Use StorageConfig service in frontend to get values (#3).

shift7-ch · Jan 10, 2024 · e58f4d4 · e58f4d4
1 parent 35d68c2
commit e58f4d4
Show file tree

Hide file tree

Showing 6 changed files with 57 additions and 59 deletions.
diff --git a/backend/CIPHERDUCK.md b/backend/CIPHERDUCK.md
@@ -10,7 +10,7 @@ MinIO
 ```
 export MINIO_IDENTITY_OPENID_CONFIG_URL=https://login1.staging.cryptomator.cloud/realms/cipherduck/.well-known/openid-configuration
 export MINIO_IDENTITY_OPENID_CLIENT_ID=cryptomator
-export MINIO_IDENTITY_OPENID_CLAIM_NAME="amr"
+export MINIO_IDENTITY_OPENID_CLAIM_NAME=amr
 minio server tmp_data --console-address :9001
 ```
 

diff --git a/backend/src/main/java/org/cryptomator/hub/api/cipherduck/BackendsConfig.java b/backend/src/main/java/org/cryptomator/hub/api/cipherduck/BackendsConfig.java
@@ -1,5 +1,6 @@
 package org.cryptomator.hub.api.cipherduck;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
 import io.quarkus.runtime.annotations.StaticInitSafe;
 import io.smallrye.config.ConfigMapping;
 
@@ -9,5 +10,6 @@
 @ConfigMapping(prefix = "backends")
 
 public interface BackendsConfig {
+    @JsonProperty("backends")
     List<StorageConfig> backends();
 }
diff --git a/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfig.java b/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfig.java
@@ -30,6 +30,7 @@ public interface StorageConfig {
     @JsonProperty("s3Type")
     String s3Type();
 
+    // TODO https://github.com/chenkins/cipherduck-hub/issues/3 do not expose!
     @JsonProperty("adminAccessKeyId")
     String adminAccessKeyId();
 

diff --git a/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfigResource.java b/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfigResource.java
@@ -0,0 +1,35 @@
+package org.cryptomator.hub.api.cipherduck;
+
+import jakarta.annotation.security.RolesAllowed;
+import jakarta.inject.Inject;
+import jakarta.transaction.Transactional;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.core.MediaType;
+import org.eclipse.microprofile.openapi.annotations.Operation;
+import org.eclipse.microprofile.openapi.annotations.responses.APIResponse;
+import org.jboss.logging.Logger;
+
+@Path("/storageconfig")
+public class StorageConfigResource {
+    private static final Logger LOG = Logger.getLogger(StorageConfigResource.class);
+
+
+    @Inject
+    BackendsConfig backendsConfig;
+
+
+    @GET
+    @Path("/")
+    @RolesAllowed("user")
+    @Produces(MediaType.APPLICATION_JSON)
+    @Transactional
+    @Operation(summary = "creates bucket and policy", description = "creates an S3 bucket and uploads policy for it.")
+    @APIResponse(responseCode = "200", description = "uploaded storage configuration")
+    public BackendsConfig getStorageConfig() {
+        return backendsConfig;
+    }
+
+
+}
diff --git a/frontend/src/common/backend.ts b/frontend/src/common/backend.ts
@@ -376,6 +376,13 @@ class StorageService {
     return axiosAuth.put('/storage/', dto);
   }
 }
+class StorageConfigService {
+  // TODO https://github.com/chenkins/cipherduck-hub/issues/3 Any -> Dto
+  public async get(): Promise<Any> {
+    return axiosAuth.get<Any>('/storageconfig/')
+    .then(response => response.data);
+  }
+}
 class ConfigService {
   public async cipherduckhubbookmark(): Promise<string> {
     const axiosUnAuth = AxiosStatic.create(axiosBaseCfg);
@@ -398,6 +405,7 @@ const services = {
 
