authentik/web/src/api/Config.ts

import { Config, Configuration, CoreApi, CurrentTenant, FetchParams, Middleware, RequestContext, ResponseContext, RootApi } from "@goauthentik/api";
import { getCookie } from "../utils";
import { APIMiddleware } from "../elements/notifications/APIDrawer";
import { MessageMiddleware } from "../elements/messages/Middleware";
import { VERSION } from "../constants";
import { getMetaContent } from "@sentry/tracing/dist/browser/browsertracing";

export class LoggingMiddleware implements Middleware {

    post(context: ResponseContext): Promise<Response | void> {
        tenant().then(tenant => {
            let msg = `authentik/api[${tenant.matchedDomain}]: `;
            msg += `${context.response.status} ${context.init.method} ${context.url}`;
            console.debug(msg);
        });
        return Promise.resolve(context.response);
    }

}

let globalConfigPromise: Promise<Config>;
export function config(): Promise<Config> {
    if (!globalConfigPromise) {
        globalConfigPromise = new RootApi(DEFAULT_CONFIG).rootConfigRetrieve();
    }
    return globalConfigPromise;
}

let globalTenantPromise: Promise<CurrentTenant>;
export function tenant(): Promise<CurrentTenant> {
    if (!globalTenantPromise) {
        globalTenantPromise = new CoreApi(DEFAULT_CONFIG).coreTenantsCurrentRetrieve().then(tenant => {
            /**
             *  <link rel="icon" href="/static/dist/assets/icons/icon.png">
             *  <link rel="shortcut icon" href="/static/dist/assets/icons/icon.png">
             */
            const rels = ["icon", "shortcut icon"];
            rels.forEach(rel => {
                let relIcon = document.head.querySelector<HTMLLinkElement>(`link[rel='${rel}']`);
                if (!relIcon) {
                    relIcon = document.createElement('link');
                    relIcon.rel = rel;
                    document.getElementsByTagName('head')[0].appendChild(relIcon);
                }
                relIcon.href = tenant.brandingFavicon;
            })
            return tenant;
        });
    }
    return globalTenantPromise;
}

export class CSRFMiddleware implements Middleware {
    pre?(context: RequestContext): Promise<FetchParams | void> {
        // @ts-ignore
        context.init.headers["X-authentik-CSRF"] = getCookie("authentik_csrf");
        return Promise.resolve(context);
    }
}

export const DEFAULT_CONFIG = new Configuration({
    basePath: process.env.AK_API_BASE_PATH + "/api/v3",
    headers: {
        "sentry-trace": getMetaContent("sentry-trace") || "",
    },
    middleware: [
        new CSRFMiddleware(),
        new APIMiddleware(),
        new MessageMiddleware(),
        new LoggingMiddleware(),
    ],
});

// This is just a function so eslint doesn't complain about
// missing-whitespace-between-attributes or
// unexpected-character-in-attribute-name
export function AndNext(url: string): string {
    return `?next=${encodeURIComponent(url)}`;
}

console.debug(`authentik(early): version ${VERSION}, apiBase ${DEFAULT_CONFIG.basePath}`);
web: directly read csrf token before injecting into request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-16 15:10:55 +00:00			`import { Config, Configuration, CoreApi, CurrentTenant, FetchParams, Middleware, RequestContext, ResponseContext, RootApi } from "@goauthentik/api";`
web: use generated API Client (#616) * api: fix types for config API * api: remove broken swagger UI * admin: re-fix system task enum * events: make event optional * events: fix Schema for notification transport test * flows: use APIView for Flow Executor * core: fix schema for Metrics APIs * web: rewrite to use generated API client * web: generate API Client in CI * admin: use x_cord and y_cord to prevent yaml issues * events: fix linting errors * web: don't lint generated code * core: fix fields not being required in TypeSerializer * flows: fix missing permission_classes * web: cleanup * web: fix rendering of graph on Overview page * web: cleanup imports * core: fix missing background image filter * flows: fix flows not advancing properly * stages/: fix warnings during get_challenge web: send Flow response as JSON instead of FormData * web: fix styles for horizontal tabs * web: add base chart class and custom chart for application view * root: generate ts client for e2e tests * web: don't attempt to connect to websocket in selenium tests * web: fix UserTokenList not being included in the build * web: fix styling for static token list * web: fix CSRF Token missing * stages/authenticator_static: fix error when disable static tokens * core: fix display issue when updating user info * web: fix Flow executor not showing spinner when redirecting 2021-03-08 10:14:00 +00:00			`import { getCookie } from "../utils";`
web: add API Drawer Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-08-05 20:04:31 +00:00			`import { APIMiddleware } from "../elements/notifications/APIDrawer";`
web: add middleware that shows message for failed API requests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-27 22:18:51 +00:00			`import { MessageMiddleware } from "../elements/messages/Middleware";`
web: show version in logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-09-02 15:10:43 +00:00			`import { VERSION } from "../constants";`
web: send sentry-trace header in API requests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-12-13 16:41:11 +00:00			`import { getMetaContent } from "@sentry/tracing/dist/browser/browsertracing";`
static: rewrite API Fetching to make API Version upgrades easier 2020-11-26 21:37:41 +00:00
web/api: log requests to console Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-04-03 21:06:57 +00:00			`export class LoggingMiddleware implements Middleware {`

