authentik/web/src/api/Config.ts

import { VERSION } from "@goauthentik/web/constants";
import { MessageMiddleware } from "@goauthentik/web/elements/messages/Middleware";
import { APIMiddleware } from "@goauthentik/web/elements/notifications/APIDrawer";
import { getCookie } from "@goauthentik/web/utils";

import {
    Config,
    Configuration,
    CoreApi,
    CurrentTenant,
    FetchParams,
    Middleware,
    RequestContext,
    ResponseContext,
    RootApi,
} from "@goauthentik/api";

export class LoggingMiddleware implements Middleware {
    post(context: ResponseContext): Promise<Response | void> {
        tenant().then((tenant) => {
            let msg = `authentik/api[${tenant.matchedDomain}]: `;
            msg += `${context.response.status} ${context.init.method} ${context.url}`;
            console.debug(msg);
        });
        return Promise.resolve(context.response);
    }
}

let globalConfigPromise: Promise<Config>;
export function config(): Promise<Config> {
    if (!globalConfigPromise) {
        globalConfigPromise = new RootApi(DEFAULT_CONFIG).rootConfigRetrieve();
    }
    return globalConfigPromise;
}

let globalTenantPromise: Promise<CurrentTenant>;
export function tenant(): Promise<CurrentTenant> {
    if (!globalTenantPromise) {
        globalTenantPromise = new CoreApi(DEFAULT_CONFIG)
            .coreTenantsCurrentRetrieve()
            .then((tenant) => {
                /**
                 *  <link rel="icon" href="/static/dist/assets/icons/icon.png">
                 *  <link rel="shortcut icon" href="/static/dist/assets/icons/icon.png">
                 */
                const rels = ["icon", "shortcut icon"];
                rels.forEach((rel) => {
                    let relIcon = document.head.querySelector<HTMLLinkElement>(
                        `link[rel='${rel}']`,
                    );
                    if (!relIcon) {
                        relIcon = document.createElement("link");
                        relIcon.rel = rel;
                        document.getElementsByTagName("head")[0].appendChild(relIcon);
                    }
                    relIcon.href = tenant.brandingFavicon;
                });
                return tenant;
            });
    }
    return globalTenantPromise;
}

export class CSRFMiddleware implements Middleware {
    pre?(context: RequestContext): Promise<FetchParams | void> {
        // @ts-ignore
        context.init.headers["X-authentik-CSRF"] = getCookie("authentik_csrf");
        return Promise.resolve(context);
    }
}

export function getMetaContent(key: string): string {
    const metaEl = document.querySelector<HTMLMetaElement>(`meta[name=${key}]`);
    if (!metaEl) return "";
    return metaEl.content;
}

export const DEFAULT_CONFIG = new Configuration({
    basePath: process.env.AK_API_BASE_PATH + "/api/v3",
    headers: {
        "sentry-trace": getMetaContent("sentry-trace"),
    },
    middleware: [
        new CSRFMiddleware(),
        new APIMiddleware(),
        new MessageMiddleware(),
        new LoggingMiddleware(),
    ],
});

// This is just a function so eslint doesn't complain about
// missing-whitespace-between-attributes or
// unexpected-character-in-attribute-name
export function AndNext(url: string): string {
    return `?next=${encodeURIComponent(url)}`;
}

console.debug(`authentik(early): version ${VERSION}, apiBase ${DEFAULT_CONFIG.basePath}`);
web: use absolute imports with path rewrite instead of relative imports (#3149) 2022-06-25 15:44:17 +00:00			`import { VERSION } from "@goauthentik/web/constants";`
web: manage version via package.json Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-06-27 19:31:54 +00:00			`import { MessageMiddleware } from "@goauthentik/web/elements/messages/Middleware";`
			`import { APIMiddleware } from "@goauthentik/web/elements/notifications/APIDrawer";`
			`import { getCookie } from "@goauthentik/web/utils";`
static: rewrite API Fetching to make API Version upgrades easier 2020-11-26 21:37:41 +00:00
web: manage version via package.json Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-06-27 19:31:54 +00:00			`import {`
			`Config,`
			`Configuration,`
			`CoreApi,`
			`CurrentTenant,`
			`FetchParams,`
			`Middleware,`
			`RequestContext,`
			`ResponseContext,`
			`RootApi,`
			`} from "@goauthentik/api";`
web/api: log requests to console Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-04-03 21:06:57 +00:00
web: manage version via package.json Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-06-27 19:31:54 +00:00			`export class LoggingMiddleware implements Middleware {`
web/api: log requests to console Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-04-03 21:06:57 +00:00			`post(context: ResponseContext): Promise<Response \| void> {`
web: manage version via package.json Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-06-27 19:31:54 +00:00			`tenant().then((tenant) => {`
web: log response when >= http 400 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-07-04 10:38:50 +00:00			let msg = `authentik/api[${tenant.matchedDomain}]: `;
			msg += `${context.response.status} ${context.init.method} ${context.url}`;
web: fix error from trying to clone the request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-08-08 22:38:43 +00:00			`console.debug(msg);`
tenants: add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-05-29 17:47:55 +00:00			`});`
web/api: log requests to console Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-04-03 21:06:57 +00:00			`return Promise.resolve(context.response);`
			`}`
			`}`

