STCOR-875 Merge pull request #1532 from folio-org/keycloak-ramsons

The time has come. The time is now. `keycloak-eureka` will you please merge now! You can go in a merge commit. You can squash with ease. You can go in a rebase. But please merge. Please! * STCOR-773 #1385: Handle Eureka-based discovery * #1388: handle absent `provides` property on interfaces in Settings > About * STCOR-790 #1389: Pass client-id from stripes-config to keycloak * STCOR-794 #1400: Reset pre-login tenant-selection form when navigating back to it * STCOR-795 #1399: When `users-keycloak` interface is present, use its API for password-reset * STCOR-796 #1410: replace x-okapi-token credentials with RTR and cookies * STCOR-811 #1417: retrieve AT/RT expiration data from `/authn/token` response * STCOR-812 #1416: include `X-Okapi-Tenant` header in call to `/authn/logout` * STCOR-813 #1421: correctly parse `.../_self` permissions * STCOR-810 #1418 #1427 #1429: leverage `stripes-config::config.tenantOptions` in place of deprecated tenant-entitlement values * STCOR-803 #1426: logout immediately, without confirming or redirecting through keycloak * STCOR-816 #1432: only call `/saml/check` when `login-saml` interface is present * STCOR-789 #1442: restore original URL after login * STCOR-820 #1445: optionally retrieve password-reset token from path (or query-string) * STCOR-845 #1462: correctly handle redirect after password-change * STCOR-787 #1487 #1492: retrieve clientId and tenant from stripes-config::config.tenantOptions * STCOR-859 #1489: correctly list UI apps under apps/modules/interfaces column of Settings > About * STCOR-776 #1490: show idle-session modal with countdown timer before logout * STCOR-864 #1498: correctly evaluate `typeof stripes.okapi` * STCOR-865 #1500: call `logout()` exclusively from `/logout*` routes * STCOR-834 #1491`: refactor `useUserTenantPermissions` to switch on `roles` interface presence * STCOR-866 #1502: include `/users-keycloak/_self` in list of authentication-related endpoints * STCOR-867 #1505 #1506: store permission displaynames in redux * STCOR-862 #1503: handle fixed-length-session timeout * STCOR-869 #1513: avoid storing `/logout*` as a return-to URL; ensure `/logout` is called with a valid token * STCOR-872 #1520: return query-keys from `useChunkedCQLFetch()` * STCOR-874 #1521: provide `key` to `<SessionEventContainer>` components * STCOR-873 #1519: `useChunkedCQLFetch()` should use `tenantId` argument when present * STCOR-876 #1526: restore original URL after login (regression of STCOR-789) * STCOR-885 #1531: clear original URL from storage after login-and-redirect * STCOR-889 #1536: include all reference interfaces in optionalOkapiInterfaces I said MERGE and MERGE I meant.... The time had come ... so this branch went.
folio-org · Sep 20, 2024 · 61ff854 · 61ff854
2 parents f12abff + a59cfad
commit 61ff854
Show file tree

Hide file tree

Showing 88 changed files with 3,598 additions and 691 deletions.
diff --git a/.gitignore b/.gitignore
@@ -13,3 +13,4 @@ artifacts
 dist
 junit.xml
 .vscode/launch.json
+.idea
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,13 +14,28 @@
 * Update session data with values from `_self` request on reload. Refs STCOR-846.
 * Avoid deprecated `getChildContext`. Refs STCOR-842.
 * Read locale from stripes-config before defaulting to `en-US`. Refs STCOR-851.
+* Use keycloak URLs in place of users-bl for tenant-switch. Refs US1153537.
+* Fix 404 error page when logging in after changing password in Eureka. Refs STCOR-845.
+* Always retrieve `clientId` and `tenant` values from `config.tenantOptions` in stripes.config.js. Retires `okapi.tenant`, `okapi.clientId`, and `config.isSingleTenant`. Refs STCOR-787.
+* List UI apps in "Applications/modules/interfaces" column. STCOR-773
+* Correctly evaluate `stripes.okapi` before rendering `<RootWithIntl>`. Refs STCOR-864.
+* `/users-keycloak/_self` is an authentication request. Refs STCOR-866.
+* Terminate the session when the fixed-length session expires. Refs STCOR-862.
+* Ensure support for the passed `tenantId` value by `useChunkedCQLFetch` for manipulations in the context of a specific tenant. Refs STCOR-873.
+* Provide `key` to elements in `<SessionEventContainer>`. Refs STCOR-874.
 * Correctly populate `stripes.user.user` on reload. Refs STCOR-860.
 * Correctly evaluate `stripes.okapi` before rendering `<RootWithIntl>`. Refs STCOR-864.
 * Change main navigation's skip link label to "Skip to main content". Refs STCOR-863.
 * Invalidate `QueryClient` cache on login/logout. Refs STCOR-832.
 * Ensure support for the passed `tenantId` value by `useChunkedCQLFetch` for manipulations in the context of a specific tenant. Refs STCOR-873.
 * When re-authenticating after logout timeout, return to previous location. Refs STCOR-849.
 * Add `nl` (Dutch, Flemish) to the supported locales. Refs STCOR-878.
+* Include optional okapi interfaces, `consortia`, `roles`, `users-keycloak`. Refs STCOR-889.
+
+## [10.1.1](https://github.com/folio-org/stripes-core/tree/v10.1.1) (2024-03-25)
+[Full Changelog](https://github.com/folio-org/stripes-core/compare/v10.1.0...v10.1.1)
+
+* Utilize the `tenant` procured through the SSO login process. Refs STCOR-769.
 
