch/ml/deploy_model_on_nodes',
'cluster:admin/opensearch/ml/memory/conversation/get',
'cluster:admin/opensearch/ml/memory/conversation/interaction/search',
'cluster:admin/opensearch/ml/memory/conversation/delete',
'cluster:admin/opensearch/ml/memory/conversation/list',
'cluster:admin/opensearch/ml/memory/conversation/search',
'cluster:admin/opensearch/ml/memory/conversation/create',
'cluster:admin/opensearch/ml/memory/conversation/update',
'cluster:admin/opensearch/ml/memory/interaction/create',
'cluster:admin/opensearch/ml/memory/interaction/update',
'cluster:admin/opensearch/ml/memory/interaction/get',
'cluster:admin/opensearch/ml/memory/interaction/list',
'cluster:admin/opensearch/ml/memory/trace/get',
'cluster:admin/opensearch/ml/model_groups/delete',
'cluster:admin/opensearch/ml/model_groups/get',
'cluster:admin/opensearch/ml/model_groups/search',
'cluster:admin/opensearch/ml/register_model_group',
'cluster:admin/opensearch/ml/update_model_group',
'cluster:admin/opensearch/ml/models/delete',
'cluster:admin/opensearch/ml/models/get',
'cluster:admin/opensearch/ml/models/search',
'cluster:admin/opensearch/ml/models/update',
'cluster:admin/opensearch/ml/models/update_cache',
'cluster:admin/opensearch/ml/predict',
'cluster:admin/opensearch/ml/profile/nodes',
'cluster:admin/opensearch/ml/register_model',
'cluster:admin/opensearch/ml/register_model_meta',
'cluster:admin/opensearch/ml/stats/nodes',
'cluster:admin/opensearch/ml/tasks/delete',
'cluster:admin/opensearch/ml/tasks/get',
'cluster:admin/opensearch/ml/tasks/search',
'cluster:admin/opensearch/ml/tools/get',
'cluster:admin/opensearch/ml/tools/list',
'cluster:admin/opensearch/ml/train',
'cluster:admin/opensearch/ml/trainAndPredict',
'cluster:admin/opensearch/ml/unload_model',
'cluster:admin/opensearch/ml/undeploy_model',
'cluster:admin/opensearch/ml/undeploy_models',
'cluster:admin/opensearch/ml/upload_model',
'cluster:admin/opensearch/ml/upload_model_chunk',
'cluster:admin/opensearch/mlinternal/forward',
'cluster:admin/opensearch/observability/create',
'cluster:admin/opensearch/observability/delete',
'cluster:admin/opensearch/observability/get',
Expand Down
25 changes: 22 additions & 3 deletions public/apps/login/login-page.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ import {
OPENID_AUTH_LOGIN_WITH_FRAGMENT,
SAML_AUTH_LOGIN_WITH_FRAGMENT,
} from '../../../common';
import { getSavedTenant } from '../../utils/storage-utils';

interface LoginPageDeps {
http: CoreStart['http'];
Expand All @@ -49,16 +50,34 @@ interface LoginButtonConfig {
buttonstyle: string;
}

function redirect(serverBasePath: string) {
// navigate to nextUrl
export function getNextPath(serverBasePath: string) {
const urlParams = new URLSearchParams(window.location.search);
let nextUrl = urlParams.get('nextUrl');
if (!nextUrl || nextUrl.toLowerCase().includes('//')) {
// Appending the next url with trailing slash. We do so because in case the serverBasePath is empty, we can simply
// redirect to '/'.
nextUrl = serverBasePath + '/';
}
window.location.href = nextUrl + window.location.hash;
const savedTenant = getSavedTenant();
const url = new URL(
window.location.protocol + '//' + window.location.host + nextUrl + window.location.hash
);
if (
!!savedTenant &&
!(
url.searchParams.has('security_tenant') ||
url.searchParams.has('securitytenant') ||
url.searchParams.has('securityTenant_')
)
) {
url.searchParams.append('security_tenant', savedTenant);
}
return url.pathname + url.search + url.hash;
}