web: fix title not being loaded from config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #770 2021-04-22 21:49:30 +00:00			`let globalConfigPromise: Promise<Config>;`
			`export function config(): Promise<Config> {`
			`if (!globalConfigPromise) {`
admin: migrate metrics viewset to APIView Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-05-16 15:49:37 +00:00			`globalConfigPromise = new RootApi(DEFAULT_CONFIG).rootConfigRetrieve();`
web: fix title not being loaded from config Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #770 2021-04-22 21:49:30 +00:00			`}`
			`return globalConfigPromise;`
			`}`

tenants: initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-05-29 15:35:56 +00:00			`let globalTenantPromise: Promise<CurrentTenant>;`
			`export function tenant(): Promise<CurrentTenant> {`
			`if (!globalTenantPromise) {`
web: manage version via package.json Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-06-27 19:31:54 +00:00			`globalTenantPromise = new CoreApi(DEFAULT_CONFIG)`
			`.coreTenantsCurrentRetrieve()`
			`.then((tenant) => {`
			`/**`
			`* <link rel="icon" href="/static/dist/assets/icons/icon.png">`
			`* <link rel="shortcut icon" href="/static/dist/assets/icons/icon.png">`
			`*/`
			`const rels = ["icon", "shortcut icon"];`
			`rels.forEach((rel) => {`
			`let relIcon = document.head.querySelector<HTMLLinkElement>(`
			`link[rel='${rel}']`,
			`);`
			`if (!relIcon) {`
			`relIcon = document.createElement("link");`
			`relIcon.rel = rel;`
			`document.getElementsByTagName("head")[0].appendChild(relIcon);`
			`}`
			`relIcon.href = tenant.brandingFavicon;`
			`});`
			`return tenant;`
			`});`
tenants: initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-05-29 15:35:56 +00:00			`}`
			`return globalTenantPromise;`
			`}`

web: directly read csrf token before injecting into request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-16 15:10:55 +00:00			`export class CSRFMiddleware implements Middleware {`
			`pre?(context: RequestContext): Promise<FetchParams \| void> {`
			`// @ts-ignore`
root: rename csrf header Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-16 15:17:44 +00:00			`context.init.headers["X-authentik-CSRF"] = getCookie("authentik_csrf");`
web: directly read csrf token before injecting into request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-16 15:10:55 +00:00			`return Promise.resolve(context);`
root: set samesite for csrf cookie Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-12 22:14:14 +00:00			`}`
			`}`

build(deps): bump @sentry/browser from 6.19.4 to 7.0.0 in /web (#3008) 2022-06-01 09:15:52 +00:00			`export function getMetaContent(key: string): string {`
			const metaEl = document.querySelector<HTMLMetaElement>(`meta[name=${key}]`);
			`if (!metaEl) return "";`
			`return metaEl.content;`
			`}`