			`post(context: ResponseContext): Promise<Response \| void> {`
tenants: add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-05-29 17:47:55 +00:00			`tenant().then(tenant => {`
web: log response when >= http 400 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-07-04 10:38:50 +00:00			let msg = `authentik/api[${tenant.matchedDomain}]: `;
			msg += `${context.response.status} ${context.init.method} ${context.url}`;
web: fix error from trying to clone the request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-08-08 22:38:43 +00:00			`console.debug(msg);`
tenants: add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-05-29 17:47:55 +00:00			`});`
web/api: log requests to console Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-04-03 21:06:57 +00:00			`return Promise.resolve(context.response);`
			`}`
web: add support for PII for sentry, add user feedback dialog Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-04-13 16:35:26 +00:00
web/api: log requests to console Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-04-03 21:06:57 +00:00			`}`

web: fix title not being loaded from config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #770 2021-04-22 21:49:30 +00:00			`let globalConfigPromise: Promise<Config>;`
			`export function config(): Promise<Config> {`
			`if (!globalConfigPromise) {`
admin: migrate metrics viewset to APIView Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-05-16 15:49:37 +00:00			`globalConfigPromise = new RootApi(DEFAULT_CONFIG).rootConfigRetrieve();`
web: fix title not being loaded from config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #770 2021-04-22 21:49:30 +00:00			`}`
			`return globalConfigPromise;`
			`}`

tenants: initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-05-29 15:35:56 +00:00			`let globalTenantPromise: Promise<CurrentTenant>;`
			`export function tenant(): Promise<CurrentTenant> {`
			`if (!globalTenantPromise) {`
web: set favicon based on current tenants branding logo closes #956 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-02 12:38:24 +00:00			`globalTenantPromise = new CoreApi(DEFAULT_CONFIG).coreTenantsCurrentRetrieve().then(tenant => {`
web: improve loading of custom favicon Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-02 19:19:39 +00:00			`/**`
			`* <link rel="icon" href="/static/dist/assets/icons/icon.png">`
			`* <link rel="shortcut icon" href="/static/dist/assets/icons/icon.png">`
			`*/`
			`const rels = ["icon", "shortcut icon"];`
			`rels.forEach(rel => {`
web: fix missing default favicon and not updating correctly Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-02 19:47:56 +00:00			let relIcon = document.head.querySelector<HTMLLinkElement>(`link[rel='${rel}']`);
web: improve loading of custom favicon Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-02 19:19:39 +00:00			`if (!relIcon) {`
			`relIcon = document.createElement('link');`
			`relIcon.rel = rel;`
			`document.getElementsByTagName('head')[0].appendChild(relIcon);`
			`}`
tenants: add separate field for favicon url Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-02 19:29:20 +00:00			`relIcon.href = tenant.brandingFavicon;`
web: improve loading of custom favicon Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-02 19:19:39 +00:00			`})`
web: set favicon based on current tenants branding logo closes #956 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-06-02 12:38:24 +00:00			`return tenant;`
			`});`
tenants: initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-05-29 15:35:56 +00:00			`}`
			`return globalTenantPromise;`
			`}`

web: directly read csrf token before injecting into request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-16 15:10:55 +00:00			`export class CSRFMiddleware implements Middleware {`
			`pre?(context: RequestContext): Promise<FetchParams \| void> {`
			`// @ts-ignore`
root: rename csrf header Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-16 15:17:44 +00:00			`context.init.headers["X-authentik-CSRF"] = getCookie("authentik_csrf");`
web: directly read csrf token before injecting into request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-16 15:10:55 +00:00			`return Promise.resolve(context);`
root: set samesite for csrf cookie Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-12 22:14:14 +00:00			`}`
			`}`

