From 0b0935b28e3b0f15fae3cd3f205f91e4a061efa5 Mon Sep 17 00:00:00 2001 From: Selim Emre Date: Fri, 21 Jan 2022 10:38:04 +0300 Subject: [PATCH 1/4] Make it compatible JWT Server and application REST requests --- src/app/app.page/app.definitions.ts | 3 +- src/app/app.page/app.page.component.ts | 5 +- src/app/pages/login/login.component.html | 23 +++++-- src/app/pages/login/login.component.ts | 66 ++++++++++++++----- src/app/rest/auth.service.ts | 23 +++++-- src/app/rest/rest.service.ts | 12 +++- .../server.settings.component.ts | 7 +- 7 files changed, 104 insertions(+), 35 deletions(-) diff --git a/src/app/app.page/app.definitions.ts b/src/app/app.page/app.definitions.ts index 33838297..1b19760a 100644 --- a/src/app/app.page/app.definitions.ts +++ b/src/app/app.page/app.definitions.ts @@ -166,7 +166,8 @@ export class ServerSettings { constructor(public serverName: string, public licenceKey: string, public buildForMarket: boolean, - public logLevel: string + public logLevel: string, + public jwtServerControlEnabled: boolean ) {} } diff --git a/src/app/app.page/app.page.component.ts b/src/app/app.page/app.page.component.ts index e780d2d9..7b1e2558 100644 --- a/src/app/app.page/app.page.component.ts +++ b/src/app/app.page/app.page.component.ts @@ -408,6 +408,7 @@ export class AppPageComponent implements OnInit, OnDestroy, AfterViewInit { } getInitParams() { + let currentServerJwtStatus = localStorage.getItem('serverJWTControlEnabled'); this.sub = this.route.params.subscribe(params => { //this method is called whenever app changes @@ -442,7 +443,8 @@ export class AppPageComponent implements OnInit, OnDestroy, AfterViewInit { this.restService.isAdmin().subscribe(data => { console.log(data); - if (data["success"] == true) { + // If JWT Server token is enable then no need to check admin status + if(data["success"] == true || currentServerJwtStatus){ this.admin_check = true; } else { @@ -676,7 +678,6 @@ export class AppPageComponent implements OnInit, OnDestroy, AfterViewInit { } this.dataSource = new MatTableDataSource(this.broadcastTableData.dataRows); - console.log(this.dataSource) this.cdr.detectChanges(); }); diff --git a/src/app/pages/login/login.component.html b/src/app/pages/login/login.component.html index 1db906ac..ef850722 100644 --- a/src/app/pages/login/login.component.html +++ b/src/app/pages/login/login.component.html @@ -43,23 +43,36 @@

Login

You can now login with your username and password -
+
+ + +
+ +
-
-
+
-
+
Username or password is incorrect
+
+ JWT Token is incorrect +
You have 3 invalid login attempts. Please try again to login after 5 minutes
+
+ + +
diff --git a/src/app/pages/login/login.component.ts b/src/app/pages/login/login.component.ts index d22c150a..6651e47f 100644 --- a/src/app/pages/login/login.component.ts +++ b/src/app/pages/login/login.component.ts @@ -3,6 +3,7 @@ import {Router} from '@angular/router'; import {AuthService} from '../../rest/auth.service'; import {User} from '../../rest/rest.service'; import {RestService} from '../../rest/rest.service'; +import {ServerSettings} from "../../app.page/app.definitions"; declare var $:any; @@ -20,6 +21,7 @@ export class LoginComponent implements OnInit{ public email = ""; public password = ""; public showIncorrectCredentials = false; + public showIncorrectJWTToken = false; public blockLoginAttempt = false; public firstLogin = false; public firstUser: User; @@ -27,6 +29,8 @@ export class LoginComponent implements OnInit{ public firstUserIsCreating:boolean; public showYouCanLogin:boolean; public showFailedToCreateUserAccount:boolean; + public serverSettings: ServerSettings; + public serverJWTToken: string; constructor(private element : ElementRef, private auth: AuthService, private router: Router,private restService: RestService) { this.nativeElement = element.nativeElement; @@ -53,6 +57,8 @@ export class LoginComponent implements