web: use generated API Client (#616) * api: fix types for config API * api: remove broken swagger UI * admin: re-fix system task enum * events: make event optional * events: fix Schema for notification transport test * flows: use APIView for Flow Executor * core: fix schema for Metrics APIs * web: rewrite to use generated API client * web: generate API Client in CI * admin: use x_cord and y_cord to prevent yaml issues * events: fix linting errors * web: don't lint generated code * core: fix fields not being required in TypeSerializer * flows: fix missing permission_classes * web: cleanup * web: fix rendering of graph on Overview page * web: cleanup imports * core: fix missing background image filter * flows: fix flows not advancing properly * stages/: fix warnings during get_challenge web: send Flow response as JSON instead of FormData * web: fix styles for horizontal tabs * web: add base chart class and custom chart for application view * root: generate ts client for e2e tests * web: don't attempt to connect to websocket in selenium tests * web: fix UserTokenList not being included in the build * web: fix styling for static token list * web: fix CSRF Token missing * stages/authenticator_static: fix error when disable static tokens * core: fix display issue when updating user info * web: fix Flow executor not showing spinner when redirecting 2021-03-08 10:14:00 +00:00			`export const DEFAULT_CONFIG = new Configuration({`
web: prepare for building with external API bases Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-10-14 17:45:20 +00:00			`basePath: process.env.AK_API_BASE_PATH + "/api/v3",`
web: use generated API Client (#616) * api: fix types for config API * api: remove broken swagger UI * admin: re-fix system task enum * events: make event optional * events: fix Schema for notification transport test * flows: use APIView for Flow Executor * core: fix schema for Metrics APIs * web: rewrite to use generated API client * web: generate API Client in CI * admin: use x_cord and y_cord to prevent yaml issues * events: fix linting errors * web: don't lint generated code * core: fix fields not being required in TypeSerializer * flows: fix missing permission_classes * web: cleanup * web: fix rendering of graph on Overview page * web: cleanup imports * core: fix missing background image filter * flows: fix flows not advancing properly * stages/: fix warnings during get_challenge web: send Flow response as JSON instead of FormData * web: fix styles for horizontal tabs * web: add base chart class and custom chart for application view * root: generate ts client for e2e tests * web: don't attempt to connect to websocket in selenium tests * web: fix UserTokenList not being included in the build * web: fix styling for static token list * web: fix CSRF Token missing * stages/authenticator_static: fix error when disable static tokens * core: fix display issue when updating user info * web: fix Flow executor not showing spinner when redirecting 2021-03-08 10:14:00 +00:00			`headers: {`
build(deps): bump @sentry/browser from 6.19.4 to 7.0.0 in /web (#3008) 2022-06-01 09:15:52 +00:00			`"sentry-trace": getMetaContent("sentry-trace"),`
web: add API Drawer Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-24 20:16:03 +00:00			`},`
			`middleware: [`
web: directly read csrf token before injecting into request Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-16 15:10:55 +00:00			`new CSRFMiddleware(),`
web: add API Drawer Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-08-05 20:04:31 +00:00			`new APIMiddleware(),`
web: add middleware that shows message for failed API requests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-27 22:18:51 +00:00			`new MessageMiddleware(),`
web/api: log requests to console Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-04-03 21:06:57 +00:00			`new LoggingMiddleware(),`
web: add API Drawer Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-03-24 20:16:03 +00:00			`],`
web: use generated API Client (#616) * api: fix types for config API * api: remove broken swagger UI * admin: re-fix system task enum * events: make event optional * events: fix Schema for notification transport test * flows: use APIView for Flow Executor * core: fix schema for Metrics APIs * web: rewrite to use generated API client * web: generate API Client in CI * admin: use x_cord and y_cord to prevent yaml issues * events: fix linting errors * web: don't lint generated code * core: fix fields not being required in TypeSerializer * flows: fix missing permission_classes * web: cleanup * web: fix rendering of graph on Overview page * web: cleanup imports * core: fix missing background image filter * flows: fix flows not advancing properly * stages/: fix warnings during get_challenge web: send Flow response as JSON instead of FormData * web: fix styles for horizontal tabs * web: add base chart class and custom chart for application view * root: generate ts client for e2e tests * web: don't attempt to connect to websocket in selenium tests * web: fix UserTokenList not being included in the build * web: fix styling for static token list * web: fix CSRF Token missing * stages/authenticator_static: fix error when disable static tokens * core: fix display issue when updating user info * web: fix Flow executor not showing spinner when redirecting 2021-03-08 10:14:00 +00:00			`});`
web: show version in logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-09-02 15:10:43 +00:00
web: fix linting errors by adding a wrapper for next param Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-06 12:19:39 +00:00			`// This is just a function so eslint doesn't complain about`
			`// missing-whitespace-between-attributes or`
			`// unexpected-character-in-attribute-name`
			`export function AndNext(url: string): string {`
			return `?next=${encodeURIComponent(url)}`;
			`}`

web: prepare for building with external API bases Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-10-14 17:45:20 +00:00			console.debug(`authentik(early): version ${VERSION}, apiBase ${DEFAULT_CONFIG.basePath}`);