 ## [10.1.0](https://github.com/folio-org/stripes-core/tree/v10.1.0) (2024-03-12)
 [Full Changelog](https://github.com/folio-org/stripes-core/compare/v10.0.0...v10.1.0)
@@ -63,6 +78,17 @@
 [Full Changelog](https://github.com/folio-org/stripes-core/compare/v10.0.0...v10.0.1)
 
 * Export `validateUser`. Refs STCOR-749.
+* Opt-in: handle access-control via cookies. Refs STCOR-671.
+* Opt-in: disable login when cookies are disabled. Refs STCOR-762.
+* Convert `<SSOLanding />` tests to jest. STCOR-798.
+* Parse response from `/authn/token` to immediately store AT/RT expiration values. Refs STCOR-811.
+* Include `X-Okapi-Tenant` header in `/authn/logout` calls. Refs STCOR-812.
+* Correctly parse `.../_self` permissions object. Refs STCOR-813.
+* Export `getEventHandler` to be able to create events in other modules. Refs STCOR-770.
+* Simplify logout workflow to bypass keycloak confirmation page. Refs STCOR-803.
+* After login, only check SSO endpoints when `login-saml` interface is present. Refs STCOR-816.
+* Add `idName` and `limit` as passable props to `useChunkedCQLFetch`. Refs STCOR-821.
+* For the `/reset-password` route, allow token to be specified in the path or query arguments. Refs STCOR-820.
 
 ## [10.0.0](https://github.com/folio-org/stripes-core/tree/v10.0.0) (2023-10-11)
 [Full Changelog](https://github.com/folio-org/stripes-core/compare/v9.0.0...v10.0.0)

diff --git a/package.json b/package.json
@@ -29,7 +29,10 @@
       "configuration": "2.0"
     },
     "optionalOkapiInterfaces": {
-      "login-saml": "2.0"
+      "consortia": "1.0",
+      "login-saml": "2.0",
+      "roles": "1.1",
+      "users-keycloak": "1.0"
     },
     "permissionSets": [
       {

diff --git a/src/App.js b/src/App.js
@@ -33,8 +33,11 @@ export default class StripesCore extends Component {
   constructor(props) {
     super(props);
 
+    const storedTenant = localStorage.getItem('tenant');
+    const parsedTenant = storedTenant ? JSON.parse(storedTenant) : undefined;
+
     const okapi = (typeof okapiConfig === 'object' && Object.keys(okapiConfig).length > 0)
-      ? okapiConfig : { withoutOkapi: true };
+      ? { ...okapiConfig, tenant: parsedTenant?.tenantName || okapiConfig.tenant, clientId: parsedTenant?.clientId || okapiConfig.clientId } : { withoutOkapi: true };
 
     const initialState = merge({}, { okapi }, props.initialState);
 
@@ -61,7 +64,7 @@ export default class StripesCore extends Component {
           logger={this.logger}
           config={config}
           actionNames={this.actionNames}
-          disableAuth={(config && config.disableAuth) || false}
+          disableAuth={(config?.disableAuth) || false}
           {...props}
         />
       </StrictWrapper>

diff --git a/src/RootWithIntl.js b/src/RootWithIntl.js
@@ -20,12 +20,13 @@ import {
   ModuleTranslator,
   TitledRoute,
   Front,
+  OIDCRedirect,
+  OIDCLanding,
   SSOLanding,
   SSORedirect,
   Settings,
   HandlerManager,
   TitleManager,
-  Login,
   Logout,
   LogoutTimeout,
   OverlayContainer,
@@ -39,6 +40,7 @@ import {
 import StaleBundleWarning from './components/StaleBundleWarning';
 import { StripesContext } from './StripesContext';
 import { CalloutContext } from './CalloutContext';
+import AuthnLogin from './components/AuthnLogin';
 