OnInit{ } }); + this.serverSettings = new ServerSettings(null,null, false, "INFO",false); + this.auth.licenceWarningDisplay = true; this.checkFullPageBackgroundImage(); @@ -94,24 +100,46 @@ export class LoginComponent implements OnInit{ loginUser() { - this.auth.login(this.email, this.password).subscribe(data =>{ - - if (data["success"] == true) { - this.auth.isAuthenticated = data["success"]; - localStorage.setItem("authenticated", "true"); - localStorage.setItem(LOCAL_STORAGE_EMAIL_KEY, this.email); - this.router.navigateByUrl("/dashboard"); - } - else { - this.showIncorrectCredentials = true; - } + if(!this.serverSettings.jwtServerControlEnabled){ + localStorage.clear(); + } - }); - - this.restService.getBlockedStatus(this.email).subscribe(data => { - this.blockLoginAttempt = data["success"]; - }); - + if(this.serverSettings.jwtServerControlEnabled) { + //We need to define this value in this line + //server JWT tokens needs to be define before rest request + localStorage.setItem('serverJWTControlEnabled', "true"); + localStorage.setItem('serverJWTToken', this.serverJWTToken); + this.restService.getApplications().subscribe(data =>{ + if ( data['applications'].length > 0) { + localStorage.setItem("authenticated", "true"); + this.auth.isAuthenticated = true; + this.router.navigateByUrl("/dashboard"); + } + else{ + this.showIncorrectJWTToken = true; + } + }, + error =>{ + this.showIncorrectJWTToken = true; + }); + } + else{ + this.auth.login(this.email, this.password).subscribe(data =>{ + if (data["success"] == true) { + this.auth.isAuthenticated = data["success"]; + localStorage.setItem("authenticated", "true"); + localStorage.setItem(LOCAL_STORAGE_EMAIL_KEY, this.email); + this.router.navigateByUrl("/dashboard"); + } + else { + this.showIncorrectCredentials = true; + } + }); + + this.restService.getBlockedStatus(this.email).subscribe(data => { + this.blockLoginAttempt = data["success"]; + }); + } } @@ -139,6 +167,10 @@ export class LoginComponent implements OnInit{ this.showIncorrectCredentials = false; } + JWTTokenChanged():void { + this.showIncorrectJWTToken = false; + } + } export const LOCAL_STORAGE_EMAIL_KEY = "email"; diff --git a/src/app/rest/auth.service.ts b/src/app/rest/auth.service.ts index dd26ec81..9f2adb03 100644 --- a/src/app/rest/auth.service.ts +++ b/src/app/rest/auth.service.ts @@ -37,6 +37,8 @@ export class AuthService implements CanActivate { constructor(private restService: RestService, private router: Router, private datePipe: DatePipe) { + this.serverSettings = new ServerSettings(null,null, false, "INFO",true); + setInterval(() => { this.checkServerIsAuthenticated(); @@ -95,12 +97,11 @@ export class AuthService implements CanActivate { checkServerIsAuthenticated(): void { - if (localStorage.getItem('authenticated')) { + if (localStorage.getItem('authenticated') && !this.serverSettings.jwtServerControlEnabled) { this.restService.isAuthenticated().subscribe(data => { - this.isAuthenticated = data["success"]; - if (!this.isAuthenticated) { + if (!this.isAuthenticated ) { console.debug("Not authenticated navigating to login "); this.router.navigateByUrl('/pages/login'); } @@ -113,6 +114,13 @@ export class AuthService implements CanActivate { this.router.navigateByUrl('/pages/login'); }); } + else if(localStorage.getItem('authenticated') && this.isAuthenticated && this.serverSettings.jwtServerControlEnabled ){ + this.isAuthenticated = true; + + if(this.router.url=="/pages/login"){ + this.router.navigateByUrl('/dashboard/overview'); + } + } else{ this.isAuthenticated = false; } @@ -122,7 +130,7 @@ export class AuthService implements CanActivate { console.debug("AuthService: is authenticated: " + this.isAuthenticated + " local storage: " + localStorage.getItem('authenticated')); - if (localStorage.getItem('authenticated') && this.isAuthenticated) { + if (localStorage.getItem('authenticated') && this.isAuthenticated && !this.serverSettings.jwtServerControlEnabled) { this.restService.isAuthenticated().subscribe(data => { @@ -141,7 +149,12 @@ export class AuthService implements CanActivate { }); return true; } - else { + else if(localStorage.getItem('authenticated') && this.isAuthenticated && this.serverSettings.jwtServerControlEnabled ){ + + this.isAuthenticated = true; + return true; + } + else{ console.debug("AuthService navigating login") this.router.navigateByUrl('/pages/login'); this.isAuthenticated = false; diff --git a/src/app/rest/rest.service.ts b/src/app/rest/rest.service.ts index 8f9a781a..453f2444 100644 --- a/src/app/rest/rest.service.ts +++ b/src/app/rest/rest.service.ts @@ -7,7 +7,6 @@ import 'rxjs/add/operator/catch'; import 'rxjs/add/operator/toPromise'; import {HttpClient, HttpEvent, HttpHandler, HttpHeaders, HttpInterceptor, HttpRequest} from '@angular/common/http'; import {Endpoint,PlaylistItem} from "../app.page/app.definitions"; -import { filter } from 'rxjs-compat/operator/filter'; import {SidebarComponent} from "../sidebar/sidebar.component"; declare function require(name: string); @@ -78,13 +77,22 @@ export class AuthInterceptor implements HttpInterceptor{ let currentAppJwtToken = localStorage.getItem(appName+'jwtToken'); let currentAppJwtStatus = localStorage.getItem(appName+'jwtControlEnabled'); + let currentServerJwtToken = localStorage.getItem('serverJWTToken'); + let currentServerJwtStatus = localStorage.getItem('serverJWTControlEnabled'); + // Check AppName, JWT Token status and JWT Token not null - if(appName != null && currentAppJwtToken != null && currentAppJwtStatus != "false"){ + if(appName != null && currentAppJwtToken != null && currentAppJwtStatus == "true"){ req = req.clone({ withCredentials: true, headers: req.headers.append('Authorization', currentAppJwtToken) }); } + else if(currentServerJwtToken != null || currentServerJwtStatus == "true"){ + req = req.clone({ + withCredentials: true, + headers: req.headers.append('Authorization', currentServerJwtToken) + }); + } else { req = req.clone({ withCredentials: true diff --git a/src/app/server.settings/server.settings.component.ts b/src/app/server.settings/server.settings.component.ts index a4aa0530..bac0166b 100644 --- a/src/app/server.settings/server.settings.component.ts +++ b/src/app/server.settings/server.settings.component.ts @@ -14,7 +14,6 @@ import {RestService, User} from "../rest/rest.service"; import {ActivatedRoute, Router} from "@angular/router"; import {HttpClient} from "@angular/common/http"; import {DataService} from "../rest/data.service"; -import {MatPaginator, MatPaginatorIntl, PageEvent} from "@angular/material/paginator" import {MatTableDataSource} from "@angular/material/table" import {MatSort} from "@angular/material/sort" import {UserEditComponent} from './dialog/user.edit.dialog.component'; @@ -113,7 +112,7 @@ export class ServerSettingsComponent implements OnDestroy, OnInit, AfterViewIni } ngOnInit(){ - this.serverSettings = new ServerSettings(null,null, false, this.logLevelInfo); + this.serverSettings = new ServerSettings(null,null, false, this.logLevelInfo,false); this.callTimer(); @@ -124,13 +123,15 @@ export class ServerSettingsComponent implements OnDestroy, OnInit, AfterViewIni } ngAfterViewInit() { + let currentServerJwtStatus = localStorage.getItem('serverJWTControlEnabled'); this.restService.isEnterpriseEdition().subscribe(data => { this.isEnterpriseEdition = data["success"]; this.getServerSettings(); }); this.restService.isAdmin().subscribe(data => { console.log(data); - if(data["success"] == true){ + // If JWT Server token is enable then no need to check admin status + if(data["success"] == true || currentServerJwtStatus){ this.admin_check = true; } else{ From a4ad06bc6d0f2381c176ecef65b964d352e6232b Mon Sep 17 00:00:00 2001 From: Selim Emre Date: Wed, 