function redirect(serverBasePath: string) {
// navigate to nextUrl
window.location.href = getNextPath(serverBasePath);
}

export function extractNextUrlFromWindowLocation(): string {
Expand Down
42 changes: 41 additions & 1 deletion public/apps/login/test/login-page.test.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,12 @@
import { shallow } from 'enzyme';
import React from 'react';
import { ClientConfigType } from '../../../types';
import { LoginPage, extractNextUrlFromWindowLocation } from '../login-page';
import { LoginPage, extractNextUrlFromWindowLocation, getNextPath } from '../login-page';
import { validateCurrentPassword } from '../../../utils/login-utils';
import { API_AUTH_LOGOUT } from '../../../../common';
import { chromeServiceMock } from '../../../../../../src/core/public/mocks';
import { AuthType } from '../../../../common';
import { setSavedTenant } from '../../../utils/storage-utils';

jest.mock('../../../utils/login-utils', () => ({
validateCurrentPassword: jest.fn(),
Expand Down Expand Up @@ -94,6 +95,45 @@ describe('test extractNextUrlFromWindowLocation', () => {
});
});

describe('test redirect', () => {
test('extract redirect excludes security_tenant when no tenant in local storage', () => {
// Trick to mock window.location
const originalLocation = window.location;
delete window.location;
window.location = new URL('http://localhost:5601/app/login?nextUrl=%2Fapp%2Fdashboards') as any;
setSavedTenant(null);
const nextPath = getNextPath('');
expect(nextPath).toEqual('/app/dashboards');
window.location = originalLocation;
});

test('extract redirect includes security_tenant when tenant in local storage', () => {
const originalLocation = window.location;
delete window.location;
window.location = new URL('http://localhost:5601/app/login?nextUrl=%2Fapp%2Fdashboards');
setSavedTenant('custom');
const nextPath = getNextPath('');
expect(nextPath).toEqual('/app/dashboards?security_tenant=custom');
setSavedTenant(null);
window.location = originalLocation;
});

test('extract redirect includes security_tenant when tenant in local storage, existing url params and hash', () => {
const originalLocation = window.location;
delete window.location;
window.location = new URL(
"http://localhost:5601/app/login?nextUrl=%2Fapp%2Fdashboards?param1=value1#/view/7adfa750-4c81-11e8-b3d7-01146121b73d?_g=(filters:!(),refreshInterval:(pause:!f,value:900000),time:(from:now-24h,to:now))&_a=(description:'Analyze%20mock%20flight%20data%20for%20OpenSearch-Air,%20Logstash%20Airways,%20OpenSearch%20Dashboards%20Airlines%20and%20BeatsWest',filters:!(),fullScreenMode:!f,options:(hidePanelTitles:!f,useMargins:!t),query:(language:kuery,query:''),timeRestore:!t,title:'%5BFlights%5D%20Global%20Flight%20Dashboard',viewMode:view)"
);
setSavedTenant('custom');
const nextPath = getNextPath('');
expect(nextPath).toEqual(
"/app/dashboards?param1=value1&security_tenant=custom#/view/7adfa750-4c81-11e8-b3d7-01146121b73d?_g=(filters:!(),refreshInterval:(pause:!f,value:900000),time:(from:now-24h,to:now))&_a=(description:'Analyze%20mock%20flight%20data%20for%20OpenSearch-Air,%20Logstash%20Airways,%20OpenSearch%20Dashboards%20Airlines%20and%20BeatsWest',filters:!(),fullScreenMode:!f,options:(hidePanelTitles:!f,useMargins:!t),query:(language:kuery,query:''),timeRestore:!t,title:'%5BFlights%5D%20Global%20Flight%20Dashboard',viewMode:view)"
);
setSavedTenant(null);
window.location = originalLocation;
});
});

describe('Login page', () => {
let chrome: ReturnType<typeof chromeServiceMock.createStartContract>;
const mockHttpStart = {
Expand Down

0 comments on commit 87ac6e0

Please sign in to comment.