diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..cf94aed9 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,251 @@ +name: Build and Deploy SSO Dashboard + +on: + workflow_dispatch: + push: + branches: + - 'revamp' + +permissions: + contents: 'read' + id-token: 'write' + +env: + APP: sso-dashboard + GAR_LOCATION: us-east1 + PROJECT_ID: iam-auth0 + REGION: us-east1 + CHANNEL_IDS: C05AMLCL4JX + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN}} + +jobs: + init: + name: Init + runs-on: ubuntu-latest + outputs: + release_name: ${{ steps.release_name.outputs.release_name }} + docker_tag: ${{ steps.docker_tag.outputs.docker_tag }} + slack_ts: ${{ steps.slack_ts.outputs.slack_ts }} + steps: + - name: 'Checkout' + uses: 'actions/checkout@v3' + + - name: 'Create release name' + id: release_name + run: echo "RELEASE_NAME=${{ env.APP }}-${GITHUB_SHA::7}-${GITHUB_RUN_NUMBER}-${GITHUB_RUN_ATTEMPT}" >> "$GITHUB_OUTPUT" + + - name: 'Create docker tag' + id: docker_tag + run: echo "DOCKER_TAG=${{ env.GAR_LOCATION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.APP }}/${{ env.APP }}:${{ github.sha }}" >> "$GITHUB_OUTPUT" + + - name: Send initial slack notification + uses: slackapi/slack-github-action@v1.24.0 + id: slack + with: + channel-id: ${{ env.CHANNEL_IDS }} + payload-file-path: ".github/workflows/payload-slack-content.json" + env: + STATUS_COLOR: dbab09 + STATUS_TITLE: Starting Deployment Pipeline + STATUS_VALUE: ':link-run: *Running*' + + - name: Output slack ts + id: slack_ts + run: echo "SLACK_TS=${{ steps.slack.outputs.ts }}" >> "$GITHUB_OUTPUT" + + lint: + name: Linting / Unit Testing + needs: init + runs-on: ubuntu-latest + env: + RELEASE_NAME: ${{needs.init.outputs.release_name}} + steps: + - name: 'Checkout' + uses: 'actions/checkout@v3' + + - name: Update slack notification + uses: slackapi/slack-github-action@v1.24.0 + with: + update-ts: ${{ needs.init.outputs.slack_ts }} + channel-id: ${{ env.CHANNEL_IDS }} + payload-file-path: ".github/workflows/payload-slack-content.json" + env: + STATUS_COLOR: dbab09 + STATUS_TITLE: Linting/Unittesting + STATUS_VALUE: ':link-run: *Running*' + + - name: Install tox + run: pip install tox + + - name: Running Tox + run: tox + + build: + name: Building + needs: [ init, lint ] + runs-on: ubuntu-latest + env: + RELEASE_NAME: ${{needs.init.outputs.release_name}} + DOCKER_TAG: ${{needs.init.outputs.docker_tag}} + steps: + - name: 'Checkout' + uses: 'actions/checkout@v3' + + - name: Update slack notification + uses: slackapi/slack-github-action@v1.24.0 + with: + update-ts: ${{ needs.init.outputs.slack_ts }} + channel-id: ${{ env.CHANNEL_IDS }} + payload-file-path: ".github/workflows/payload-slack-content.json" + env: + STATUS_COLOR: dbab09 + STATUS_TITLE: Building Docker Image + STATUS_VALUE: ':link-run: *Running*' + + - name: 'Google auth' + id: 'auth' + uses: 'google-github-actions/auth@v1' + with: + workload_identity_provider: '${{ secrets.WIF_PROVIDER }}' + service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}' + + - name: 'Docker auth' + run: gcloud auth configure-docker ${{ env.GAR_LOCATION }}-docker.pkg.dev + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Build and push Docker image with buildx + uses: docker/build-push-action@v4 + with: + context: . + push: true + build-args: RELEASE_NAME=${{ env.RELEASE_NAME }} + tags: "${{ env.DOCKER_TAG }}" + cache-from: type=gha + cache-to: type=gha,mode=max + + validate: + name: Validating + needs: [ init, lint, build ] + runs-on: ubuntu-latest + env: + RELEASE_NAME: ${{needs.init.outputs.release_name}} + DOCKER_TAG: ${{needs.init.outputs.docker_tag}} + steps: + - name: 'Checkout' + uses: 'actions/checkout@v3' + + - name: Update slack notification + uses: slackapi/slack-github-action@v1.24.0 + with: + update-ts: ${{ needs.init.outputs.slack_ts }} + channel-id: ${{ env.CHANNEL_IDS }} + payload-file-path: ".github/workflows/payload-slack-content.json" + env: + STATUS_COLOR: dbab09 + STATUS_TITLE: Validating Image + STATUS_VALUE: ':link-run: *Running*' + + - name: 'Google auth' + id: 'auth' + uses: 'google-github-actions/auth@v1' + with: + workload_identity_provider: '${{ secrets.WIF_PROVIDER }}' + service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}' + + - name: 'Docker auth' + run: gcloud auth configure-docker ${{ env.GAR_LOCATION }}-docker.pkg.dev + + - name: Pull Docker image + run: docker pull "${{ env.DOCKER_TAG }}" + + - name: Run validate docker image + uses: addnab/docker-run-action@v3 + with: + image: "${{ env.DOCKER_TAG }}" + run: echo "TODO Add docker validation checks" + + deploy: + name: Sending to Cloud Deploy + needs: [ init, lint, build, validate ] + runs-on: ubuntu-latest + env: + RELEASE_NAME: ${{needs.init.outputs.release_name}} + DOCKER_TAG: ${{needs.init.outputs.docker_tag}} + steps: + - name: 'Checkout' + uses: 'actions/checkout@v3' + + - name: Update slack notification + uses: slackapi/slack-github-action@v1.24.0 + with: + update-ts: ${{ needs.init.outputs.slack_ts }} + channel-id: ${{ env.CHANNEL_IDS }} + payload-file-path: ".github/workflows/payload-slack-content.json" + env: + STATUS_COLOR: dbab09 + STATUS_TITLE: Sending to Cloud Deploy + STATUS_VALUE: ':link-run: *Running*' + + - name: 'Google auth' + id: 'auth' + uses: 'google-github-actions/auth@v1' + with: + workload_identity_provider: '${{ secrets.WIF_PROVIDER }}' + service_account: '${{ secrets.WIF_SERVICE_ACCOUNT }}' + + - name: 'Render cloud deploy config manifests from templates' + run: for template in $(ls clouddeploy/*.template.yaml); do envsubst < ${template} > ${template%%.*}.yaml ; done + + - name: 'Create Cloud Deploy release' + uses: 'google-github-actions/create-cloud-deploy-release@v0' + with: + delivery_pipeline: '${{ env.APP }}' + name: '${{ env.RELEASE_NAME }}' + region: '${{ env.REGION }}' + description: '${{ env.GITHUB_COMMIT_MSG }}' + skaffold_file: 'clouddeploy/skaffold.yaml' + images: 'app=${{ env.DOCKER_TAG }}' + + final: + name: Finalize Notifications + needs: [ init, lint, build, validate, deploy ] + runs-on: ubuntu-latest + if: always() + env: + RELEASE_NAME: ${{needs.init.outputs.release_name}} + steps: + - name: 'Checkout' + uses: 'actions/checkout@v3' + + - name: Update slack deployment complete + if: needs.deploy.result == 'success' + uses: slackapi/slack-github-action@v1.24.0 + with: + update-ts: ${{ needs.init.outputs.slack_ts }} + channel-id: ${{ env.CHANNEL_IDS }} + payload-file-path: ".github/workflows/payload-slack-content.json" + env: + STATUS_COLOR: 28a745 + STATUS_TITLE: Building and Deploy + STATUS_VALUE: ':link-zelda: *Completed*' + + - name: Update slack deployment ready for promotion + if: needs.deploy.result == 'success' + uses: slackapi/slack-github-action@v1.24.0 + with: + channel-id: ${{ env.CHANNEL_IDS }} + payload-file-path: ".github/workflows/payload-slack-deploy.json" + + - name: Update slack deployment failed + if: needs.lint.result == 'failure' || needs.build.result == 'failure' || needs.validate.result == 'failure' || needs.deploy.result == 'failure' + uses: slackapi/slack-github-action@v1.24.0 + with: + update-ts: ${{ needs.init.outputs.slack_ts }} + channel-id: ${{ env.CHANNEL_IDS }} + payload-file-path: ".github/workflows/payload-slack-content.json" + env: + STATUS_COLOR: d81313 + STATUS_TITLE: Building and Deploy + STATUS_VALUE: ':skull_and_crossbones: *Failed*' diff --git a/.github/workflows/payload-slack-content.json b/.github/workflows/payload-slack-content.json new file mode 100644 index 00000000..47afa4e5 --- /dev/null +++ b/.github/workflows/payload-slack-content.json @@ -0,0 +1,63 @@ +{ + "text": "", + "attachments": [ + { + "color": "{{ env.STATUS_COLOR }}", + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": ":link-wut: Github Action Notification :link-wut:\n{{ github.workflow }}", + "emoji": true + } + }, + { + "type": "section", + "fields": [ + { + "type": "plain_text", + "text": "{{ env.RELEASE_NAME }}", + "emoji": true + }, + { + "type": "plain_text", + "text": "{{ env.GITHUB_ACTOR }}", + "emoji": true + }, + { + "type": "plain_text", + "text": "{{ env.GITHUB_REPOSITORY }}", + "emoji": true + }, + { + "type": "plain_text", + "text": "{{ env.GITHUB_REF_NAME }}", + "emoji": true + } + ] + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "" + } + }, + { + "type": "context", + "elements": [ + { + "type": "mrkdwn", + "text": "Action: *{{ env.STATUS_TITLE }}*" + }, + { + "type": "mrkdwn", + "text": "Status: {{ env.STATUS_VALUE }}" + } + ] + } + ] + } + ] +} diff --git a/.github/workflows/payload-slack-deploy.json b/.github/workflows/payload-slack-deploy.json new file mode 100644 index 00000000..842c40c6 --- /dev/null +++ b/.github/workflows/payload-slack-deploy.json @@ -0,0 +1,32 @@ +{ + "text": "", + "attachments": [ + { + "color": "28a745", + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": ":rocket: SSO Dashboard is ready for Promotion", + "emoji": true + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Build: *{{ env.RELEASE_NAME }}*" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": ":link: " + } + } + ] + } + ] +} diff --git a/.gitignore b/.gitignore index 18df9244..16c5a974 100644 --- a/.gitignore +++ b/.gitignore @@ -9,6 +9,7 @@ dashboard/static/css/gen/ dashboard/static/.webassets-cache/ dashboard/static/img/logos/* virtualenv.egg-info +dashboard.egg-info bin man include @@ -24,3 +25,6 @@ pip-selfcheck.json tests/test_activate_actual.output bower_components node_modules +.vscode/* +build/* +envfile diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000..53747ce0 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,15 @@ +# See https://pre-commit.com for more information +# See https://pre-commit.com/hooks.html for more hooks +repos: +- repo: https://github.com/pre-commit/pre-commit-hooks + rev: v3.2.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-yaml + - id: check-added-large-files + +- repo: https://github.com/psf/black + rev: 22.10.0 + hooks: + - id: black diff --git a/.stylelintrc b/.stylelintrc index 3c616082..ed4c85b9 100644 --- a/.stylelintrc +++ b/.stylelintrc @@ -1,91 +1,51 @@ { + "extends": "stylelint-config-standard-scss", "rules": { - "color-hex-case": "lower", + "no-descending-specificity": null, "color-no-invalid-hex": true, "font-family-no-duplicate-names": true, "font-family-name-quotes": "always-where-recommended", "function-calc-no-unspaced-operator": true, - "function-comma-space-after": "always", - "function-comma-space-before": "never", "function-name-case": "lower", - "function-parentheses-space-inside": "never", - "function-whitespace-after": "always", "function-url-no-scheme-relative": true, "function-url-quotes": "always", - "number-no-trailing-zeros": true, - "string-no-newline": true, - "string-quotes": "single", "length-zero-no-unit": true, - "unit-case": "lower", "unit-no-unknown": true, - "value-keyword-case": lower, - - "value-list-comma-space-after": "always-single-line", - "value-list-comma-space-before": "never", + "value-keyword-case": "lower", - "property-case": "lower", "property-no-unknown": true, "keyframe-declaration-no-important": true, - "declaration-colon-space-after": "always", - "declaration-colon-space-before": "never", "declaration-no-important": true, - "declaration-block-trailing-semicolon": "always", "declaration-block-single-line-max-declarations": 1, - "declaration-block-semicolon-space-before": "never", - "declaration-block-semicolon-newline-after": "always-multi-line", "declaration-block-no-shorthand-property-overrides": true, "declaration-block-no-duplicate-properties": true, "block-no-empty": true, - "block-closing-brace-empty-line-before": "never", - "block-closing-brace-newline-after": "always", - "block-closing-brace-newline-before": "always-multi-line", - "block-closing-brace-space-before": "always-single-line", - "block-opening-brace-newline-after": "always-multi-line", - "block-opening-brace-space-after": "always-single-line", - "block-opening-brace-space-before": "always", - - "selector-attribute-brackets-space-inside": "never", - "selector-attribute-operator-space-after": "never", - "selector-attribute-operator-space-before": "never", - "selector-combinator-space-after": "always", - "selector-combinator-space-before": "always", + "selector-pseudo-class-no-unknown": true, "selector-pseudo-element-no-unknown": true, - "selector-pseudo-class-case": "lower", - "selector-pseudo-element-case": "lower", "selector-type-case": "lower", "selector-type-no-unknown": true, - "selector-max-empty-lines": 0, "rule-empty-line-before": "always-multi-line", - "media-feature-name-case": "lower", "media-feature-name-no-unknown": true, - "media-feature-colon-space-after": "always", - "media-feature-colon-space-before": "never", - "media-feature-parentheses-space-inside": "never", "comment-no-empty": true, - "indentation": 4, "max-nesting-depth": 6, "no-duplicate-selectors": true, - "no-eol-whitespace": true, - "no-extra-semicolons": true, "no-unknown-animations": true, - "no-invalid-double-slash-comments": true, - "no-missing-end-of-source-newline": true, - "max-empty-lines": 1 + "no-invalid-double-slash-comments": true } } diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index ed318f23..00000000 --- a/.travis.yml +++ /dev/null @@ -1,20 +0,0 @@ -language: python -dist: trusty -cache: pip -notifications: - email: false -python: - - 3.6 -env: - - "DASHBOARD_CONFIG_INI=tests/sso-dashboard.ini AWS_DEFAULT_REGION=us-west-2 BOTO_CONFIG=/dev/null" -before_install: - - pip install flake8 - - flake8 dashboard - - flake8 tests -install: - - pip install -r requirements.txt - - npm install -g eslint stylelint -script: - - python setup.py pytest - - eslint 'dashboard/static/js/*.js' - - stylelint 'dashboard/static/css/*.scss' diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 53d8ec25..00000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "python.pythonPath": "venv/bin/python3.7" -} \ No newline at end of file diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 498baa3f..041fbb69 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1,8 +1,8 @@ # Community Participation Guidelines -This repository is governed by Mozilla's code of conduct and etiquette guidelines. +This repository is governed by Mozilla's code of conduct and etiquette guidelines. For more details, please read the -[Mozilla Community Participation Guidelines](https://www.mozilla.org/about/governance/policies/participation/). +[Mozilla Community Participation Guidelines](https://www.mozilla.org/about/governance/policies/participation/). ## How to Report For more information on how to report violations of the Community Participation Guidelines, please read our '[How to Report](https://www.mozilla.org/about/governance/policies/participation/reporting/)' page. diff --git a/Dockerfile b/Dockerfile index 770025d7..7da4c8f9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,39 +1,20 @@ -FROM centos:7 +FROM python:3.7-bullseye +ARG RELEASE_NAME -RUN yum update -y -RUN yum install epel-release -y && yum update -y -RUN yum install nginx python36 python36-devel python36-pip -y -COPY ./ansible/roles/dashboard/files/dumb-init /usr/bin/dumb-init -RUN chmod 775 /usr/bin/dumb-init -RUN yum install gcc \ - libffi-devel \ - \ openssl openssl-devel \ - curl-devel -y -COPY ./ansible/roles/dashboard/files/nginx/nginx.conf /etc/nginx/nginx.conf -COPY ./ansible/roles/dashboard/files/nginx/start.sh /usr/bin/start.sh -RUN chmod 775 /usr/bin/start.sh -COPY ./ansible/roles/dashboard/files/sso-dashboard.ini /etc/dashboard.ini -RUN chmod 775 /etc/dashboard.ini -RUN yum install git -y -RUN yum install rubygem-sass -y -RUN pip3 install --upgrade setuptools-rust pip -RUN pip3 install credstash -RUN useradd -ms /bin/bash flaskuser -RUN mkdir /dashboard -RUN chown -R flaskuser /dashboard -COPY requirements.txt /dashboard/requirements.txt +RUN apt update && apt install -y nodejs npm \ + && rm -rf /var/lib/apt/lists/* +RUN npm install -g sass +COPY ./files/start.sh /start.sh +RUN chmod 755 /start.sh RUN pip3 install --upgrade pip +COPY ./requirements.txt /dashboard/ RUN pip3 install -r /dashboard/requirements.txt COPY ./dashboard/ /dashboard/ -RUN rm /dashboard/static/css/gen/all.css 2& > /dev/null -RUN rm /dashboard/static/js/gen/packed.js 2& > /dev/null -RUN rm /dashboard/data/apps.yml-etag 2& > /dev/null -RUN mkdir -p /dashboard/static/img/logos RUN chmod 750 -R /dashboard -RUN useradd -ms /bin/bash flaskapp -RUN chown -R flaskapp:nginx /dashboard -RUN pip3 install pyOpenSSL==17.3.0 --upgrade -RUN pip3 install cryptography==2.0 --upgrade -RUN pip3 install flake8 --upgrade -# RUN pip3 install git+git://github.com/mozilla-iam/pyoidc.git@fix_updated_at#egg=pyoidc -ENTRYPOINT [ "dumb-init", "/usr/bin/start.sh" ] +RUN rm /dashboard/static/css/gen/all.css \ + /dashboard/static/js/gen/packed.js \ + /dashboard/data/apps.yml-etag 2& > /dev/null +RUN mkdir -p /dashboard/static/img/logos +RUN echo $RELEASE_NAME > /version.json + +ENTRYPOINT ["/start.sh"] diff --git a/README.md b/README.md index 846e515a..777f4a0f 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,7 @@ A python flask implementation of an SSO dashboard. OIDC for authentication and # Contributors +* Jake Watkins [:dividehex] jwatkins@mozilla.com * Andrew Krug [:andrew] akrug@mozilla.com # Projects this Project Uses @@ -69,7 +70,7 @@ app staging and then taking apps live.__ # Adding apps to the Dashboard In order to add applications to the dashboard there is an apps.yml file and -a logos directory that exists in the Mozilla-IAM github org. +a logos directory that exists in the Mozilla-IAM github org. https://github.com/mozilla-iam/sso-dashboard-configuration @@ -86,11 +87,11 @@ to the fact they are in a responsive grid. For more information on developing features for the sso-dashboard see the [development guide](docs/development.md). # Deployment -This section gives an overview of the SSO Dashboard deployment, for a more detailed explanation check [this document](https://github.com/mozilla-iam/iam-infra/blob/74a68749db6f9043bdd36970d0e94de322cd9804/docs/runbooks/sso-dashboard.md). +This section gives an overview of the SSO Dashboard deployment, for a more detailed explanation check [this document](https://github.com/mozilla-iam/iam-infra/blob/74a68749db6f9043bdd36970d0e94de322cd9804/docs/runbooks/sso-dashboard.md). -Single Sign On Dashboard (SSO Dashboard) runs in the AWS IAM account (320464205386) inside the production EKS cluster, however it uses resources in the `infosec-prod` and `infosec-dev` AWS accounts. +Single Sign On Dashboard (SSO Dashboard) runs in the AWS IAM account (320464205386) inside the production EKS cluster, however it uses resources in the `infosec-prod` and `infosec-dev` AWS accounts. -Currently the application is deployed into 2 different environments: dev and prod, each one running in the correspondent Kubernetes namespaces. +Currently the application is deployed into 2 different environments: dev and prod, each one running in the correspondent Kubernetes namespaces. - Production environment can be reach at https://sso.mozilla.com - Development environment can be reach at https://sso.allizom.org diff --git a/ansible/ansible-requirements.txt b/ansible/ansible-requirements.txt deleted file mode 100644 index 10226fbe..00000000 --- a/ansible/ansible-requirements.txt +++ /dev/null @@ -1,2 +0,0 @@ -# These are the python requirements for your Ansible Container builder. -# You do not need to include Ansible itself in this file. diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg deleted file mode 100644 index 460145a9..00000000 --- a/ansible/ansible.cfg +++ /dev/null @@ -1,2 +0,0 @@ -# Set any ansible.cfg overrides in this file. -# See: https://docs.ansible.com/ansible/intro_configuration.html#explanation-of-values-by-section diff --git a/ansible/container.yml b/ansible/container.yml deleted file mode 100644 index 47adb531..00000000 --- a/ansible/container.yml +++ /dev/null @@ -1,19 +0,0 @@ -version: "2" -settings: - volumes: - ../:/dashboard -services: - web: - from: centos:latest - expose: - - "8000/tcp" - ports: - - "80:80" - - "8000:8000" - links: - - redis:redis - working_dir: '/sso-dashboard' - roles: - - dashboard - command: ['/usr/bin/dumb-init', '/usr/bin/start.sh'] -registries: {} diff --git a/ansible/meta.yml b/ansible/meta.yml deleted file mode 100644 index 01910269..00000000 --- a/ansible/meta.yml +++ /dev/null @@ -1,33 +0,0 @@ -galaxy_info: - author: Your name - description: Describe your awesome application here. - company: Your company - - # If the issue tracker for your role is not on GitHub, uncomment the - # next line and provide a value - # issue_tracker_url: - - # Some suggested licenses: - # - BSD (default) - # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: license (GPLv2, CC-BY, etc) - - min_ansible_container_version: 0.9.1 - - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If travis integration is cofigured, only notification for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - - tags: [] - # List tags for your app here, one per line. A tag is a keyword that describes and categorizes the app. - # Users will find your app by searching for tags. Be sure to remove the '[]' above. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. Maximum 20 tags. diff --git a/ansible/requirements.yml b/ansible/requirements.yml deleted file mode 100644 index dfed8e7b..00000000 --- a/ansible/requirements.yml +++ /dev/null @@ -1,5 +0,0 @@ -# Install Ansible Roles -# --------------------- -# When making the Conductor image `ansible-galaxy install -r requirements.yml` is executed -# using this file. Follow the instructions at http://docs.ansible.com/ansible/galaxy.html -# to include any roles you want installed prior to running main.yml. \ No newline at end of file diff --git a/ansible/roles/dashboard/files/dumb-init b/ansible/roles/dashboard/files/dumb-init deleted file mode 100644 index 13e0d30e..00000000 Binary files a/ansible/roles/dashboard/files/dumb-init and /dev/null differ diff --git a/ansible/roles/dashboard/files/nginx/nginx.conf b/ansible/roles/dashboard/files/nginx/nginx.conf deleted file mode 100644 index ff0f9a79..00000000 --- a/ansible/roles/dashboard/files/nginx/nginx.conf +++ /dev/null @@ -1,97 +0,0 @@ -worker_processes 1; - -events { worker_connections 1024; } - -http { - - sendfile on; - - gzip on; - gzip_http_version 1.0; - gzip_proxied any; - gzip_min_length 500; - gzip_disable "MSIE [1-6]\."; - gzip_types text/plain text/xml text/css - text/comma-separated-values - text/javascript - application/x-javascript - application/atom+xml; - - # Configuration for the server - server { - - # Running port - listen 80; - - location /health { - - return 200; - - } - - location ^~ /static/ { - include /etc/nginx/mime.types; - root /sso-dashboard/dashboard; - } - - - } - - server { - listen 80; - - server_name sso.mozilla.com; - - location ^~ /static/ { - include /etc/nginx/mime.types; - root /sso-dashboard/dashboard; - } - - location / { - - rewrite ^ https://$server_name$request_uri? permanent; - - } - - location /dashboard { - - rewrite ^ https://$server_name$request_uri? permanent; - - } - - location /metrics { - deny all; - return 403; - } - - } - - server { - listen 80; - - server_name sso.allizom.org; - - location ^~ /static/ { - include /etc/nginx/mime.types; - root /sso-dashboard/dashboard; - } - - location / { - - rewrite ^ https://$server_name$request_uri? permanent; - - } - - location /dashboard { - - rewrite ^ https://$server_name$request_uri? permanent; - - } - - location /metrics { - deny all; - return 403; - } - - } -} diff --git a/ansible/roles/dashboard/files/nginx/start.sh b/ansible/roles/dashboard/files/nginx/start.sh deleted file mode 100644 index 61cf89ab..00000000 --- a/ansible/roles/dashboard/files/nginx/start.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -python3 -m gunicorn.app.wsgiapp dashboard.app:app --worker-class gevent --bind 0.0.0.0:8000 --workers=${DASHBOARD_GUNICORN_WORKERS:-5} --reload & -nginx -c /etc/nginx/nginx.conf -g "daemon off;" diff --git a/ansible/roles/dashboard/tasks/main.yml b/ansible/roles/dashboard/tasks/main.yml deleted file mode 100644 index c3c620e3..00000000 --- a/ansible/roles/dashboard/tasks/main.yml +++ /dev/null @@ -1,136 +0,0 @@ ---- - -- name: Install dumb init - get_url: - dest: /usr/bin/dumb-init - url: https://github.com/Yelp/dumb-init/releases/download/v1.0.2/dumb-init_1.0.2_amd64 - mode: 0775 - validate_certs: no - -- name: Install EPEL - yum: name=epel-release state=latest - -- name: Install Build Dependencies - yum: name=gcc,libffi-devel,python-devel,openssl-devel,curl-devel,python36,python36-devel state=latest - -- name: Install nginx - yum: name=nginx - -- name: Copy the config - copy: - src: ../files/nginx/nginx.conf - dest: /etc/nginx/nginx.conf - -- name: Copy the config - copy: - src: ../files/nginx/start.sh - dest: /usr/bin/start.sh - mode: 0775 - -- name: Copy the everett ini file - copy: - src: ../files/sso-dashboard.ini - dest: /etc/sso-dashboard.ini - mode: 0775 - -- name: Install git - yum: name=git state=latest - -- name: Install Pip - yum: name=python36-pip state=latest - -- name: Install Pip - yum: name=python36-pip state=latest - -- name: Install rubygems sass compiler - yum: name=rubygem-sass state=latest - -- name: Install credstash - pip: - name: credstash - executable: pip3.6 - -- name: Create Flask User - user: name=flaskapp state=present createhome=yes home=/sso-dashboard group=root - -- name: Copy the Requirements - copy: - src: /dashboard/requirements.txt - dest: /sso-dashboard/requirements.txt - owner: flaskapp - group: nginx - mode: 755 - -- name: Install requirements - pip: - requirements: '/sso-dashboard/requirements.txt' - executable: pip3.6 - -- name: Copy The Application - copy: - src: /dashboard/ - dest: /sso-dashboard/ - owner: flaskapp - group: nginx - mode: 755 - -- name: Cache busting - file: - path: /sso-dashboard/static/css/gen/all.css - state: absent - -- name: Cache busting - file: - path: /sso-dashboard/static/js/gen/packed.js - state: absent - -- name: Cache busting - file: - path: /sso-dashboard/data/apps.yml-etag - state: absent - -- name: Create the logos dir - file: - path: /sso-dashboard/static/img/logos - state: directory - -- name: Install credstash depends - yum: name=git state=latest - -# Allow nginx directory traversal -- file: - path: /sso-dashboard - state: directory - mode: 0750 - owner: flaskapp - group: nginx - recurse: yes - -# Allow nginx directory traversal -- file: - path: /sso-dashboard/static - state: directory - mode: 0750 - owner: flaskapp - group: nginx - recurse: yes - -- name: Install patched pyoidc - pip: - name: git+git://github.com/mozilla-iam/pyoidc.git@hotfix_unicode#egg=pyoidc - state: forcereinstall - executable: pip3.6 - -- name: Force python openssl - pip: - name: pyOpenSSL - version: 17.3.0 - state: forcereinstall - executable: pip3.6 - -- name: Force cryptography 2pointo - pip: - name: cryptography - version: 2.0 - state: forcereinstall - executable: pip3.6 diff --git a/buildspec-k8s.yml b/buildspec-k8s.yml deleted file mode 100644 index b8973942..00000000 --- a/buildspec-k8s.yml +++ /dev/null @@ -1,23 +0,0 @@ -version: 0.2 - -phases: - install: - runtime-versions: - docker: 18 - python: 3.7 - commands: - - make setup-codebuild - pre_build: - commands: - - export COMMIT_SHA=${CODEBUILD_RESOLVED_SOURCE_VERSION} # Commit SHA that triggered this build - - export DEPLOY_ENV=$(echo ${CODEBUILD_WEBHOOK_TRIGGER} | sed -e 's/branch\/master/dev/' | sed -e 's/branch\/production/prod/') - - if [ -z "${DEPLOY_ENV}" ]; then export DEPLOY_ENV="dev"; fi - - echo "Running for ${COMMIT_SHA} in ${DEPLOY_ENV}" - - make login CLUSTER_NAME=${CLUSTER_NAME} - build: - commands: - - make build COMMIT_SHA=${CODEBUILD_RESOLVED_SOURCE_VERSION} - - make push DOCKER_DEST=${DOCKER_REPO}:${CODEBUILD_RESOLVED_SOURCE_VERSION} - post_build: - commands: - - make release STAGE=${DEPLOY_ENV} diff --git a/clouddeploy/skaffold.template.yaml b/clouddeploy/skaffold.template.yaml new file mode 100644 index 00000000..92a45497 --- /dev/null +++ b/clouddeploy/skaffold.template.yaml @@ -0,0 +1,33 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: skaffold/v3alpha1 +kind: Config +metadata: + name: 'sso-dashboard' +deploy: + cloudrun: {} +profiles: + - name: 'dev' + manifests: + rawYaml: + - 'sso-dashboard-dev.yaml' + - name: 'staging' + manifests: + rawYaml: + - 'sso-dashboard-staging.yaml' + - name: 'prod' + manifests: + rawYaml: + - 'sso-dashboard-prod.yaml' diff --git a/clouddeploy/sso-dashboard-dev.template.yaml b/clouddeploy/sso-dashboard-dev.template.yaml new file mode 100644 index 00000000..a4346895 --- /dev/null +++ b/clouddeploy/sso-dashboard-dev.template.yaml @@ -0,0 +1,118 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: serving.knative.dev/v1 +kind: Service +metadata: + name: 'sso-dashboard-dev' + annotations: + run.googleapis.com/ingress: internal-and-cloud-load-balancing + run.googleapis.com/description: 'https://sso.allizom.org' +spec: + template: + metadata: + annotations: + autoscaling.knative.dev/minScale: '1' + autoscaling.knative.dev/maxScale: '3' + run.googleapis.com/cpu-throttling: 