 const RootWithIntl = ({ stripes, token = '', isAuthenticated = false, disableAuth, history = {}, queryClient }) => {
   const connect = connectFor('@folio/core', stripes.epics, stripes.logger);
@@ -88,6 +90,12 @@ const RootWithIntl = ({ stripes, token = '', isAuthenticated = false, disableAut
                                   key="sso-landing"
                                   component={<SSORedirect stripes={connectedStripes} />}
                                 />
+                                <TitledRoute
+                                  name="oidcRedirect"
+                                  path="/oidc-landing"
+                                  key="oidc-landing"
+                                  component={<OIDCRedirect stripes={stripes} />}
+                                />
                                 <TitledRoute
                                   name="logoutTimeout"
                                   path="/logout-timeout"
@@ -126,6 +134,13 @@ const RootWithIntl = ({ stripes, token = '', isAuthenticated = false, disableAut
                         component={<CookiesProvider><SSOLanding stripes={connectedStripes} /></CookiesProvider>}
                         key="sso-landing"
                       />
+                      <TitledRoute
+                        name="oidcLanding"
+                        exact
+                        path="/oidc-landing"
+                        component={<CookiesProvider><OIDCLanding stripes={stripes} /></CookiesProvider>}
+                        key="oidc-landing"
+                      />
                       <TitledRoute
                         name="forgotPassword"
                         path="/forgot-password"
@@ -148,11 +163,8 @@ const RootWithIntl = ({ stripes, token = '', isAuthenticated = false, disableAut
                       />
                       <TitledRoute
                         name="login"
-                        component={
-                          <Login
-                            autoLogin={connectedStripes.config.autoLogin}
-                            stripes={connectedStripes}
-                          />}
+                        path="*"
+                        component={<AuthnLogin stripes={connectedStripes} />}
                       />
                     </Switch>
                   }
@@ -183,4 +195,3 @@ RootWithIntl.propTypes = {
 };
 
 export default RootWithIntl;
-
diff --git a/src/RootWithIntl.test.js b/src/RootWithIntl.test.js
@@ -5,6 +5,7 @@ import { render, screen } from '@folio/jest-config-stripes/testing-library/react
 import { Router as DefaultRouter } from 'react-router-dom';
 import { createMemoryHistory } from 'history';
 
+import AuthnLogin from './components/AuthnLogin';
 import {
   Login,
   MainNav,
@@ -18,6 +19,7 @@ import {
 import RootWithIntl from './RootWithIntl';
 import Stripes from './Stripes';
 
+jest.mock('./components/AuthnLogin', () => () => '<AuthnLogin>');
 jest.mock('./components/Login', () => () => '<Login>');
 jest.mock('./components/MainNav', () => () => '<MainNav>');
 jest.mock('./components/OverlayContainer', () => () => '<OverlayContainer>');
@@ -56,7 +58,7 @@ describe('RootWithIntl', () => {
     const stripes = new Stripes({ epics: {}, logger: {}, bindings: {}, config: {}, store, discovery: { isFinished: false } });
     await render(<Harness><RootWithIntl stripes={stripes} history={defaultHistory} isAuthenticated={false} /></Harness>);
 
-    expect(screen.getByText(/<Login>/)).toBeInTheDocument();
+    expect(screen.getByText(/<AuthnLogin>/)).toBeInTheDocument();
     expect(screen.queryByText(/<MainNav>/)).toBeNull();
   });
 
@@ -65,23 +67,23 @@ describe('RootWithIntl', () => {
       const stripes = new Stripes({ epics: {}, logger: {}, bindings: {}, config: {}, store, discovery: { isFinished: false } });
       await render(<Harness><RootWithIntl stripes={stripes} history={defaultHistory} isAuthenticated /></Harness>);
 
-      expect(screen.queryByText(/<Login>/)).toBeNull();
+      expect(screen.queryByText(/<AuthnLogin>/)).toBeNull();
       expect(screen.queryByText(/<MainNav>/)).toBeInTheDocument();
     });
 
     it('given token', async () => {
       const stripes = new Stripes({ epics: {}, logger: {}, bindings: {}, config: {}, store, discovery: { isFinished: false } });
       await render(<Harness><RootWithIntl stripes={stripes} history={defaultHistory} token /></Harness>);
 
-      expect(screen.queryByText(/<Login>/)).toBeNull();
+      expect(screen.queryByText(/<AuthnLogin>/)).toBeNull();
       expect(screen.queryByText(/<MainNav>/)).toBeInTheDocument();
     });
 
     it('given disableAuth', async () => {
       const stripes = new Stripes({ epics: {}, logger: {}, bindings: {}, config: {}, store, discovery: { isFinished: false } });
       await render(<Harness><RootWithIntl stripes={stripes} history={defaultHistory} disableAuth /></Harness>);
 
-      expect(screen.queryByText(/<Login>/)).toBeNull();
+      expect(screen.queryByText(/<AuthnLogin>/)).toBeNull();
       expect(screen.queryByText(/<MainNav>/)).toBeInTheDocument();
     });
   });

diff --git a/src/Stripes.js b/src/Stripes.js
@@ -23,6 +23,7 @@ export const stripesShape = PropTypes.shape({
     logTimestamp: PropTypes.bool,
     showHomeLink: PropTypes.bool,
     showPerms: PropTypes.bool,
+    tenantOptions: PropTypes.object,
   }).isRequired,
   connect: PropTypes.func.isRequired,
   currency: PropTypes.string,

diff --git a/src/components/About/About.css b/src/components/About/About.css
@@ -23,3 +23,7 @@
 .incompatible {
   color: orange;
 }
+
+.paddingLeftOfListItems {
+  padding-left: 14px;
+}