web: use generated API Client (#616) * api: fix types for config API * api: remove broken swagger UI * admin: re-fix system task enum * events: make event optional * events: fix Schema for notification transport test * flows: use APIView for Flow Executor * core: fix schema for Metrics APIs * web: rewrite to use generated API client * web: generate API Client in CI * admin: use x_cord and y_cord to prevent yaml issues * events: fix linting errors * web: don't lint generated code * core: fix fields not being required in TypeSerializer * flows: fix missing permission_classes * web: cleanup * web: fix rendering of graph on Overview page * web: cleanup imports * core: fix missing background image filter * flows: fix flows not advancing properly * stages/: fix warnings during get_challenge web: send Flow response as JSON instead of FormData * web: fix styles for horizontal tabs * web: add base chart class and custom chart for application view * root: generate ts client for e2e tests * web: don't attempt to connect to websocket in selenium tests * web: fix UserTokenList not being included in the build * web: fix styling for static token list * web: fix CSRF Token missing * stages/authenticator_static: fix error when disable static tokens * core: fix display issue when updating user info * web: fix Flow executor not showing spinner when redirecting 2021-03-08 10:14:00 +00:00			`export const DEFAULT_CONFIG = new Configuration({`
web: prepare for building with external API bases Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-10-14 17:45:20 +00:00			`basePath: process.env.AK_API_BASE_PATH + "/api/v3",`
web: use generated API Client (#616) * api: fix types for config API * api: remove broken swagger UI * admin: re-fix system task enum * events: make event optional * events: fix Schema for notification transport test * flows: use APIView for Flow Executor * core: fix schema for Metrics APIs * web: rewrite to use generated API client * web: generate API Client in CI * admin: use x_cord and y_cord to prevent yaml issues * events: fix linting errors * web: don't lint generated code * core: fix fields not being required in TypeSerializer * flows: fix missing permission_classes * web: cleanup * web: fix rendering of graph on Overview page * web: cleanup imports * core: fix missing background image filter * flows: fix flows not advancing properly * stages/: fix warnings during get_challenge web: send Flow response as JSON instead of FormData * web: fix styles for horizontal tabs * web: add base chart class and custom chart for application view * root: generate ts client for e2e tests * web: don't attempt to connect to websocket in selenium tests * web: fix UserTokenList not being included in the build * web: fix styling for static token list * web: fix CSRF Token missing * stages/authenticator_static: fix error when disable static tokens * core: fix display issue when updating user info * web: fix Flow executor not showing spinner when redirecting 2021-03-08 10:14:00 +00:00			`headers: {`
web: send sentry-trace header in API requests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-12-13 16:41:11 +00:00			`"sentry-trace": getMetaContent("sentry-trace") \|\| "",`
web: add API Drawer Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-24 20:16:03 +00:00			`},`
			`middleware: [`
web: directly read csrf token before injecting into request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-16 15:10:55 +00:00			`new CSRFMiddleware(),`
web: add API Drawer Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-08-05 20:04:31 +00:00			`new APIMiddleware(),`
web: add middleware that shows message for failed API requests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-27 22:18:51 +00:00			`new MessageMiddleware(),`
web/api: log requests to console Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-04-03 21:06:57 +00:00			`new LoggingMiddleware(),`
web: add API Drawer Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-24 20:16:03 +00:00			`],`
web: use generated API Client (#616) * api: fix types for config API * api: remove broken swagger UI * admin: re-fix system task enum * events: make event optional * events: fix Schema for notification transport test * flows: use APIView for Flow Executor * core: fix schema for Metrics APIs * web: rewrite to use generated API client * web: generate API Client in CI * admin: use x_cord and y_cord to prevent yaml issues * events: fix linting errors * web: don't lint generated code * core: fix fields not being required in TypeSerializer * flows: fix missing permission_classes * web: cleanup * web: fix rendering of graph on Overview page * web: cleanup imports * core: fix missing background image filter * flows: fix flows not advancing properly * stages/: fix warnings during get_challenge web: send Flow response as JSON instead of FormData * web: fix styles for horizontal tabs * web: add base chart class and custom chart for application view * root: generate ts client for e2e tests * web: don't attempt to connect to websocket in selenium tests * web: fix UserTokenList not being included in the build * web: fix styling for static token list * web: fix CSRF Token missing * stages/authenticator_static: fix error when disable static tokens * core: fix display issue when updating user info * web: fix Flow executor not showing spinner when redirecting 2021-03-08 10:14:00 +00:00			`});`
web: show version in logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-09-02 15:10:43 +00:00
web: fix linting errors by adding a wrapper for next param Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-06 12:19:39 +00:00			`// This is just a function so eslint doesn't complain about`
			`// missing-whitespace-between-attributes or`
			`// unexpected-character-in-attribute-name`
			`export function AndNext(url: string): string {`
			return `?next=${encodeURIComponent(url)}`;
			`}`

web: prepare for building with external API bases Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-10-14 17:45:20 +00:00			console.debug(`authentik(early): version ${VERSION}, apiBase ${DEFAULT_CONFIG.basePath}`);