From e58f4d47a583404ce2b5813d6d01c98f490b9cdc Mon Sep 17 00:00:00 2001 From: chenkins Date: Mon, 11 Sep 2023 08:10:21 +0200 Subject: [PATCH] Use StorageConfig service in frontend to get values (#3). --- backend/CIPHERDUCK.md | 2 +- .../hub/api/cipherduck/BackendsConfig.java | 2 + .../hub/api/cipherduck/StorageConfig.java | 1 + .../api/cipherduck/StorageConfigResource.java | 35 ++++++++++ frontend/src/common/backend.ts | 8 +++ frontend/src/components/CreateVaultS3.vue | 68 +++---------------- 6 files changed, 57 insertions(+), 59 deletions(-) create mode 100644 backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfigResource.java diff --git a/backend/CIPHERDUCK.md b/backend/CIPHERDUCK.md index a1aef9cfc..da8beaaf5 100644 --- a/backend/CIPHERDUCK.md +++ b/backend/CIPHERDUCK.md @@ -10,7 +10,7 @@ MinIO ``` export MINIO_IDENTITY_OPENID_CONFIG_URL=https://login1.staging.cryptomator.cloud/realms/cipherduck/.well-known/openid-configuration export MINIO_IDENTITY_OPENID_CLIENT_ID=cryptomator -export MINIO_IDENTITY_OPENID_CLAIM_NAME="amr" +export MINIO_IDENTITY_OPENID_CLAIM_NAME=amr minio server tmp_data --console-address :9001 ``` diff --git a/backend/src/main/java/org/cryptomator/hub/api/cipherduck/BackendsConfig.java b/backend/src/main/java/org/cryptomator/hub/api/cipherduck/BackendsConfig.java index 884812ebd..f31aeeb23 100644 --- a/backend/src/main/java/org/cryptomator/hub/api/cipherduck/BackendsConfig.java +++ b/backend/src/main/java/org/cryptomator/hub/api/cipherduck/BackendsConfig.java @@ -1,5 +1,6 @@ package org.cryptomator.hub.api.cipherduck; +import com.fasterxml.jackson.annotation.JsonProperty; import io.quarkus.runtime.annotations.StaticInitSafe; import io.smallrye.config.ConfigMapping; @@ -9,5 +10,6 @@ @ConfigMapping(prefix = "backends") public interface BackendsConfig { + @JsonProperty("backends") List backends(); } diff --git a/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfig.java b/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfig.java index afb9464f3..59073c2c0 100644 --- a/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfig.java +++ b/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfig.java @@ -30,6 +30,7 @@ public interface StorageConfig { @JsonProperty("s3Type") String s3Type(); + // TODO https://github.com/chenkins/cipherduck-hub/issues/3 do not expose! @JsonProperty("adminAccessKeyId") String adminAccessKeyId(); diff --git a/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfigResource.java b/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfigResource.java new file mode 100644 index 000000000..c16a8c392 --- /dev/null +++ b/backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageConfigResource.java @@ -0,0 +1,35 @@ +package org.cryptomator.hub.api.cipherduck; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.inject.Inject; +import jakarta.transaction.Transactional; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; +import org.eclipse.microprofile.openapi.annotations.Operation; +import org.eclipse.microprofile.openapi.annotations.responses.APIResponse; +import org.jboss.logging.Logger; + +@Path("/storageconfig") +public class StorageConfigResource { + private static final Logger LOG = Logger.getLogger(StorageConfigResource.class); + + + @Inject + BackendsConfig backendsConfig; + + + @GET + @Path("/") + @RolesAllowed("user") + @Produces(MediaType.APPLICATION_JSON) + @Transactional + @Operation(summary = "creates bucket and policy", description = "creates an S3 bucket and uploads policy for it.") + @APIResponse(responseCode = "200", description = "uploaded storage configuration") + public BackendsConfig getStorageConfig() { + return backendsConfig; + } + + +} diff --git a/frontend/src/common/backend.ts b/frontend/src/common/backend.ts index 6c99cb486..dc25be49c 100644 --- a/frontend/src/common/backend.ts +++ b/frontend/src/common/backend.ts @@ -376,6 +376,13 @@ class StorageService { return axiosAuth.put('/storage/', dto); } } +class StorageConfigService { + // TODO https://github.com/chenkins/cipherduck-hub/issues/3 Any -> Dto + public async get(): Promise { + return axiosAuth.get('/storageconfig/') + .then(response => response.data); + } +} class ConfigService { public async cipherduckhubbookmark(): Promise { const axiosUnAuth = AxiosStatic.create(axiosBaseCfg); @@ -398,6 +405,7 @@ const services = { // / start cipherduck extension ,storage: new StorageService() + ,storageconfig: new StorageConfigService() ,config: new ConfigService() // \ end cipherduck extension }; diff --git a/frontend/src/components/CreateVaultS3.vue b/frontend/src/components/CreateVaultS3.vue index 32b130a9a..9ecb96606 100644 --- a/frontend/src/components/CreateVaultS3.vue +++ b/frontend/src/components/CreateVaultS3.vue @@ -280,68 +280,14 @@ const confirmRecoveryKey = ref(false); const vaultKeys = ref(); const recoveryKey = ref(''); const vaultConfig = ref(); - -// / cipherduck extension -// TODO https://github.com/chenkins/cipherduck-hub/issues/3 extract to configuration service -const configs = [ - { - "id": "http://minio:9000", - "name": "MinIO STS", - // TODO https://github.com/chenkins/cipherduck-hub/issues/15 configurable bucket prefix - "bucketPrefix": "cipherduck", - "s3type": "minio", - - // We use claim-based OIDC provider in MinIO (MinIO does not distinguish between trust policies and roles, it only has policies) - // see https://min.io/docs/minio/linux/reference/minio-mc/mc-idp-openid.html#syntax - "oidcProvider": null, - "stsRoleArnPrefix": null, - "region": null, - "jwe": { - "protocol": "s3", - "vendor": "s3-sts", - "scheme": "http", - "hostname": "minio", - "port": "9000", - - "oAuthRedirectUrl": "x-cipherduck-action:oauth", - "stsEndpoint": "http://minio:9000", - "oAuthAuthorizationUrl": "http://keycloak:8180/realms/cryptomator/protocol/openid-connect/auth", - "oAuthTokenUrl": "http://keycloak:8180/realms/cryptomator/protocol/openid-connect/token", - "oAuthClientId": "cryptomator", - "authorization": "AuthorizationCode", - }, - }, - { - "id": "https://sts.amazonaws.com", - "name": "AWS S3", - // TODO https://github.com/chenkins/cipherduck-hub/issues/15 bucket prefix - "bucketPrefix": "cipherduck", - "s3type": "aws", - // oidcProvider required for trust policy - "oidcProvider": "arn:aws:iam::930717317329:oidc-provider/login1.staging.cryptomator.cloud/realms/cipherduck", - // RoleArn required for STS calls (we use bucket name as role name) - "stsRoleArnPrefix": "arn:aws:iam::930717317329:role/", - // TODO support for multiple regions? - "region": "eu-central-1", - "jwe": { - "protocol": "s3", - "vendor": "s3-sts", - - "oAuthRedirectUrl": "x-cipherduck-action:oauth", - "oAuthAuthorizationUrl": "https://login1.staging.cryptomator.cloud/realms/cipherduck/protocol/openid-connect/auth", - "oAuthTokenUrl": "https://login1.staging.cryptomator.cloud/realms/cipherduck/protocol/openid-connect/token", - "oAuthClientId": "cryptomator", - "authorization": "AuthorizationCode", - }, - }, -]; -const selectedStorage = ref(configs[0]); -// \ cipherduck extension - const props = defineProps<{ recover: boolean }>(); +// / cipherduck extension +const selectedStorage = ref(''); +const configs = ref(''); +// \ cipherduck extension onMounted(initialize); async function initialize() { @@ -352,6 +298,12 @@ async function initialize() { recoveryKey.value = await vaultKeys.value.createRecoveryKey(); state.value = State.EnterVaultDetails; } + // / cipherduck extension + const backends = await backend.storageconfig.get(); + configs.value = backends.backends; + selectedStorage.value = configs.value[0]; + // \ cipherduck extension + } async function validateRecoveryKey() {