   // / start cipherduck extension
   ,storage: new StorageService()
+  ,storageconfig: new StorageConfigService()
   ,config: new ConfigService()
   // \ end cipherduck extension
 };

diff --git a/frontend/src/components/CreateVaultS3.vue b/frontend/src/components/CreateVaultS3.vue
@@ -280,68 +280,14 @@ const confirmRecoveryKey = ref(false);
 const vaultKeys = ref<VaultKeys>();
 const recoveryKey = ref<string>('');
 const vaultConfig = ref<VaultConfig>();
-
-// / cipherduck extension
-// TODO https://github.com/chenkins/cipherduck-hub/issues/3 extract to configuration service
-const configs = [
-   {
-     "id": "http://minio:9000",
-     "name": "MinIO STS",
-     // TODO https://github.com/chenkins/cipherduck-hub/issues/15 configurable bucket prefix
-     "bucketPrefix": "cipherduck",
-     "s3type": "minio",
-
-     // We use claim-based OIDC provider in MinIO (MinIO does not distinguish between trust policies and roles, it only has policies)
-     // see https://min.io/docs/minio/linux/reference/minio-mc/mc-idp-openid.html#syntax
-     "oidcProvider": null,
-     "stsRoleArnPrefix": null,
-     "region": null,
-     "jwe": {
-                "protocol": "s3",
-                "vendor": "s3-sts",
-                "scheme": "http",
-                "hostname": "minio",
-                "port": "9000",
-
-                "oAuthRedirectUrl": "x-cipherduck-action:oauth",
-                "stsEndpoint": "http://minio:9000",
-                "oAuthAuthorizationUrl": "http://keycloak:8180/realms/cryptomator/protocol/openid-connect/auth",
-                "oAuthTokenUrl": "http://keycloak:8180/realms/cryptomator/protocol/openid-connect/token",
-                "oAuthClientId": "cryptomator",
-                "authorization": "AuthorizationCode",
-     },
-   },
-   {
-     "id": "https://sts.amazonaws.com",
-     "name": "AWS S3",
-     // TODO https://github.com/chenkins/cipherduck-hub/issues/15 bucket prefix
-     "bucketPrefix": "cipherduck",
-     "s3type": "aws",
-     // oidcProvider required for trust policy
-     "oidcProvider": "arn:aws:iam::930717317329:oidc-provider/login1.staging.cryptomator.cloud/realms/cipherduck",
-     // RoleArn required for STS calls (we use bucket name as role name)
-     "stsRoleArnPrefix":  "arn:aws:iam::930717317329:role/",
-     // TODO support for multiple regions?
-     "region": "eu-central-1",
-     "jwe": {
-        "protocol": "s3",
-        "vendor": "s3-sts",
-
-        "oAuthRedirectUrl": "x-cipherduck-action:oauth",
-        "oAuthAuthorizationUrl": "https://login1.staging.cryptomator.cloud/realms/cipherduck/protocol/openid-connect/auth",
-        "oAuthTokenUrl": "https://login1.staging.cryptomator.cloud/realms/cipherduck/protocol/openid-connect/token",
-        "oAuthClientId": "cryptomator",
-        "authorization": "AuthorizationCode",
-     },
-   },
-];
-const selectedStorage = ref(configs[0]);
-// \ cipherduck extension
-
 const props = defineProps<{
   recover: boolean
 }>();
 
+// / cipherduck extension
+const selectedStorage = ref('');
+const configs = ref('');
+// \ cipherduck extension
 onMounted(initialize);
 
 async function initialize() {
@@ -352,6 +298,12 @@ async function initialize() {
     recoveryKey.value = await vaultKeys.value.createRecoveryKey();
     state.value = State.EnterVaultDetails;
   }
+  // / cipherduck extension
+  const backends = await backend.storageconfig.get();
+  configs.value = backends.backends;
+  selectedStorage.value = configs.value[0];
+  // \ cipherduck extension
+
 }
 
 async function validateRecoveryKey() {