'false' + run.googleapis.com/startup-cpu-boost: 'true' + run.googleapis.com/vpc-access-connector: 'redis-connector' + spec: + containers: + - name: 'sso-dashboard' + image: 'app' + command: + - gunicorn + - 'dashboard.app:app' + args: + - '--worker-class' + - gevent + - '--bind' + - '0.0.0.0:8000' + - '--workers=2' + - '--log-level=debug' + ports: + - name: http1 + containerPort: 8000 + env: + - name: 'TARGET' + value: 'Staging' + - name: SSO-DASHBOARD_DEBUG + value: False + - name: SSO-DASHBOARD_TESTING + value: False + - name: SSO-DASHBOARD_CSRF_ENABLED + value: True + - name: SSO-DASHBOARD_PERMANENT_SESSION + value: True + - name: SSO-DASHBOARD_PERMANENT_SESSION_LIFETIME + value: 86400 + - name: SSO-DASHBOARD_SESSION_COOKIE_HTTPONLY + value: True + - name: SSO-DASHBOARD_LOGGER_NAME + value: sso-dashboard + - name: SSO-DASHBOARD_PREFERRED_URL_SCHEME + value: https + - name: SSO-DASHBOARD_OIDC_CLIENT_ID + value: 2KNOUCxN8AFnGGjDCGtqiDIzq8MKXi2h + - name: SSO-DASHBOARD_OIDC_DOMAIN + value: dev.mozilla-dev.auth0.com + - name: SSO-DASHBOARD_SERVER_NAME + value: sso.allizom.org + - name: SSO-DASHBOARD_CDN + value: https://cdn.sso.mozilla.com + - name: SSO-DASHBOARD_S3_BUCKET + value: sso-dashboard.configuration + - name: SSO-DASHBOARD_FORBIDDEN_PAGE_PUBLIC_KEY + value: "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0NCk1JSUNJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBZzhBTUlJQ0NnS0NBZ0VBcStWVXhsWWlENUF1aGh3a0hEb3kNCmFXV0YzcFlzQmxGaDlUendZeGNNR282TFdUODljb0xuUDdWVHlLbGdsTklmTG5KZDdqY2E5VUJ1QjhIVFBQYWoNCk5Ibk5UaUZ5UEZTbjFoaVhqSDJieUNDNnA1ZnByRWFEazV3YVpVNTgwaTRDaVlYcWtrWWdVbXVINW91Mnl4NW4NClZCVGJmcityZFQ0a0tRdi9Dek9ZR1o3K05NVUdXYTMvNXRMZklyRXZnV2tTTEluemtVZVhUS3huRSs5a1AvU2ENCkM4SDZsNnBKbm9oOVpiY3J4RGhkbVl6TEx2c0tIQ2tidmdCczNiaUFkSENzeHFEeFcxSGlOMzJYeEc4Y1pyc00NCjV1ZDdnbHNNY2VZWk82aENTZW4vckFUWmJkc3RETWNLa2YzMTBpUFgxRWF5ZzNPcDNZUlVTdkxzVmp5bmxQZmYNClRSVjFmQ2hJaXFwQWdnS2x4MXdqRUk2UVBuQWdpU1E0WEJweTFCK3FUSTltd1BhcE5yY2IzbkpFNDFNT0dEZGwNCmFLcHlMeGdaeEI4NmNKYTlVQXZGSEFOR08zRXA1Vmd0UjNoUStqWkY2RGFHUThjMHNyaHg4MTc4dWJybFY2NGsNCnVxK1ozVUZBZHhDbHZTRnc0eDVyTm1tV2dTN280OG9yMnhWdXVXMTQxNEZYTVBvaytDNUdabGd6ZG5zZ3cxWlQNCmhzTWNldG1temthUTlyeWxmYXVRR1gzMk5lZ3FlOWFyR0VGbXBqYjJUb2w0Tk1RLy83MzRuVFN2Q1lmL0o0Qi8NCnR0NjJzOXRBTU1ZdkpvN0ZRV2o0Qks3dUYvYmxTbTczYUVvVlFiNHdzWjJRWWpMeVlWcGh2UFprYVdaZHA0Wi8NCng0STlPT3lOYThtaGZkK3h0OU9uWXVzQ0F3RUFBUT09DQotLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0NCg==\n" + - name: SSO-DASHBOARD_REDIS_CONNECTOR + value: 10.182.16.6:6379 + - name: AWS_DEFAULT_REGION + value: us-west-2 + - name: ENVIRONMENT + value: Staging + - name: MOZILLIANS_API_URL + value: https://mozillians.org/api/v2/users/ + - name: DASHBOARD_GUNICORN_WORKERS + value: 2 + - name: FLASK_DEBUG + value: False + - name: DEBUG + value: False + - name: LANG + value: en_US.utf8 + - name: FLASK_APP + value: dashboard/app.py + - name: OIDC_REDIRECT_URI + value: https://sso.allizom.org/redirect_uri + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-aws-secret-access-key + - name: SSO-DASHBOARD_SECRET_KEY + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-dev-secret-key + - name: SSO-DASHBOARD_OIDC_CLIENT_SECRET + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-dev-oidc-client-secret + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-aws-access-key-id diff --git a/clouddeploy/sso-dashboard-prod.template.yaml b/clouddeploy/sso-dashboard-prod.template.yaml new file mode 100644 index 00000000..8ec1e48b --- /dev/null +++ b/clouddeploy/sso-dashboard-prod.template.yaml @@ -0,0 +1,118 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: serving.knative.dev/v1 +kind: Service +metadata: + name: 'sso-dashboard-prod' + annotations: + run.googleapis.com/ingress: internal-and-cloud-load-balancing + run.googleapis.com/description: 'https://sso.mozilla.com' +spec: + template: + metadata: + annotations: + autoscaling.knative.dev/minScale: '1' + autoscaling.knative.dev/maxScale: '3' + run.googleapis.com/cpu-throttling: 'false' + run.googleapis.com/startup-cpu-boost: 'true' + run.googleapis.com/vpc-access-connector: 'redis-connector' + spec: + containers: + - name: 'sso-dashboard' + image: 'app' + command: + - gunicorn + - 'dashboard.app:app' + args: + - '--worker-class' + - gevent + - '--bind' + - '0.0.0.0:8000' + - '--workers=2' + - '--log-level=debug' + ports: + - name: http1 + containerPort: 8000 + env: + - name: TARGET + value: Prod + - name: SSO-DASHBOARD_DEBUG + value: False + - name: SSO-DASHBOARD_TESTING + value: False + - name: SSO-DASHBOARD_CSRF_ENABLED + value: True + - name: SSO-DASHBOARD_PERMANENT_SESSION + value: True + - name: SSO-DASHBOARD_PERMANENT_SESSION_LIFETIME + value: 86400 + - name: SSO-DASHBOARD_SESSION_COOKIE_HTTPONLY + value: True + - name: SSO-DASHBOARD_LOGGER_NAME + value: sso-dashboard + - name: SSO-DASHBOARD_PREFERRED_URL_SCHEME + value: https + - name: SSO-DASHBOARD_OIDC_CLIENT_ID + value: UCOY390lYDxgj5rU8EeXRtN6EP005k7V + - name: SSO-DASHBOARD_OIDC_DOMAIN + value: auth.mozilla.auth0.com + - name: SSO-DASHBOARD_SERVER_NAME + value: sso.mozilla.com + - name: SSO-DASHBOARD_CDN + value: https://cdn.sso.mozilla.com + - name: SSO-DASHBOARD_S3_BUCKET + value: sso-dashboard.configuration + - name: SSO-DASHBOARD_FORBIDDEN_PAGE_PUBLIC_KEY + value: "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0NCk1JSUNJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBZzhBTUlJQ0NnS0NBZ0VBcStWVXhsWWlENUF1aGh3a0hEb3kNCmFXV0YzcFlzQmxGaDlUendZeGNNR282TFdUODljb0xuUDdWVHlLbGdsTklmTG5KZDdqY2E5VUJ1QjhIVFBQYWoNCk5Ibk5UaUZ5UEZTbjFoaVhqSDJieUNDNnA1ZnByRWFEazV3YVpVNTgwaTRDaVlYcWtrWWdVbXVINW91Mnl4NW4NClZCVGJmcityZFQ0a0tRdi9Dek9ZR1o3K05NVUdXYTMvNXRMZklyRXZnV2tTTEluemtVZVhUS3huRSs5a1AvU2ENCkM4SDZsNnBKbm9oOVpiY3J4RGhkbVl6TEx2c0tIQ2tidmdCczNiaUFkSENzeHFEeFcxSGlOMzJYeEc4Y1pyc00NCjV1ZDdnbHNNY2VZWk82aENTZW4vckFUWmJkc3RETWNLa2YzMTBpUFgxRWF5ZzNPcDNZUlVTdkxzVmp5bmxQZmYNClRSVjFmQ2hJaXFwQWdnS2x4MXdqRUk2UVBuQWdpU1E0WEJweTFCK3FUSTltd1BhcE5yY2IzbkpFNDFNT0dEZGwNCmFLcHlMeGdaeEI4NmNKYTlVQXZGSEFOR08zRXA1Vmd0UjNoUStqWkY2RGFHUThjMHNyaHg4MTc4dWJybFY2NGsNCnVxK1ozVUZBZHhDbHZTRnc0eDVyTm1tV2dTN280OG9yMnhWdXVXMTQxNEZYTVBvaytDNUdabGd6ZG5zZ3cxWlQNCmhzTWNldG1temthUTlyeWxmYXVRR1gzMk5lZ3FlOWFyR0VGbXBqYjJUb2w0Tk1RLy83MzRuVFN2Q1lmL0o0Qi8NCnR0NjJzOXRBTU1ZdkpvN0ZRV2o0Qks3dUYvYmxTbTczYUVvVlFiNHdzWjJRWWpMeVlWcGh2UFprYVdaZHA0Wi8NCng0STlPT3lOYThtaGZkK3h0OU9uWXVzQ0F3RUFBUT09DQotLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0NCg==\n" + - name: SSO-DASHBOARD_REDIS_CONNECTOR + value: 10.182.16.6:6379 + - name: AWS_DEFAULT_REGION + value: us-west-2 + - name: ENVIRONMENT + value: Prod + - name: MOZILLIANS_API_URL + value: https://mozillians.org/api/v2/users/ + - name: DASHBOARD_GUNICORN_WORKERS + value: 2 + - name: FLASK_DEBUG + value: False + - name: DEBUG + value: False + - name: LANG + value: en_US.utf8 + - name: FLASK_APP + value: dashboard/app.py + - name: OIDC_REDIRECT_URI + value: https://sso.mozilla.com/redirect_uri + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-aws-secret-access-key + - name: SSO-DASHBOARD_SECRET_KEY + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-prod-secret-key + - name: SSO-DASHBOARD_OIDC_CLIENT_SECRET + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-prod-oidc-client-secret + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-aws-access-key-id diff --git a/clouddeploy/sso-dashboard-staging.template.yaml b/clouddeploy/sso-dashboard-staging.template.yaml new file mode 100644 index 00000000..b2d5d069 --- /dev/null +++ b/clouddeploy/sso-dashboard-staging.template.yaml @@ -0,0 +1,118 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: serving.knative.dev/v1 +kind: Service +metadata: + name: 'sso-dashboard-staging' + annotations: + run.googleapis.com/ingress: internal-and-cloud-load-balancing + run.googleapis.com/description: 'https://staging.sso.mozilla.com' +spec: + template: + metadata: + annotations: + autoscaling.knative.dev/minScale: '1' + autoscaling.knative.dev/maxScale: '3' + run.googleapis.com/cpu-throttling: 'false' + run.googleapis.com/startup-cpu-boost: 'true' + run.googleapis.com/vpc-access-connector: 'redis-connector' + spec: + containers: + - name: 'sso-dashboard' + image: 'app' + command: + - gunicorn + - 'dashboard.app:app' + args: + - '--worker-class' + - gevent + - '--bind' + - '0.0.0.0:8000' + - '--workers=2' + - '--log-level=debug' + ports: + - name: http1 + containerPort: 8000 + env: + - name: TARGET + value: Prod + - name: SSO-DASHBOARD_DEBUG + value: False + - name: SSO-DASHBOARD_TESTING + value: False + - name: SSO-DASHBOARD_CSRF_ENABLED + value: True + - name: SSO-DASHBOARD_PERMANENT_SESSION + value: True + - name: SSO-DASHBOARD_PERMANENT_SESSION_LIFETIME + value: 86400 + - name: SSO-DASHBOARD_SESSION_COOKIE_HTTPONLY + value: True + - name: SSO-DASHBOARD_LOGGER_NAME + value: sso-dashboard + - name: SSO-DASHBOARD_PREFERRED_URL_SCHEME + value: https + - name: SSO-DASHBOARD_OIDC_CLIENT_ID + value: UCOY390lYDxgj5rU8EeXRtN6EP005k7V + - name: SSO-DASHBOARD_OIDC_DOMAIN + value: auth.mozilla.auth0.com + - name: SSO-DASHBOARD_SERVER_NAME + value: staging.sso.mozilla.com + - name: SSO-DASHBOARD_CDN + value: https://cdn.sso.mozilla.com + - name: SSO-DASHBOARD_S3_BUCKET + value: sso-dashboard.configuration + - name: SSO-DASHBOARD_FORBIDDEN_PAGE_PUBLIC_KEY + value: "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0NCk1JSUNJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBZzhBTUlJQ0NnS0NBZ0VBcStWVXhsWWlENUF1aGh3a0hEb3kNCmFXV0YzcFlzQmxGaDlUendZeGNNR282TFdUODljb0xuUDdWVHlLbGdsTklmTG5KZDdqY2E5VUJ1QjhIVFBQYWoNCk5Ibk5UaUZ5UEZTbjFoaVhqSDJieUNDNnA1ZnByRWFEazV3YVpVNTgwaTRDaVlYcWtrWWdVbXVINW91Mnl4NW4NClZCVGJmcityZFQ0a0tRdi9Dek9ZR1o3K05NVUdXYTMvNXRMZklyRXZnV2tTTEluemtVZVhUS3huRSs5a1AvU2ENCkM4SDZsNnBKbm9oOVpiY3J4RGhkbVl6TEx2c0tIQ2tidmdCczNiaUFkSENzeHFEeFcxSGlOMzJYeEc4Y1pyc00NCjV1ZDdnbHNNY2VZWk82aENTZW4vckFUWmJkc3RETWNLa2YzMTBpUFgxRWF5ZzNPcDNZUlVTdkxzVmp5bmxQZmYNClRSVjFmQ2hJaXFwQWdnS2x4MXdqRUk2UVBuQWdpU1E0WEJweTFCK3FUSTltd1BhcE5yY2IzbkpFNDFNT0dEZGwNCmFLcHlMeGdaeEI4NmNKYTlVQXZGSEFOR08zRXA1Vmd0UjNoUStqWkY2RGFHUThjMHNyaHg4MTc4dWJybFY2NGsNCnVxK1ozVUZBZHhDbHZTRnc0eDVyTm1tV2dTN280OG9yMnhWdXVXMTQxNEZYTVBvaytDNUdabGd6ZG5zZ3cxWlQNCmhzTWNldG1temthUTlyeWxmYXVRR1gzMk5lZ3FlOWFyR0VGbXBqYjJUb2w0Tk1RLy83MzRuVFN2Q1lmL0o0Qi8NCnR0NjJzOXRBTU1ZdkpvN0ZRV2o0Qks3dUYvYmxTbTczYUVvVlFiNHdzWjJRWWpMeVlWcGh2UFprYVdaZHA0Wi8NCng0STlPT3lOYThtaGZkK3h0OU9uWXVzQ0F3RUFBUT09DQotLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0NCg==\n" + - name: SSO-DASHBOARD_REDIS_CONNECTOR + value: 10.182.16.6:6379 + - name: AWS_DEFAULT_REGION + value: us-west-2 + - name: ENVIRONMENT + value: Prod + - name: MOZILLIANS_API_URL + value: https://mozillians.org/api/v2/users/ + - name: DASHBOARD_GUNICORN_WORKERS + value: 2 + - name: FLASK_DEBUG + value: False + - name: DEBUG + value: False + - name: LANG + value: en_US.utf8 + - name: FLASK_APP + value: dashboard/app.py + - name: OIDC_REDIRECT_URI + value: https://sso.mozilla.com/redirect_uri + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-aws-secret-access-key + - name: SSO-DASHBOARD_SECRET_KEY + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-prod-secret-key + - name: SSO-DASHBOARD_OIDC_CLIENT_SECRET + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-prod-oidc-client-secret + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + key: latest + name: sso-dashboard-aws-access-key-id diff --git a/cloudformation/alert-feeback.yml b/cloudformation/alert-feeback.yml deleted file mode 100644 index 78424865..00000000 --- a/cloudformation/alert-feeback.yml +++ /dev/null @@ -1,18 +0,0 @@ -AWSTemplateFormatVersion: "2010-09-09" -Description: "Mozilla Single Sign On Dashboard Alert Feedback Queues" -Resources: - AlertFeedbackSQS: - Type: "AWS::SQS::Queue" - Properties: - QueueName: "SSODashboardAlertFeedback" - AlertFeedbackSNSTopic: - Type: "AWS::SNS::Topic" - Properties: - Subscription: - - - Endpoint: - Fn::GetAtt: - - "AlertFeedbackSQS" - - "Arn" - Protocol: "sqs" - TopicName: "SSODashboardAlertFeedback" diff --git a/cloudformation/roles.yml b/cloudformation/roles.yml deleted file mode 100644 index ad554559..00000000 --- a/cloudformation/roles.yml +++ /dev/null @@ -1,315 +0,0 @@ -AWSTemplateFormatVersion: "2010-09-09" -Description: "Mozilla Single Sign On Dashboard Roles" -Resources: - SSODashboardRole: - Type: "AWS::IAM::Role" - Properties: - AssumeRolePolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Principal: - Service: - - "ec2.amazonaws.com" - - "ssm.amazonaws.com" - Action: - - "sts:AssumeRole" - ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM" - RoleName: sso-dashboard-delivery-server - SSOInstanceProfile: - Type: "AWS::IAM::InstanceProfile" - DependsOn: SSODashboardRole - Properties: - InstanceProfileName: "sso-dashboard-instance-profile-v1" - Roles: - - - Ref: SSODashboardRole - SSODashboardCodePipelineAccess: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "s3:GetBucketAcl" - - "s3:GetBucketCORS" - - "s3:GetBucketLocation" - - "s3:GetBucketLogging" - - "s3:GetBucketNotification" - - "s3:GetBucketPolicy" - - "s3:GetBucketRequestPayment" - - "s3:GetBucketTagging" - - "s3:GetBucketVersioning" - - "s3:GetBucketWebsite" - - "s3:GetLifecycleConfiguration" - - "s3:GetObject" - - "s3:GetObjectAcl" - - "s3:GetObjectTagging" - - "s3:GetObjectTorrent" - - "s3:GetObjectVersion" - - "s3:GetObjectVersionAcl" - - "s3:GetObjectVersionTagging" - - "s3:GetObjectVersionTorrent" - - "s3:GetReplicationConfiguration" - - "s3:ListAllMyBuckets" - - "s3:ListBucket" - - "s3:ListBucketMultipartUploads" - - "s3:ListBucketVersions" - - "s3:ListMultipartUploadParts" - Resource: "arn:aws:s3:::codepipeline*" - PolicyName: sso-dashboard-read-codepipeline - Roles: - - - Ref: SSODashboardRole - SSODashboardS3Access: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "s3:GetBucketAcl" - - "s3:GetBucketCORS" - - "s3:GetBucketLocation" - - "s3:GetBucketLogging" - - "s3:GetBucketNotification" - - "s3:GetBucketPolicy" - - "s3:GetBucketRequestPayment" - - "s3:GetBucketTagging" - - "s3:GetBucketVersioning" - - "s3:GetBucketWebsite" - - "s3:GetLifecycleConfiguration" - - "s3:GetObject" - - "s3:GetObjectAcl" - - "s3:GetObjectTagging" - - "s3:GetObjectTorrent" - - "s3:GetObjectVersion" - - "s3:GetObjectVersionAcl" - - "s3:GetObjectVersionTagging" - - "s3:GetObjectVersionTorrent" - - "s3:GetReplicationConfiguration" - - "s3:ListAllMyBuckets" - - "s3:ListBucket" - - "s3:ListBucketMultipartUploads" - - "s3:ListBucketVersions" - - "s3:ListMultipartUploadParts" - Resource: "arn:aws:s3:::sso-dashboard.*" - PolicyName: sso-dashboard-read-buckets - Roles: - - - Ref: SSODashboardRole - SSODashboardCloudWatchAccess: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "logs:CreateLogGroup" - - "logs:CreateLogStream" - - "logs:DescribeLogGroups" - - "logs:DescribeLogStreams" - - "logs:PutLogEvents" - - "logs:GetLogEvents" - - "logs:FilterLogEvents" - Resource: "*" - PolicyName: sso-dashboard-cloudwatch-log - Roles: - - - Ref: SSODashboardRole - SSODashboardECRLogin: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "ecr:GetAuthorizationToken" - Resource: "*" - PolicyName: sso-dashboard-ecr-login - Roles: - - - Ref: SSODashboardRole - SSODashboardSQSSend: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "sqs:ChangeMessageVisibility" - - "sqs:ChangeMessageVisibilityBatch" - - "sqs:CreateQueue" - - "sqs:GetQueueAttributes" - - "sqs:GetQueueUrl" - - "sqs:ListDeadLetterSourceQueues" - - "sqs:ListQueues" - - "sqs:PurgeQueue" - - "sqs:ReceiveMessage" - - "sqs:SendMessage" - - "sqs:SendMessageBatch" - - "sqs:SetQueueAttributes" - Resource: "arn:aws:sqs:*:*:sso-dashboard-fluentd-sqs" - PolicyName: sso-dashboard-sqs-send - Roles: - - - Ref: SSODashboardRole - SSODashboardSNSNotify: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "SNS:Publish" - - Resource: "arn:aws:sns:*:*:sso-dashboard-*" - PolicyName: sso-dashboard-sns-send - Roles: - - - Ref: SSODashboardRole - SSODashboardCredstashRead: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "dynamodb:GetItem" - - "dynamodb:Query" - - "dynamodb:Scan" - Resource: "arn:aws:dynamodb:*:*:table/credential-store" - PolicyName: sso-dashboard-credstash - Roles: - - - Ref: SSODashboardRole - SSODashboardAlertWrite: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "dynamodb:DeleteItem" - - "dynamodb:DescribeLimits" - - "dynamodb:DescribeReservedCapacity" - - "dynamodb:DescribeReservedCapacityOfferings" - - "dynamodb:DescribeStream" - - "dynamodb:DescribeTable" - - "dynamodb:GetItem" - - "dynamodb:GetRecords" - - "dynamodb:GetShardIterator" - - "dynamodb:ListTables" - - "dynamodb:PutItem" - - "dynamodb:Query" - - "dynamodb:Scan" - - "dynamodb:UpdateItem" - Resource: "arn:aws:dynamodb:*:*:table/sso-dashboard-alert" - PolicyName: sso-dashboard-alert-write - Roles: - - - Ref: SSODashboardRole - SSODashboardConfigurationRead: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "dynamodb:DeleteItem" - - "dynamodb:DescribeLimits" - - "dynamodb:DescribeReservedCapacity" - - "dynamodb:DescribeReservedCapacityOfferings" - - "dynamodb:DescribeStream" - - "dynamodb:DescribeTable" - - "dynamodb:GetItem" - - "dynamodb:GetRecords" - - "dynamodb:GetShardIterator" - - "dynamodb:ListTables" - - "dynamodb:PutItem" - - "dynamodb:Query" - - "dynamodb:Scan" - - "dynamodb:UpdateItem" - - "dynamodb:UpdateItem" - Resource: "arn:aws:dynamodb:*:*:table/sso-dashboard-apps" - PolicyName: sso-dashboard-configuration-read - Roles: - - - Ref: SSODashboardRole - SSODashboardTagAccess: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "ec2:DescribeTags" - Resource: "*" - PolicyName: sso-dashboard-describe-tags - Roles: - - - Ref: SSODashboardRole - SSODashboardCodeDeploy: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "codedeploy:*" - Resource: "arn:aws:codedeploy:*:*:application:sso-dashboard-*" - PolicyName: sso-dashboard-code-deploy - Roles: - - - Ref: SSODashboardRole - SSODashboardParameterStore: - Type: "AWS::IAM::Policy" - DependsOn: SSODashboardRole - Properties: - PolicyDocument: - Version: "2012-10-17" - Statement: - - - Effect: "Allow" - Action: - - "ssm:GetParameter" - Resource: "arn:aws:ssm:*:*:parameter/sso-dashboard-alerts-sns" - PolicyName: sso-dashboard-parameter-store - Roles: - - - Ref: SSODashboardRole diff --git a/dashboard/__init__.py b/dashboard/__init__.py index df641fec..59977584 100644 --- a/dashboard/__init__.py +++ b/dashboard/__init__.py @@ -1,12 +1,8 @@ import os -from credstash import getSecret -from credstash import ItemNotFound -from everett import NO_VALUE -from everett.manager import listify - from everett.manager import ConfigManager -from everett.manager import ConfigIniEnv +from everett.manager import ConfigOSEnv +from everett.ext.inifile import ConfigIniEnv # -*- coding: utf-8 -*- @@ -17,30 +13,7 @@ __version__ = "0.0.1" -__all__ = ["app", "auth", "config", "models", "person", "s3", "utils", "vanity"] - - -class CredstashEnv(object): - def get(self, key, namespace=None): - # The namespace is either None, a string or a list of - # strings. This converts it into a list. - namespace = listify(namespace) - try: - if len(namespace) > 0: - secret = getSecret( - name="{}.{}".format(namespace[0], key), - context={"app": "sso-dashboard"}, - region="us-east-1", - ) - else: - secret = None - except ItemNotFound: - secret = None - - if secret is not None: - return secret - - return NO_VALUE +__all__ = ["app", "auth", "config", "models", "s3", "utils", "vanity"] def get_config(): @@ -53,6 +26,6 @@ def get_config(): "/etc/sso-dashboard.ini", ] ), - CredstashEnv(), + ConfigOSEnv(), ] ) diff --git a/dashboard/api/idp.py b/dashboard/api/idp.py index bb586c44..c45588b3 100644 --- a/dashboard/api/idp.py +++ b/dashboard/api/idp.py @@ -21,14 +21,11 @@ def _get_audience(self, app_config): if app_config["SERVER_NAME"] == "localhost:5000": return "https://sso.allizom.org" else: - return "https://" + self.app.config.get( - "SERVER_NAME", "sso.mozilla.com" - ) # sso.mozilla.com + return "https://" + self.app.config.get("SERVER_NAME", "sso.mozilla.com") # sso.mozilla.com # Format error response and append status code def get_token_auth_header(self): - """Obtains the Access Token from the Authorization Header - """ + """Obtains the Access Token from the Authorization Header""" auth = request.headers.get("Authorization", None) if not auth: raise AuthError( @@ -50,9 +47,7 @@ def get_token_auth_header(self): 401, ) elif len(parts) == 1: - raise AuthError( - {"code": "invalid_header", "description": "Token not found"}, 401 - ) + raise AuthError({"code": "invalid_header", "description": "Token not found"}, 401) elif len(parts) > 2: raise AuthError( { @@ -71,8 +66,7 @@ def get_jwks(self): return jwks def requires_api_auth(self, f): - """Determines if the Access Token is valid - """ + """Determines if the Access Token is valid""" @wraps(f) def decorated(*args, **kwargs): @@ -110,8 +104,7 @@ def decorated(*args, **kwargs): raise AuthError( { "code": "invalid_claims", - "description": "incorrect claims," - "please check the audience and issuer", + "description": "incorrect claims," "please check the audience and issuer", }, 401, ) diff --git a/dashboard/app.py b/dashboard/app.py index 6718a5c1..c1d84960 100644 --- a/dashboard/app.py +++ b/dashboard/app.py @@ -3,6 +3,7 @@ import logging.config import mimetypes import os +import redis import yaml from flask import Flask @@ -12,17 +13,18 @@ from flask import request from flask import send_from_directory from flask import session + from flask_assets import Bundle from flask_assets import Environment +from flask_kvsession import KVSessionExtension from flask_talisman import Talisman -from prometheus_client import multiprocess -from prometheus_client.core import CollectorRegistry -from prometheus_flask_exporter import PrometheusMetrics + +from simplekv.memory.redisstore import RedisStore +from simplekv.decorator import PrefixDecorator from dashboard import oidc_auth from dashboard import config from dashboard import get_config -from dashboard import person from dashboard import vanity from dashboard.api import idp @@ -48,23 +50,6 @@ app = Flask(__name__) everett_config = get_config() -# Enable monitoring endpoint -if ( - everett_config( - "enable_prometheus_monitoring", namespace="sso-dashboard", default="False" - ) == "True" -): - os.environ["prometheus_multiproc_dir"] = "/tmp" - registry = CollectorRegistry() - multiprocess.MultiProcessCollector(registry, path="/tmp") - metrics = PrometheusMetrics(app) - metrics.start_http_server( - int( - everett_config( - "prometheus_monitoring_port", namespace="sso-dashboard", default="9000" - ) - ) - ) talisman = Talisman(app, content_security_policy=DASHBOARD_CSP, force_https=False) @@ -72,6 +57,12 @@ app_list = S3Transfer(config.Config(app).settings) app_list.sync_config() +# Activate server-side redis sesssion KV +redis_host, redis_port = app.config["REDIS_CONNECTOR"].split(":") +store = RedisStore(redis.StrictRedis(host=redis_host, port=redis_port)) +prefixed_store = PrefixDecorator(app.config["SERVER_NAME"] + "_", store) +KVSessionExtension(store, app) + assets = Environment(app) js = Bundle("js/base.js", filters="jsmin", output="js/gen/packed.js") assets.register("js_all", js) @@ -86,16 +77,17 @@ oidc_config = config.OIDCConfig() authentication = oidc_auth.OpenIDConnect(oidc_config) oidc = authentication.get_oidc(app) -person_api = person.API() vanity_router = vanity.Router(app, app_list).setup() api = idp.AuthorizeAPI(app, oidc_config) + @app.route("/favicon.ico") def favicon(): return send_from_directory(os.path.join(app.root_path, "static/img"), "favicon.ico") + @app.route("/") def home(): if app.env == "development": @@ -104,20 +96,26 @@ def home(): url = request.url.replace("http://", "https://", 1) return redirect(url + "dashboard", code=302) + @app.route("/csp_report", methods=["POST"]) def csp_report(): return "200" +@app.route("/version", methods=["GET"]) +def get_version(): + with open("/version.json", "r") as version: + v = version.read().replace("\n", "") + return jsonify(build_version=v) + + # XXX This needs to load the schema from a better location # See also https://github.com/mozilla/iam-project-backlog/issues/161 @app.route("/claim") def claim(): """Show the user schema - this path is refered to by our OIDC Claim namespace, i.e.: https://sso.mozilla.com/claim/*""" - return redirect( - "https://github.com/mozilla-iam/cis/blob/master/cis/schema.json", code=302 - ) + return redirect("https://github.com/mozilla-iam/cis/blob/master/cis/schema.json", code=302) @app.errorhandler(404) @@ -136,9 +134,7 @@ def forbidden(): else: jws = request.args.get("error").encode() - token_verifier = oidc_auth.tokenVerification( - jws=jws, public_key=app.config["FORBIDDEN_PAGE_PUBLIC_KEY"] - ) + token_verifier = oidc_auth.tokenVerification(jws=jws, public_key=app.config["FORBIDDEN_PAGE_PUBLIC_KEY"]) token_verifier.verify return render_template("forbidden.html", token_verifier=token_verifier) @@ -151,9 +147,7 @@ def logout(): Redirect to new feature in NLX that destroys autologin preferences. Aka Logout is REALLY logout. """ - logout_url = "https://{}/login?client={}&action=logout".format( - oidc_config.OIDC_DOMAIN, oidc_config.OIDC_CLIENT_ID - ) + logout_url = "https://{}/login?client={}&action=logout".format(oidc_config.OIDC_DOMAIN, oidc_config.OIDC_CLIENT_ID) return redirect(logout_url, code=302) @@ -175,27 +169,10 @@ def signout(): @app.route("/dashboard") -@oidc.oidc_auth +@oidc.oidc_auth("default") def dashboard(): """Primary dashboard the users will interact with.""" - logger.info( - "User: {} authenticated proceeding to dashboard.".format( - session.get("id_token")["sub"] - ) - ) - - if "Mozilla-LDAP" in session.get("userinfo")["sub"]: - logger.info("Mozilla IAM user detected. Attempt enriching with ID-Vault data.") - try: - session["idvault_userinfo"] = person_api.get_userinfo( - session.get("id_token")["sub"] - ) - except Exception as e: - logger.error( - "Could not enrich profile due to: {}. Perhaps it doesn't exist?".format( - e - ) - ) + logger.info("User: {} authenticated proceeding to dashboard.".format(session.get("id_token")["sub"])) # Hotfix to set user id for firefox alert # XXXTBD Refactor rules later to support full id_conformant session @@ -210,9 +187,7 @@ def dashboard(): user = User(session, config.Config(app).settings) apps = user.apps(Application(app_list.apps_yml).apps) - return render_template( - "dashboard.html", config=app.config, user=user, apps=apps, alerts=None - ) + return render_template("dashboard.html", config=app.config, user=user, apps=apps, alerts=None) @app.route("/styleguide/dashboard") @@ -220,26 +195,24 @@ def styleguide_dashboard(): user = FakeUser(config.Config(app).settings) apps = user.apps(Application(app_list.apps_yml).apps) - return render_template( - "dashboard.html", config=app.config, user=user, apps=apps, alerts=None - ) + return render_template("dashboard.html", config=app.config, user=user, apps=apps, alerts=None) @app.route("/styleguide/notifications") -@oidc.oidc_auth +@oidc.oidc_auth("default") def styleguide_notifications(): user = FakeUser(config.Config(app).settings) return render_template("notifications.html", config=app.config, user=user) @app.route("/notifications") -@oidc.oidc_auth +@oidc.oidc_auth("default") def notifications(): user = User(session, config.Config(app).settings) return render_template("notifications.html", config=app.config, user=user) -@oidc.oidc_auth +@oidc.oidc_auth("default") @app.route("/alert/", methods=["POST"]) def alert_operation(alert_id): if request.method == "POST": @@ -257,7 +230,7 @@ def alert_operation(alert_id): return "500" -@oidc.oidc_auth +@oidc.oidc_auth("default") @app.route("/alert/fake", methods=["GET"]) def alert_faking(): if request.method == "GET": @@ -285,13 +258,12 @@ def alert_api(): @app.route("/info") -@oidc.oidc_auth +@oidc.oidc_auth("default") def info(): """Return the JSONified user session for debugging.""" return jsonify( id_token=session.get("id_token"), userinfo=session.get("userinfo"), - person_api_v1=session.get("idvault_userinfo"), ) diff --git a/dashboard/config.py b/dashboard/config.py index 6f13c802..5c357c64 100644 --- a/dashboard/config.py +++ b/dashboard/config.py @@ -1,5 +1,6 @@ """Configuration loader for different environments.""" import base64 +import datetime from dashboard import get_config CONFIG = get_config() @@ -22,24 +23,17 @@ class DefaultConfig(object): DEBUG = bool(CONFIG("debug", namespace="sso-dashboard", default="True")) TESTING = bool(CONFIG("testing", namespace="sso-dashboard", default="False")) CSRF_ENABLED = bool(CONFIG("csrf_enabled", default="True")) - PERMANENT_SESSION = bool( - CONFIG("permanent_session", namespace="sso-dashboard", default="True") - ) - PERMANENT_SESSION_LIFETIME = int( - CONFIG("permanent_session_lifetime", namespace="sso-dashboard", default="86400") - ) + PERMANENT_SESSION = bool(CONFIG("permanent_session", namespace="sso-dashboard", default="True")) + seconds = int(CONFIG("permanent_session_lifetime", namespace="sso-dashboard", default="86400")) + PERMANENT_SESSION_LIFETIME = datetime.timedelta(seconds=seconds) - SESSION_COOKIE_HTTPONLY = bool( - CONFIG("session_cookie_httponly", namespace="sso-dashboard", default="True") - ) - LOGGER_NAME = CONFIG( - "logger_name", namespace="sso-dashboard", default="sso-dashboard" - ) + SESSION_COOKIE_SAMESITE = CONFIG("session_cookie_samesite", namespace="sso-dashboard", default="lax") + SESSION_COOKIE_HTTPONLY = bool(CONFIG("session_cookie_httponly", namespace="sso-dashboard", default="True")) + LOGGER_NAME = CONFIG("logger_name", namespace="sso-dashboard", default="sso-dashboard") SECRET_KEY = CONFIG("secret_key", namespace="sso-dashboard") - SERVER_NAME = CONFIG( - "server_name", namespace="sso-dashboard", default="localhost:8000" - ) + SERVER_NAME = CONFIG("server_name", namespace="sso-dashboard", default="localhost:8000") + SESSION_COOKIE_NAME = SERVER_NAME + "_session" S3_BUCKET = CONFIG("s3_bucket", namespace="sso-dashboard") @@ -49,13 +43,11 @@ class DefaultConfig(object): default="https://cdn.