Skip to content

Commit

Permalink
Use StorageConfig service in frontend to get values (#3).
Browse files Browse the repository at this point in the history
  • Loading branch information
chenkins committed Oct 25, 2023
1 parent 5e48b00 commit b73455c
Show file tree
Hide file tree
Showing 6 changed files with 57 additions and 59 deletions.
2 changes: 1 addition & 1 deletion backend/CIPHERDUCK.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ MinIO
```
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://login1.staging.cryptomator.cloud/realms/cipherduck/.well-known/openid-configuration
export MINIO_IDENTITY_OPENID_CLIENT_ID=cryptomator
export MINIO_IDENTITY_OPENID_CLAIM_NAME="amr"
export MINIO_IDENTITY_OPENID_CLAIM_NAME=amr
minio server tmp_data --console-address :9001
```

Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package org.cryptomator.hub.api.cipherduck;

import com.fasterxml.jackson.annotation.JsonProperty;
import io.quarkus.runtime.annotations.StaticInitSafe;
import io.smallrye.config.ConfigMapping;

Expand All @@ -9,5 +10,6 @@
@ConfigMapping(prefix = "backends")

public interface BackendsConfig {
@JsonProperty("backends")
List<StorageConfig> backends();
}
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ public interface StorageConfig {
@JsonProperty("s3Type")
String s3Type();

// TODO https://github.com/chenkins/cipherduck-hub/issues/3 do not expose!
@JsonProperty("adminAccessKeyId")
String adminAccessKeyId();

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
package org.cryptomator.hub.api.cipherduck;

import jakarta.annotation.security.RolesAllowed;
import jakarta.inject.Inject;
import jakarta.transaction.Transactional;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.MediaType;
import org.eclipse.microprofile.openapi.annotations.Operation;
import org.eclipse.microprofile.openapi.annotations.responses.APIResponse;
import org.jboss.logging.Logger;

@Path("/storageconfig")
public class StorageConfigResource {
private static final Logger LOG = Logger.getLogger(StorageConfigResource.class);


@Inject
BackendsConfig backendsConfig;


@GET
@Path("/")
@RolesAllowed("user")
@Produces(MediaType.APPLICATION_JSON)
@Transactional
@Operation(summary = "creates bucket and policy", description = "creates an S3 bucket and uploads policy for it.")
@APIResponse(responseCode = "200", description = "uploaded storage configuration")
public BackendsConfig getStorageConfig() {
return backendsConfig;
}


}
8 changes: 8 additions & 0 deletions frontend/src/common/backend.ts
Original file line number Diff line number Diff line change
Expand Up @@ -364,6 +364,13 @@ class StorageService {
return axiosAuth.put('/storage/', dto);
}
}
class StorageConfigService {
// TODO https://github.com/chenkins/cipherduck-hub/issues/3 Any -> Dto
public async get(): Promise<Any> {
return axiosAuth.get<Any>('/storageconfig/')
.then(response => response.data);
}
}
class ConfigService {
public async cipherduckhubbookmark(): Promise<string> {
const axiosUnAuth = AxiosStatic.create(axiosBaseCfg);
Expand All @@ -386,6 +393,7 @@ const services = {

// / start cipherduck extension
,storage: new StorageService()
,storageconfig: new StorageConfigService()
,config: new ConfigService()
// \ end cipherduck extension
};
Expand Down
68 changes: 10 additions & 58 deletions frontend/src/components/CreateVaultS3.vue
Original file line number Diff line number Diff line change
Expand Up @@ -280,68 +280,14 @@ const confirmRecoveryKey = ref(false);
const vaultKeys = ref<VaultKeys>();
const recoveryKey = ref<string>('');
const vaultConfig = ref<VaultConfig>();
// / cipherduck extension
// TODO https://github.com/chenkins/cipherduck-hub/issues/3 extract to configuration service
const configs = [
{
"id": "http://minio:9000",
"name": "MinIO STS",
// TODO https://github.com/chenkins/cipherduck-hub/issues/15 configurable bucket prefix
"bucketPrefix": "cipherduck",
"s3type": "minio",
// We use claim-based OIDC provider in MinIO (MinIO does not distinguish between trust policies and roles, it only has policies)
// see https://min.io/docs/minio/linux/reference/minio-mc/mc-idp-openid.html#syntax
"oidcProvider": null,
"stsRoleArnPrefix": null,
"region": null,
"jwe": {
"protocol": "s3",
"vendor": "s3-sts",
"scheme": "http",
"hostname": "minio",
"port": "9000",
"oAuthRedirectUrl": "x-cipherduck-action:oauth",
"stsEndpoint": "http://minio:9000",
"oAuthAuthorizationUrl": "http://keycloak:8180/realms/cryptomator/protocol/openid-connect/auth",
"oAuthTokenUrl": "http://keycloak:8180/realms/cryptomator/protocol/openid-connect/token",
"oAuthClientId": "cryptomator",
"authorization": "AuthorizationCode",
},
},
{
"id": "https://sts.amazonaws.com",
"name": "AWS S3",
// TODO https://github.com/chenkins/cipherduck-hub/issues/15 bucket prefix
"bucketPrefix": "cipherduck",
"s3type": "aws",
// oidcProvider required for trust policy
"oidcProvider": "arn:aws:iam::930717317329:oidc-provider/login1.staging.cryptomator.cloud/realms/cipherduck",
// RoleArn required for STS calls (we use bucket name as role name)
"stsRoleArnPrefix": "arn:aws:iam::930717317329:role/",
// TODO support for multiple regions?
"region": "eu-central-1",
"jwe": {
"protocol": "s3",
"vendor": "s3-sts",
"oAuthRedirectUrl": "x-cipherduck-action:oauth",
"oAuthAuthorizationUrl": "https://login1.staging.cryptomator.cloud/realms/cipherduck/protocol/openid-connect/auth",
"oAuthTokenUrl": "https://login1.staging.cryptomator.cloud/realms/cipherduck/protocol/openid-connect/token",
"oAuthClientId": "cryptomator",
"authorization": "AuthorizationCode",
},
},
];
const selectedStorage = ref(configs[0]);
// \ cipherduck extension
const props = defineProps<{
recover: boolean
}>();
// / cipherduck extension
const selectedStorage = ref('');
const configs = ref('');
// \ cipherduck extension
onMounted(initialize);
async function initialize() {
Expand All @@ -352,6 +298,12 @@ async function initialize() {
recoveryKey.value = await vaultKeys.value.createRecoveryKey();
state.value = State.EnterVaultDetails;
}
// / cipherduck extension
const backends = await backend.storageconfig.get();
configs.value = backends.backends;
selectedStorage.value = configs.value[0];
// \ cipherduck extension
}
async function validateRecoveryKey() {
Expand Down

0 comments on commit b73455c

Please sign in to comment.