26 Jan 2022 13:14:05 +0300 Subject: [PATCH 2/4] Add some details in login structure --- src/app/pages/login/login.component.ts | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/app/pages/login/login.component.ts b/src/app/pages/login/login.component.ts index 443f835e..72fa2ef7 100644 --- a/src/app/pages/login/login.component.ts +++ b/src/app/pages/login/login.component.ts @@ -115,6 +115,20 @@ export class LoginComponent implements OnInit{ localStorage.setItem("authenticated", "true"); this.auth.isAuthenticated = true; this.router.navigateByUrl("/dashboard"); + + let scope = data["message"]; + if (isScopeSystem(scope)) { + scope = "system"; + } + localStorage.setItem(LOCAL_STORAGE_SCOPE_KEY, scope); + if (isScopeSystem(scope)) + { + this.router.navigateByUrl("/dashboard"); + } + else + { + this.router.navigateByUrl("/applications/" + scope); + } } else{ this.showIncorrectJWTToken = true; From a0c36ef0654ad568bed26f238d76f9f5006d9e85 Mon Sep 17 00:00:00 2001 From: Selim Emre Date: Sun, 30 Jan 2022 02:23:23 +0300 Subject: [PATCH 3/4] Increase code quality --- src/app/app.module.ts | 1 - src/app/app.page/app.page.component.ts | 1 - src/app/pages/login/login.component.html | 12 ++++---- src/app/pages/login/login.component.ts | 37 ++++++------------------ src/app/rest/auth.service.ts | 15 +++++----- src/app/rest/rest.service.ts | 24 +++++++++++---- 6 files changed, 40 insertions(+), 50 deletions(-) diff --git a/src/app/app.module.ts b/src/app/app.module.ts index 023df125..02550e6b 100644 --- a/src/app/app.module.ts +++ b/src/app/app.module.ts @@ -18,7 +18,6 @@ import {AuthInterceptor, RestService,} from './rest/rest.service'; import {ClusterRestService} from './rest/cluster.service'; import {SupportRestService} from './rest/support.service'; import {HTTP_INTERCEPTORS} from '@angular/common/http'; -//import { AuthInterceptor } from './rest/auth.interceptor'; import {ClipboardModule} from 'ngx-clipboard'; import {Locale} from './locale/locale'; import {AppPageComponent} from "./app.page/app.page.component"; diff --git a/src/app/app.page/app.page.component.ts b/src/app/app.page/app.page.component.ts index d196945b..ba585607 100644 --- a/src/app/app.page/app.page.component.ts +++ b/src/app/app.page/app.page.component.ts @@ -404,7 +404,6 @@ export class AppPageComponent implements OnInit, OnDestroy, AfterViewInit { } getInitParams() { - let currentServerJwtStatus = localStorage.getItem('serverJWTControlEnabled'); this.sub = this.route.params.subscribe(params => { //this method is called whenever app changes diff --git a/src/app/pages/login/login.component.html b/src/app/pages/login/login.component.html index ef850722..f4462307 100644 --- a/src/app/pages/login/login.component.html +++ b/src/app/pages/login/login.component.html @@ -43,24 +43,24 @@

Login

You can now login with your username and password
-
+
-
+
-
+
-
Username or password is incorrect
-
+
JWT Token is incorrect
Login You have 3 invalid login attempts. Please try again to login after 5 minutes
- + diff --git a/src/app/pages/login/login.component.ts b/src/app/pages/login/login.component.ts index 72fa2ef7..d2dfeabc 100644 --- a/src/app/pages/login/login.component.ts +++ b/src/app/pages/login/login.component.ts @@ -4,8 +4,6 @@ import {AuthService, show403Error} from '../../rest/auth.service'; import {User} from '../../rest/rest.service'; import {RestService} from '../../rest/rest.service'; import {isScopeSystem} from "../../rest/auth.service"; -import {ServerSettings} from "../../app.page/app.definitions"; - declare var $:any; @Component({ @@ -30,8 +28,8 @@ export class LoginComponent implements OnInit{ public firstUserIsCreating:boolean; public showYouCanLogin:boolean; public showFailedToCreateUserAccount:boolean; - public serverSettings: ServerSettings; public serverJWTToken: string; + public serverJWTControlEnabled: boolean; constructor(private