{SERVER_NAME}".format(SERVER_NAME=SERVER_NAME), ) - FORBIDDEN_PAGE_PUBLIC_KEY = base64.b64decode( - CONFIG("forbidden_page_public_key", namespace="sso-dashboard") - ) + FORBIDDEN_PAGE_PUBLIC_KEY = base64.b64decode(CONFIG("forbidden_page_public_key", namespace="sso-dashboard")) - PREFERRED_URL_SCHEME = CONFIG( - "preferred_url_scheme", namespace="sso-dashboard", default="https" - ) + PREFERRED_URL_SCHEME = CONFIG("preferred_url_scheme", namespace="sso-dashboard", default="https") + + REDIS_CONNECTOR = CONFIG("redis_connector", namespace="sso-dashboard") class OIDCConfig(object): @@ -66,9 +58,7 @@ def __init__(self): CONFIG = get_config() self.OIDC_DOMAIN = CONFIG("oidc_domain", namespace="sso-dashboard") self.OIDC_CLIENT_ID = CONFIG("oidc_client_id", namespace="sso-dashboard") - self.OIDC_CLIENT_SECRET = CONFIG( - "oidc_client_secret", namespace="sso-dashboard" - ) + self.OIDC_CLIENT_SECRET = CONFIG("oidc_client_secret", namespace="sso-dashboard") self.LOGIN_URL = "https://{DOMAIN}/login?client={CLIENT_ID}".format( DOMAIN=self.OIDC_DOMAIN, CLIENT_ID=self.OIDC_CLIENT_ID ) diff --git a/dashboard/data/apps.yml b/dashboard/data/apps.yml index 146c8ba6..cadb98be 100644 --- a/dashboard/data/apps.yml +++ b/dashboard/data/apps.yml @@ -21,4048 +21,3 @@ # The user must be a member of them to access the application. # Otherwise, # All SSO users (including the general public) can access the app. - -apps: - - application: - authorized_groups: - - mozilliansorg_netlify-access - authorized_users: [] - client_id: hj3jYIhcrgvPWTpnFoHWLPx57t6KKqhA - display: true - logo: netlify.png - name: Netlify - op: auth0 - url: https://api.netlify.com/saml/mozilla-it/init - vanity_url: - - /netlify - - application: - authorized_groups: - - mozilliansorg_web-sre-aws-access - authorized_users: [] - display: true - logo: newrelic.png - name: New Relic - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/tAtVU4uyJhaXdMEglSWKxMHliBm9yYtS - vanity_url: - - /new-relic-sre - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - display: true - logo: accountmanager.png - name: Account Portal - op: auth0 - url: https://login.mozilla.com/ - vanity_url: - - /accountmanager - - application: - authorized_groups: - - mozilliansorg_acoustic_production_access - authorized_users: [] - client_id: sBImsybtPPLyWlstD0SC35IwnAafE4nB - display: false - logo: auth0.png - name: Acoustic - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/sBImsybtPPLyWlstD0SC35IwnAafE4nB - vanity_url: - - /acoustic - - application: - authorized_groups: - - mozilliansorg_acoustic_stage_access - authorized_users: [] - client_id: inoLoMyAEOzLX1cZOvubQpcW18pk4O1S - display: false - logo: auth0.png - name: Acoustic Stage - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/inoLoMyAEOzLX1cZOvubQpcW18pk4O1S - vanity_url: - - /acoustic_stage - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: el46s4SPK4ZOhQBsAjtiDYKFQkXK76xm - display: false - logo: adaptive_insights.png - name: Adaptive Insights - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/el46s4SPK4ZOhQBsAjtiDYKFQkXK76xm - vanity_url: - - /adaptive - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: 9F55B8e5VmFl4lCgYObnA1TkyRFTxQ9M - display: false - logo: adobe-sign.png - name: Adobe EchoSign - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/9F55B8e5VmFl4lCgYObnA1TkyRFTxQ9M - vanity_url: - - /echosign - - application: - AAL: LOW - authorized_groups: - - team_moco - - team_mofo - - team_mozillaonline - - mozilliansorg_nda - authorized_users: [] - client_id: y32eNslKsOw7cDhP6CCRGv23Zw3EYNAJ - display: true - logo: airmo.png - name: Air Mozilla - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/y32eNslKsOw7cDhP6CCRGv23Zw3EYNAJ - vanity_url: - - /airmo - - application: - authorized_groups: - - team_moco - authorized_users: [] - client_id: xAJuHbCa1v0mPp72QMm88hYA2dFEvSy5 - display: false - logo: anaplan.png - name: Anaplan - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/xAJuHbCa1v0mPp72QMm88hYA2dFEvSy5 - vanity_url: - - /anaplan - - application: - authorized_groups: - - mozilliansorg_basket_admin - authorized_users: [] - client_id: 14G95j0WAteSbDicn75gsZvRPXN6bkQm - display: true - logo: basket.png - name: Basket - op: auth0 - url: https://basket-admin.us-west.moz.works/oidc/authenticate/ - - application: - authorized_groups: - - mozilliansorg_basket_admin - authorized_users: [] - client_id: xZsLG6eg9XjFm5vHKNi4pgE12gfpQM1p - display: true - logo: basket.png - name: Basket Dev - op: auth0 - url: https://basket-dev.allizom.org/oidc/authenticate/ - - application: - authorized_groups: - - mozilliansorg_basket_admin - authorized_users: [] - client_id: vBgSD2axkzQ6UnC20AFTko0oRr3elwa6 - display: true - logo: basket.png - name: Basket Staging - op: auth0 - url: https://basket-admin-stage.us-west.moz.works/oidc/authenticate/ - - application: - authorized_groups: - - service_beckon - authorized_users: [] - client_id: ZtHVNezP0k2vuZnAg5zbRuFTz76vrXpZ - display: true - logo: beckon.png - name: Beckon - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/ZtHVNezP0k2vuZnAg5zbRuFTz76vrXpZ - vanity_url: - - /beckon - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: - - casa-fivetran@mozilla.com - client_id: IU80mVpKPtIZyUZtya9ZnSTs6fKLt3JO - display: true - logo: biztera.png - name: Casa - op: auth0 - url: https://biztera.com/mozilla - vanity_url: - - /casa - - application: - authorized_groups: - - cloudhealth-power - - cloudhealth-standard - - cloudhealth-administrator - - cloudhealth-enhanced-power-user - - cloudhealth-enhanced-standard-user - authorized_users: [] - client_id: kvfwYzMi40o93JJuuzfdwzeXnnJghgwN - display: true - logo: cloudhealth.png - name: CloudHealth - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/kvfwYzMi40o93JJuuzfdwzeXnnJghgwN - vanity_url: - - /cloudhealth - - application: - authorized_groups: - - mozilliansorg_contentful-access - authorized_users: [] - client_id: i5aMJlDr5FCHEKnHTtYTb8XNmFz6h5jp - display: true - logo: contentful.png - name: Contentful - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/i5aMJlDr5FCHEKnHTtYTb8XNmFz6h5jp - vanity_url: - - /contentful - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: rehgg9cqVmHJbHw3jPYUzoU5BYYBH6XL - display: true - logo: discourse.png - name: Discourse - op: auth0 - url: https://discourse.mozilla.org/auth/auth0 - vanity_url: - - /discourse - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: RqUns8zD5oTsEsjTKAUMhF55sLfuQsGv - display: false - logo: discourse.png - name: Discourse Staging - op: auth0-dev - url: https://discourse-staging.production.paas.mozilla.community/auth/auth0 - vanity_url: - - /discourse-stage - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: 3LIXec4tKVr6SltYFYUYsE0GIw0Jm2T0 - display: false - logo: discourse.png - name: Discourse-Dev - op: auth0-dev - url: https://discourse.allizom.org/auth/auth0 - vanity_url: - - /discourse-dev - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: 72Q4MlsbMzRo5Sij6y5JPDAiyGcyDKB2 - display: false - logo: domo.png - name: Domo - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/72Q4MlsbMzRo5Sij6y5JPDAiyGcyDKB2 - vanity_url: - - /domo - - application: - authorized_groups: - - everyone - authorized_users: [] - client_id: GmGXMS6RJt3ZvabfTjx16B97pETlnUxd - display: false - logo: auth0.png - name: DXR - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/GmGXMS6RJt3ZvabfTjx16B97pETlnUxd - - application: - authorized_groups: - - everyone - authorized_users: [] - client_id: kNsY9QiOy7pSUjiordq7WixztBPCepuD - display: false - logo: auth0.png - name: DXR-stage - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/kNsY9QiOy7pSUjiordq7WixztBPCepuD - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: DhBV04HLs6H8OeTHOlodz0LtkyY7VTU0 - display: false - logo: eventboard.png - name: EventBoard - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/DhBV04HLs6H8OeTHOlodz0LtkyY7VTU0 - vanity_url: - - /eventboard - - application: - authorized_groups: - - mozilliansorg_everestemailsuite - authorized_users: [] - client_id: 04UuoOzA5CoCWRQqKbsYc6uM1p0a4WlY - display: false - logo: auth0.png - name: Everest - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/04UuoOzA5CoCWRQqKbsYc6uM1p0a4WlY - vanity_url: - - /everest - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillajapan - - team_mozillaonline - authorized_users: [] - client_id: Qxc2EI4g0NymUBvfFKpuwPdSzJZX5TEN - display: false - logo: exacttarget.png - name: Marketing Cloud - op: auth0 - url: https://auth.s1.exacttarget.com/sso/f56e153c30265a772451342d7a59223f4d2c29351a2c305028757a572228 - vanity_url: - - /marketingcloud - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: eaiAVdOLtf2KXZvexyCCViw0154E0U6x - display: false - logo: auth0.png - name: Figma - op: auth0 - url: https://www.figma.com/saml/887474606069541975/start - vanity_url: - - /figma - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillajapan - - team_mozillaonline - - gsuite_shared_accounts - - moc_service_accounts - authorized_users: - - moc+servicenow@mozilla.com - - moc-sso-monitoring@mozilla.com - client_id: smKTjsVVxUJDEkjIftOsP0bop2NWjysa - display: true - logo: gmail.png - name: Gmail - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/smKTjsVVxUJDEkjIftOsP0bop2NWjysa?RelayState=https://mail.google.com/ - vanity_url: - - /gmail - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillajapan - - team_mozillaonline - - gsuite_shared_accounts - - moc_service_accounts - authorized_users: [] - client_id: smKTjsVVxUJDEkjIftOsP0bop2NWjysa - display: true - logo: gcal.png - name: Google Calendar - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/smKTjsVVxUJDEkjIftOsP0bop2NWjysa?RelayState=https://calendar.google.com/ - vanity_url: - - /gcalendar - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillajapan - - team_mozillaonline - - gsuite_shared_accounts - - moc_service_accounts - authorized_users: [] - client_id: smKTjsVVxUJDEkjIftOsP0bop2NWjysa - display: true - logo: gdrive.png - name: Google Drive - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/smKTjsVVxUJDEkjIftOsP0bop2NWjysa?RelayState=https://drive.google.com/ - vanity_url: - - /gdrive - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: TGlmvMW4kvEz99CRnuGnNTfxku0QNn8e - display: true - logo: greenhouse.png - name: Greenhouse - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/TGlmvMW4kvEz99CRnuGnNTfxku0QNn8e - vanity_url: - - /greenhouse - - application: - authorized_groups: - - mozilliansorg_heroku-members - authorized_users: [] - client_id: KOyQ76xjXqtsPgt4ci4bThpIz3a1396E - display: true - logo: heroku.png - name: Heroku - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/KOyQ76xjXqtsPgt4ci4bThpIz3a1396E - vanity_url: - - /heroku - - application: - authorized_groups: - - IntranetWiki - authorized_users: [] - client_id: 3TMLWJb8KIbjB1S3HeyjDm0ns192BTdZ - display: false - logo: auth0.png - name: Intranet - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/3TMLWJb8KIbjB1S3HeyjDm0ns192BTdZ - - application: - authorized_groups: - - IntranetWiki - authorized_users: [] - client_id: 0tHkuAC17kDkFip4szjsLvWHlXGJSjwc - display: false - logo: auth0.png - name: Intranet-stage - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/0tHkuAC17kDkFip4szjsLvWHlXGJSjwc - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - everyone - authorized_users: [] - client_id: f4SlPDVeVcWBChrAvH8uLuEYyt0aW916 - display: false - logo: auth0.png - name: iplimitirc - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/f4SlPDVeVcWBChrAvH8uLuEYyt0aW916 - - application: - authorized_groups: - - service_lucidchart - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 80JNexePA737rSLhBAABqIvMJTEAn11u - display: false - logo: lucidchart.png - name: LucidChart - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/80JNexePA737rSLhBAABqIvMJTEAn11u - vanity_url: - - /lucidchart - - application: - authorized_groups: - - IntranetWiki - - GuestWiki - - moc_service_accounts - authorized_users: - - moc+servicenow@mozilla.com - - moc-sso-monitoring@mozilla.com - client_id: LVjFyOpHUdAJTLkTmDnUADnQmUKOWXO2 - display: false - logo: mana.png - name: Mana - old - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/LVjFyOpHUdAJTLkTmDnUADnQmUKOWXO2 - - application: - authorized_groups: - - team_moco - - team_mofo - - service_jira - - moc_service_accounts - - mozilliansorg_jira_vendors - authorized_users: [] - client_id: LNU9XiEHlgeU07GLt00vx4y9RR7ALsov - display: false - logo: jira.png - name: Jira - Stage - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/LNU9XiEHlgeU07GLt00vx4y9RR7ALsov - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: TKqD0MP8sDeJAc9QC4f5yp2r9qbx5fcZ - display: true - logo: jira.png - name: Jira - op: auth0 - url: https://mozilla-hub.atlassian.net - vanity_url: - - /jira - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: 8IhkiQO1reUO0an6e95CJ6EMBg7Lg5xQ - display: true - logo: looker.png - name: Looker - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/8IhkiQO1reUO0an6e95CJ6EMBg7Lg5xQ - vanity_url: - - /looker - - application: - authorized_groups: - - mozilliansorg_looker_stage_access - authorized_users: [] - client_id: 1do5W84RLwLWBti921ixd3otO7t2619B - display: false - logo: auth0.png - name: Looker Stage - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/1do5W84RLwLWBti921ixd3otO7t2619B - vanity_url: - - /looker-stage - - application: - authorized_groups: - - mozilliansorg_looker_dev_access - - mozilliansorg_looker_dev_user_access - authorized_users: [] - client_id: 5dRN6IgxPWSJrk9OQ2leoLbRDQDPCa5k - display: false - logo: auth0.png - name: Looker Dev - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/5dRN6IgxPWSJrk9OQ2leoLbRDQDPCa5k - vanity_url: - - /looker-dev - - application: - authorized_groups: - - service_mana_stage - authorized_users: [] - client_id: IuWFSguzDAqbTT4qdtmABNdCVayuCWy5 - display: false - logo: mana.png - name: Mana Stage - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/IuWFSguzDAqbTT4qdtmABNdCVayuCWy5 - - application: - authorized_groups: - - everyone - authorized_users: [] - display: true - logo: mdn.png - name: MDN Web Docs - op: auth0 - url: https://developer.mozilla.org/ - vanity_url: - - /mdn - - application: - authorized_groups: - - everyone - authorized_users: [] - client_id: nPr8QRo0dLxM3RRHwIXRSvhmOSPDvNr4 - display: true - logo: moderator.png - name: Moderator - op: auth0 - url: https://moderator.mozilla.org/oidc/authenticate/ - vanity_url: - - /moderator - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: HC1FeMf3dVCTnAZbQR08quMylQEUcu60 - display: false - name: vouches.mozillians.org - logo: mozillians.png - op: auth0 - url: https://vouches.mozillians.org/oidc/authenticate/ - - application: - authorized_groups: - - mozilliansorg_nucleus_admin - authorized_users: [] - client_id: a6cidU6mSbciFAjy4uRQeeuFHIsLIWgg - display: true - logo: nucleus.png - name: Nucleus - op: auth0 - url: https://nucleus.mozilla.org/oidc/authenticate/ - - application: - authorized_groups: - - mozilliansorg_nucleus_admin - authorized_users: [] - client_id: grGFAm6XbCYn3feUbyg5i9M6eyQHuhe6 - display: false - logo: nucleus.png - name: Nucleus Dev - op: auth0 - url: https://nucleus-dev.frankfurt.moz.works/oidc/authenticate/ - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: 4HNLHcA7ZSNVWSJVBk9yVxq06WRquN2L - display: false - logo: auth0.png - name: Optimizely - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/4HNLHcA7ZSNVWSJVBk9yVxq06WRquN2L - vanity_url: - - /optimizely - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - everyone - authorized_users: [] - client_id: Gav1XmmrpBxts0zeDPOSfGesVrTt044k - display: false - logo: pagerduty.png - name: PagerDuty - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/Gav1XmmrpBxts0zeDPOSfGesVrTt044k - vanity_url: - - /pagerduty - - application: - authorized_groups: - - ldapAdmins - authorized_users: [] - client_id: W3SoWmYcqvP2Yms14s5VTeUFCZmBOJPT - display: true - logo: auth0.png - name: PHPLDAPAdmin - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/W3SoWmYcqvP2Yms14s5VTeUFCZmBOJPT?RelayState=https://ldapadmin1.private.mdc1.mozilla.com/phpldapadmin/ - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: DBRlLjVEUbw1yWrUYAHNYl22KBkKAjql - display: true - logo: plansource.png - name: PlanSource Benefits - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/DBRlLjVEUbw1yWrUYAHNYl22KBkKAjql?RelayState=https://benefits.plansource.com/sso/employee/saml2/post/d4f3574247aa2707 - vanity_url: - - /plansource - - application: - authorized_groups: - - service_productplan - authorized_users: [] - client_id: Ky8RbBLJ36PhlagJMT46ru6DWW8AK451 - display: true - logo: productplan.png - name: ProductPlan - op: auth0 - url: https://desktop.pingone.com/mozilla/url?source=application&url=https%3A%2F%2Fsso.connect.pingidentity.com%2Fsso%2Fsp%2Finitsso%3Fsaasid%3D72a035e2-0939-4685-aa8a-8c731729298b%26idpid%3Dmozilla.com&title=IDP%20Connection&applicationtype=APPLICATION_DEFAULT&saasid=72a035e2-0939-4685-aa8a-8c731729298b&newDock=true - vanity_url: - - /productplan - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: 3rbiX5U5EZZFf9tvYpOdoUxJ6A2TnH2q - display: true - logo: riskheatmap.png - name: RiskHeatMap - op: auth0 - url: https://riskheatmap.security.mozilla.org/ - vanity_url: - - /riskheatmap - - application: - authorized_groups: - - SecurityAssuranceOpsec - authorized_users: [] - client_id: 5vVAvF2lo36Nj576GqZTTsbXzZ1AH21L - display: true - logo: riskheatmap.png - name: RiskHeatMap (Dev) - op: auth0 - url: https://riskheatmap.security.allizom.org/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - everyone - authorized_users: [] - client_id: ByW5ChOPpsQaQFLcAuZBbtjFrh67uBgt - display: false - logo: salescloud.png - name: SalesCloud - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/ByW5ChOPpsQaQFLcAuZBbtjFrh67uBgt - vanity_url: - - /salescloud - - application: - authorized_groups: - - team_mofo - authorized_users: [] - client_id: Vnj9iPj1FJz4xTlco6XHLwM3oyRUO9iQ - display: true - logo: salescloud.png - name: SalesCloud Non-Profit - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/Vnj9iPj1FJz4xTlco6XHLwM3oyRUO9iQ - vanity_url: - - /salesforcenonprofit - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - everyone - authorized_users: [] - client_id: 54KBW3ESzKFfQws77PCXziJnPt0dYHE0 - display: false - logo: salescloud.png - name: Salesforce.com Dev Sandbox - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/54KBW3ESzKFfQws77PCXziJnPt0dYHE0 - - application: - authorized_groups: - - team_moco - - SecurityWiki - authorized_users: [] - client_id: js47vk5Ncr7Rv4SUyIyVBRXvlRSLrHVG - display: false - logo: auth0.png - name: Securitywiki - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/js47vk5Ncr7Rv4SUyIyVBRXvlRSLrHVG - - application: - authorized_groups: - - team_moco - - SecurityWiki - authorized_users: [] - client_id: OWVEwzt059vjws6mkQgGeqJChA4dBI70 - display: false - logo: auth0.png - name: Securitywiki-stage - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/OWVEwzt059vjws6mkQgGeqJChA4dBI70 - - application: - authorized_groups: - - mozilliansorg_snippets_admin - authorized_users: [] - client_id: A7GAcuN9gE9x3H186dKQgzS3jsV9Qmgp - display: true - logo: snippets.png - name: Snippets - op: auth0 - url: https://snippets-admin.mozilla.org/oidc/authenticate/ - - application: - authorized_groups: - - mozilliansorg_pocket_dataanalytics - authorized_users: [] - client_id: fTJMnRKzzEzw0nnfkLMv8lN1BaIrWBoz - display: false - logo: auth0.png - name: Snowflake - op: auth0 - url: https://cka72749.us-east-1.snowflakecomputing.com/ - - application: - authorized_groups: - - netops - - splunk_admin - - hris_dept_it - - team_infra - - team_secops - - team_opsec - authorized_users: [] - client_id: EUmKs3owmNdeDWxZ4CJIeSGM5ez3Suav - display: true - logo: splunk.png - name: Splunk - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/EUmKs3owmNdeDWxZ4CJIeSGM5ez3Suav - vanity_url: - - /splunk - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: dc50KcxGnMPBOSlE5QLYaDRmfrO7oXhq - display: true - logo: statuspage.png - name: StatusPage - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/dc50KcxGnMPBOSlE5QLYaDRmfrO7oXhq - vanity_url: - - /statuspage - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - everyone - authorized_users: [] - client_id: Wz5oO6y8oJ35Yq1B91aC4pkwlXdes7jR - display: false - logo: auth0.png - name: support.allizom.org:admin - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/Wz5oO6y8oJ35Yq1B91aC4pkwlXdes7jR - - application: - authorized_groups: - - everyone - authorized_users: [] - client_id: a145ph7ZPSz97z8QkiuP1iId6MFPXXUH - display: false - logo: auth0.png - name: support.mozilla.org:admin - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/a145ph7ZPSz97z8QkiuP1iId6MFPXXUH - - application: - authorized_groups: - - team_moco - - team_mofo - - tableau_users - - moc_service_accounts - authorized_users: [] - client_id: J6oAK91WCqBLQjpG2v6U3yKyoN9FL13Q - display: true - logo: tableau.png - name: Tableau (dataviz.mozilla.org) - op: auth0 - url: https://dataviz.mozilla.org/ - vanity_url: - - /tableau - - application: - authorized_groups: - - team_moco - - team_mofo - - tableau_users - - moc_service_accounts - authorized_users: [] - client_id: P42x7zxtymbHLvBysEustI6nJWZmMmtq - display: false - logo: tableau.png - name: Tableau-staging - op: auth0 - url: https://dataviz.allizom.org/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: 1db5KNoLN5rLZukvLouWwVouPkbztyso - display: false - logo: taskcluster.png - name: TaskCluster - op: auth0 - url: https://login.taskcluster.net - vanity_url: - - /taskcluster - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillajapan - - team_mozillaonline - - moc_service_accounts - authorized_users: - - moc+servicenow@mozilla.com - - moc-sso-monitoring@mozilla.com - client_id: TKqD0MP8sDeJAc9QC4f5yp2r9qbx5fcZ - display: true - logo: jsm.jpg - name: Jira Service Management - op: auth0 - url: https://mozilla-hub.atlassian.net/servicedesk/customer/portals - vanity_url: - - /thehub - - /servicenow - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: q8fZZFfGEmSB2c5uSI8hOkKdDGXnlo5z - display: true - logo: treeherder.png - name: Treeherder - op: auth0 - url: https://treeherder.mozilla.org - vanity_url: - - /treeherder - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: Hypn042D0cqtqET33nRrnqOwAcIXOqx6 - display: true - logo: workday.png - name: Workday - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/Hypn042D0cqtqET33nRrnqOwAcIXOqx6 - vanity_url: - - /workday - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - everyone - authorized_users: [] - client_id: kyeMyPALPK84A58vlOnb7lrCzAIFJapP - display: false - logo: workday.png - name: Workday - Preview - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/kyeMyPALPK84A58vlOnb7lrCzAIFJapP - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - everyone - authorized_users: [] - client_id: pRwf1AWvIO5t4zyMsF8R18wtt1jfLp5o - display: false - logo: workday.png - name: Workday - Sandbox - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/pRwf1AWvIO5t4zyMsF8R18wtt1jfLp5o - - application: - authorized_groups: - - mozilliansorg_slack-access - - team_moco - - team_mofo - - team_mozillaonline - - hris_is_staff - authorized_users: [] - client_id: WXVdgVoCca11OtpGlK8Ir3pR9CBAlSA5 - display: true - logo: slack.png - name: Slack - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/WXVdgVoCca11OtpGlK8Ir3pR9CBAlSA5 - vanity_url: - - /slack - - application: - authorized_groups: - - team_pocket - - mozilliansorg_slack_pocket_access - authorized_users: [] - client_id: sZlNsFIG9f3vKrq9649Y7UxIyrmr8L7v - display: true - logo: slack.png - name: Slack Pocket - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/sZlNsFIG9f3vKrq9649Y7UxIyrmr8L7v - vanity_url: - - /slack-pocket - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: meBoR5vlD0kK0qeUXshNjOB1PbGKjsro - display: false - logo: auth0.png - name: Convercent - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/meBoR5vlD0kK0qeUXshNjOB1PbGKjsro?RelayState=https://app.convercent.com/ - vanity_url: - - /convercent - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: j8FN0DB6RwrlfLhX4opVAZ2tDYbBiMMU - display: false - logo: auth0.png - name: Convercent - Community - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/j8FN0DB6RwrlfLhX4opVAZ2tDYbBiMMU?RelayState=https://app.convercent.com/ - vanity_url: - - /convercentcommunity - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - everyone - authorized_users: [] - client_id: i55sTCbmgUTkvHPW3SDueKlKbtPj5iRF - display: false - logo: auth0.png - name: OneTrust - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/i55sTCbmgUTkvHPW3SDueKlKbtPj5iRF - - application: - authorized_groups: - - netops - - team_infra - - team_moc - - team_opsec - - team_avops - - team_relops - - vpn_panorama - authorized_users: [] - client_id: z5zWsArYQgI63CEjMMtODh0DFtDr5oSz - display: true - logo: paloalto.png - name: Palo Alto Networks Panorama - op: auth0 - url: https://panorama.mozilla.net/ - - application: - authorized_groups: - - team_moco - - team_mofo - - cloudops_atmo_access - authorized_users: [] - client_id: 6GDrRrIYZuRRKLXXbucm4bO0eafK0AKN - display: false - logo: auth0.png - name: Analysis Telemetry - op: auth0 - url: https://analysis.telemetry.mozilla.org/ - - application: - authorized_groups: - - netops - - relops - - team_opsec - - team_moc - authorized_users: [] - client_id: GWhjnB7egp5hDryXeoD7OJRjHshWWQap - display: false - logo: auth0.png - name: Netops Gitlab - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/GWhjnB7egp5hDryXeoD7OJRjHshWWQap - - application: - authorized_groups: - - cis_whitelist - - team_moco - authorized_users: [] - client_id: BRMXeyw2avAOj7GgBD4SuIHxopb0yZJP - display: false - logo: auth0.png - name: Apache Test RP - op: auth0-dev - url: https://apache.testrp.security.allizom.org/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: FeqjZfpOqMIkcGKkd2fDjpnm5oSsOOZ2 - display: false - logo: auth0.png - name: AAL Low Test RP - op: auth0-dev - url: https://aai-low-social-ldap-pwless.testrp.security.allizom.org/ - - application: - authorized_groups: - - everyone - authorized_users: [] - client_id: mc1l0G4sJI2eQfdWxqgVNcRAD9EAgHib - display: false - logo: auth0.png - name: SSO Dashboard (Dev) - op: auth0-dev - url: https://sso.allizom.org/ - - application: - authorized_groups: - - team_moco - authorized_users: [] - client_id: Q3z1fjeoZhGyws1IXDUc6rHdcYNpxTv8 - display: false - logo: auth0.png - name: PTO - op: auth0 - url: https://pto.mozilla.org/ - - application: - authorized_groups: - - team_moco - authorized_users: [] - client_id: fNzzMG3XfkxQJcnUpgrGyH2deII3nFFM - display: true - logo: pto.png - name: PTO - op: auth0 - url: https://pto.mozilla.org/ - vanity_url: - - /pto - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - everyone - authorized_users: [] - client_id: VjJFa4EeFWd29pMnhyAk7AkGW2ids5UX - display: false - logo: auth0.png - name: Desk - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/VjJFa4EeFWd29pMnhyAk7AkGW2ids5UX - vanity_url: - - /desk - - application: - authorized_groups: - - hris_costcenter_1420 - - vpn_opsec_mozdef - - team_secops - - team_opsec - authorized_users: [] - client_id: PSCl3uIPg5IT2GaiOcAIJprYK7iBK32r - display: true - expire_access_when_unused_after: 7776000 - logo: mozdef.png - name: Mozilla Defense Platform - op: auth0 - url: https://mozdef.infosec.mozilla.org/ - - application: - authorized_groups: - - hris_costcenter_1420 - - vpn_opsec_mozdef - - vpn_opsec_mozdefqa - authorized_users: [] - client_id: Dj0vncaBmaHn1zxzRc1cuFQIBxD0YSGp - display: false - expire_access_when_unused_after: 7776000 - logo: mozdef.png - name: Mozilla Defense Platform QA - op: auth0 - url: https://qa1.mozdef.infosec.mozilla.org/ - - application: - authorized_groups: - - hris_costcenter_1420 - - vpn_opsec_mozdef - - vpn_opsec_mozdefqa - authorized_users: [] - client_id: JN8CMx02E4xoohapKc9l0VrWm8YdrLDV - display: false - expire_access_when_unused_after: 7776000 - logo: mozdef.png - name: Mozilla Defense Platform QA 2 - op: auth0 - url: https://qa2.mozdef.infosec.mozilla.org/ - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: t1KWNQt71oskeip2KCu9j0KhwJJbBkig - display: false - logo: auth0.png - name: Xmatters Stage - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/t1KWNQt71oskeip2KCu9j0KhwJJbBkig - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: uMkOuQX8LGTxAyYIiX4eLoc4hl0pWSJt - display: false - logo: auth0.png - name: Xmatters - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/uMkOuQX8LGTxAyYIiX4eLoc4hl0pWSJt - - application: - authorized_groups: - - aws_320464205386_admin - authorized_users: ['hcondei@mozilla.com'] - client_id: nlE73wPPuOaN0wAYKWY6QD3VcjUStehZ - display: false - logo: auth0.png - name: IAM Grafana - op: auth0 - url: https://grafana.infra.iam.mozilla.com/login/generic_oauth - vanity_url: - - /iam-grafana - - application: - authorized_groups: - - mozilliansorg_nda - - team_moco - - team_mofo - authorized_users: - - mozboxadmin@mozilla.com - - servicedesk@mozilla.com - client_id: yCKLKXrrkigZwoQ9d6xzmE5NuvVW0oBj - display: false - logo: auth0.png - name: Box - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/yCKLKXrrkigZwoQ9d6xzmE5NuvVW0oBj - vanity_url: - - /box - - application: - authorized_groups: - - service_airtable - authorized_users: [] - client_id: mKlNDH9c7JKO1Rh3HtGXdTtLntTlHefx - display: true - logo: airtable.png - name: AirTable - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/mKlNDH9c7JKO1Rh3HtGXdTtLntTlHefx - vanity_url: - - /airtable - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: ChKEapjEYTPx0T1b5QP01WhAeP8ymRJ7 - display: false - logo: auth0.png - name: admin.readitlater.com - op: auth0 - url: https://admin.readitlater.com - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: - - billing@mozilla.com - display: true - logo: expensify.png - name: Expensify - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/adMlV8Ud0Z77GLfsaa4fb4oQj8ggf0ws - vanity_url: - - /expensify - - application: - authorized_groups: - - mozilliansorg_gcp-infrastructure-production - - service_meao_gcp - authorized_users: [] - client_id: uYFDijsgXulJ040Os6VJLRxf0GG30OmC - display: true - logo: gmail.png - name: GCP Infrastructure - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/uYFDijsgXulJ040Os6VJLRxf0GG30OmC?RelayState=https://console.cloud.google.com/ - vanity_url: - - /gcp - - application: - AAL: LOW - authorized_groups: - - mozilliansorg_event-super-admins - - mozilliansorg_event-program-managers - - mozilliansorg_event-program-leads - - mozilliansorg_event-analysts - - mozilliansorg_event-event-tech - authorized_users: [] - client_id: mwPj23OAUISYVlG5VxW0xI3qSY6OKMON - display: true - logo: events.jpg - name: Events - op: auth0 - url: https://splashthat.com/users/oauth/1257 - vanity_url: - - /events - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillaonline - - zoom_non_staff - - mozilliansorg_community-zoom - authorized_users: [] - client_id: TnqNECyCfoQYd1X7c4xwMF4PMsEfyWPj - display: true - logo: zoom.png - name: Zoom - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/TnqNECyCfoQYd1X7c4xwMF4PMsEfyWPj - vanity_url: - - /zoom - - application: - authorized_groups: - - atlassian_forge - authorized_users: [] - client_id: ghFZnGJkgwTIqbs5yDn4vCnrLx3UWmaF - display: false - logo: auth0.png - name: Atlassian Forge - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/ghFZnGJkgwTIqbs5yDn4vCnrLx3UWmaF - - application: - authorized_groups: - - service_surveymonkey - authorized_users: [] - client_id: LS57OeRbl164EPk39as1TQJ3QbiMuX5M - display: false - logo: auth0.png - name: SurveyMonkey - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/LS57OeRbl164EPk39as1TQJ3QbiMuX5M - vanity_url: - - /surveymonkey - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: jijaIzcZmFCDRtV74scMb9lI87MtYNTA - display: false - logo: auth0.png - name: mozillians.org Verification Client - op: auth0 - url: https://mozillians.org/verify/identity/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: t9bMi4eTCPpMp5Y6E1Lu92iVcqU0r1P1 - display: false - logo: auth0.png - name: mozillians.org Verification Client Staging - op: auth0 - url: https://web-mozillians-staging.production.paas.mozilla.community/verify/identity/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: HvN5D3R64YNNhvcHKuMKny1O0KJZOOwH - display: false - logo: auth0.png - name: https://web-mozillians-staging.production.paas.mozilla.community -- account - verification client - op: auth0-dev - url: https://web-mozillians-staging.production.paas.mozilla.community/verify/identity/callback/ - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: tU9fTz20E17hlFVo2DViKtDLABzVxrir - display: true - logo: alchemer.png - name: Alchemer - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/tU9fTz20E17hlFVo2DViKtDLABzVxrir - vanity_url: - - /alchemer - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: 64Ud5s4qJ3GgFZQ2rUG2D4Fod0lYoUu0 - display: true - logo: concur.png - name: Concur - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/64Ud5s4qJ3GgFZQ2rUG2D4Fod0lYoUu0 - vanity_url: - - /concur - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: iz2qSHo0lSv2nRZ8V3JnOESX5UR4dcpX - display: false - logo: auth0.png - name: Navex - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/iz2qSHo0lSv2nRZ8V3JnOESX5UR4dcpX - vanity_url: - - /navex - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: 1tAZ7tyiARXodCaLoy38jYmzKLqjyDX8 - display: false - logo: auth0.png - name: confluence.mozilla-community.org - op: auth0 - url: https://confluence.mozilla-community.org/plugins/servlet/samlsso - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: 7RvvmjstmMm93e1eVimyRElqv8vjrEJC - display: false - logo: auth0.png - name: mcws.wpengine.com - op: auth0 - url: https://wpengine.mcws.mozilla.community/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: 7wyIItkJX4t7vYEaDmGrwP9k2fBh5qWP - display: false - logo: auth0.png - name: prod.testrp.security.allizom.org - op: auth0 - url: https://prod.testrp.security.allizom.org/redirect_uri - - application: - AAL: MEDIUM - authorized_groups: - - everyone - authorized_users: [] - client_id: 8J731AkHnZXviXJWzM2kdQTENMJMSVNI - display: false - logo: auth0.png - name: jenkins.services.mozilla.community - op: auth0 - url: https://jenkins.services.mozilla.community/redirect_uri - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: 9LGw821wb6hHd30HZWMy3eBE3JMtuDLs - display: false - logo: auth0.png - name: taskcluster demo - http://localhost:5050/ - op: auth0 - url: http://localhost:5050/login - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: 9sl5SW42wjikqzf9DXZSxzD8BHPf456e - display: false - logo: auth0.png - name: air-dev.allizom.org - op: auth0 - url: https://air-dev.allizom.org/oidc/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: CPnG4kKY6vWH39q2adBEyxFRAE0lO7bm - display: false - logo: auth0.png - name: opensource.mozilla.community - localhost - op: auth0 - url: http://localhost:8080/oidc/callback - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: DVvwftNuKq4miIQ0HDy7YqlkfilCAuLp - display: false - logo: auth0.png - name: crash-stats - localhost - op: auth0 - url: http://localhost:8000/oidc/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: FQw134gwheaK3KkW6fQf0JPV6P7h2yo1 - display: false - logo: auth0.png - name: https://web-mozillians-staging.production.paas.mozilla.community - op: auth0 - url: https://web-mozillians.dinopark.infra.iam.mozilla.com/oidc/callback/ - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: mC9OzwCHicAsokpRyJt468BTlO8bl5C4 - display: false - logo: auth0.png - name: https://web-mozillians.dinopark.infra.iam.mozilla.com/beta/ - op: auth0 - url: https://web-mozillians.dinopark.infra.iam.mozilla.com/beta/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: Hg3vUmTAlI2sFXR6Z4cy0Lm1hgKRapf6 - display: false - logo: auth0.png - name: pulseguardian.mozilla.org - op: auth0 - url: https://pulseguardian.mozilla.org/auth/callback - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: M9OoQEQVR0M1qtyGvPql3ZDi4T7XMQEA - display: false - logo: auth0.png - name: tools.taskcluster.net - op: auth0 - url: https://tools.taskcluster.net/login/auth0 - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: NI6D4Rk4QCZIlLOBKmTtPvrz5CyMBm23 - display: false - logo: auth0.png - name: web-remo-staging.production.paas.mozilla.community - op: auth0 - url: https://web-remo-staging.production.paas.mozilla.community/oidc/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: OwbZj5f5NnK161LTtOVshM131Nf6jWBe - display: false - logo: auth0.png - name: https://respond.mozilla.community - op: auth0 - url: https://respond.mozilla.community/oidc/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: cav8o4za5QGMXilUEjglH9cgJpQl33Ck - display: false - logo: auth0.png - name: moderator.mozilla.org - op: auth0 - url: https://moderator.mozilla.org/oidc/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: SSG7PVY70x785oW1noHJZi1Ck2wzdlyM - display: false - logo: auth0.png - name: taskcluster-tools.ngrok.io/oidc-login - op: auth0 - url: https://taskcluster-tools.ngrok.io/oidc-login - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: StXJySdOLGiWbnnmUGTC5zRGDymFSBO1 - display: false - logo: auth0.png - name: https://github.com/comzeradd/auth0-python-web-app - op: auth0 - url: http://127.0.0.1:8000/oidc/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: Tpd4uL15gBCjbypCYERVffaCuDx7hFPc - display: false - logo: auth0.png - name: discourse-localhost-development-leo-mcardle - op: auth0 - url: http://localhost:3000/auth/auth0/callback - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: U4mXW5E6cfBqLziVewwkxApHGFNPA2pI - display: false - logo: auth0.png - name: jira.mozilla-community.org - op: auth0 - url: https://jira.mozilla-community.org/plugins/servlet/samlsso - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: UCOY390lYDxgj5rU8EeXRtN6EP005k7V - display: false - logo: auth0.png - name: sso.mozilla.com - op: auth0 - url: https://sso.mozilla.com/redirect_uri - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: YwL6bJ8mXFiCplWbMLaX2fqu715rKP8u - display: false - logo: auth0.png - name: voice.mozilla.org - op: auth0 - url: https://voice.mozilla.org/callback - - application: - AAL: MEDIUM - authorized_groups: - - team_moco - - team_mofo - - mozilliansorg_nda - - mozilliansorg_dinopark-dev - authorized_users: [] - client_id: ZShocyal5HnbTYs7CH0rwytjTJGMFsav - display: false - logo: auth0.png - name: https://dinopark.k8s.dev.sso.allizom.org - op: auth0 - url: https://dinopark.k8s.dev.sso.allizom.org/redirect_uri - - application: - AAL: MEDIUM - authorized_groups: - - mozilliansorg_dinopark-test - authorized_users: [] - client_id: 7oxEfEV2QSSKQ5MhMuKJYHF9hkATHdls - display: false - logo: auth0.png - name: https://dinopark.k8s.test.sso.allizom.org - op: auth0 - url: https://dinopark.k8s.test.sso.allizom.org/redirect_uri - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: o2e391VjmnPk0115UedNTmRL8x2nySOa - display: true - logo: people.png - name: Mozilla People Directory - op: auth0 - url: https://people.mozilla.org - vanity_url: - - /phonebook - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: aDL5o9SZRaYTH5zzkGntT4l76qydMbZe - display: false - logo: auth0.png - name: sso.allizom.org - op: auth0 - url: http://localhost:5000/redirect_uri - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: aJc4zjynRegTcrrxjB7PqV8lb9FdAVBr - display: false - logo: auth0.png - name: discourse-staging.production.paas.mozilla.community - op: auth0 - url: https://discourse-staging.production.paas.mozilla.community/auth/auth0/callback - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: c4j1TRdnJPdkFGJoEsU5LtL3ltPC5QyU - display: false - logo: auth0.png - name: www.standu.ps - op: auth0 - url: https://www.standu.ps/oidc/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: lDyt2V0UvWdXsWj4lgcENLZ10E6TJ0Yt - display: false - logo: auth0.png - name: pulseguardian-dev.herokuapp.com - op: auth0 - url: https://pulseguardian-dev.allizom.org:5000/redirect_uri - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: fOrASkloZehth1DIMcHr2or37gyr74Kk - display: false - logo: auth0.png - name: moderator-stage.itsre-apps.mozit.cloud - op: auth0 - url: https://moderator-stage.itsre-apps.mozit.cloud/oidc/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: t6K0dg86KPvhkIgFAFz1CyC6reG8UV21 - display: false - logo: auth0.png - name: voice.allizom.org - op: auth0 - url: http://localhost:9000/callback - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: w5mW5ZufRCWg6metsZ7hMckSH5s3b1Cq - display: false - logo: auth0.png - name: air.allizom.org - op: auth0 - url: https://air.allizom.org/authentication/callback/ - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: wBrqQY7k2sCNWQTeBLl4B6nDEDOesXG9 - display: false - logo: auth0.png - name: mozillastaging.wake.com - op: auth0 - url: https://mozillastaging.wake.com/saml2/acs - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: ytxE7FfAMnFOXw3bF7SgKv6PwklueYUW - display: false - logo: auth0.png - name: appsvcs-generic.nubis.allizom.org - op: auth0 - url: https://sso.admin.us-west-2.appsvcs-generic.nubis.allizom.org/sso - - application: - authorized_groups: - - service_simplemdm - authorized_users: [] - client_id: 2X4EmanmPDfF3oRKS4Ex2sopZ2NsfLQU - display: false - logo: auth0.png - name: SimpleMDM - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/2X4EmanmPDfF3oRKS4Ex2sopZ2NsfLQU - vanity_url: - - /simplemdm - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: P5kUBn21KQ5m8IRMdNFONg17dJ9qTrlP - display: false - logo: auth0.png - name: InfluxData - op: auth0 - url: https://hillvalley-b40313e5.influxcloud.net - - application: - authorized_groups: - - team_moco - - team_mofo - - mozilliansorg_nda - authorized_users: [] - client_id: AJBSCa58Vu3bi1OiL30s2yCTXUkBj6KR - display: false - logo: auth0.png - name: Sotrar - op: auth0 - url: https://sotrar.mozilla.community - vanity_url: - - /sotrar - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: DGloMN2BXb0AC7lF5eRyOe1GXweqBAiI - display: false - logo: auth0.png - name: Bugzilla Management Dashboard - op: auth0 - url: https://bugzilla-management-dashboard.netlify.com/ - - application: - authorized_groups: - - team_services_ops - - balrog - authorized_users: [] - client_id: BXaDyWq2F0MNWc56hTxVnM0SkMBXMG0d - display: true - logo: balrog.png - name: Balrog - op: auth0 - url: https://aus4-admin.mozilla.org - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: zk9N7LU2ihMIy0bwlGd7GfRVXDKsGQjI - display: false - logo: auth0.png - name: Zendesk - mozilladev - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/zk9N7LU2ihMIy0bwlGd7GfRVXDKsGQjI - - application: - authorized_groups: - - team_pocket - authorized_users: [] - client_id: IJfd6g73V42fh6LHW6leFdQO7jR0A8of - display: true - logo: jira.png - name: getpocket.atlassian.net - op: auth0 - url: https://getpocket.atlassian.net/ - vanity_url: - - /pocket-jira - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: 31dwqlImDXaTqW7m8E0YY5CN16ZLf72Q - display: false - logo: auth0.png - name: Crashplan - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/31dwqlImDXaTqW7m8E0YY5CN16ZLf72Q - vanity_url: - - /crashplan - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: 2dbkrvUJa5gnxGSnMLZ1jflbtrahhrEi - display: false - logo: trello.png - name: Trello - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/2dbkrvUJa5gnxGSnMLZ1jflbtrahhrEi - vanity_url: - - /trello - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: WuFEV87Q4or1WlncXR3WRgcbD1oceeme - display: false - logo: auth0.png - name: Experimenter - op: auth0 - url: https://experimenter.services.mozilla.com - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: Lh20PL4WfuZRoZ45dCW0PbnTN8wqN8fd - display: false - logo: auth0.png - name: webcompat-kibana.herokuapp.com - op: auth0 - url: https://webcompat-kibana.herokuapp.com - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - mozilliansorg_non-moco-sheriffs-basic - authorized_users: [] - client_id: jGx4Z2JTWsgQWiBmvrCNbe5WXAfMivzb - display: false - logo: auth0.png - name: earthangel-b40313e5.influxcloud.net - op: auth0 - url: https://earthangel-b40313e5.influxcloud.net - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: WLQrmFTcXlSDelnxOASZ4KJQTE5gXZFt - display: false - logo: auth0.png - name: dev.sumo.moz.works - op: auth0 - url: https://dev.sumo.moz.works - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: dWcDz6ZYNuevquzzvAgRYOgBZLxY0ucx - display: false - logo: auth0.png - name: normandy-admin.prod.mozaws.net - op: auth0 - url: https://delivery-console.prod.mozaws.net/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: k3JF93rR1HI7O2HEndhCI0p1ZyBhhMCr - display: false - logo: auth0.png - name: wpt.stage.mozaws.net - op: auth0 - url: https://wpt.stage.mozaws.net/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: OlwWsXslbA9wk5lQOHUDIUSrtIFTauTy - display: false - logo: auth0.png - name: metrics.mozilla.com/protected - op: auth0 - url: https://metrics.mozilla.com/protected - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: m6x0phAu4rq4imC6f6gRYaGmQgStCdlG - display: false - logo: auth0.png - name: strategy-and-insights.mozilla.com - op: auth0 - url: https://strategy-and-insights.mozilla.com/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: 7YTXsNQhLSiNsXPtDdXdvryD5dN30DEb - display: false - logo: auth0.png - name: mozilla-private.report - op: auth0 - url: https://reports-dev.telemetry.mozilla.org/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: UR9C6jNpAxXBv0bEnzDsHGUQAEyasre2 - display: false - logo: auth0.png - name: data-iodide.stage.mozaws.net - op: auth0 - url: https://data-iodide.stage.mozaws.net/oidc/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: wC5AsSzi8BbDHHDDieRjU3mcpEeTVcwj - display: false - logo: auth0.png - name: grafana.telemetry.mozilla.org - op: auth0 - url: https://grafana.telemetry.mozilla.org/login/generic_oauth - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: dVL10G8KVJymQ6Tx6naRZRbX6L8rhO1E - display: false - logo: auth0.png - name: stage.grafana.nonprod.dataops.mozgcp.net - op: auth0 - url: https://stage.grafana.nonprod.dataops.mozgcp.net/login/generic_oauth - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 7jfouvibRlddw49I8prbSl2xrxKXwwoh - display: false - logo: auth0.png - name: activedata-private.devsvcdev.mozaws.net - op: auth0 - url: https://activedata-private.devsvcdev.mozaws.net/openidc/logout - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: R04ouRZsRnbVXztgFEA0ZdNUia6WMFa1 - display: false - logo: auth0.png - name: activedata-private.devsvcstage.mozaws.net - op: auth0 - url: https://activedata-private.devsvcstage.mozaws.net/openidc/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 8udOeshOuK7LREPL0G5Z9n2mY4expDLx - display: false - logo: auth0.png - name: activedata-private.devsvcprod.mozaws.net - op: auth0 - url: https://activedata-private.devsvcprod.mozaws.net/openidc/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 33XOsgKlENOSLXLtRv7Vb65v38plFwlg - display: false - logo: auth0.png - name: Logging 2.0 CEP Stage - op: auth0 - url: https://logging-cep.stage.mozaws.net/dashboard_output/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: l7kCqo8U1Ka2ZtlE85Dmy2a8Ic1I8y7H - display: false - logo: auth0.png - name: bacula1.private.mdc1.mozilla.com - op: auth0 - url: https://bacula1.private.mdc1.mozilla.com/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: EtCJe9m2NFGF4TO0kIfPoT7gQqTKU0DE - display: false - logo: auth0.png - name: Foreman - op: auth0 - url: https://foreman.private.mdc1.mozilla.com/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: MmT719PU6y84GsRkym00nVvVHi2y5hPa - display: false - logo: auth0.png - name: testwebapp.private.mdc1.mozilla.com - op: auth0 - url: https://testwebapp.private.mdc1.mozilla.com/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: Hi9rqHLPlnpRfMkc7dtkToFc3DHtcf4Z - display: false - logo: auth0.png - name: rundeck1.private.scl3.mozilla.com - op: auth0 - url: https://rundeck1.private.scl3.mozilla.com/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: hIjZmDmmtkKuaOjmhd5HUzn0ResPDeqX - display: false - logo: auth0.png - name: wde.allizom.org - op: auth0 - url: https://wde-stage.public.mdc1.mozilla.com/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 1QcjRY2UEYySI79IqorH94Td590oqXSA - display: false - logo: auth0.png - name: admin.readitlater.localhost - op: auth0 - url: http://admin.readitlater.localhost/auth - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - vpn_cloudops_shipit - authorized_users: [] - client_id: 4u5EiGAICaWFmsyWamVaN1D4f4P6MlR0 - display: false - logo: auth0.png - name: shipit.staging.mozilla-releng.net - op: auth0 - url: https://shipit.staging.mozilla-releng.net/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: XwWBobhe6XlQrngdct8sEdLFAgsW89yB - display: false - logo: auth0.png - name: serviceapi.security.allizom.org - op: auth0 - url: https://serviceapi.security.allizom.org/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - mozilliansorg_nda - authorized_users: [] - client_id: 462AVvm5b1GOLD0z7Gao0Eje24aF3Kz0 - display: false - logo: auth0.png - name: mozilla-dev.metricinsights.com - op: auth0 - url: https://mozilla-dev.metricinsights.com/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: xTQ9ithTGuqzB0MaPkafbj3Q6HTE2vM0 - display: false - logo: auth0.png - name: hasal-server.ateam.tpe1.mozilla.com - op: auth0 - url: http://hasal-server.ateam.tpe1.mozilla.com:8080/securityRealm/finishLogin - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: bSCGkqkGbQPAuIDt0kYqmnhimlkh2kwH - display: false - logo: auth0.png - name: atmo.stage.mozaws.net - op: auth0 - url: https://atmo.stage.mozaws.net/oidc/callback/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: m772guBT5bEt60OCg4l11NbwDbOX2SLm - display: false - logo: auth0.png - name: nubis-market.nubis.allizom.org - op: auth0 - url: https://sso.admin.us-west-2.nubis-market.nubis.allizom.org/sso - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - mozilliansorg_project-link-aws-admin - - mozilliansorg_searchfox-aws # https://bugzilla.mozilla.org/show_bug.cgi?id=1677158 - authorized_users: [] - client_id: N7lULzWtfVUDGymwDs0yDEq6ZcwmFazj - display: false - logo: auth0.png - name: AWS Federated CLI - op: auth0 - url: http://localhost:10800/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: hGFkZoxf7dzKy3PIsT7w2XTBQOhb3ZK0 - display: false - logo: auth0.png - name: testwebapp.allizom.org - op: auth0 - url: https://testwebapp.allizom.org/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: IVq10RLJgYIQX9Mzzr0hPhDkyix6kZQb - display: false - logo: auth0.png - name: wpt.dev.mozaws.net - op: auth0 - url: https://wpt.dev.mozaws.net/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: W3SoWmYcqvP2Yms14s5VTeUFCZmBOJPT - display: false - logo: auth0.png - name: ldapadmin1.private.mdc1.mozilla.com/phpldapadmin - op: auth0 - url: https://ldapadmin1.private.mdc1.mozilla.com/mellon/postResponse - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: Zs6FFIXPUstFKpzBau4cRQ1aFBx4dKBR - display: false - logo: auth0.png - name: screenshots-admin.services.mozilla.com - op: auth0 - url: https://screenshots-admin.services.mozilla.com/openid/callback/login/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: iQwPHkpTw1RmbYe6ov2qFMfxbVN7DOB7 - display: false - logo: auth0.png - name: normandy-admin.stage.mozaws.net - op: auth0 - url: https://normandy-admin.stage.mozaws.net/auth/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: L0Eq6oW30PeB6mYt8NlsaZ2WqC9sj40n - display: false - logo: auth0.png - name: stage-pto.mozilla.com.tw - op: auth0 - url: https://stage-pto.mozilla.com.tw/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: albdy7m1X0YqdKEYx6qiJ9dKfg4ousn0 - display: false - logo: auth0.png - name: Logging 2.0 CEP Data - op: auth0 - url: https://logging-cep.data.mozaws.net/dashboard_output/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: N3GRGrtTfNehZYvC3vWVUgd7Rk9F2Opb - display: false - logo: auth0.png - name: panorama.mdc1.mozilla.net - op: auth0 - url: https://panorama.mdc1.mozilla.net:443/SAML20/SP/ACS - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - mozilliansorg_nda - authorized_users: [] - client_id: 725CWQLZ1oOt8XEnjsMvjYkZMZna2Y1V - display: false - logo: auth0.png - name: mozilla-stg.metricinsights.com - op: auth0 - url: https://mozilla-stg.metricinsights.com/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 0igrKwGTBpqNHUhPMikxMwjOrZfmzaRh - display: false - logo: auth0.png - name: https://data-stmo-rc.stage.mozaws.net - op: auth0 - url: https://data-stmo-rc.stage.mozaws.net/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 29t2n3LKKnyTbGtWmfTkQpau0mp7QmMH - display: false - logo: auth0.png - name: bz-dev-stats-localhost - op: auth0 - url: http://localhost:5080/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: n0L5J2H8fk5T4G7Ma4Ke75Hc6Be5hsRV - display: false - logo: auth0.png - name: kinto-writer.stage.mozaws.net - op: auth0 - url: https://kinto-writer.stage.mozaws.net/v1/admin/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 3a6sbM3CfbTQ8YkZ4wW7YpOdNN5NX4Hb - display: false - logo: auth0.png - name: lando.devsvcdev.mozaws.net - op: auth0 - url: https://lando.devsvcdev.mozaws.net/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 47BCiKGMwpCH5K7IzmJ1DjrHSo82krNs - display: false - logo: auth0.png - name: lando.devsvcstage.mozaws.net - op: auth0 - url: https://lando.devsvcstage.mozaws.net/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: XMAlQpd3P8y34lZF2EvgdNkNxWIP3KD2 - display: false - logo: auth0.png - name: Safari - op: auth0 - url: https://safarijv.auth0.com/login/callback?connection=Mozilla - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: VEVkmAppSLa3zc9VRhjkDJPwNSs6Zy7B - display: false - logo: auth0.png - name: screenshots-admin-default.stage.mozaws.net - op: auth0 - url: https://screenshots-admin-default.stage.mozaws.net/openid/callback/login/ - - application: - authorized_groups: - - team_mozillaonline - - mozilliansorg_stmo_nda - - stmo_nda - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: rgE6x7G6X1i3TjOy43qYG8vbcyKtcN6E - display: false - logo: auth0.png - name: sql.telemetry.mozilla.org - op: auth0 - url: https://sql.telemetry.mozilla.org/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: LNPKbJGoCqEBuCtIZIoJg08V4QtNzfYJ - display: false - logo: auth0.png - name: graphite-mdc1.mozilla.org - op: auth0 - url: https://graphite-mdc1.mozilla.org/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: a8153qZo1lnReZ3hj3ZCmP8YMzArrHqU - display: false - logo: auth0.png - name: sumo-dev.frankfurt.moz.works - op: auth0 - url: https://sumo-dev.oregon-b.moz.works/oidc/callback/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 1KN7o6GO88DyTLHW5WlsMm5V3qNRv7Ac - display: false - logo: auth0.png - name: jenkins.ops.iam.mozilla.com - op: auth0 - url: https://jenkins.ops.iam.mozilla.com/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: nIqcS6cAGY2WRA5466YngH44T4xrrvCt - display: false - logo: auth0.png - name: tenable.io - op: auth0 - url: https://cloud.tenable.com/saml/login/53fcab98-7475-4f21-bfba-a082908ca4f4 - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - mozilliansorg_shipit_devs - authorized_users: [] - client_id: FK1mJkHhwjulTYBGklxn8W4Fhd1pgT4t - display: false - logo: auth0.png - name: mozilla-releng.net - localhost - op: auth0 - url: https://localhost:8010/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: btcSD131nsA7Mv1g01U535XPRG3qdNFp - display: false - logo: auth0.png - name: experimenter.dev.mozaws.net - op: auth0 - url: https://experimenter.dev.mozaws.net/openid/callback/login/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - statuspage_service_accounts - authorized_users: [] - client_id: KqlGE124Mr21HFF3GwSlxEkOHlrX9EG6 - display: false - logo: auth0.png - name: manage.statuspage.io - op: auth0 - url: https://manage.statuspage.io/sso/saml/consume - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - vpn_cloudops_shipit - authorized_users: [] - client_id: 2dXygwTNP3p7iLTSaEWbdoiJFkjSBqm4 - display: false - logo: auth0.png - name: shipit.mozilla-releng.net - op: auth0 - url: https://shipit.mozilla-releng.net/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: - - billing@mozilla.com - client_id: 6BLpfXP845A8yris7DaPST25HycC7l2u - display: false - logo: auth0.png - name: Expensify (getpocket.com) - op: auth0 - url: https://www.expensify.com/authentication/saml/loginCallback?domain=getpocket.com - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 5tkbwIFZqYLtZtFIDki6Nqpt8GHUzZ2J - display: false - logo: auth0.png - name: peaceful-stream-36350.herokuapp.com - op: auth0 - url: https://peaceful-stream-36350.herokuapp.com/redirect_url - - application: - authorized_groups: - - mozilliansorg_snippets_admin - authorized_users: [] - client_id: a6jCoSzt99DFySdC3qvP5oSpYcEEOsvT - display: false - logo: auth0.png - name: Snippets Stage - op: auth0 - url: https://snippets.allizom.org/oidc/callback/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: M4TY5gZQ6nUyMIjWpXWFffRJ9pD3qPb2 - display: false - logo: auth0.png - name: https://nhobot.ngrok.io - op: auth0 - url: https://nhobot.ngrok.io/callback/auth - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: d8fRO14gY7fhl54HU1yDemdJxJMTIV5Q - display: false - logo: auth0.png - name: Atlassian Access - op: auth0 - url: https://auth.atlassian.com/login/callback?connection=saml-094a4f90-c6c4-4741-bfb1-17535bd11e28 - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: rrXGZ6x7J4MIWWlQ6zhTzgED2GxIsHCv - display: false - logo: auth0.png - name: pentest-master.private.mdc1.mozilla.com - op: auth0 - url: https://pentest-master.private.mdc1.mozilla.com/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: s7ICwWzGSP8WRnAkAMpIjDyayaEIOneU - display: false - logo: auth0.png - name: pto.mozilla.com.tw - op: auth0 - url: https://pto.mozilla.com.tw/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: AmqnIoKbdd59LaI4wt0pOPkuUHeMchJf - display: false - logo: auth0.png - name: Logging 2.0 CEP Devsvcprod - op: auth0 - url: https://logging-cep.devsvcprod.mozaws.net/dashboard_output/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 6BFjR5hArHbV7dzyUy2VYmnXCV5B0pdo - display: false - logo: auth0.png - name: https://anb1.fuzzing.mozilla.org/ - op: auth0 - url: https://anb1.fuzzing.mozilla.org/oidc/callback/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - statuspage_service_accounts - authorized_users: [] - client_id: qpmqtLlYhXKdezJK22j1zmML6cCLuvUg - display: false - logo: auth0.png - name: firefoxoperations.statuspage.io - op: auth0 - url: https://manage.statuspage.io/sso/saml/consume - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: amWBDrIIzlk2pyjgCyLruw0n9wplzUlm - display: false - logo: auth0.png - name: bacula1.private.scl3.mozilla.com - op: auth0 - url: https://bacula1.private.scl3.mozilla.com/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: Ef6czTFBKvTUR3FW08tYobaMGEnk9bzB - display: false - logo: auth0.png - name: DAM (NetX) - op: auth0 - url: https://mozilla.netx.net/SSO - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: ov4iTFaVzWnvGme0x7FmRarIvu10I08M - display: false - logo: auth0.png - name: ds-dashboard.data.mozaws.net - op: auth0 - url: https://ds-dashboard.data.mozaws.net/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: rvidaekCvn75vjMcDiBGz2lsmQLDuoou - display: false - logo: auth0.png - name: mozilla.vidyocloud.com - op: auth0 - url: https://mozilla.vidyocloud.com/saml/SSO/alias/Mozilla - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: xZWh7NZy5TB6IZ7hFPTIfL0Q0XqAW7st - display: false - logo: auth0.png - name: pipeline-sql.stage.mozaws.net - op: auth0 - url: https://pipeline-sql.stage.mozaws.net/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 5Z2yOkD1vAU6wAKX3mkFEwBWK8kBBpJD - display: false - logo: auth0.png - name: Logging 2.0 CEP Dev - op: auth0 - url: https://logging-cep.dev.mozaws.net/dashboard_output/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: K3ZolIlVbVH41tI9czWdQaPAHWriGx92 - display: false - logo: auth0.png - name: bacula1.private.mdc2.mozilla.com - op: auth0 - url: https://bacula1.private.mdc2.mozilla.com/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: F1VVD6nRTckSVrviMRaOdLBWIk1AvHYo - display: false - logo: auth0.png - name: sccache native PKCE - op: auth0 - url: http://localhost:12731/redirect - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: dXTkbChUpSCKkj3YpY4KxpZ0iYg0tkNy - display: false - logo: auth0.png - name: experimenter-app.dev.mozaws.net - op: auth0 - url: https://experimenter-app.dev.mozaws.net/openid/callback/login/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: saSz4srpJGtdSMS62v47Xb2FOQtT2xBF - display: false - logo: auth0.png - name: Duo Administration (https://duo.com) - op: auth0 - url: https://admin-4b043da5.duosecurity.com/saml/DATQ3O9LT3AC6HZHTURB/acs - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: hU1YpGcL82wL04vTPsaPAQmkilrSE7wr - display: false - logo: auth0.png - name: normandy.dev.mozaws.net - op: auth0 - url: https://normandy.dev.mozaws.net/auth/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: teqIfOHtaidNWTa79bt7VJwf2Trr3ALQ - display: false - logo: auth0.png - name: settings-writer.prod.mozaws.net - op: auth0 - url: https://settings-writer.prod.mozaws.net/v1/admin/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: e1g4q4s7Q2Jos5XOt6pyHVA9JH4G3xjJ - display: false - logo: auth0.png - name: Nagios - op: auth0 - url: https://nagios3.private.scl3.mozilla.com/scl3 - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: zw5M6MyDDixeSXQR2XiDZz46hSOKIHhr - display: false - logo: auth0.png - name: Salesforce Marketing Cloud (test) - op: auth0 - url: https://auth.test.exacttarget.com/Shibboleth.sso/SAML2/POST - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: q0tFB9QyFIKqPOOKvkFnHMj2VwrLjX46 - display: false - logo: auth0.png - name: Google (test.mozilla.com) - op: auth0 - url: https://www.google.com/a/test.mozilla.com/acs - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: vgDriXO3k0LThShbbJUfgl23uAT2MKBp - display: false - logo: auth0.png - name: https://fuzzmanager.fuzzing.mozilla.org/ - op: auth0 - url: https://fuzzmanager.fuzzing.mozilla.org/oidc/callback/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: m35Bq2g6bRV37rs3cGa4UBR0qNI3IBKR - display: false - logo: auth0.png - name: mozillauvd.vidyocloudstaging.com - op: auth0 - url: https://mozillauvd.vidyocloudstaging.com/saml/SSO/alias/MozillaUVD - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: - - iris-testing@mozilla.com - client_id: 383wZyKOqULjvIJnA4Njz04lztkmxKjf - display: false - logo: auth0.png - name: auth0proxy.stage.mozaws.net - op: auth0 - url: https://auth0proxy.stage.mozaws.net/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: TTPiEfB9nU0DxzvFxCrj2HYmCtLP1NR3 - display: false - logo: auth0.png - name: Logging 2.0 CEP Prod - op: auth0 - url: https://logging-cep.prod.mozaws.net/dashboard_output/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - mozilliansorg_nda - authorized_users: [] - client_id: y2cZ14lTdsMjJdjmUNQ3PaLDrBCNJUZl - display: false - logo: auth0.png - name: localhost:5000 - Marty Ballard - op: auth0 - url: http://localhost:5000/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: BDRmLMBwmCqyBsL52IuQW8wLBLoLSBWo - display: false - logo: auth0.png - name: wde.mozilla.org - op: auth0 - url: https://wde.mozilla.org/redirect_uri - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: LdGd1MOIwHD7flZjj5OuQlzGVAyakGvj - display: false - logo: auth0.png - name: Firefox Test Tube localhost - op: auth0 - url: http://localhost:8000/accounts/callback/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - mozilliansorg_nda - authorized_users: [] - client_id: a9d4XdRa07eZxC6GoPUI6WDFjvfyE9sY - display: false - logo: auth0.png - name: New Hire Onboarding (NHO) Slack Bot - op: auth0 - url: https://nhobot.ngrok.io/callback/auth - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: wP33JOFmHQEd2TOHftxIppprqCnJzo3m - display: false - logo: auth0.png - name: DAM Stage (NetX) - op: auth0 - url: https://mozillatest.netx.net/SSO - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: - - billing@mozilla.com - client_id: adMlV8Ud0Z77GLfsaa4fb4oQj8ggf0ws - display: false - logo: auth0.png - name: Expensify - op: auth0 - url: https://www.expensify.com/authentication/saml/loginCallback?domain=mozilla.com - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: Scha3pS5Y3vITvnhnbLxSla2MBMPdo3M - display: false - logo: auth0.png - name: graphite-mdc2.mozilla.org - op: auth0 - url: https://graphite-mdc2.mozilla.org/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: fkfhxgxU868c6OSstYP4FwPzGzM534r5 - display: false - logo: auth0.png - name: pto.allizom.org - op: auth0 - url: https://pto.allizom.org/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: Ury9HCvBS4B1SzAH8f3YASbbcGf5QlQf - display: false - logo: auth0.png - name: LGTM.com - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/Ury9HCvBS4B1SzAH8f3YASbbcGf5QlQf - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: sAwFfYrOicxvNjkA75pdZUvkPcJqUPl3 - display: false - logo: auth0.png - name: metrics.mozilla-itsre.mozit.cloud - op: auth0 - url: https://metrics.mozilla-itsre.mozit.cloud/login/generic_oauth - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: wwJwws9XZ6AVA48QOUU2FCGa6XP4U3aQ - display: false - logo: auth0.png - name: Miro - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/wwJwws9XZ6AVA48QOUU2FCGa6XP4U3aQ - vanity_url: - - /miro - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: SJmdyaeuz4SkdoWgOXZxVFeQukpt5SMo - display: false - logo: auth0.png - name: Fluxx - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/SJmdyaeuz4SkdoWgOXZxVFeQukpt5SMo - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: pKXyeYwf5sIG6vImQ0HLvPpfzbZObhX0 - display: false - logo: mana.png - name: Mana Stage (new) - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/pKXyeYwf5sIG6vImQ0HLvPpfzbZObhX0 - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: TSYr6tZcybHxtOlYznB1fslCvCInnKw3 - display: false - logo: auth0.png - name: pad.mozilla.org - op: auth0 - url: https://pad.mozilla.org/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - mozilliansorg_nda - authorized_users: [] - client_id: JW5noOxn5yRl3HbThBAqet7yLqu5uoTm - display: false - logo: auth0.png - name: paste.mozilla.org - op: auth0 - url: https://paste.mozilla.org/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: nJkH6xvVNwogpLjkrTePAKwjB4NpE74h - display: false - logo: auth0.png - name: virgo-b.fuzzing.mozilla.org - op: auth0 - url: https://virgo-b.fuzzing.mozilla.org/ - - application: - authorized_groups: - - aws_320464205386_admin - authorized_users: [] - client_id: LuNrrJpcnK2Nlh75wRJ2ab6gxEJYFMQG - display: false - logo: auth0.png - name: IAM Graylog - op: auth0 - url: https://graylog.infra.iam.mozilla.com/redirect_uri - vanity_url: - - /iam-graylog - - application: - authorized_groups: - - team_moco - authorized_users: [] - client_id: tAtVU4uyJhaXdMEglSWKxMHliBm9yYtS - display: false - logo: auth0.png - name: New Relic IT SRE - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/tAtVU4uyJhaXdMEglSWKxMHliBm9yYtS - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: pTTMCxf9YNo4zPOE2l81JqIGHbxkotuJ - display: false - logo: auth0.png - name: stage.taskcluster.nonprod.cloudops.mozgcp.net - op: auth0 - url: https://stage.taskcluster.nonprod.cloudops.mozgcp.net/login/mozilla-auth0/callback - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: HhsEpi14LlupTdZJjWcbsfWU0w8dVPxT - display: false - logo: auth0.png - name: fxa-support-panel2.stage.mozaws.net - op: auth0 - url: https://fxa-support-panel2.stage.mozaws.net/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: Vq6X0h7r43esUhNmrbUD1HBZskVejhHW - display: false - logo: auth0.png - name: fxa-support-panel.stage.mozaws.net - op: auth0 - url: https://fxa-support-panel.stage.mozaws.net/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: m3UJJU40O2T6awdbhoA8V6onp3AbzU3Q - display: false - logo: auth0.png - name: iodide.telemetry.mozilla.org - op: auth0 - url: https://iodide.telemetry.mozilla.org/oidc/callback - - application: - authorized_groups: - - IntranetWiki - - GuestWiki - - moc_service_accounts - authorized_users: - - moc+servicenow@mozilla.com - - moc-sso-monitoring@mozilla.com - client_id: Qzs1IbNmnXB1js1KlhhdnwYZT9rwwF4U - display: true - logo: mana.png - name: Mana - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/Qzs1IbNmnXB1js1KlhhdnwYZT9rwwF4U - vanity_url: - - /mana - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: uqaHX7JDz335eg0A89725t4GH5dLCUoW - display: false - logo: auth0.png - name: biff-5adb6e55.influxcloud.net - op: auth0 - url: https://biff-5adb6e55.influxcloud.net/login/generic_oauth - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: NKhaOVehPM0VNljIiENTEP8jvaEUjYV3 - display: false - logo: auth0.png - name: star-dot.admin.readitlater.com - op: auth0 - url: https://admin.readitlater.localhost/auth - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: - - dlipski@mozilla.com - - jeide@mozilla.com - client_id: TB91RkOJc4eQhOuT0SIfUHm2nD6W3ipT - display: true - logo: coderpad.png - name: CoderPad - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/TB91RkOJc4eQhOuT0SIfUHm2nD6W3ipT - vanity_url: - - /coderpad - - application: - authorized_groups: - - service_uptycs - - service_uptycs_admin - authorized_users: [] - client_id: VDBnjB9HB3ulW5ty50toL8fW5p1GCghU - display: true - logo: uptycs.png - name: Uptycs - op: auth0 - url: https://mozilla.uptycs.io/saml/auth - vanity_url: - - /uptycs - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: ljY6JKsFj7e8qTE4WGuEgaNCq5cc1QuE - display: false - logo: discourse.png - name: Discourse - Dev - op: auth0 - url: https://discourse-dev.itsre-apps.mozit.cloud/auth/auth0/callback - vanity_url: - - /discourse-dev - - application: - authorized_groups: - - team_moco - authorized_users: [] - client_id: WQnlYTEc4PYRRK3FT7n3l9VOtew1IDo2 - display: false - logo: auth0.png - name: Kevel - op: auth0 - url: https://app.kevel.co/new_login_flow.html?orgcode=mozilla - vanity_url: - - /kevel - - application: - authorized_groups: - - team_pocket - authorized_users: [] - client_id: Nw44gx8sBU2sjVvoIY8Se3solzd9XM8X - display: false - logo: auth0.png - name: recit.getpocket.dev - op: auth0 - url: https://recit.getpocket.dev/login - - application: - authorized_groups: - - vpn_fxa_support_panel - authorized_users: [] - client_id: 7EtX4Eg0zXBjI5fL3Wu53roaXEnVIFsx - display: false - logo: auth0.png - name: fxa-support-panel.prod.mozaws.net - op: auth0 - url: https://fxa-support-panel.prod.mozaws.net/openid/callback/login - - application: - authorized_groups: - - team_netops - - team_infra - authorized_users: [] - client_id: OSKMKPkvUoDg0K8agd4iHSwUam0lpr6p - display: false - logo: auth0.png - name: ConsoleFlow - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/OSKMKPkvUoDg0K8agd4iHSwUam0lpr6p - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: LGK34V7wTjZ8tkMSCQhxI0ynfiMcAsvg - display: true - logo: matrix.png - name: Matrix IM - op: auth0 - url: https://chat.mozilla.org/#/start_sso - vanity_url: - - /matrix - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: KgsLx8URDpoMK779VdNue6Yswx2ZfBKu - display: false - logo: taskcluster.png - name: FirefoxCI TaskCluster - op: auth0 - url: https://firefox-ci-tc.services.mozilla.com/ - - application: - authorized_groups: - - service_cloudsnap - authorized_users: [] - client_id: cuC3NOGPFm58H172NnOypPf1jGQwMoUf - display: false - logo: auth0.png - name: Cloudsnap - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/cuC3NOGPFm58H172NnOypPf1jGQwMoUf - - application: - authorized_groups: - - hris_costcenter_1420 - authorized_users: [] - display: true - logo: newrelic.png - name: New Relic EIS - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/yrtYw37UYq5gkna3j9f0P4L0oQD8Y6aQ - vanity_url: - - /new-relic-eis - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: Um2rLocE3s851JXNZzTPnA5DFzWe9OhQ - display: false - logo: newrelic.png - name: New Relic Emerging Tech - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/Um2rLocE3s851JXNZzTPnA5DFzWe9OhQ - vanity_url: - - /new-relic-emerging-tech - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: VeOfYrHRjGuAauFAXRYv4z0rCFe4Ibbc - display: false - logo: newrelic.png - name: New Relic SubHub - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/VeOfYrHRjGuAauFAXRYv4z0rCFe4Ibbc - vanity_url: - - /new-relic-subhub - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: rCUnlF5BH5z603b8eZ17Xb4SPnHaY4Zm - display: false - logo: newrelic.png - name: New Relic Voice - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/rCUnlF5BH5z603b8eZ17Xb4SPnHaY4Zm - vanity_url: - - /new-relic-voice - - application: - authorized_groups: - - braintree_admin_sso - - braintree_analyst - - braintree_donor_care - - braintree_legal - - braintree_manager_not_users - authorized_users: [] - client_id: x7TF6ZtJev4ktoHR4ObWmA9KeqGni6rq - display: true - logo: braintree.png - name: Braintree - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/x7TF6ZtJev4ktoHR4ObWmA9KeqGni6rq - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: p2lSKumiDFFnTfopf6zkiF3WB0W359ZK - display: false - logo: auth0 - name: Consider.it - op: auth0 - url: https://mozilla-soti.consider.it - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: pouConqZTpmZNBuKyzeWEyauZHlnAirS - display: false - logo: auth0 - name: community.mozilla.org - op: auth0 - url: https://community.mozilla.org - - application: - authorized_groups: - - service_mozilla_donate - authorized_users: [] - client_id: XdAr3brwNP9VXHcqaqC9YSepMLMMCIjS - display: false - logo: auth0 - name: Mozilla Donate - op: auth0 - url: https://give.mozilla.org - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: uGQC74llWoyAedpixUDpu8OLCf6GmqlC - display: false - logo: auth0.png - name: Retrium - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/uGQC74llWoyAedpixUDpu8OLCf6GmqlC - vanity_url: - - /retrium - - application: - authorized_groups: - - service_docusign - authorized_users: [] - client_id: 3444IQx7ZwykpuznWYd6VC6dEyvLtM9v - display: true - logo: docusign.png - name: DocuSign - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/3444IQx7ZwykpuznWYd6VC6dEyvLtM9v - vanity_url: - - /docusign - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 7i1G4gM7zGuIE4h9T6s1Mho1e9P0cxk1 - display: false - logo: auth0.png - name: Convert.com - op: auth0 - url: http://app.convert.com/auth/signin/34nrb9vvf8o51islb4s011ap6l/Mozilla - vanity_url: - - /convert - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: b2ESDyU2mJN5r6Ani52aIWxg0FoudEl8 - display: true - logo: siq.png - name: SiQ - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/b2ESDyU2mJN5r6Ani52aIWxg0FoudEl8 - vanity_url: - - /spaceiq - - /siq - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: 7HxWt6W66K2QeytVVCeOoWpJxkVExnzz - display: true - logo: ideascale.png - name: IdeaScale - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/7HxWt6W66K2QeytVVCeOoWpJxkVExnzz - vanity_url: - - /ideascale - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: wgh8S9GaE7sJ4i0QrAzeMxFXgWZYtB0l - display: false - logo: auth0.png - name: sage Intacct - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/wgh8S9GaE7sJ4i0QrAzeMxFXgWZYtB0l - vanity_url: - - /sageintacct - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: cEWzoPzUcDwk3JhpD9ENtPKMmE7T5QWv - display: false - logo: auth0.png - name: GLAM (Stage) - op: auth0 - url: https://glam-stage.bespoke.nonprod.dataops.mozgcp.net - - application: - authorized_groups: - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: WlWmEUQ2dmQFQJfKxNx1ZNkAJRKueaR1 - display: false - logo: auth0.png - name: GLAM (prod) - op: auth0 - url: https://glamtelemetry.mozilla.org - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: kfax6JBFqyXQcfEEQmEa56np04rm3uYX - display: false - logo: auth0.png - name: GLAM - op: auth0 - url: https://glam.telemetry.mozilla.org - - application: - authorized_groups: - - team_moco_benefited - - team_mofo - - team_mozillaonline - - team_elance - authorized_users: [] - client_id: NhzqLGjjqXIp3kGoonkTLSO7awPBhWsK - display: true - logo: udemy.png - name: Udemy - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/NhzqLGjjqXIp3kGoonkTLSO7awPBhWsK - vanity_url: - - /udemy - - application: - authorized_groups: - - team_moco_benefited - - team_mofo - - team_mozillaonline - - team_elance - authorized_users: [] - client_id: w8hBBYB30b12DqElacIQkFM6V2deEpwz - display: false - logo: auth0.png - name: getAbstract - Test - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/w8hBBYB30b12DqElacIQkFM6V2deEpwz - - application: - authorized_groups: - - team_moco_benefited - - team_mofo - - team_mozillaonline - - team_elance - authorized_users: [] - client_id: QdZOeq5zcpS23Ter4Er0hYmG2PjEZ9It - display: true - logo: getabstract.png - name: getAbstract - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/QdZOeq5zcpS23Ter4Er0hYmG2PjEZ9It - vanity_url: - - /getAbstract - - application: - authorized_groups: - - service_1password - authorized_users: [] - display: true - logo: 1password.png - name: 1password - op: auth0 - url: https://mozilla.1password.com/ - vanity_url: - - /1password - - application: - authorized_groups: - - team_pocket - authorized_users: [] - client_id: W9vcVP1mhAcg7EITFGSfWAsn6UwY88lR - display: true - logo: 250ok.png - name: 250ok - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/W9vcVP1mhAcg7EITFGSfWAsn6UwY88lR - vanity_url: - - /250ok - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: HNCCtcr6z8ZpFX3rT0K3SyDcNonByaUG - display: false - logo: auth0.png - name: fxa-admin-panel.stage.mozaws.net - op: auth0 - url: https://fxa-admin-panel.stage.mozaws.net/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: GYCcYQfcwVU9lwKF8WT4AvYufBvtp7yx - display: false - logo: auth0.png - name: fxa-admin-panel.prod.mozaws.net - op: auth0 - url: https://fxa-admin-panel.prod.mozaws.net/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: uSpi6gd7ZqdjA3PwtJ4CavG29DQJla4Y - display: false - logo: auth0.png - name: stats.voice.mozit.cloud - op: auth0 - url: https://stats.voice.mozit.cloud/ - - application: - authorized_groups: - - stripe_subplat_admin - - stripe_subplat_analyst - - stripe_subplat_developer - - stripe_subplat_supportsp - - stripe_subplat_viewonly - authorized_users: [] - client_id: cEfnJekrSStxxxBascTjNEDAZVUPAIU2 - display: true - logo: stripe.png - name: Stripe (subplat) - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/cEfnJekrSStxxxBascTjNEDAZVUPAIU2 - vanity_url: - - /stripe-subplat - - application: - authorized_groups: - - team_moco - - team_mozillaonline - authorized_users: [] - client_id: axRGaXPRd5pe60fnEllluSN76MefFX1E - display: true - logo: cultureamp.png - name: Culture Amp - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/axRGaXPRd5pe60fnEllluSN76MefFX1E - vanity_url: - - /cultureamp - - application: - authorized_groups: - - team_mofo - authorized_users: [] - client_id: 4b1qHRbxLmNLEBgXMi5eYP0sJn5p6q7l - display: true - logo: cultureamp.png - name: Mozilla Foundation Culture Amp - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/4b1qHRbxLmNLEBgXMi5eYP0sJn5p6q7l - vanity_url: - - /mofo-cultureamp - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: HrdSoUsSJiJOKH2MICEXRXGMxTxUK5fa - display: false - logo: auth0.png - name: stage.statping.nonprod.dataops.mozgcp.net - op: auth0 - url: https://stage.statping.nonprod.dataops.mozgcp.net/openid/callback/login - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - - team_mozillaonline - authorized_users: [] - client_id: pozwk4HuT6AELY5Mf1oZPDdIDUo6VId4 - display: false - logo: auth0.png - name: health.telemetry.mozilla.org - op: auth0 - url: https://health.telemetry.mozilla.org/openid/callback/login - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: Nqo9YvvVxjpLDLPv7YGmpJXv2JNraUtH - display: true - logo: smartling.png - name: Smartling - op: auth0 - url: https://sso.smartling.com/sso-apps/dashboard/accounts/3f16c2f8 - - application: - authorized_groups: - - team_moco - - team_mofo - - team_pocket - - team_mozillaonline - authorized_users: [] - client_id: i1qBrMjJEdKlTNEVgGwc9P0xFxI9cuD8 - display: true - logo: tripactions.png - name: TripActions - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/i1qBrMjJEdKlTNEVgGwc9P0xFxI9cuD8 - vanity_url: - - /tripactions - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: XCRyDou6ETr873QKnjaFgNsuiLKl6Oj2 # https://bugzilla.mozilla.org/show_bug.cgi?id=1681831 - display: false - logo: auth0.png - name: experimenter.stage.mozaws.net - op: auth0 - url: https://stage.experimenter.nonprod.dataops.mozgcp.net/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: K1fsiDh5Ta7pc7BrEECi2VLhPyqHwy4r - display: false - logo: auth0.png - name: bugzilla-dev.allizom.org - op: auth0 - url: https://bugzilla-dev.allizom.org - - application: - authorized_groups: - - team_moco - - team_mofo - authorized_users: [] - client_id: wXpnkKIgoucVrybZmxiPnnpeSqn816qD - display: false - logo: auth0.png - name: ValiMail - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/wXpnkKIgoucVrybZmxiPnnpeSqn816qD - - application: - authorized_groups: - - mozilliansorg_everestemailsuite - authorized_users: [] - client_id: 04UuoOzA5CoCWRQqKbsYc6uM1p0a4WlY - display: true - logo: everest.png - name: Everest - op: auth0 - url: https://everest.validity.com/saml/mozilla?sso - vanity_url: - - /everest - - application: - authorized_groups: - - mozilliansorg_finance_planful - authorized_users: [] - client_id: H5ddlJSCfGP8ab65EnWaB2sd541CJAlM - display: true - logo: planful.png - name: Planful - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/H5ddlJSCfGP8ab65EnWaB2sd541CJAlM - vanity_url: - - /planful - - application: - authorized_groups: - - team_moco - - team_mofo - client_id: SS69h1GdOidHxtxeWLG2ryO5c6BYnj6O - authorized_users: [] - display: true - logo: compiler_explorer.png - name: Compiler Explorer - op: auth0 - url: https://foxyeah.com - vanity_url: - - /compiler_explorer - - application: - authorized_groups: - - team_relops - authorized_users: [] - client_id: D2MqgpKSZJKpovi6Dw74L4FUU4r5hEcR - display: false - logo: auth0.png - name: Relops Vault - op: auth0 - url: https://vault.relops.mozops.net:8200/ui/vault/auth?with=oidc - - application: - authorized_groups: - - team_moco - authorized_users: [] - client_id: qr9gHxVa4UPxItn327rtu2DYnhoKilH4 - display: false - logo: auth0.png - name: Learnerbly - op: auth0 - url: https://app.learnerbly.com/auth-init/?customProvider=9bd4f3ef - vanity_url: - - /learnerbly - - application: - authorized_groups: - - mozilliansorg_web-sre-papertrail-access - authorized_users: [] - client_id: QSbhAzqUlqCSWt6iAV45um5DDGdhhDTR - display: true - logo: papertrail-logo.png - name: Papertrail Web SRE - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/QSbhAzqUlqCSWt6iAV45um5DDGdhhDTR - vanity_url: - - /papertrail-websre - - application: - authorized_groups: - - team_moco - authorized_users: [] - client_id: 6T3nWVBk9uTyzXSGfxq21UtZ3jAaracA - display: true - logo: everfi.png - name: Everfi - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/6T3nWVBk9uTyzXSGfxq21UtZ3jAaracA - vanity_url: - - /everfi - - application: - authorized_groups: - - team_opsec - - team_secops - authorized_users: [] - client_id: eEAeYh6BMPfRyiSDax0tejjxkWi22zkP - display: true - logo: bitsight.png - name: BitSight - op: auth0 - url: https://service.bitsighttech.com/sso/mozilla-corporation/ - vanity_url: - - /bitsight - - application: - authorized_groups: - - team_secops - - team_opsec - - team_netops - authorized_users: [] - client_id: oU7d3KS3RqCYDFprG0nQD7eBPeO7uWyl - display: true - logo: splunk.png - name: Splunk Security SC - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/oU7d3KS3RqCYDFprG0nQD7eBPeO7uWyl - - application: - authorized_groups: - - team_secops - - team_opsec - - team_netops - authorized_users: [] - client_id: vKsQfVnX140zaI4R8bgij0cyUhrv9k2t - display: true - logo: splunk.png - name: Splunk Security ES - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/vKsQfVnX140zaI4R8bgij0cyUhrv9k2t - - application: - authorized_groups: - - team_secops - - team_opsec - - team_netops - authorized_users: [] - client_id: GbOYKyYEIIfgu34Aq2ykl8vTnGfQ28aq - display: true - logo: splunk.png - name: Splunk Security Dev - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/GbOYKyYEIIfgu34Aq2ykl8vTnGfQ28aq - - application: - authorized_groups: - - mozilliansorg_sendgrid-access - authorized_users: [] - client_id: tc4KWmjurzZJpqF3HCXcWeo7xlycNLp7 - display: true - logo: sendgrid.png - name: Twilio Sendgrid - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/tc4KWmjurzZJpqF3HCXcWeo7xlycNLp7 - vanity_url: - - /sendgrid - - application: - authorized_groups: - - mozilliansorg_talentwall-access - authorized_users: [] - client_id: 2igLHKcnjKFZDp5qOzONLM951lnJscOu - display: true - logo: talentwall.png - name: TalentWall - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/2igLHKcnjKFZDp5qOzONLM951lnJscOu - vanity_url: - - /talentwall - - application: - authorized_groups: - - mozilliansorg_helpscout-access - authorized_users: [] - client_id: 7CQiBSkH46JQsZDivIxXdB5KE9iAdDAD - display: true - logo: helpscout.png - name: Help Scout - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/7CQiBSkH46JQsZDivIxXdB5KE9iAdDAD - vanity_url: - - /helpscout - - application: - authorized_groups: - - mozilliansorg_bitrise_access - authorized_users: [] - client_id: SgKK7ZZcUT8gLcZPYq229gCHBIyWV2kq - display: true - logo: bitrise.png - name: Bitrise - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/SgKK7ZZcUT8gLcZPYq229gCHBIyWV2kq - vanity_url: - - /bitrise - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 7M49iYODCiCGdldu4awmF2Pr6pHsRZDe - display: false - logo: auth0.png - name: settings.dev.mozaws.net - op: auth0 - url: https://settings.dev.mozaws.net/v1/admin/ - - application: - authorized_groups: - - hris_is_staff - - team_moco - - team_mofo - authorized_users: [] - client_id: 12lnezLro7iC57ooPPPpVeGHXf8MhaRV - display: true - logo: textio.png - name: Textio - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/12lnezLro7iC57ooPPPpVeGHXf8MhaRV - vanity_url: - - /textio - - application: - authorized_groups: - - hris_is_staff - - team_moco - authorized_users: [] - client_id: hYQggi94XNgMBJCuENbUA1ec7uoRLecO - display: true - logo: fivetran.png - name: Fivetran - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/hYQggi94XNgMBJCuENbUA1ec7uoRLecO - vanity_url: - - /fivetran - - application: - authorized_groups: - - team_moco - authorized_users: [] - client_id: qyHptHsoTtUJR9K4xDirWZUy30cqpeWT - display: false - logo: auth0.png - name: Internal Pocket Admin Tools - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/qyHptHsoTtUJR9K4xDirWZUy30cqpeWT - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: QEM7xyeM5Bqxo5zfxvrQDWyL4Hx3F11a - display: false - logo: auth0.png - name: connect.allizom.org - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/QEM7xyeM5Bqxo5zfxvrQDWyL4Hx3F11a - vanity_url: - - /connect-stage - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: oAm19NujSERGPVL76RXh31wW5J6KnLRw - display: false - logo: auth0.png - name: connect.mozilla.org - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/oAm19NujSERGPVL76RXh31wW5J6KnLRw - vanity_url: - - /connect - - application: - authorized_groups: - - team_mozillaonline - - team_moco - - team_mofo - authorized_users: [] - client_id: 94A5PWkgKK2sJKxUnF8O8k5rNtEMdngk - display: true - logo: sentry.png - name: Sentry.io - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/94A5PWkgKK2sJKxUnF8O8k5rNtEMdngk - vanity_url: - - /sentry - - application: - authorized_groups: - - mozilliansorg_looker-people-access - authorized_users: [] - client_id: h0xnB8lHw5Gfapsg0AA8XH8jZvT1FEBv - display: true - logo: looker.png - name: Looker (People) - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/h0xnB8lHw5Gfapsg0AA8XH8jZvT1FEBv - vanity_url: - - /looker-people - - application: - AAL: LOW - authorized_groups: - - everyone - authorized_users: [] - client_id: XNmXEZhGfNaYltbCKustGunTbH0r8Gkp - display: false - logo: auth0.png - name: demo.kinto-storage.org - op: auth0 - url: https://demo.kinto-storage.org/v1/admin/ - - application: - authorized_groups: - - team_pocket - authorized_users: [] - client_id: kIaT2UagYzIAUmR0nAlvjZu6x388jR5t - display: true - logo: sentry.png - name: Sentry.io (Pocket) - op: auth0 - url: https://auth.mozilla.auth0.com/samlp/kIaT2UagYzIAUmR0nAlvjZu6x388jR5t - vanity_url: - - /sentry-pocket diff --git a/dashboard/logging.yml b/dashboard/logging.yml index f3c5ff5f..d0920d28 100644 --- a/dashboard/logging.yml +++ b/dashboard/logging.yml @@ -11,20 +11,12 @@ handlers: level: DEBUG formatter: plaintext stream: ext://sys.stdout - watchtower: - formatter: json - level: INFO - (): watchtower.CloudWatchLogHandler - log_group: sso-dashboard - stream_name: flask - send_interval: 1 - create_log_group: False loggers: sso-dashboard: - handlers: [console, watchtower] + handlers: [console] __main__: - handlers: [console, watchtower] + handlers: [console] root: - handlers: [console, watchtower] + handlers: [console] requests: - handlers: [console, watchtower] + handlers: [console] diff --git a/dashboard/models/alert.py b/dashboard/models/alert.py index e4ea581e..675f28bc 100644 --- a/dashboard/models/alert.py +++ b/dashboard/models/alert.py @@ -36,9 +36,7 @@ def connect_ssm(self): def get_sns_arn(self): self.connect_ssm() - response = self.ssm.get_parameter( - Name="sso-dashboard-alerts-sns", WithDecryption=False - ) + response = self.ssm.get_parameter(Name="sso-dashboard-alerts-sns", WithDecryption=False) return response.get("Parameter").get("Value") @@ -109,18 +107,12 @@ def find_or_create_by(self, alert_dict, user_id): # If the alert is duplicate false do not create another instance of it. for alert in current_alerts.get("visible_alerts"): try: - if ( - alert.get("alert_code") == alert_dict.get("alert_code") and alert_dict.get("duplicate") is False - ): + if alert.get("alert_code") == alert_dict.get("alert_code") and alert_dict.get("duplicate") is False: return None else: continue except AttributeError as e: - logger.error( - "Bad data in alerts table for user: {}, exception was {}".format( - user_id, e - ) - ) + logger.error("Bad data in alerts table for user: {}, exception was {}".format(user_id, e)) # Else create another alert. return self.create(alert_dict) @@ -146,9 +138,7 @@ def destroy(self, alert_id, user_id): """ self.connect_dynamodb() - response = self.dynamodb.delete_item( - Key={"alert_id": alert_id, "user_id": user_id} - ) + response = self.dynamodb.delete_item(Key={"alert_id": alert_id, "user_id": user_id}) return response @@ -194,9 +184,7 @@ def find(self, user_id): ) alerts.extend(response["Items"]) except Exception as e: - logger.error( - "Could not load alerts for user: {} due to: {}.".format(user_id, e) - ) + logger.error("Could not load alerts for user: {} due to: {}.".format(user_id, e)) alerts = [] inactive_alerts = [] @@ -272,9 +260,7 @@ def find_by_id(self, alert_id): """ self.connect_dynamodb() - response = self.dynamodb.query( - KeyConditionExpression=Key("alert_id").eq(alert_id) - ) + response = self.dynamodb.query(KeyConditionExpression=Key("alert_id").eq(alert_id)) if response.get("Items"): return response.get("Items")[0] @@ -319,23 +305,17 @@ def alert_firefox_out_of_date(self): "url_title": "Download", "duplicate": False, } - self.alert.find_or_create_by( - alert_dict=alert_dict, user_id=self.userinfo.get("user_id") - ) + self.alert.find_or_create_by(alert_dict=alert_dict, user_id=self.userinfo.get("user_id")) else: # Clear any active alerts for firefox out of date. alerts = self.alert.find(self.userinfo.get("user_id")) for alert in alerts.get("visible_alerts"): if alert.get("alert_code") == "63f675d8896f4fb2b3caa204c8c2761e": - self.alert.destroy( - alert_id=alert.get("alert_id"), user_id=alert.get("user_id") - ) + self.alert.destroy(alert_id=alert.get("alert_id"), user_id=alert.get("user_id")) def _firefox_info(self): - release_json = requests.get( - "https://product-details.mozilla.org/1.0/firefox_versions.json" - ) + release_json = requests.get("https://product-details.mozilla.org/1.0/firefox_versions.json") if release_json.status_code == 200: return release_json.json() else: @@ -375,9 +355,8 @@ def _firefox_out_of_date(self): if u_version.get("minor_version") < f_version.get("minor_version"): return True elif ( - u_version.get( - "minor_version" - ) == f_version.get("minor_version") and u_version.get("dot_version") is not None + u_version.get("minor_version") == f_version.get("minor_version") + and u_version.get("dot_version") is not None ): if u_version.get("dot_version") < f_version.get("dot_version"): return True @@ -436,9 +415,7 @@ def _create_fake_geolocation_alert(self): "source_ip": fake_ip, }, "severity": "NOTICE", - "summary": "{} NEWCOUNTRY {}, {} access from {}".format( - fake_email, fake_state, fake_country, fake_ip - ), + "summary": "{} NEWCOUNTRY {}, {} access from {}".format(fake_email, fake_state, fake_country, fake_ip), "tags": ["geomodel"], "url": "https://www.mozilla.org/alert", "utctimestamp": "{}+00:00".format(fake.iso8601()), @@ -448,9 +425,7 @@ def _create_fake_geolocation_alert(self): "alert_code": "416c65727447656f6d6f64656c", "user_id": self.user_id, "risk": "high", - "summary": "Did you recently login from {}, {} ({})?".format( - fake_state, fake_country, fake_ip - ), + "summary": "Did you recently login from {}, {} ({})?".format(fake_state, fake_country, fake_ip), "alert_str_json": json.dumps(original_alert_dict), "description": "This alert is created based on geo ip information about the last login of a user.", "date": str(fake.date(pattern="%Y-%m-%d", end_datetime=None)), diff --git a/dashboard/models/tile.py b/dashboard/models/tile.py index c86640e9..d8626b94 100644 --- a/dashboard/models/tile.py +++ b/dashboard/models/tile.py @@ -27,9 +27,7 @@ def is_updated(self): """Compare etag of what is in bucket to what is on disk.""" self.connect_s3() try: - self.client.head_object( - Bucket=self.s3_bucket, Key="apps.yml", IfMatch=self._etag() - ) + self.client.head_object(Bucket=self.s3_bucket, Key="apps.yml", IfMatch=self._etag()) return False except Exception as e: logger.error("Etags do not match as a result of {error}".format(error=e)) diff --git a/dashboard/models/user.py b/dashboard/models/user.py index cc1abb88..cf2116fd 100644 --- a/dashboard/models/user.py +++ b/dashboard/models/user.py @@ -15,20 +15,13 @@ def __init__(self, session, app_config): self.id_token = session.get("id_token", None) self.app_config = app_config self.userinfo = session.get("userinfo") - self.idvault_info = session.get("idvault_userinfo") def email(self): try: email = self.userinfo.get("email") except Exception as e: - logger.error( - "The email attribute does no exists falling back to OIDC Conformant: {}.".format( - e - ) - ) - email = self.userinfo.get("https://sso.mozilla.com/claim/emails")[0][ - "emails" - ] + logger.error("The email attribute does no exists falling back to OIDC Conformant: {}.".format(e)) + email = self.userinfo.get("https://sso.mozilla.com/claim/emails")[0]["emails"] return email def apps(self, app_list): @@ -44,28 +37,19 @@ def apps(self, app_list): @property def avatar(self): - if self.idvault_info: - picture_url = self.idvault_info.get("picture") - else: - picture_url = None - - return picture_url + return None def group_membership(self): """Return list of group membership if user is asserted from ldap.""" if self.userinfo.get("https://sso.mozilla.com/claim/groups", []) != []: - group_count = len( - self.userinfo.get("https://sso.mozilla.com/claim/groups", []) - ) + group_count = len(self.userinfo.get("https://sso.mozilla.com/claim/groups", [])) else: if self.userinfo.get("groups"): group_count = len(self.userinfo.get("groups", [])) else: group_count = 0 - if ( - "https://sso.mozilla.com/claim/groups" in self.userinfo.keys() and group_count > 0 - ): + if "https://sso.mozilla.com/claim/groups" in self.userinfo.keys() and group_count > 0: return self.userinfo["https://sso.mozilla.com/claim/groups"] if "groups" in self.userinfo.keys() and group_count > 0: @@ -77,22 +61,12 @@ def group_membership(self): @property def first_name(self): """Return user first_name.""" - try: - return self.idvault_info.get("firstName", "") - except KeyError: - return "" - except AttributeError: - return "" + return "" @property def last_name(self): """Return user last_name.""" - try: - return self.idvault_info.get("lastName", "") - except KeyError: - return "" - except AttributeError: - return "" + return "" def user_identifiers(self): """Construct a list of potential user identifiers to match on.""" @@ -110,21 +84,15 @@ def take_alert_action(self, alert_id, alert_action, helpfulness=None): alert_dict["last_update"] = int(time.time()) if alert_action == "acknowledge": - logger.info( - "An alert was acked for {uid}.".format(uid=self.userinfo["sub"]) - ) + logger.info("An alert was acked for {uid}.".format(uid=self.userinfo["sub"])) alert_dict["state"] = alert_action res = a.update(alert_id=alert_id, alert_dict=alert_dict) elif alert_action == "escalate": - logger.info( - "An alert was escalated for {uid}.".format(uid=self.userinfo["sub"]) - ) + logger.info("An alert was escalated for {uid}.".format(uid=self.userinfo["sub"])) alert_dict["state"] = alert_action res = a.update(alert_id=alert_id, alert_dict=alert_dict) elif alert_action == "indicate-helpfulness": - logger.info( - "Alert helpfulness was set for {uid}.".format(uid=self.userinfo["sub"]) - ) + logger.info("Alert helpfulness was set for {uid}.".format(uid=self.userinfo["sub"])) alert_dict["helpfulness"] = helpfulness res = a.update(alert_id=alert_id, alert_dict=alert_dict) else: @@ -142,9 +110,7 @@ def _is_authorized(self, app): return False elif "everyone" in app["application"]["authorized_groups"]: return True - elif set(app["application"]["authorized_groups"]) & set( - self.group_membership() - ): + elif set(app["application"]["authorized_groups"]) & set(self.group_membership()): return True elif set(app["application"]["authorized_users"]) & set(self.user_identifiers()): return True @@ -205,21 +171,15 @@ def alerts(self): "description": "This alert is created based on geo ip information about the last login of a user.", "duplicate": True, "risk": "medium", - "summary": "Did you recently login from {}, {}?".format( - fake.city(), fake.country() - ), + "summary": "Did you recently login from {}, {}?".format(fake.city(), fake.country()), "url": "https://mana.mozilla.org/wiki/display/SECURITY/Alert%3A+Change+in+Country", "url_title": "Get Help", "user_id": "ad|Mozilla-LDAP|fakeuser", "details": { - "Timestamp": fake.date_time_this_year().strftime( - "%A, %B %d %Y %H:%M UTC" - ), + "Timestamp": fake.date_time_this_year().strftime("%A, %B %d %Y %H:%M UTC"), "New Location": "{}, {}".format(fake.city(), fake.country()), "New IP": "{} ({})".format(fake.ipv4(), fake.company()), - "Previous Location": "{}, {}".format( - fake.city(), fake.country() - ), + "Previous Location": "{}, {}".format(fake.city(), fake.country()), }, }, { diff --git a/dashboard/oidc_auth.py b/dashboard/oidc_auth.py index aae35954..3688f728 100644 --- a/dashboard/oidc_auth.py +++ b/dashboard/oidc_auth.py @@ -4,7 +4,9 @@ from josepy.jws import JWS """Class that governs all authentication with open id connect.""" -from flask_pyoidc.flask_pyoidc import OIDCAuthentication +from flask_pyoidc import OIDCAuthentication +from flask_pyoidc.provider_configuration import ClientMetadata +from flask_pyoidc.provider_configuration import ProviderConfiguration logger = logging.getLogger(__name__) @@ -17,17 +19,21 @@ def __init__(self, configuration): self.oidc_config = configuration def client_info(self): - client_info = {"client_id": self.oidc_config.client_id, "client_secret": self.oidc_config.client_secret} + client_info = ClientMetadata(client_id=self.oidc_config.client_id, client_secret=self.oidc_config.client_secret) return client_info - def get_oidc(self, app): - extra_request_args = {"scope": ["openid", "profile"]} - o = OIDCAuthentication( - app, + def provider_info(self): + auth_request_params = {"scope": ["openid", "profile", "email"]} + provider_config = ProviderConfiguration( issuer="https://{DOMAIN}".format(DOMAIN=self.oidc_config.OIDC_DOMAIN), - client_registration_info=self.client_info(), - extra_request_args=extra_request_args, + client_metadata=self.client_info(), + auth_request_params=auth_request_params, ) + return provider_config + + def get_oidc(self, app): + provider_info = self.provider_info() + o = OIDCAuthentication({"default": provider_info}, app) return o diff --git a/dashboard/op/yaml_loader.py b/dashboard/op/yaml_loader.py index 38d3def8..c3987a6d 100644 --- a/dashboard/op/yaml_loader.py +++ b/dashboard/op/yaml_loader.py @@ -30,6 +30,7 @@ def _load_data(self): def _render_data(self): for app in self.apps["apps"]: app["application"]["alt_text"] = app["application"]["name"] + app["application"]["name"] = self._truncate(app["application"]["name"]) def _alphabetize(self): self.apps["apps"].sort(key=lambda a: a["application"]["name"].lower()) @@ -46,6 +47,12 @@ def _has_vanity(self, app): except Exception: return False + def _truncate(self, app_name): + """If name is longer than allowed 18 chars truncate the name.""" + app_name = (app_name[:16] + "..") if len(app_name) > 18 else app_name + + return app_name + def vanity_urls(self): redirects = [] for app in self.apps["apps"]: diff --git a/dashboard/person.py b/dashboard/person.py deleted file mode 100644 index cb1bc470..00000000 --- a/dashboard/person.py +++ /dev/null @@ -1,58 +0,0 @@ -import http.client -import json -# Commenting out in since CISv1 is no longer up and running -# todo: this will need to get modified to reach out to person api v2 -# import urllib - -from dashboard import config - - -class API(object): - """Retrieve data from person api as needed. Will eventually replace Mozillians API""" - - def __init__(self): - """ - :param session: the flask session to update with userinfo - """ - self.config = config.OIDCConfig() - self.person_api_url = self._get_url() - - def get_bearer(self): - conn = http.client.HTTPSConnection(self.config.OIDC_DOMAIN) - payload = json.dumps( - { - "client_id": self.config.OIDC_CLIENT_ID, - "client_secret": self.config.OIDC_CLIENT_SECRET, - "audience": "https://{}".format(self._get_url()), - "grant_type": "client_credentials", - } - ) - - headers = {"content-type": "application/json"} - - conn.request("POST", "/oauth/token", payload, headers) - res = conn.getresponse() - data = res.read() - return json.loads(data.decode("utf-8")) - - def get_userinfo(self, auth_zero_id): - return - # # Commenting out in since CISv1 is no longer up and running - # # todo: this will need to get modified to reach out to person api v2 - # user_id = urllib.parse.quote(auth_zero_id) - # conn = http.client.HTTPSConnection("{}".format(self.person_api_url)) - # token = "Bearer {}".format(self.get_bearer().get("access_token")) - - # headers = {"authorization": token} - - # conn.request("GET", "/v1/profile/{}".format(user_id), headers=headers) - - # res = conn.getresponse() - # data = res.read() - # return json.loads(json.loads(data.decode("utf-8")).get("body")) - - def _get_url(self): - if self.config.OIDC_DOMAIN == "auth.mozilla.auth0.com": - return "person-api.sso.mozilla.com" - else: - return "person-api.sso.allizom.org" diff --git a/dashboard/static/css/base.scss b/dashboard/static/css/base.scss index 2da860a3..f0e3db13 100644 --- a/dashboard/static/css/base.scss +++ b/dashboard/static/css/base.scss @@ -1,8 +1,3 @@ -:root { - --logo-width: 130px; - --logo-padding: 10px; - --logo-border: 1px; -} @font-face { font-family: 'Open Sans'; font-weight: normal; @@ -43,10 +38,8 @@ $bggray: #f8f8f8; $yellow: #faba00; $blue: #229dc4; $red: #d04437; - $appbar-height: 70px; - -$alert-low: #cccccc; +$alert-low: #ccc; $alert-medium: #4a6785; $alert-high: #ffd351; $alert-maximum: #d04437; @@ -288,7 +281,7 @@ body { #alert-nightly { display: none; - @media all and (max-width: 767px) { + @media all and (width <= 767px) { visibility: hidden; padding: 0; height: 0; @@ -305,7 +298,7 @@ body { overflow: hidden; // establish a new block formatting context // this is the width which comfortably fits a risk indicator and text content - @media (min-width: 40em) { + @media (width >= 40em) { padding: 0.5em 1em; } @@ -345,7 +338,7 @@ body { text-align: center; margin: 1em 0; - @media (min-width: 40em) { + @media (width >= 40em) { position: absolute; left: 1em; top: 1em; @@ -361,16 +354,15 @@ body { margin: 1em 0; max-width: 60em; - @media (min-width: 40em) { + @media (width >= 40em) { margin: 1em auto; padding-left: 11em; /* always have space for abs pos risk indicator */ - padding-right: 11em; /* balance space on left*/ + padding-right: 11em; /* balance space on left */ } } .alert-message { - - @media all and (max-width: 767px) { + @media all and (width <= 767px) { margin-bottom: 10px; } @@ -496,11 +488,10 @@ body { padding-left: 0; list-style: none; display: flex; - flex-direction: row; - flex-wrap: wrap; + flex-flow: row wrap; justify-content: center; - @media all and (max-width: 767px) { + @media all and (width <= 767px) { width: 100%; margin: auto; } @@ -531,18 +522,18 @@ body { .app-logo { background-color: white; - border: var(--logo-border) solid $lightgray; - padding: var(--logo-padding); - width: var(--logo-width); - height: var(--logo-width); + border: 1px solid $lightgray; + padding: 10px; + width: 130px; + height: 130px; display: table-cell; vertical-align: middle; img { display: block; margin: 0 auto; - max-width: calc(var(--logo-width) - 10px); - max-height: calc(var(--logo-width) - 10px); + max-width: 120px; + max-height: 120px; } &.yellow-border { @@ -553,10 +544,6 @@ body { .app-name { color: black; margin: 10px 0; - text-overflow: ellipsis; - white-space: nowrap; - overflow: hidden; - width: calc(var(--logo-width) + (var(--logo-padding) * 2) + (var(--logo-border) * 2)); } } } @@ -596,7 +583,7 @@ body { .alert-panel { background-color: white; box-shadow: 7px 7px 0 0 #d3d3d3; - margin: 0 auto 40px auto; + margin: 0 auto 40px; max-width: 100%; width: 775px; @@ -673,8 +660,8 @@ body { margin: 30px 0 0 10px; text-transform: none; - @media all and (max-width: 543px) { - margin: 20px 0 0 0; + @media all and (width <= 543px) { + margin: 20px 0 0; } img { @@ -702,7 +689,7 @@ body { margin: 0 auto; max-width: 30em; - @media (min-width: 50em) { + @media (width >= 50em) { padding-left: 14em; } @@ -714,7 +701,7 @@ body { legend { margin: 1em 0 0; - @media (min-width: 50em) { + @media (width >= 50em) { margin: 1.5em 0; position: absolute; left: 0; @@ -748,13 +735,13 @@ body { } &:first-of-type { - @media (min-width: 50em) { + @media (width >= 50em) { border-radius: 2em 0 0 2em; } } &:last-of-type { - @media (min-width: 50em) { + @media (width >= 50em) { border-radius: 0 2em 2em 0; } } @@ -780,7 +767,7 @@ body { .panel { background-color: white; - box-shadow: 5px 5px 0 0 rgba(217, 217, 217, 1); + box-shadow: 5px 5px 0 0 rgb(217 217 217 / 100%); margin-top: 100px; padding: 40px 60px; text-align: center; @@ -979,7 +966,7 @@ footer { .panel { background-color: #f4f4f4; - box-shadow: 5px 5px 0 0 rgba(217, 217, 217, 1); + box-shadow: 5px 5px 0 0 rgb(217 217 217 / 100%); color: black; padding: 30px; position: relative; @@ -987,7 +974,7 @@ footer { width: 570px; max-width: 90%; - &:before { + &::before { content: ' '; position: absolute; width: 0; @@ -995,7 +982,7 @@ footer { left: 30px; top: -40px; border: 25px solid; - border-color: transparent transparent #f4f4f4 transparent; + border-color: transparent transparent #f4f4f4; } h2 { @@ -1061,7 +1048,7 @@ footer { } } -@media all and (max-width: 991px) { +@media all and (width <= 991px) { .error-page { @@ -1075,7 +1062,7 @@ footer { } } -@media all and (max-width: 767px) { +@media all and (width <= 767px) { .mui-appbar .filter .mui-textfield input { width: 240px; @@ -1123,8 +1110,7 @@ footer { } } -@media all and (max-width: 543px) { - +@media all and (width <= 543px) { $appbar-height: 80px; .mui-appbar { @@ -1340,7 +1326,7 @@ footer { } } -@media all and (max-width: 359px) { +@media all and (width <= 359px) { .mui-appbar { diff --git a/dashboard/static/img/alerts/alert-white.svg b/dashboard/static/img/alerts/alert-white.svg index 045dd03f..ded66430 100644 --- a/dashboard/static/img/alerts/alert-white.svg +++ b/dashboard/static/img/alerts/alert-white.svg @@ -9,4 +9,4 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/alerts/arrow-right-white.svg b/dashboard/static/img/alerts/arrow-right-white.svg index d16e5d04..fcebd997 100644 --- a/dashboard/static/img/alerts/arrow-right-white.svg +++ b/dashboard/static/img/alerts/arrow-right-white.svg @@ -9,4 +9,4 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/alerts/info-white.svg b/dashboard/static/img/alerts/info-white.svg index 04f87581..ffca8e9f 100644 --- a/dashboard/static/img/alerts/info-white.svg +++ b/dashboard/static/img/alerts/info-white.svg @@ -9,4 +9,4 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/alerts/notification-white.svg b/dashboard/static/img/alerts/notification-white.svg index 9526428b..911f9b2f 100644 --- a/dashboard/static/img/alerts/notification-white.svg +++ b/dashboard/static/img/alerts/notification-white.svg @@ -9,4 +9,4 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/email.svg b/dashboard/static/img/email.svg index 530a2ab6..5194d9d3 100644 --- a/dashboard/static/img/email.svg +++ b/dashboard/static/img/email.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/feedback.svg b/dashboard/static/img/feedback.svg index 884a7380..394e1b15 100644 --- a/dashboard/static/img/feedback.svg +++ b/dashboard/static/img/feedback.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/github.svg b/dashboard/static/img/github.svg index 0240f2ee..c90a1f26 100644 --- a/dashboard/static/img/github.svg +++ b/dashboard/static/img/github.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/legal.svg b/dashboard/static/img/legal.svg index 57ef7196..c95934fb 100644 --- a/dashboard/static/img/legal.svg +++ b/dashboard/static/img/legal.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/logout.svg b/dashboard/static/img/logout.svg index c9291082..28dd347e 100644 --- a/dashboard/static/img/logout.svg +++ b/dashboard/static/img/logout.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/mozilla-m.svg b/dashboard/static/img/mozilla-m.svg index dd0d8d0d..12dfe47c 100644 --- a/dashboard/static/img/mozilla-m.svg +++ b/dashboard/static/img/mozilla-m.svg @@ -1,2 +1 @@ - diff --git a/dashboard/static/img/mozilla.svg b/dashboard/static/img/mozilla.svg index c60ec66e..4f953c0d 100644 --- a/dashboard/static/img/mozilla.svg +++ b/dashboard/static/img/mozilla.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/privacy.svg b/dashboard/static/img/privacy.svg index 49477a3e..ef262dd0 100644 --- a/dashboard/static/img/privacy.svg +++ b/dashboard/static/img/privacy.svg @@ -1,2 +1 @@ - diff --git a/dashboard/static/img/request.svg b/dashboard/static/img/request.svg index 2906b48d..dcdcdc42 100644 --- a/dashboard/static/img/request.svg +++ b/dashboard/static/img/request.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/search-w.svg b/dashboard/static/img/search-w.svg index 569d3dad..ddac7176 100644 --- a/dashboard/static/img/search-w.svg +++ b/dashboard/static/img/search-w.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/search.svg b/dashboard/static/img/search.svg index 75df1ad4..9f567c3e 100644 --- a/dashboard/static/img/search.svg +++ b/dashboard/static/img/search.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/settings.svg b/dashboard/static/img/settings.svg index eda002e5..c53c9184 100644 --- a/dashboard/static/img/settings.svg +++ b/dashboard/static/img/settings.