Add sso flow

codeready-toolchain · Aug 20, 2024 · 8f9448b · 8f9448b
1 parent 28d1982
commit 8f9448b
Show file tree

Hide file tree

Showing 2 changed files with 82 additions and 16 deletions.
diff --git a/pkg/assets/assets_test.go b/pkg/assets/assets_test.go
@@ -35,5 +35,6 @@ func TestContent(t *testing.T) {
 		"codereadyws-logo.svg", "index.html", "landingpage.js",
 		"redhat-logo.svg", "silent-check-sso.html", "favicon.ico",
 		"landingpage.css", "openshift-logo.svg", "rhdeveloper-logo.svg",
+		"redirectpage.html", "redirectpage.js",
 	}, names)
 }
diff --git a/pkg/assets/static/redirectpage.js b/pkg/assets/static/redirectpage.js
@@ -1,16 +1,16 @@
+// this is where we load our config from
+const configURL = "/api/v1/authconfig";
 const queryString = window.location.search;
 const urlParams = new URLSearchParams(queryString);
 const link = urlParams.get("link");
 const keyword = urlParams.get("keyword");
 const selectedId = urlParams.get("selectedId");
 const consoleUrl = "https://console.redhat.com/openshift/sandbox";
-const baseUrl = `https://${data.consoleURL}/`;
-const appendedUrl = `${link}/ns/${data.defaultUserNamespace}`;
+
 const params = {
   keyword,
   selectedId,
 };
-const redirectUrl = new URL(baseUrl + appendedUrl);
 
 Object.keys(params).forEach((key) => {
   if (params[key]) {
@@ -19,35 +19,100 @@ Object.keys(params).forEach((key) => {
 });
 
 function handleSuccess(data) {
-  if (data.status != "ready") {
-    window.location.href = "https://console.redhat.com/openshift/sandbox";
+  const baseUrl = `https://${data.consoleURL}/`;
+  const appendedUrl = `${link}/ns/${data.defaultUserNamespace}`;
+  const redirectUrl = new URL(baseUrl + appendedUrl);
+  let resultUrl;
+  if(data.status != "ready") {
+    resultUrl = consoleUrl;
   } else {
-    window.location.href =
-      link === "notebookController"
-        ? `${baseUrl}notebookController/spawner`
-        : link === "dashboard"
-        ? `${baseUrl}dashboard`
-        : redirectUrl.toString();
+      if (link === "notebookController") {
+        resultUrl = `${baseUrl}notebookController/spawner`
+      } else if (link === "dashboard") {
+        resultUrl = `${baseUrl}dashboard`
+      } else {
+        resultUrl = redirectUrl.toString();
+      }
   }
+    window.location.href = resultUrl;
+
 }
 
 function handleError() {
-  window.location.href = "https://console.redhat.com/openshift/sandbox";
+  window.location.href = consoleUrl;
 }
 
-if (keycloak) {
+let idToken;
+
+fetch(configURL)
+  .then(response => response.json())
+  .then(data => {
+    loadAuthLibrary(
+      data["auth-client-library-url"],
+      function () {
+        console.log("client library load success!");
+        const clientConfig = JSON.parse(data["auth-client-config"]);
+        console.log(
+          "using client configuration: " + JSON.stringify(clientConfig)
+        );
+        let keycloak = new Keycloak(clientConfig);
+        keycloak
+          .init({
+            onLoad: "check-sso",
+            silentCheckSsoRedirectUri:
+              window.location.origin + "/silent-check-sso.html",
+          })
+          .then(function (authenticated) {
+            if (authenticated) {
+              console.log("user is authenticated");
+              // start 15s interval token refresh.
+              intervalRefRefresh = setInterval(refreshToken, 15000);
+              keycloak
+                .loadUserInfo()
+                .then(function (data) {
+                  console.log("retrieved user info..");
+                  idToken = keycloak.idToken;
+                  showUser(
+                    data.preferred_username,
+                    data.sub,
+                    data.original_sub
+                  );
+                })
+                .catch(function () {
+                  console.log("Failed to pull in user data");
+                  showError("Failed to pull in user data.");
+                  handleError();
+                });
+            } else {
+              console.log("user not authenticated");
+              hideUser();
+              hideAll();
+              idToken = null;
+              show("state-getstarted");
+              handleError();
+            }
+          })
+          .catch(function () {
+            console.log("Failed to initialize authorization");
+            showError("Failed to initialize authorization.");
+            handleError();
+          });
+        })
+    });
+
+if (idToken) {
   fetch(
     "registration-service-toolchain-host-operator.apps.sandbox.x8i5.p1.openshiftapps.com/api/v1/signup",
     {
       method: "GET",
       headers: {
-        Authorization: "Bearer" + keycloak.token,
+        Authorization: "Bearer" + idToken,
       },
     }
   )
     .then((response) => response.json())
     .then((data) => handleSuccess(data))
-    .catch((error) => handleError(error));
+    .catch((error) => handleError());
 } else {
-    login();
+    getJSON();
 }