element : ElementRef, private auth: AuthService, private router: Router,private restService: RestService) { this.nativeElement = element.nativeElement; @@ -58,8 +56,6 @@ export class LoginComponent implements OnInit{ } }, error => { show403Error(error); }); - this.serverSettings = new ServerSettings(null,null, false, "INFO",false); - this.auth.licenceWarningDisplay = true; this.checkFullPageBackgroundImage(); @@ -101,38 +97,23 @@ export class LoginComponent implements OnInit{ loginUser() { - if(!this.serverSettings.jwtServerControlEnabled){ - localStorage.clear(); - } + localStorage.clear(); + + if(this.serverJWTControlEnabled) { - if(this.serverSettings.jwtServerControlEnabled) { //We need to define this value in this line //server JWT tokens needs to be define before rest request localStorage.setItem('serverJWTControlEnabled', "true"); localStorage.setItem('serverJWTToken', this.serverJWTToken); - this.restService.getApplications().subscribe(data =>{ - if ( data['applications'].length > 0) { + this.restService.isInClusterMode().subscribe(data =>{ + localStorage.setItem("authenticated", "true"); this.auth.isAuthenticated = true; - this.router.navigateByUrl("/dashboard"); - let scope = data["message"]; - if (isScopeSystem(scope)) { - scope = "system"; - } + let scope = "system"; localStorage.setItem(LOCAL_STORAGE_SCOPE_KEY, scope); - if (isScopeSystem(scope)) - { - this.router.navigateByUrl("/dashboard"); - } - else - { - this.router.navigateByUrl("/applications/" + scope); - } - } - else{ - this.showIncorrectJWTToken = true; - } + + this.router.navigateByUrl("/dashboard"); }, error =>{ this.showIncorrectJWTToken = true; diff --git a/src/app/rest/auth.service.ts b/src/app/rest/auth.service.ts index ca2995e6..5d6f5f87 100644 --- a/src/app/rest/auth.service.ts +++ b/src/app/rest/auth.service.ts @@ -63,11 +63,8 @@ export class AuthService implements CanActivate { constructor(private restService: RestService, private router: Router, private datePipe: DatePipe) { - this.serverSettings = new ServerSettings(null,null, false, "INFO",true); - setInterval(() => { this.checkServerIsAuthenticated(); - }, 5000); //Check license every 300 seconds 5 minutes @@ -131,8 +128,9 @@ export class AuthService implements CanActivate { } checkServerIsAuthenticated(): void { + let currentServerJwtStatus = localStorage.getItem('serverJWTControlEnabled'); - if (localStorage.getItem('authenticated') && !this.serverSettings.jwtServerControlEnabled) + if (localStorage.getItem('authenticated') && currentServerJwtStatus != "true") { this.restService.isAuthenticated().subscribe(data => { @@ -159,7 +157,7 @@ export class AuthService implements CanActivate { show403Error(error); }); } - else if(localStorage.getItem('authenticated') && this.isAuthenticated && this.serverSettings.jwtServerControlEnabled ){ + else if(localStorage.getItem('authenticated') && this.isAuthenticated && currentServerJwtStatus == "true" ){ this.isAuthenticated = true; if(this.router.url=="/pages/login"){ @@ -172,11 +170,12 @@ export class AuthService implements CanActivate { } canActivate(): boolean { + let currentServerJwtStatus = localStorage.getItem('serverJWTControlEnabled'); + console.debug("AuthService: is authenticated: " + this.isAuthenticated + " local storage: " + localStorage.getItem('authenticated')); - if (localStorage.getItem('authenticated') && this.isAuthenticated && !this.serverSettings.jwtServerControlEnabled) { - + if (localStorage.getItem('authenticated') && this.isAuthenticated && currentServerJwtStatus != "true") { this.restService.isAuthenticated().subscribe(data => { this.isAuthenticated = data["success"]; @@ -195,7 +194,7 @@ export class AuthService implements CanActivate { }); return true; } - else if(localStorage.getItem('authenticated') && this.isAuthenticated && this.serverSettings.jwtServerControlEnabled ){ + else