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/img/success.svg b/dashboard/static/img/success.svg index 0005c5ba..da097cd7 100644 --- a/dashboard/static/img/success.svg +++ b/dashboard/static/img/success.svg @@ -1 +1 @@ - \ No newline at end of file + diff --git a/dashboard/static/lib/mui/packages/cdn/css/mui.min.css b/dashboard/static/lib/mui/packages/cdn/css/mui.min.css index 806a570b..89e4f336 100644 --- a/dashboard/static/lib/mui/packages/cdn/css/mui.min.css +++ b/dashboard/static/lib/mui/packages/cdn/css/mui.min.css @@ -1 +1 @@ -/*! normalize.css v5.0.0 | MIT License | github.com/necolas/normalize.css */html{font-family:sans-serif;line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,main{display:block}figure{margin:1em 40px}hr{box-sizing:content-box;height:0;overflow:visible}pre{font-family:monospace,monospace;font-size:1em}a{background-color:transparent;-webkit-text-decoration-skip:objects}a:active,a:hover{outline-width:0}abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}b,strong{font-weight:inherit}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace,monospace;font-size:1em}dfn{font-style:italic}mark{background-color:#ff0;color:#000}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sub{bottom:-.25em}sup{top:-.5em}audio,video{display:inline-block}audio:not([controls]){display:none;height:0}img{border-style:none}svg:not(:root){overflow:hidden}button,input,optgroup,select,textarea{font-family:sans-serif;font-size:100%;line-height:1.15;margin:0}button,input{overflow:visible}button,select{text-transform:none}[type=reset],[type=submit],button,html [type=button]{-webkit-appearance:button}[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner,button::-moz-focus-inner{border-style:none;padding:0}[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring,button:-moz-focusring{outline:1px dotted ButtonText}fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}legend{box-sizing:border-box;color:inherit;display:table;max-width:100%;padding:0;white-space:normal}progress{display:inline-block;vertical-align:baseline}textarea{overflow:auto}[type=checkbox],[type=radio]{box-sizing:border-box;padding:0}[type=number]::-webkit-inner-spin-button,[type=number]::-webkit-outer-spin-button{height:auto}[type=search]{-webkit-appearance:textfield;outline-offset:-2px}[type=search]::-webkit-search-cancel-button,[type=search]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{-webkit-appearance:button;font:inherit}details,menu{display:block}summary{display:list-item}canvas{display:inline-block}template{display:none}[hidden]{display:none}html{font-size:10px;-webkit-tap-highlight-color:transparent}body{font-family:Arial,Verdana,Tahoma;font-size:14px;font-weight:400;line-height:1.429;color:rgba(0,0,0,.87);background-color:#FFF}a{color:#2196F3;text-decoration:none}a:focus,a:hover{text-decoration:underline}a:focus{outline:thin dotted;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}p{margin:0 0 10px}ol,ul{margin-top:0;margin-bottom:10px}hr{margin-top:20px;margin-bottom:20px;border:0;height:1px;background-color:rgba(0,0,0,.12)}strong{font-weight:700}abbr[title]{cursor:help;border-bottom:1px dotted #2196F3}h1,h2,h3{margin-top:20px;margin-bottom:10px}h4,h5,h6{margin-top:10px;margin-bottom:10px}.mui--appbar-height{height:56px}.mui--appbar-min-height,.mui-appbar{min-height:56px}.mui--appbar-line-height{line-height:56px}.mui--appbar-top{top:56px}@media (orientation:landscape) and (max-height:480px){.mui--appbar-height{height:48px}.mui--appbar-min-height,.mui-appbar{min-height:48px}.mui--appbar-line-height{line-height:48px}.mui--appbar-top{top:48px}}@media (min-width:480px){.mui--appbar-height{height:64px}.mui--appbar-min-height,.mui-appbar{min-height:64px}.mui--appbar-line-height{line-height:64px}.mui--appbar-top{top:64px}}.mui-appbar{background-color:#2196F3;color:#FFF}.mui-btn{font-weight:500;font-size:14px;line-height:18px;text-transform:uppercase;color:rgba(0,0,0,.87);background-color:#FFF;transition:all .2s ease-in-out;display:inline-block;height:36px;padding:0 26px;margin:6px 0;border:none;border-radius:2px;cursor:pointer;-ms-touch-action:manipulation;touch-action:manipulation;background-image:none;text-align:center;line-height:36px;vertical-align:middle;white-space:nowrap;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;font-size:14px;font-family:inherit;letter-spacing:.03em;position:relative;overflow:hidden}.mui-btn:active,.mui-btn:focus,.mui-btn:hover{color:rgba(0,0,0,.87);background-color:#fff}.mui-btn[disabled]:active,.mui-btn[disabled]:focus,.mui-btn[disabled]:hover{color:rgba(0,0,0,.87);background-color:#FFF}.mui-btn.mui-btn--flat{color:rgba(0,0,0,.87);background-color:transparent}.mui-btn.mui-btn--flat:active,.mui-btn.mui-btn--flat:focus,.mui-btn.mui-btn--flat:hover{color:rgba(0,0,0,.87);background-color:#f2f2f2}.mui-btn.mui-btn--flat[disabled]:active,.mui-btn.mui-btn--flat[disabled]:focus,.mui-btn.mui-btn--flat[disabled]:hover{color:rgba(0,0,0,.87);background-color:transparent}.mui-btn:active,.mui-btn:focus,.mui-btn:hover{outline:0;text-decoration:none;color:rgba(0,0,0,.87)}.mui-btn:focus,.mui-btn:hover{box-shadow:0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn:focus,.mui-btn:hover{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}}@supports (-ms-ime-align:auto){.mui-btn:focus,.mui-btn:hover{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}}.mui-btn:active:hover{box-shadow:0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn:active:hover{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}}@supports (-ms-ime-align:auto){.mui-btn:active:hover{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}}.mui-btn.mui--is-disabled,.mui-btn:disabled{cursor:not-allowed;pointer-events:none;opacity:.6;box-shadow:none}.mui-btn+.mui-btn{margin-left:8px}.mui-btn--flat{background-color:transparent}.mui-btn--flat:active,.mui-btn--flat:active:hover,.mui-btn--flat:focus,.mui-btn--flat:hover{box-shadow:none;background-color:#f2f2f2}.mui-btn--fab,.mui-btn--raised{box-shadow:0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn--fab,.mui-btn--raised{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}}@supports (-ms-ime-align:auto){.mui-btn--fab,.mui-btn--raised{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}}.mui-btn--fab:active,.mui-btn--raised:active{box-shadow:0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn--fab:active,.mui-btn--raised:active{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}}@supports (-ms-ime-align:auto){.mui-btn--fab:active,.mui-btn--raised:active{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}}.mui-btn--fab{position:relative;padding:0;width:55px;height:55px;line-height:55px;border-radius:50%;z-index:1}.mui-btn--primary{color:#FFF;background-color:#2196F3}.mui-btn--primary:active,.mui-btn--primary:focus,.mui-btn--primary:hover{color:#FFF;background-color:#39a1f4}.mui-btn--primary[disabled]:active,.mui-btn--primary[disabled]:focus,.mui-btn--primary[disabled]:hover{color:#FFF;background-color:#2196F3}.mui-btn--primary.mui-btn--flat{color:#2196F3;background-color:transparent}.mui-btn--primary.mui-btn--flat:active,.mui-btn--primary.mui-btn--flat:focus,.mui-btn--primary.mui-btn--flat:hover{color:#2196F3;background-color:#f2f2f2}.mui-btn--primary.mui-btn--flat[disabled]:active,.mui-btn--primary.mui-btn--flat[disabled]:focus,.mui-btn--primary.mui-btn--flat[disabled]:hover{color:#2196F3;background-color:transparent}.mui-btn--dark{color:#FFF;background-color:#424242}.mui-btn--dark:active,.mui-btn--dark:focus,.mui-btn--dark:hover{color:#FFF;background-color:#4f4f4f}.mui-btn--dark[disabled]:active,.mui-btn--dark[disabled]:focus,.mui-btn--dark[disabled]:hover{color:#FFF;background-color:#424242}.mui-btn--dark.mui-btn--flat{color:#424242;background-color:transparent}.mui-btn--dark.mui-btn--flat:active,.mui-btn--dark.mui-btn--flat:focus,.mui-btn--dark.mui-btn--flat:hover{color:#424242;background-color:#f2f2f2}.mui-btn--dark.mui-btn--flat[disabled]:active,.mui-btn--dark.mui-btn--flat[disabled]:focus,.mui-btn--dark.mui-btn--flat[disabled]:hover{color:#424242;background-color:transparent}.mui-btn--danger{color:#FFF;background-color:#F44336}.mui-btn--danger:active,.mui-btn--danger:focus,.mui-btn--danger:hover{color:#FFF;background-color:#f55a4e}.mui-btn--danger[disabled]:active,.mui-btn--danger[disabled]:focus,.mui-btn--danger[disabled]:hover{color:#FFF;background-color:#F44336}.mui-btn--danger.mui-btn--flat{color:#F44336;background-color:transparent}.mui-btn--danger.mui-btn--flat:active,.mui-btn--danger.mui-btn--flat:focus,.mui-btn--danger.mui-btn--flat:hover{color:#F44336;background-color:#f2f2f2}.mui-btn--danger.mui-btn--flat[disabled]:active,.mui-btn--danger.mui-btn--flat[disabled]:focus,.mui-btn--danger.mui-btn--flat[disabled]:hover{color:#F44336;background-color:transparent}.mui-btn--accent{color:#FFF;background-color:#FF4081}.mui-btn--accent:active,.mui-btn--accent:focus,.mui-btn--accent:hover{color:#FFF;background-color:#ff5a92}.mui-btn--accent[disabled]:active,.mui-btn--accent[disabled]:focus,.mui-btn--accent[disabled]:hover{color:#FFF;background-color:#FF4081}.mui-btn--accent.mui-btn--flat{color:#FF4081;background-color:transparent}.mui-btn--accent.mui-btn--flat:active,.mui-btn--accent.mui-btn--flat:focus,.mui-btn--accent.mui-btn--flat:hover{color:#FF4081;background-color:#f2f2f2}.mui-btn--accent.mui-btn--flat[disabled]:active,.mui-btn--accent.mui-btn--flat[disabled]:focus,.mui-btn--accent.mui-btn--flat[disabled]:hover{color:#FF4081;background-color:transparent}.mui-btn--small{height:30.6px;line-height:30.6px;padding:0 16px;font-size:13px}.mui-btn--large{height:54px;line-height:54px;padding:0 26px;font-size:14px}.mui-btn--fab.mui-btn--small{width:44px;height:44px;line-height:44px}.mui-btn--fab.mui-btn--large{width:75px;height:75px;line-height:75px}.mui-checkbox,.mui-radio{position:relative;display:block;margin-top:10px;margin-bottom:10px}.mui-checkbox>label,.mui-radio>label{min-height:20px;padding-left:20px;margin-bottom:0;font-weight:400;cursor:pointer}.mui-checkbox input:disabled,.mui-radio input:disabled{cursor:not-allowed}.mui-checkbox input:focus,.mui-radio input:focus{outline:thin dotted;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}.mui-checkbox--inline>label>input[type=checkbox],.mui-checkbox>label>input[type=checkbox],.mui-radio--inline>label>input[type=radio],.mui-radio>label>input[type=radio]{position:absolute;margin-left:-20px;margin-top:4px}.mui-checkbox+.mui-checkbox,.mui-radio+.mui-radio{margin-top:-5px}.mui-checkbox--inline,.mui-radio--inline{display:inline-block;padding-left:20px;margin-bottom:0;vertical-align:middle;font-weight:400;cursor:pointer}.mui-checkbox--inline>input[type=checkbox],.mui-checkbox--inline>input[type=radio],.mui-checkbox--inline>label>input[type=checkbox],.mui-checkbox--inline>label>input[type=radio],.mui-radio--inline>input[type=checkbox],.mui-radio--inline>input[type=radio],.mui-radio--inline>label>input[type=checkbox],.mui-radio--inline>label>input[type=radio]{margin:4px 0 0;line-height:normal}.mui-checkbox--inline+.mui-checkbox--inline,.mui-radio--inline+.mui-radio--inline{margin-top:0;margin-left:10px}.mui-container{box-sizing:border-box;margin-right:auto;margin-left:auto;padding-left:15px;padding-right:15px}.mui-container:after,.mui-container:before{content:" ";display:table}.mui-container:after{clear:both}@media (min-width:544px){.mui-container{max-width:570px}}@media (min-width:768px){.mui-container{max-width:740px}}@media (min-width:992px){.mui-container{max-width:960px}}@media (min-width:1200px){.mui-container{max-width:1170px}}.mui-container-fluid{box-sizing:border-box;margin-right:auto;margin-left:auto;padding-left:15px;padding-right:15px}.mui-container-fluid:after,.mui-container-fluid:before{content:" ";display:table}.mui-container-fluid:after{clear:both}.mui-divider{display:block;height:1px;background-color:rgba(0,0,0,.12)}.mui--divider-top{border-top:1px solid rgba(0,0,0,.12)}.mui--divider-bottom{border-bottom:1px solid rgba(0,0,0,.12)}.mui--divider-left{border-left:1px solid rgba(0,0,0,.12)}.mui--divider-right{border-right:1px solid rgba(0,0,0,.12)}.mui-dropdown{display:inline-block;position:relative}[data-mui-toggle=dropdown]{outline:0}.mui-dropdown__menu{position:absolute;top:100%;left:0;display:none;min-width:160px;padding:5px 0;margin:2px 0 0;list-style:none;font-size:14px;text-align:left;background-color:#FFF;border-radius:2px;z-index:1;background-clip:padding-box}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-dropdown__menu{border-top:1px solid rgba(0,0,0,.12);border-left:1px solid rgba(0,0,0,.12)}}@supports (-ms-ime-align:auto){.mui-dropdown__menu{border-top:1px solid rgba(0,0,0,.12);border-left:1px solid rgba(0,0,0,.12)}}.mui-dropdown__menu.mui--is-open{display:block}.mui-dropdown__menu>li>a{display:block;padding:3px 20px;clear:both;font-weight:400;line-height:1.429;color:rgba(0,0,0,.87);text-decoration:none;white-space:nowrap}.mui-dropdown__menu>li>a:focus,.mui-dropdown__menu>li>a:hover{text-decoration:none;color:rgba(0,0,0,.87);background-color:#EEE}.mui-dropdown__menu>.mui--is-disabled>a,.mui-dropdown__menu>.mui--is-disabled>a:focus,.mui-dropdown__menu>.mui--is-disabled>a:hover{color:#EEE}.mui-dropdown__menu>.mui--is-disabled>a:focus,.mui-dropdown__menu>.mui--is-disabled>a:hover{text-decoration:none;background-color:transparent;background-image:none;cursor:not-allowed}.mui-dropdown__menu--right{left:auto;right:0}.mui-form legend{display:block;width:100%;padding:0;margin-bottom:10px;font-size:21px;color:rgba(0,0,0,.87);line-height:inherit;border:0}.mui-form fieldset{border:0;padding:0;margin:0 0 20px 0}@media (min-width:544px){.mui-form--inline .mui-textfield{display:inline-block;vertical-align:bottom;margin-bottom:0}.mui-form--inline .mui-checkbox,.mui-form--inline .mui-radio{display:inline-block;margin-top:0;margin-bottom:0;vertical-align:middle}.mui-form--inline .mui-checkbox>label,.mui-form--inline .mui-radio>label{padding-left:0}.mui-form--inline .mui-checkbox>label>input[type=checkbox],.mui-form--inline .mui-radio>label>input[type=radio]{position:relative;margin-left:0}.mui-form--inline .mui-select{display:inline-block}.mui-form--inline .mui-btn{margin-bottom:0;margin-top:0;vertical-align:bottom}}.mui-row{margin-left:-15px;margin-right:-15px}.mui-row:after,.mui-row:before{content:" ";display:table}.mui-row:after{clear:both}.mui-col-lg-1,.mui-col-lg-10,.mui-col-lg-11,.mui-col-lg-12,.mui-col-lg-2,.mui-col-lg-3,.mui-col-lg-4,.mui-col-lg-5,.mui-col-lg-6,.mui-col-lg-7,.mui-col-lg-8,.mui-col-lg-9,.mui-col-md-1,.mui-col-md-10,.mui-col-md-11,.mui-col-md-12,.mui-col-md-2,.mui-col-md-3,.mui-col-md-4,.mui-col-md-5,.mui-col-md-6,.mui-col-md-7,.mui-col-md-8,.mui-col-md-9,.mui-col-sm-1,.mui-col-sm-10,.mui-col-sm-11,.mui-col-sm-12,.mui-col-sm-2,.mui-col-sm-3,.mui-col-sm-4,.mui-col-sm-5,.mui-col-sm-6,.mui-col-sm-7,.mui-col-sm-8,.mui-col-sm-9,.mui-col-xs-1,.mui-col-xs-10,.mui-col-xs-11,.mui-col-xs-12,.mui-col-xs-2,.mui-col-xs-3,.mui-col-xs-4,.mui-col-xs-5,.mui-col-xs-6,.mui-col-xs-7,.mui-col-xs-8,.mui-col-xs-9{box-sizing:border-box;min-height:1px;padding-left:15px;padding-right:15px}.mui-col-xs-1,.mui-col-xs-10,.mui-col-xs-11,.mui-col-xs-12,.mui-col-xs-2,.mui-col-xs-3,.mui-col-xs-4,.mui-col-xs-5,.mui-col-xs-6,.mui-col-xs-7,.mui-col-xs-8,.mui-col-xs-9{float:left}.mui-col-xs-1{width:8.33333%}.mui-col-xs-2{width:16.66667%}.mui-col-xs-3{width:25%}.mui-col-xs-4{width:33.33333%}.mui-col-xs-5{width:41.66667%}.mui-col-xs-6{width:50%}.mui-col-xs-7{width:58.33333%}.mui-col-xs-8{width:66.66667%}.mui-col-xs-9{width:75%}.mui-col-xs-10{width:83.33333%}.mui-col-xs-11{width:91.66667%}.mui-col-xs-12{width:100%}.mui-col-xs-offset-0{margin-left:0}.mui-col-xs-offset-1{margin-left:8.33333%}.mui-col-xs-offset-2{margin-left:16.66667%}.mui-col-xs-offset-3{margin-left:25%}.mui-col-xs-offset-4{margin-left:33.33333%}.mui-col-xs-offset-5{margin-left:41.66667%}.mui-col-xs-offset-6{margin-left:50%}.mui-col-xs-offset-7{margin-left:58.33333%}.mui-col-xs-offset-8{margin-left:66.66667%}.mui-col-xs-offset-9{margin-left:75%}.mui-col-xs-offset-10{margin-left:83.33333%}.mui-col-xs-offset-11{margin-left:91.66667%}.mui-col-xs-offset-12{margin-left:100%}@media (min-width:544px){.mui-col-sm-1,.mui-col-sm-10,.mui-col-sm-11,.mui-col-sm-12,.mui-col-sm-2,.mui-col-sm-3,.mui-col-sm-4,.mui-col-sm-5,.mui-col-sm-6,.mui-col-sm-7,.mui-col-sm-8,.mui-col-sm-9{float:left}.mui-col-sm-1{width:8.33333%}.mui-col-sm-2{width:16.66667%}.mui-col-sm-3{width:25%}.mui-col-sm-4{width:33.33333%}.mui-col-sm-5{width:41.66667%}.mui-col-sm-6{width:50%}.mui-col-sm-7{width:58.33333%}.mui-col-sm-8{width:66.66667%}.mui-col-sm-9{width:75%}.mui-col-sm-10{width:83.33333%}.mui-col-sm-11{width:91.66667%}.mui-col-sm-12{width:100%}.mui-col-sm-offset-0{margin-left:0}.mui-col-sm-offset-1{margin-left:8.33333%}.mui-col-sm-offset-2{margin-left:16.66667%}.mui-col-sm-offset-3{margin-left:25%}.mui-col-sm-offset-4{margin-left:33.33333%}.mui-col-sm-offset-5{margin-left:41.66667%}.mui-col-sm-offset-6{margin-left:50%}.mui-col-sm-offset-7{margin-left:58.33333%}.mui-col-sm-offset-8{margin-left:66.66667%}.mui-col-sm-offset-9{margin-left:75%}.mui-col-sm-offset-10{margin-left:83.33333%}.mui-col-sm-offset-11{margin-left:91.66667%}.mui-col-sm-offset-12{margin-left:100%}}@media (min-width:768px){.mui-col-md-1,.mui-col-md-10,.mui-col-md-11,.mui-col-md-12,.mui-col-md-2,.mui-col-md-3,.mui-col-md-4,.mui-col-md-5,.mui-col-md-6,.mui-col-md-7,.mui-col-md-8,.mui-col-md-9{float:left}.mui-col-md-1{width:8.33333%}.mui-col-md-2{width:16.66667%}.mui-col-md-3{width:25%}.mui-col-md-4{width:33.33333%}.mui-col-md-5{width:41.66667%}.mui-col-md-6{width:50%}.mui-col-md-7{width:58.33333%}.mui-col-md-8{width:66.66667%}.mui-col-md-9{width:75%}.mui-col-md-10{width:83.33333%}.mui-col-md-11{width:91.66667%}.mui-col-md-12{width:100%}.mui-col-md-offset-0{margin-left:0}.mui-col-md-offset-1{margin-left:8.33333%}.mui-col-md-offset-2{margin-left:16.66667%}.mui-col-md-offset-3{margin-left:25%}.mui-col-md-offset-4{margin-left:33.33333%}.mui-col-md-offset-5{margin-left:41.66667%}.mui-col-md-offset-6{margin-left:50%}.mui-col-md-offset-7{margin-left:58.33333%}.mui-col-md-offset-8{margin-left:66.66667%}.mui-col-md-offset-9{margin-left:75%}.mui-col-md-offset-10{margin-left:83.33333%}.mui-col-md-offset-11{margin-left:91.66667%}.mui-col-md-offset-12{margin-left:100%}}@media (min-width:992px){.mui-col-lg-1,.mui-col-lg-10,.mui-col-lg-11,.mui-col-lg-12,.mui-col-lg-2,.mui-col-lg-3,.mui-col-lg-4,.mui-col-lg-5,.mui-col-lg-6,.mui-col-lg-7,.mui-col-lg-8,.mui-col-lg-9{float:left}.mui-col-lg-1{width:8.33333%}.mui-col-lg-2{width:16.66667%}.mui-col-lg-3{width:25%}.mui-col-lg-4{width:33.33333%}.mui-col-lg-5{width:41.66667%}.mui-col-lg-6{width:50%}.mui-col-lg-7{width:58.33333%}.mui-col-lg-8{width:66.66667%}.mui-col-lg-9{width:75%}.mui-col-lg-10{width:83.33333%}.mui-col-lg-11{width:91.66667%}.mui-col-lg-12{width:100%}.mui-col-lg-offset-0{margin-left:0}.mui-col-lg-offset-1{margin-left:8.33333%}.mui-col-lg-offset-2{margin-left:16.66667%}.mui-col-lg-offset-3{margin-left:25%}.mui-col-lg-offset-4{margin-left:33.33333%}.mui-col-lg-offset-5{margin-left:41.66667%}.mui-col-lg-offset-6{margin-left:50%}.mui-col-lg-offset-7{margin-left:58.33333%}.mui-col-lg-offset-8{margin-left:66.66667%}.mui-col-lg-offset-9{margin-left:75%}.mui-col-lg-offset-10{margin-left:83.33333%}.mui-col-lg-offset-11{margin-left:91.66667%}.mui-col-lg-offset-12{margin-left:100%}}@media (min-width:1200px){.mui-col-xl-1,.mui-col-xl-10,.mui-col-xl-11,.mui-col-xl-12,.mui-col-xl-2,.mui-col-xl-3,.mui-col-xl-4,.mui-col-xl-5,.mui-col-xl-6,.mui-col-xl-7,.mui-col-xl-8,.mui-col-xl-9{float:left}.mui-col-xl-1{width:8.33333%}.mui-col-xl-2{width:16.66667%}.mui-col-xl-3{width:25%}.mui-col-xl-4{width:33.33333%}.mui-col-xl-5{width:41.66667%}.mui-col-xl-6{width:50%}.mui-col-xl-7{width:58.33333%}.mui-col-xl-8{width:66.66667%}.mui-col-xl-9{width:75%}.mui-col-xl-10{width:83.33333%}.mui-col-xl-11{width:91.66667%}.mui-col-xl-12{width:100%}.mui-col-xl-offset-0{margin-left:0}.mui-col-xl-offset-1{margin-left:8.33333%}.mui-col-xl-offset-2{margin-left:16.66667%}.mui-col-xl-offset-3{margin-left:25%}.mui-col-xl-offset-4{margin-left:33.33333%}.mui-col-xl-offset-5{margin-left:41.66667%}.mui-col-xl-offset-6{margin-left:50%}.mui-col-xl-offset-7{margin-left:58.33333%}.mui-col-xl-offset-8{margin-left:66.66667%}.mui-col-xl-offset-9{margin-left:75%}.mui-col-xl-offset-10{margin-left:83.33333%}.mui-col-xl-offset-11{margin-left:91.66667%}.mui-col-xl-offset-12{margin-left:100%}}.mui-panel{padding:15px;margin-bottom:20px;border-radius:0;background-color:#FFF;box-shadow:0 2px 2px 0 rgba(0,0,0,.16),0 0 2px 0 rgba(0,0,0,.12)}.mui-panel:after,.mui-panel:before{content:" ";display:table}.mui-panel:after{clear:both}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-panel{box-shadow:0 -1px 2px 0 rgba(0,0,0,.12),-1px 0 2px 0 rgba(0,0,0,.12),0 2px 2px 0 rgba(0,0,0,.16),0 0 2px 0 rgba(0,0,0,.12)}}@supports (-ms-ime-align:auto){.mui-panel{box-shadow:0 -1px 2px 0 rgba(0,0,0,.12),-1px 0 2px 0 rgba(0,0,0,.12),0 2px 2px 0 rgba(0,0,0,.16),0 0 2px 0 rgba(0,0,0,.12)}}.mui-select{display:block;padding-top:15px;margin-bottom:20px;position:relative}.mui-select:focus{outline:0}.mui-select:focus>select{height:33px;margin-bottom:-1px;border-color:#2196F3;border-width:2px}.mui-select>select{display:block;height:32px;width:100%;appearance:none;-webkit-appearance:none;-moz-appearance:none;outline:0;border:none;border-bottom:1px solid rgba(0,0,0,.26);border-radius:0;box-shadow:none;background-color:transparent;background-image:url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNiIgd2lkdGg9IjEwIj48cG9seWdvbiBwb2ludHM9IjAsMCAxMCwwIDUsNiIgc3R5bGU9ImZpbGw6cmdiYSgwLDAsMCwuMjQpOyIvPjwvc3ZnPg==);background-repeat:no-repeat;background-position:right center;cursor:pointer;color:rgba(0,0,0,.87);font-size:16px;font-family:inherit;line-height:inherit;padding:0 25px 0 0}.mui-select>select::-ms-expand{display:none}.mui-select>select:focus{outline:0;height:33px;margin-bottom:-1px;border-color:#2196F3;border-width:2px}.mui-select>select:disabled{color:rgba(0,0,0,.38);cursor:not-allowed;background-color:transparent;opacity:1}.mui-select>select:-moz-focusring{color:transparent;text-shadow:0 0 0 #000}.mui-select>select:focus::-ms-value{background:0 0;color:rgba(0,0,0,.87)}.mui-select>label{position:absolute;top:0;display:block;width:100%;color:rgba(0,0,0,.54);font-size:12px;font-weight:400;line-height:15px;overflow-x:hidden;text-overflow:ellipsis;white-space:nowrap}.mui-select:focus>label,.mui-select>select:focus~label{color:#2196F3}.mui-select__menu{position:absolute;z-index:2;min-width:100%;overflow-y:auto;padding:8px 0;background-color:#FFF;font-size:16px}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-select__menu{border-left:1px solid rgba(0,0,0,.12);border-top:1px solid rgba(0,0,0,.12)}}@supports (-ms-ime-align:auto){.mui-select__menu{border-left:1px solid rgba(0,0,0,.12);border-top:1px solid rgba(0,0,0,.12)}}.mui-select__menu>div{padding:0 22px;height:42px;line-height:42px;cursor:pointer;white-space:nowrap}.mui-select__menu>div.mui--is-selected{background-color:#EEE}.mui-select__menu>div.mui--is-disabled{color:rgba(0,0,0,.38);cursor:not-allowed}.mui-select__menu>div:not(.mui-optgroup__label):not(.mui--is-disabled):hover{background-color:#E0E0E0}.mui-optgroup__option{text-indent:1em}.mui-optgroup__label{color:rgba(0,0,0,.54);font-size:.9em}.mui-table{width:100%;max-width:100%;margin-bottom:20px}.mui-table>tbody>tr>th,.mui-table>tfoot>tr>th,.mui-table>thead>tr>th{text-align:left}.mui-table>tbody>tr>td,.mui-table>tbody>tr>th,.mui-table>tfoot>tr>td,.mui-table>tfoot>tr>th,.mui-table>thead>tr>td,.mui-table>thead>tr>th{padding:10px;line-height:1.429}.mui-table>thead>tr>th{border-bottom:2px solid rgba(0,0,0,.12);font-weight:700}.mui-table>tbody+tbody{border-top:2px solid rgba(0,0,0,.12)}.mui-table.mui-table--bordered>tbody>tr>td{border-bottom:1px solid rgba(0,0,0,.12)}.mui-tabs__bar{list-style:none;padding-left:0;margin-bottom:0;background-color:transparent;white-space:nowrap;overflow-x:auto}.mui-tabs__bar>li{display:inline-block}.mui-tabs__bar>li>a{display:block;white-space:nowrap;text-transform:uppercase;font-weight:500;font-size:14px;color:rgba(0,0,0,.87);cursor:default;height:48px;line-height:48px;padding-left:24px;padding-right:24px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.mui-tabs__bar>li>a:hover{text-decoration:none}.mui-tabs__bar>li.mui--is-active{border-bottom:2px solid #2196F3}.mui-tabs__bar>li.mui--is-active>a{color:#2196F3}.mui-tabs__bar.mui-tabs__bar--justified{display:table;width:100%;table-layout:fixed}.mui-tabs__bar.mui-tabs__bar--justified>li{display:table-cell}.mui-tabs__bar.mui-tabs__bar--justified>li>a{text-align:center;padding-left:0;padding-right:0}.mui-tabs__pane{display:none}.mui-tabs__pane.mui--is-active{display:block}.mui-textfield{display:block;padding-top:15px;margin-bottom:20px;position:relative}.mui-textfield>label{position:absolute;top:0;display:block;width:100%;color:rgba(0,0,0,.54);font-size:12px;font-weight:400;line-height:15px;overflow-x:hidden;text-overflow:ellipsis;white-space:nowrap}.mui-textfield>textarea{padding-top:5px}.mui-textfield>input:focus~label,.mui-textfield>textarea:focus~label{color:#2196F3}.mui-textfield--float-label>label{position:absolute;transform:translate(0,15px);font-size:16px;line-height:32px;color:rgba(0,0,0,.26);text-overflow:clip;cursor:text;pointer-events:none}.mui-textfield--float-label>input:focus~label,.mui-textfield--float-label>textarea:focus~label{transform:translate(0,0);font-size:12px;line-height:15px;text-overflow:ellipsis}.mui-textfield--float-label>input:not(:focus).mui--is-not-empty~label,.mui-textfield--float-label>input:not(:focus):not(:empty):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield--float-label>input:not(:focus)[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield--float-label>textarea:not(:focus).mui--is-not-empty~label,.mui-textfield--float-label>textarea:not(:focus):not(:empty):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield--float-label>textarea:not(:focus)[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty)~label{color:rgba(0,0,0,.54);font-size:12px;line-height:15px;transform:translate(0,0);text-overflow:ellipsis}.mui-textfield--wrap-label{display:table;width:100%;padding-top:0}.mui-textfield--wrap-label:not(.mui-textfield--float-label)>label{display:table-header-group;position:static;white-space:normal;overflow-x:visible}.mui-textfield>input,.mui-textfield>textarea{box-sizing:border-box;display:block;background-color:transparent;color:rgba(0,0,0,.87);border:none;border-bottom:1px solid rgba(0,0,0,.26);outline:0;width:100%;padding:0;box-shadow:none;border-radius:0;font-size:16px;font-family:inherit;line-height:inherit;background-image:none}.mui-textfield>input:focus,.mui-textfield>textarea:focus{border-color:#2196F3;border-width:2px}.mui-textfield>input:-moz-read-only,.mui-textfield>input:disabled,.mui-textfield>textarea:-moz-read-only,.mui-textfield>textarea:disabled{cursor:not-allowed;background-color:transparent;opacity:1}.mui-textfield>input:disabled,.mui-textfield>input:read-only,.mui-textfield>textarea:disabled,.mui-textfield>textarea:read-only{cursor:not-allowed;background-color:transparent;opacity:1}.mui-textfield>input::-webkit-input-placeholder,.mui-textfield>textarea::-webkit-input-placeholder{color:rgba(0,0,0,.26);opacity:1}.mui-textfield>input:-ms-input-placeholder,.mui-textfield>textarea:-ms-input-placeholder{color:rgba(0,0,0,.26);opacity:1}.mui-textfield>input::placeholder,.mui-textfield>textarea::placeholder{color:rgba(0,0,0,.26);opacity:1}.mui-textfield>input{height:32px}.mui-textfield>input:focus{height:33px;margin-bottom:-1px}.mui-textfield>textarea{min-height:64px}.mui-textfield>textarea[rows]:not([rows="2"]):focus{margin-bottom:-1px}.mui-textfield>input:focus{height:33px;margin-bottom:-1px}.mui-textfield>input:invalid:not(:focus):not(:required),.mui-textfield>input:invalid:not(:focus):required.mui--is-empty.mui--is-touched,.mui-textfield>input:invalid:not(:focus):required.mui--is-not-empty,.mui-textfield>input:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:not(:required),.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-empty.mui--is-touched,.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-not-empty,.mui-textfield>input:not(:focus).mui--is-invalid:required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:invalid:not(:focus):not(:required),.mui-textfield>textarea:invalid:not(:focus):required.mui--is-empty.mui--is-touched,.mui-textfield>textarea:invalid:not(:focus):required.mui--is-not-empty,.mui-textfield>textarea:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:not(:focus).mui--is-invalid:not(:required),.mui-textfield>textarea:not(:focus).mui--is-invalid:required.mui--is-empty.mui--is-touched,.mui-textfield>textarea:not(:focus).mui--is-invalid:required.mui--is-not-empty,.mui-textfield>textarea:not(:focus).mui--is-invalid:required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:not(:focus).mui--is-invalid:required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty){border-color:#F44336;border-width:2px}.mui-textfield>input:invalid:not(:focus):not(:required),.mui-textfield>input:invalid:not(:focus):required.mui--is-empty.mui--is-touched,.mui-textfield>input:invalid:not(:focus):required.mui--is-not-empty,.mui-textfield>input:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:not(:required),.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-empty.mui--is-touched,.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-not-empty,.mui-textfield>input:not(:focus).mui--is-invalid:required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty){height:33px;margin-bottom:-1px}.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):not(:required)~label,.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):required.mui--is-not-empty~label,.