if(localStorage.getItem('authenticated') && this.isAuthenticated && currentServerJwtStatus == "true"){ this.isAuthenticated = true; return true; diff --git a/src/app/rest/rest.service.ts b/src/app/rest/rest.service.ts index 41c81940..789287c3 100644 --- a/src/app/rest/rest.service.ts +++ b/src/app/rest/rest.service.ts @@ -63,7 +63,10 @@ export class AuthInterceptor implements HttpInterceptor{ intercept(req: HttpRequest, next: HttpHandler): Observable> { let str = req.url; - let appName; + let appName = null; + let currentAppJwtToken = null; + let currentAppJwtStatus = null; + //For internal requests if(str.includes("_path=")) { var begin = str.indexOf("_path="); @@ -71,22 +74,31 @@ export class AuthInterceptor implements HttpInterceptor{ appName = str.substring(begin+6, last); } //for remote requests - else if(str.includes("rest/v2")){ + //It can be confuse from internal requests that's why I changed + else if(!str.includes(":5080/rest/v2")){ var begin = str.indexOf(":5080/"); var last = str.indexOf("/rest/v2"); appName = str.substring(begin+6, last); } - let currentAppJwtToken = localStorage.getItem(appName+'jwtToken'); - let currentAppJwtStatus = localStorage.getItem(appName+'jwtControlEnabled'); + if(appName != null ){ + currentAppJwtToken = localStorage.getItem(appName+'jwtToken'); + currentAppJwtStatus = localStorage.getItem(appName+'jwtControlEnabled'); + } let currentServerJwtToken = localStorage.getItem('serverJWTToken'); let currentServerJwtStatus = localStorage.getItem('serverJWTControlEnabled'); + if(appName != null && currentAppJwtToken != null && currentAppJwtStatus == "true" && currentServerJwtToken != null && currentServerJwtStatus == "true" ){ + req = req.clone({ + withCredentials: true, + headers: req.headers.append('ProxyAuthorization', currentAppJwtToken).append('Authorization', currentServerJwtToken) + }); + } // Check AppName, JWT Token status and JWT Token not null - if(appName != null && currentAppJwtToken != null && currentAppJwtStatus == "true"){ + else if(appName != null && currentAppJwtToken != null && currentAppJwtStatus == "true"){ req = req.clone({ withCredentials: true, - headers: req.headers.append('Authorization', currentAppJwtToken) + headers: req.headers.append('ProxyAuthorization', currentAppJwtToken) }); } else if(currentServerJwtToken != null || currentServerJwtStatus == "true"){ From 74ec4ddc3280b8cc277e62ec18b28f3b59d151fb Mon Sep 17 00:00:00 2001 From: Selim Emre Date: Thu, 7 Apr 2022 06:51:34 +0300 Subject: [PATCH 4/4] Fix name typo --- src/app/rest/rest.service.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/app/rest/rest.service.ts b/src/app/rest/rest.service.ts index 48541105..e1f2b5bf 100644 --- a/src/app/rest/rest.service.ts +++ b/src/app/rest/rest.service.ts @@ -92,20 +92,20 @@ export class AuthInterceptor implements HttpInterceptor{ if(appName != null && currentAppJwtToken != null && currentAppJwtStatus == "true" && currentServerJwtToken != null && currentServerJwtStatus == "true" ){ req = req.clone({ withCredentials: true, - headers: req.headers.append('ProxyAuthorization', currentAppJwtToken).append('Authorization', currentServerJwtToken) + headers: req.headers.append('ProxyAuthorization', currentServerJwtToken).append('Authorization', currentAppJwtToken) }); } // Check AppName, JWT Token status and JWT Token not null else if(appName != null && currentAppJwtToken != null && currentAppJwtStatus == "true"){ req = req.clone({ withCredentials: true, - headers: req.headers.append('ProxyAuthorization', currentAppJwtToken) + headers: req.headers.append('Authorization', currentAppJwtToken) }); } else if(currentServerJwtToken != null || currentServerJwtStatus == "true"){ req = req.clone({ withCredentials: true, - headers: req.headers.append('Authorization', currentServerJwtToken) + headers: req.headers.append('ProxyAuthorization', currentServerJwtToken) }); } else {