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):not(:required)~label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):required.mui--is-not-empty~label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty)~label{color:#F44336}.mui-textfield:not(.mui-textfield--float-label)>input:invalid:not(:focus):not(:required)~label,.mui-textfield:not(.mui-textfield--float-label)>input:invalid:not(:focus):required.mui--is-empty.mui--is-touched~label,.mui-textfield:not(.mui-textfield--float-label)>input:invalid:not(:focus):required.mui--is-not-empty~label,.mui-textfield:not(.mui-textfield--float-label)>textarea:invalid:not(:focus):not(:required)~label,.mui-textfield:not(.mui-textfield--float-label)>textarea:invalid:not(:focus):required.mui--is-empty.mui--is-touched~label,.mui-textfield:not(.mui-textfield--float-label)>textarea:invalid:not(:focus):required.mui--is-not-empty~label{color:#F44336}.mui-textfield.mui-textfield--float-label>.mui--is-invalid.mui--is-not-empty:not(:focus)~label{color:#F44336}.mui-textfield:not(.mui-textfield--float-label)>.mui--is-invalid:not(:focus)~label{color:#F44336}.mui--no-transition{transition:none!important}.mui--no-user-select{-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.mui-caret{display:inline-block;width:0;height:0;margin-left:2px;vertical-align:middle;border-top:4px solid;border-right:4px solid transparent;border-left:4px solid transparent}.mui--text-left{text-align:left!important}.mui--text-right{text-align:right!important}.mui--text-center{text-align:center!important}.mui--text-justify{text-align:justify!important}.mui--text-nowrap{white-space:nowrap!important}.mui--align-baseline{vertical-align:baseline!important}.mui--align-top{vertical-align:top!important}.mui--align-middle{vertical-align:middle!important}.mui--align-bottom{vertical-align:bottom!important}.mui--text-dark{color:rgba(0,0,0,.87)}.mui--text-dark-secondary{color:rgba(0,0,0,.54)}.mui--text-dark-hint{color:rgba(0,0,0,.38)}.mui--text-light{color:#FFF}.mui--text-light-secondary{color:rgba(255,255,255,.7)}.mui--text-light-hint{color:rgba(255,255,255,.3)}.mui--text-accent{color:rgba(255,64,129,.87)}.mui--text-accent-secondary{color:rgba(255,64,129,.54)}.mui--text-accent-hint{color:rgba(255,64,129,.38)}.mui--text-black{color:#000}.mui--text-white{color:#FFF}.mui--text-danger{color:#F44336}.mui--bg-primary{background-color:#2196F3}.mui--bg-primary-dark{background-color:#1976D2}.mui--bg-primary-light{background-color:#BBDEFB}.mui--bg-accent{background-color:#FF4081}.mui--bg-accent-dark{background-color:#F50057}.mui--bg-accent-light{background-color:#FF80AB}.mui--bg-danger{background-color:#F44336}.mui-list--unstyled{padding-left:0;list-style:none}.mui-list--inline{padding-left:0;list-style:none;margin-left:-5px}.mui-list--inline>li{display:inline-block;padding-left:5px;padding-right:5px}.mui--z1,.mui-dropdown__menu,.mui-select__menu{box-shadow:0 1px 3px rgba(0,0,0,.12),0 1px 2px rgba(0,0,0,.24)}.mui--z2{box-shadow:0 3px 6px rgba(0,0,0,.16),0 3px 6px rgba(0,0,0,.23)}.mui--z3{box-shadow:0 10px 20px rgba(0,0,0,.19),0 6px 6px rgba(0,0,0,.23)}.mui--z4{box-shadow:0 14px 28px rgba(0,0,0,.25),0 10px 10px rgba(0,0,0,.22)}.mui--z5{box-shadow:0 19px 38px rgba(0,0,0,.3),0 15px 12px rgba(0,0,0,.22)}.mui--clearfix:after,.mui--clearfix:before{content:" ";display:table}.mui--clearfix:after{clear:both}.mui--pull-right{float:right!important}.mui--pull-left{float:left!important}.mui--hide{display:none!important}.mui--show{display:block!important}.mui--invisible{visibility:hidden}.mui--overflow-hidden{overflow:hidden!important}.mui--overflow-hidden-x{overflow-x:hidden!important}.mui--overflow-hidden-y{overflow-y:hidden!important}.mui--visible-lg-block,.mui--visible-lg-inline,.mui--visible-lg-inline-block,.mui--visible-md-block,.mui--visible-md-inline,.mui--visible-md-inline-block,.mui--visible-sm-block,.mui--visible-sm-inline,.mui--visible-sm-inline-block,.mui--visible-xl-block,.mui--visible-xl-inline,.mui--visible-xl-inline-block,.mui--visible-xs-block,.mui--visible-xs-inline,.mui--visible-xs-inline-block{display:none!important}@media (max-width:543px){.mui-visible-xs{display:block!important}table.mui-visible-xs{display:table}tr.mui-visible-xs{display:table-row!important}td.mui-visible-xs,th.mui-visible-xs{display:table-cell!important}.mui--visible-xs-block{display:block!important}.mui--visible-xs-inline{display:inline!important}.mui--visible-xs-inline-block{display:inline-block!important}}@media (min-width:544px) and (max-width:767px){.mui-visible-sm{display:block!important}table.mui-visible-sm{display:table}tr.mui-visible-sm{display:table-row!important}td.mui-visible-sm,th.mui-visible-sm{display:table-cell!important}.mui--visible-sm-block{display:block!important}.mui--visible-sm-inline{display:inline!important}.mui--visible-sm-inline-block{display:inline-block!important}}@media (min-width:768px) and (max-width:991px){.mui-visible-md{display:block!important}table.mui-visible-md{display:table}tr.mui-visible-md{display:table-row!important}td.mui-visible-md,th.mui-visible-md{display:table-cell!important}.mui--visible-md-block{display:block!important}.mui--visible-md-inline{display:inline!important}.mui--visible-md-inline-block{display:inline-block!important}}@media (min-width:992px) and (max-width:1199px){.mui-visible-lg{display:block!important}table.mui-visible-lg{display:table}tr.mui-visible-lg{display:table-row!important}td.mui-visible-lg,th.mui-visible-lg{display:table-cell!important}.mui--visible-lg-block{display:block!important}.mui--visible-lg-inline{display:inline!important}.mui--visible-lg-inline-block{display:inline-block!important}}@media (min-width:1200px){.mui-visible-xl{display:block!important}table.mui-visible-xl{display:table}tr.mui-visible-xl{display:table-row!important}td.mui-visible-xl,th.mui-visible-xl{display:table-cell!important}.mui--visible-xl-block{display:block!important}.mui--visible-xl-inline{display:inline!important}.mui--visible-xl-inline-block{display:inline-block!important}}@media (max-width:543px){.mui--hidden-xs{display:none!important}}@media (min-width:544px) and (max-width:767px){.mui--hidden-sm{display:none!important}}@media (min-width:768px) and (max-width:991px){.mui--hidden-md{display:none!important}}@media (min-width:992px) and (max-width:1199px){.mui--hidden-lg{display:none!important}}@media (min-width:1200px){.mui--hidden-xl{display:none!important}}.mui-scrlock--showbar-y{overflow-y:scroll!important}.mui-scrlock--showbar-x{overflow-x:scroll!important}#mui-overlay{position:fixed;top:0;right:0;bottom:0;left:0;z-index:99999999;background-color:rgba(0,0,0,.2);overflow:auto}.mui-btn__ripple-container{position:absolute;top:0;left:0;display:block;height:100%;width:100%;overflow:hidden;z-index:0;pointer-events:none}.mui-ripple{position:absolute;top:0;left:0;border-radius:50%;opacity:0;pointer-events:none;transform:scale(.0001,.0001)}.mui-ripple.mui--is-animating{transform:none;transition:transform .3s cubic-bezier(0,0,.2,1),width .3s cubic-bezier(0,0,.2,1),height .3s cubic-bezier(0,0,.2,1),opacity .3s cubic-bezier(0,0,.2,1)}.mui-ripple.mui--is-visible{opacity:.3}.mui-btn .mui-ripple{background-color:#a6a6a6}.mui-btn--primary .mui-ripple{background-color:#FFF}.mui-btn--dark .mui-ripple{background-color:#FFF}.mui-btn--danger .mui-ripple{background-color:#FFF}.mui-btn--accent .mui-ripple{background-color:#FFF}.mui-btn--flat .mui-ripple{background-color:#a6a6a6}.mui--text-display4{font-weight:300;font-size:112px;line-height:112px}.mui--text-display3{font-weight:400;font-size:56px;line-height:56px}.mui--text-display2{font-weight:400;font-size:45px;line-height:48px}.mui--text-display1,h1{font-weight:400;font-size:34px;line-height:40px}.mui--text-headline,h2{font-weight:400;font-size:24px;line-height:32px}.mui--text-title,h3{font-weight:400;font-size:20px;line-height:28px}.mui--text-subhead,h4{font-weight:400;font-size:16px;line-height:24px}.mui--text-body2,h5{font-weight:500;font-size:14px;line-height:24px}.mui--text-body1{font-weight:400;font-size:14px;line-height:20px}.mui--text-caption{font-weight:400;font-size:12px;line-height:16px}.mui--text-menu{font-weight:500;font-size:13px;line-height:17px}.mui--text-button{font-weight:500;font-size:14px;line-height:18px;text-transform:uppercase} \ No newline at end of file +/*! normalize.css v5.0.0 | MIT License | github.com/necolas/normalize.css */html{font-family:sans-serif;line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,main{display:block}figure{margin:1em 40px}hr{box-sizing:content-box;height:0;overflow:visible}pre{font-family:monospace,monospace;font-size:1em}a{background-color:transparent;-webkit-text-decoration-skip:objects}a:active,a:hover{outline-width:0}abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}b,strong{font-weight:inherit}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace,monospace;font-size:1em}dfn{font-style:italic}mark{background-color:#ff0;color:#000}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sub{bottom:-.25em}sup{top:-.5em}audio,video{display:inline-block}audio:not([controls]){display:none;height:0}img{border-style:none}svg:not(:root){overflow:hidden}button,input,optgroup,select,textarea{font-family:sans-serif;font-size:100%;line-height:1.15;margin:0}button,input{overflow:visible}button,select{text-transform:none}[type=reset],[type=submit],button,html [type=button]{-webkit-appearance:button}[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner,button::-moz-focus-inner{border-style:none;padding:0}[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring,button:-moz-focusring{outline:1px dotted ButtonText}fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}legend{box-sizing:border-box;color:inherit;display:table;max-width:100%;padding:0;white-space:normal}progress{display:inline-block;vertical-align:baseline}textarea{overflow:auto}[type=checkbox],[type=radio]{box-sizing:border-box;padding:0}[type=number]::-webkit-inner-spin-button,[type=number]::-webkit-outer-spin-button{height:auto}[type=search]{-webkit-appearance:textfield;outline-offset:-2px}[type=search]::-webkit-search-cancel-button,[type=search]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{-webkit-appearance:button;font:inherit}details,menu{display:block}summary{display:list-item}canvas{display:inline-block}template{display:none}[hidden]{display:none}html{font-size:10px;-webkit-tap-highlight-color:transparent}body{font-family:Arial,Verdana,Tahoma;font-size:14px;font-weight:400;line-height:1.429;color:rgba(0,0,0,.87);background-color:#FFF}a{color:#2196F3;text-decoration:none}a:focus,a:hover{text-decoration:underline}a:focus{outline:thin dotted;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}p{margin:0 0 10px}ol,ul{margin-top:0;margin-bottom:10px}hr{margin-top:20px;margin-bottom:20px;border:0;height:1px;background-color:rgba(0,0,0,.12)}strong{font-weight:700}abbr[title]{cursor:help;border-bottom:1px dotted #2196F3}h1,h2,h3{margin-top:20px;margin-bottom:10px}h4,h5,h6{margin-top:10px;margin-bottom:10px}.mui--appbar-height{height:56px}.mui--appbar-min-height,.mui-appbar{min-height:56px}.mui--appbar-line-height{line-height:56px}.mui--appbar-top{top:56px}@media (orientation:landscape) and (max-height:480px){.mui--appbar-height{height:48px}.mui--appbar-min-height,.mui-appbar{min-height:48px}.mui--appbar-line-height{line-height:48px}.mui--appbar-top{top:48px}}@media (min-width:480px){.mui--appbar-height{height:64px}.mui--appbar-min-height,.mui-appbar{min-height:64px}.mui--appbar-line-height{line-height:64px}.mui--appbar-top{top:64px}}.mui-appbar{background-color:#2196F3;color:#FFF}.mui-btn{font-weight:500;font-size:14px;line-height:18px;text-transform:uppercase;color:rgba(0,0,0,.87);background-color:#FFF;transition:all .2s ease-in-out;display:inline-block;height:36px;padding:0 26px;margin:6px 0;border:none;border-radius:2px;cursor:pointer;-ms-touch-action:manipulation;touch-action:manipulation;background-image:none;text-align:center;line-height:36px;vertical-align:middle;white-space:nowrap;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;font-size:14px;font-family:inherit;letter-spacing:.03em;position:relative;overflow:hidden}.mui-btn:active,.mui-btn:focus,.mui-btn:hover{color:rgba(0,0,0,.87);background-color:#fff}.mui-btn[disabled]:active,.mui-btn[disabled]:focus,.mui-btn[disabled]:hover{color:rgba(0,0,0,.87);background-color:#FFF}.mui-btn.mui-btn--flat{color:rgba(0,0,0,.87);background-color:transparent}.mui-btn.mui-btn--flat:active,.mui-btn.mui-btn--flat:focus,.mui-btn.mui-btn--flat:hover{color:rgba(0,0,0,.87);background-color:#f2f2f2}.mui-btn.mui-btn--flat[disabled]:active,.mui-btn.mui-btn--flat[disabled]:focus,.mui-btn.mui-btn--flat[disabled]:hover{color:rgba(0,0,0,.87);background-color:transparent}.mui-btn:active,.mui-btn:focus,.mui-btn:hover{outline:0;text-decoration:none;color:rgba(0,0,0,.87)}.mui-btn:focus,.mui-btn:hover{box-shadow:0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn:focus,.mui-btn:hover{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}}@supports (-ms-ime-align:auto){.mui-btn:focus,.mui-btn:hover{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}}.mui-btn:active:hover{box-shadow:0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn:active:hover{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}}@supports (-ms-ime-align:auto){.mui-btn:active:hover{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}}.mui-btn.mui--is-disabled,.mui-btn:disabled{cursor:not-allowed;pointer-events:none;opacity:.6;box-shadow:none}.mui-btn+.mui-btn{margin-left:8px}.mui-btn--flat{background-color:transparent}.mui-btn--flat:active,.mui-btn--flat:active:hover,.mui-btn--flat:focus,.mui-btn--flat:hover{box-shadow:none;background-color:#f2f2f2}.mui-btn--fab,.mui-btn--raised{box-shadow:0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn--fab,.mui-btn--raised{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}}@supports (-ms-ime-align:auto){.mui-btn--fab,.mui-btn--raised{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 2px rgba(0,0,0,.12),0 2px 2px rgba(0,0,0,.2)}}.mui-btn--fab:active,.mui-btn--raised:active{box-shadow:0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn--fab:active,.mui-btn--raised:active{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}}@supports (-ms-ime-align:auto){.mui-btn--fab:active,.mui-btn--raised:active{box-shadow:0 -1px 2px rgba(0,0,0,.12),-1px 0 2px rgba(0,0,0,.12),0 0 4px rgba(0,0,0,.12),1px 3px 4px rgba(0,0,0,.2)}}.mui-btn--fab{position:relative;padding:0;width:55px;height:55px;line-height:55px;border-radius:50%;z-index:1}.mui-btn--primary{color:#FFF;background-color:#2196F3}.mui-btn--primary:active,.mui-btn--primary:focus,.mui-btn--primary:hover{color:#FFF;background-color:#39a1f4}.mui-btn--primary[disabled]:active,.mui-btn--primary[disabled]:focus,.mui-btn--primary[disabled]:hover{color:#FFF;background-color:#2196F3}.mui-btn--primary.mui-btn--flat{color:#2196F3;background-color:transparent}.mui-btn--primary.mui-btn--flat:active,.mui-btn--primary.mui-btn--flat:focus,.mui-btn--primary.mui-btn--flat:hover{color:#2196F3;background-color:#f2f2f2}.mui-btn--primary.mui-btn--flat[disabled]:active,.mui-btn--primary.mui-btn--flat[disabled]:focus,.mui-btn--primary.mui-btn--flat[disabled]:hover{color:#2196F3;background-color:transparent}.mui-btn--dark{color:#FFF;background-color:#424242}.mui-btn--dark:active,.mui-btn--dark:focus,.mui-btn--dark:hover{color:#FFF;background-color:#4f4f4f}.mui-btn--dark[disabled]:active,.mui-btn--dark[disabled]:focus,.mui-btn--dark[disabled]:hover{color:#FFF;background-color:#424242}.mui-btn--dark.mui-btn--flat{color:#424242;background-color:transparent}.mui-btn--dark.mui-btn--flat:active,.mui-btn--dark.mui-btn--flat:focus,.mui-btn--dark.mui-btn--flat:hover{color:#424242;background-color:#f2f2f2}.mui-btn--dark.mui-btn--flat[disabled]:active,.mui-btn--dark.mui-btn--flat[disabled]:focus,.mui-btn--dark.mui-btn--flat[disabled]:hover{color:#424242;background-color:transparent}.mui-btn--danger{color:#FFF;background-color:#F44336}.mui-btn--danger:active,.mui-btn--danger:focus,.mui-btn--danger:hover{color:#FFF;background-color:#f55a4e}.mui-btn--danger[disabled]:active,.mui-btn--danger[disabled]:focus,.mui-btn--danger[disabled]:hover{color:#FFF;background-color:#F44336}.mui-btn--danger.mui-btn--flat{color:#F44336;background-color:transparent}.mui-btn--danger.mui-btn--flat:active,.mui-btn--danger.mui-btn--flat:focus,.mui-btn--danger.mui-btn--flat:hover{color:#F44336;background-color:#f2f2f2}.mui-btn--danger.mui-btn--flat[disabled]:active,.mui-btn--danger.mui-btn--flat[disabled]:focus,.mui-btn--danger.mui-btn--flat[disabled]:hover{color:#F44336;background-color:transparent}.mui-btn--accent{color:#FFF;background-color:#FF4081}.mui-btn--accent:active,.mui-btn--accent:focus,.mui-btn--accent:hover{color:#FFF;background-color:#ff5a92}.mui-btn--accent[disabled]:active,.mui-btn--accent[disabled]:focus,.mui-btn--accent[disabled]:hover{color:#FFF;background-color:#FF4081}.mui-btn--accent.mui-btn--flat{color:#FF4081;background-color:transparent}.mui-btn--accent.mui-btn--flat:active,.mui-btn--accent.mui-btn--flat:focus,.mui-btn--accent.mui-btn--flat:hover{color:#FF4081;background-color:#f2f2f2}.mui-btn--accent.mui-btn--flat[disabled]:active,.mui-btn--accent.mui-btn--flat[disabled]:focus,.mui-btn--accent.mui-btn--flat[disabled]:hover{color:#FF4081;background-color:transparent}.mui-btn--small{height:30.6px;line-height:30.6px;padding:0 16px;font-size:13px}.mui-btn--large{height:54px;line-height:54px;padding:0 26px;font-size:14px}.mui-btn--fab.mui-btn--small{width:44px;height:44px;line-height:44px}.mui-btn--fab.mui-btn--large{width:75px;height:75px;line-height:75px}.mui-checkbox,.mui-radio{position:relative;display:block;margin-top:10px;margin-bottom:10px}.mui-checkbox>label,.mui-radio>label{min-height:20px;padding-left:20px;margin-bottom:0;font-weight:400;cursor:pointer}.mui-checkbox input:disabled,.mui-radio input:disabled{cursor:not-allowed}.mui-checkbox input:focus,.mui-radio input:focus{outline:thin dotted;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}.mui-checkbox--inline>label>input[type=checkbox],.mui-checkbox>label>input[type=checkbox],.mui-radio--inline>label>input[type=radio],.mui-radio>label>input[type=radio]{position:absolute;margin-left:-20px;margin-top:4px}.mui-checkbox+.mui-checkbox,.mui-radio+.mui-radio{margin-top:-5px}.mui-checkbox--inline,.mui-radio--inline{display:inline-block;padding-left:20px;margin-bottom:0;vertical-align:middle;font-weight:400;cursor:pointer}.mui-checkbox--inline>input[type=checkbox],.mui-checkbox--inline>input[type=radio],.mui-checkbox--inline>label>input[type=checkbox],.mui-checkbox--inline>label>input[type=radio],.mui-radio--inline>input[type=checkbox],.mui-radio--inline>input[type=radio],.mui-radio--inline>label>input[type=checkbox],.mui-radio--inline>label>input[type=radio]{margin:4px 0 0;line-height:normal}.mui-checkbox--inline+.mui-checkbox--inline,.mui-radio--inline+.mui-radio--inline{margin-top:0;margin-left:10px}.mui-container{box-sizing:border-box;margin-right:auto;margin-left:auto;padding-left:15px;padding-right:15px}.mui-container:after,.mui-container:before{content:" ";display:table}.mui-container:after{clear:both}@media (min-width:544px){.mui-container{max-width:570px}}@media (min-width:768px){.mui-container{max-width:740px}}@media (min-width:992px){.mui-container{max-width:960px}}@media (min-width:1200px){.mui-container{max-width:1170px}}.mui-container-fluid{box-sizing:border-box;margin-right:auto;margin-left:auto;padding-left:15px;padding-right:15px}.mui-container-fluid:after,.mui-container-fluid:before{content:" ";display:table}.mui-container-fluid:after{clear:both}.mui-divider{display:block;height:1px;background-color:rgba(0,0,0,.12)}.mui--divider-top{border-top:1px solid rgba(0,0,0,.12)}.mui--divider-bottom{border-bottom:1px solid rgba(0,0,0,.12)}.mui--divider-left{border-left:1px solid rgba(0,0,0,.12)}.mui--divider-right{border-right:1px solid rgba(0,0,0,.12)}.mui-dropdown{display:inline-block;position:relative}[data-mui-toggle=dropdown]{outline:0}.mui-dropdown__menu{position:absolute;top:100%;left:0;display:none;min-width:160px;padding:5px 0;margin:2px 0 0;list-style:none;font-size:14px;text-align:left;background-color:#FFF;border-radius:2px;z-index:1;background-clip:padding-box}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-dropdown__menu{border-top:1px solid rgba(0,0,0,.12);border-left:1px solid rgba(0,0,0,.12)}}@supports (-ms-ime-align:auto){.mui-dropdown__menu{border-top:1px solid rgba(0,0,0,.12);border-left:1px solid rgba(0,0,0,.12)}}.mui-dropdown__menu.mui--is-open{display:block}.mui-dropdown__menu>li>a{display:block;padding:3px 20px;clear:both;font-weight:400;line-height:1.429;color:rgba(0,0,0,.87);text-decoration:none;white-space:nowrap}.mui-dropdown__menu>li>a:focus,.mui-dropdown__menu>li>a:hover{text-decoration:none;color:rgba(0,0,0,.87);background-color:#EEE}.mui-dropdown__menu>.mui--is-disabled>a,.mui-dropdown__menu>.mui--is-disabled>a:focus,.mui-dropdown__menu>.mui--is-disabled>a:hover{color:#EEE}.mui-dropdown__menu>.mui--is-disabled>a:focus,.mui-dropdown__menu>.mui--is-disabled>a:hover{text-decoration:none;background-color:transparent;background-image:none;cursor:not-allowed}.mui-dropdown__menu--right{left:auto;right:0}.mui-form legend{display:block;width:100%;padding:0;margin-bottom:10px;font-size:21px;color:rgba(0,0,0,.87);line-height:inherit;border:0}.mui-form fieldset{border:0;padding:0;margin:0 0 20px 0}@media (min-width:544px){.mui-form--inline .mui-textfield{display:inline-block;vertical-align:bottom;margin-bottom:0}.mui-form--inline .mui-checkbox,.mui-form--inline .mui-radio{display:inline-block;margin-top:0;margin-bottom:0;vertical-align:middle}.mui-form--inline .mui-checkbox>label,.mui-form--inline .mui-radio>label{padding-left:0}.mui-form--inline .mui-checkbox>label>input[type=checkbox],.mui-form--inline .mui-radio>label>input[type=radio]{position:relative;margin-left:0}.mui-form--inline .mui-select{display:inline-block}.mui-form--inline .mui-btn{margin-bottom:0;margin-top:0;vertical-align:bottom}}.mui-row{margin-left:-15px;margin-right:-15px}.mui-row:after,.mui-row:before{content:" ";display:table}.mui-row:after{clear:both}.mui-col-lg-1,.mui-col-lg-10,.mui-col-lg-11,.mui-col-lg-12,.mui-col-lg-2,.mui-col-lg-3,.mui-col-lg-4,.mui-col-lg-5,.mui-col-lg-6,.mui-col-lg-7,.mui-col-lg-8,.mui-col-lg-9,.mui-col-md-1,.mui-col-md-10,.mui-col-md-11,.mui-col-md-12,.mui-col-md-2,.mui-col-md-3,.mui-col-md-4,.mui-col-md-5,.mui-col-md-6,.mui-col-md-7,.mui-col-md-8,.mui-col-md-9,.mui-col-sm-1,.mui-col-sm-10,.mui-col-sm-11,.mui-col-sm-12,.mui-col-sm-2,.mui-col-sm-3,.mui-col-sm-4,.mui-col-sm-5,.mui-col-sm-6,.mui-col-sm-7,.mui-col-sm-8,.mui-col-sm-9,.mui-col-xs-1,.mui-col-xs-10,.mui-col-xs-11,.mui-col-xs-12,.mui-col-xs-2,.mui-col-xs-3,.mui-col-xs-4,.mui-col-xs-5,.mui-col-xs-6,.mui-col-xs-7,.mui-col-xs-8,.mui-col-xs-9{box-sizing:border-box;min-height:1px;padding-left:15px;padding-right:15px}.mui-col-xs-1,.mui-col-xs-10,.mui-col-xs-11,.mui-col-xs-12,.mui-col-xs-2,.mui-col-xs-3,.mui-col-xs-4,.mui-col-xs-5,.mui-col-xs-6,.mui-col-xs-7,.mui-col-xs-8,.mui-col-xs-9{float:left}.mui-col-xs-1{width:8.33333%}.mui-col-xs-2{width:16.66667%}.mui-col-xs-3{width:25%}.mui-col-xs-4{width:33.33333%}.mui-col-xs-5{width:41.66667%}.mui-col-xs-6{width:50%}.mui-col-xs-7{width:58.33333%}.mui-col-xs-8{width:66.66667%}.mui-col-xs-9{width:75%}.mui-col-xs-10{width:83.33333%}.mui-col-xs-11{width:91.66667%}.mui-col-xs-12{width:100%}.mui-col-xs-offset-0{margin-left:0}.mui-col-xs-offset-1{margin-left:8.33333%}.mui-col-xs-offset-2{margin-left:16.66667%}.mui-col-xs-offset-3{margin-left:25%}.mui-col-xs-offset-4{margin-left:33.33333%}.mui-col-xs-offset-5{margin-left:41.66667%}.mui-col-xs-offset-6{margin-left:50%}.mui-col-xs-offset-7{margin-left:58.33333%}.mui-col-xs-offset-8{margin-left:66.66667%}.mui-col-xs-offset-9{margin-left:75%}.mui-col-xs-offset-10{margin-left:83.33333%}.mui-col-xs-offset-11{margin-left:91.66667%}.mui-col-xs-offset-12{margin-left:100%}@media (min-width:544px){.mui-col-sm-1,.mui-col-sm-10,.mui-col-sm-11,.mui-col-sm-12,.mui-col-sm-2,.mui-col-sm-3,.mui-col-sm-4,.mui-col-sm-5,.mui-col-sm-6,.mui-col-sm-7,.mui-col-sm-8,.mui-col-sm-9{float:left}.mui-col-sm-1{width:8.33333%}.mui-col-sm-2{width:16.66667%}.mui-col-sm-3{width:25%}.mui-col-sm-4{width:33.33333%}.mui-col-sm-5{width:41.66667%}.mui-col-sm-6{width:50%}.mui-col-sm-7{width:58.33333%}.mui-col-sm-8{width:66.66667%}.mui-col-sm-9{width:75%}.mui-col-sm-10{width:83.33333%}.mui-col-sm-11{width:91.66667%}.mui-col-sm-12{width:100%}.mui-col-sm-offset-0{margin-left:0}.mui-col-sm-offset-1{margin-left:8.33333%}.mui-col-sm-offset-2{margin-left:16.66667%}.mui-col-sm-offset-3{margin-left:25%}.mui-col-sm-offset-4{margin-left:33.33333%}.mui-col-sm-offset-5{margin-left:41.66667%}.mui-col-sm-offset-6{margin-left:50%}.mui-col-sm-offset-7{margin-left:58.33333%}.mui-col-sm-offset-8{margin-left:66.66667%}.mui-col-sm-offset-9{margin-left:75%}.mui-col-sm-offset-10{margin-left:83.33333%}.mui-col-sm-offset-11{margin-left:91.66667%}.mui-col-sm-offset-12{margin-left:100%}}@media (min-width:768px){.mui-col-md-1,.mui-col-md-10,.mui-col-md-11,.mui-col-md-12,.mui-col-md-2,.mui-col-md-3,.mui-col-md-4,.mui-col-md-5,.mui-col-md-6,.mui-col-md-7,.mui-col-md-8,.mui-col-md-9{float:left}.mui-col-md-1{width:8.33333%}.mui-col-md-2{width:16.66667%}.mui-col-md-3{width:25%}.mui-col-md-4{width:33.33333%}.mui-col-md-5{width:41.66667%}.mui-col-md-6{width:50%}.mui-col-md-7{width:58.33333%}.mui-col-md-8{width:66.66667%}.mui-col-md-9{width:75%}.mui-col-md-10{width:83.33333%}.mui-col-md-11{width:91.66667%}.mui-col-md-12{width:100%}.mui-col-md-offset-0{margin-left:0}.mui-col-md-offset-1{margin-left:8.33333%}.mui-col-md-offset-2{margin-left:16.66667%}.mui-col-md-offset-3{margin-left:25%}.mui-col-md-offset-4{margin-left:33.33333%}.mui-col-md-offset-5{margin-left:41.66667%}.mui-col-md-offset-6{margin-left:50%}.mui-col-md-offset-7{margin-left:58.33333%}.mui-col-md-offset-8{margin-left:66.66667%}.mui-col-md-offset-9{margin-left:75%}.mui-col-md-offset-10{margin-left:83.33333%}.mui-col-md-offset-11{margin-left:91.66667%}.mui-col-md-offset-12{margin-left:100%}}@media (min-width:992px){.mui-col-lg-1,.mui-col-lg-10,.mui-col-lg-11,.mui-col-lg-12,.mui-col-lg-2,.mui-col-lg-3,.mui-col-lg-4,.mui-col-lg-5,.mui-col-lg-6,.mui-col-lg-7,.mui-col-lg-8,.mui-col-lg-9{float:left}.mui-col-lg-1{width:8.33333%}.mui-col-lg-2{width:16.66667%}.mui-col-lg-3{width:25%}.mui-col-lg-4{width:33.33333%}.mui-col-lg-5{width:41.66667%}.mui-col-lg-6{width:50%}.mui-col-lg-7{width:58.33333%}.mui-col-lg-8{width:66.66667%}.mui-col-lg-9{width:75%}.mui-col-lg-10{width:83.33333%}.mui-col-lg-11{width:91.66667%}.mui-col-lg-12{width:100%}.mui-col-lg-offset-0{margin-left:0}.mui-col-lg-offset-1{margin-left:8.33333%}.mui-col-lg-offset-2{margin-left:16.66667%}.mui-col-lg-offset-3{margin-left:25%}.mui-col-lg-offset-4{margin-left:33.33333%}.mui-col-lg-offset-5{margin-left:41.66667%}.mui-col-lg-offset-6{margin-left:50%}.mui-col-lg-offset-7{margin-left:58.33333%}.mui-col-lg-offset-8{margin-left:66.66667%}.mui-col-lg-offset-9{margin-left:75%}.mui-col-lg-offset-10{margin-left:83.33333%}.mui-col-lg-offset-11{margin-left:91.66667%}.mui-col-lg-offset-12{margin-left:100%}}@media (min-width:1200px){.mui-col-xl-1,.mui-col-xl-10,.mui-col-xl-11,.mui-col-xl-12,.mui-col-xl-2,.mui-col-xl-3,.mui-col-xl-4,.mui-col-xl-5,.mui-col-xl-6,.mui-col-xl-7,.mui-col-xl-8,.mui-col-xl-9{float:left}.mui-col-xl-1{width:8.33333%}.mui-col-xl-2{width:16.66667%}.mui-col-xl-3{width:25%}.mui-col-xl-4{width:33.33333%}.mui-col-xl-5{width:41.66667%}.mui-col-xl-6{width:50%}.mui-col-xl-7{width:58.33333%}.mui-col-xl-8{width:66.66667%}.mui-col-xl-9{width:75%}.mui-col-xl-10{width:83.33333%}.mui-col-xl-11{width:91.66667%}.mui-col-xl-12{width:100%}.mui-col-xl-offset-0{margin-left:0}.mui-col-xl-offset-1{margin-left:8.33333%}.mui-col-xl-offset-2{margin-left:16.66667%}.mui-col-xl-offset-3{margin-left:25%}.mui-col-xl-offset-4{margin-left:33.33333%}.mui-col-xl-offset-5{margin-left:41.66667%}.mui-col-xl-offset-6{margin-left:50%}.mui-col-xl-offset-7{margin-left:58.33333%}.mui-col-xl-offset-8{margin-left:66.66667%}.mui-col-xl-offset-9{margin-left:75%}.mui-col-xl-offset-10{margin-left:83.33333%}.mui-col-xl-offset-11{margin-left:91.66667%}.mui-col-xl-offset-12{margin-left:100%}}.mui-panel{padding:15px;margin-bottom:20px;border-radius:0;background-color:#FFF;box-shadow:0 2px 2px 0 rgba(0,0,0,.16),0 0 2px 0 rgba(0,0,0,.12)}.mui-panel:after,.mui-panel:before{content:" ";display:table}.mui-panel:after{clear:both}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-panel{box-shadow:0 -1px 2px 0 rgba(0,0,0,.12),-1px 0 2px 0 rgba(0,0,0,.12),0 2px 2px 0 rgba(0,0,0,.16),0 0 2px 0 rgba(0,0,0,.12)}}@supports (-ms-ime-align:auto){.mui-panel{box-shadow:0 -1px 2px 0 rgba(0,0,0,.12),-1px 0 2px 0 rgba(0,0,0,.12),0 2px 2px 0 rgba(0,0,0,.16),0 0 2px 0 rgba(0,0,0,.12)}}.mui-select{display:block;padding-top:15px;margin-bottom:20px;position:relative}.mui-select:focus{outline:0}.mui-select:focus>select{height:33px;margin-bottom:-1px;border-color:#2196F3;border-width:2px}.mui-select>select{display:block;height:32px;width:100%;appearance:none;-webkit-appearance:none;-moz-appearance:none;outline:0;border:none;border-bottom:1px solid rgba(0,0,0,.26);border-radius:0;box-shadow:none;background-color:transparent;background-image:url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNiIgd2lkdGg9IjEwIj48cG9seWdvbiBwb2ludHM9IjAsMCAxMCwwIDUsNiIgc3R5bGU9ImZpbGw6cmdiYSgwLDAsMCwuMjQpOyIvPjwvc3ZnPg==);background-repeat:no-repeat;background-position:right center;cursor:pointer;color:rgba(0,0,0,.87);font-size:16px;font-family:inherit;line-height:inherit;padding:0 25px 0 0}.mui-select>select::-ms-expand{display:none}.mui-select>select:focus{outline:0;height:33px;margin-bottom:-1px;border-color:#2196F3;border-width:2px}.mui-select>select:disabled{color:rgba(0,0,0,.38);cursor:not-allowed;background-color:transparent;opacity:1}.mui-select>select:-moz-focusring{color:transparent;text-shadow:0 0 0 #000}.mui-select>select:focus::-ms-value{background:0 0;color:rgba(0,0,0,.87)}.mui-select>label{position:absolute;top:0;display:block;width:100%;color:rgba(0,0,0,.54);font-size:12px;font-weight:400;line-height:15px;overflow-x:hidden;text-overflow:ellipsis;white-space:nowrap}.mui-select:focus>label,.mui-select>select:focus~label{color:#2196F3}.mui-select__menu{position:absolute;z-index:2;min-width:100%;overflow-y:auto;padding:8px 0;background-color:#FFF;font-size:16px}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-select__menu{border-left:1px solid rgba(0,0,0,.12);border-top:1px solid rgba(0,0,0,.12)}}@supports (-ms-ime-align:auto){.mui-select__menu{border-left:1px solid rgba(0,0,0,.12);border-top:1px solid rgba(0,0,0,.12)}}.mui-select__menu>div{padding:0 22px;height:42px;line-height:42px;cursor:pointer;white-space:nowrap}.mui-select__menu>div.mui--is-selected{background-color:#EEE}.mui-select__menu>div.mui--is-disabled{color:rgba(0,0,0,.38);cursor:not-allowed}.mui-select__menu>div:not(.mui-optgroup__label):not(.mui--is-disabled):hover{background-color:#E0E0E0}.mui-optgroup__option{text-indent:1em}.mui-optgroup__label{color:rgba(0,0,0,.54);font-size:.9em}.mui-table{width:100%;max-width:100%;margin-bottom:20px}.mui-table>tbody>tr>th,.mui-table>tfoot>tr>th,.mui-table>thead>tr>th{text-align:left}.mui-table>tbody>tr>td,.mui-table>tbody>tr>th,.mui-table>tfoot>tr>td,.mui-table>tfoot>tr>th,.mui-table>thead>tr>td,.mui-table>thead>tr>th{padding:10px;line-height:1.429}.mui-table>thead>tr>th{border-bottom:2px solid rgba(0,0,0,.12);font-weight:700}.mui-table>tbody+tbody{border-top:2px solid rgba(0,0,0,.12)}.mui-table.mui-table--bordered>tbody>tr>td{border-bottom:1px solid rgba(0,0,0,.12)}.mui-tabs__bar{list-style:none;padding-left:0;margin-bottom:0;background-color:transparent;white-space:nowrap;overflow-x:auto}.mui-tabs__bar>li{display:inline-block}.mui-tabs__bar>li>a{display:block;white-space:nowrap;text-transform:uppercase;font-weight:500;font-size:14px;color:rgba(0,0,0,.87);cursor:default;height:48px;line-height:48px;padding-left:24px;padding-right:24px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.mui-tabs__bar>li>a:hover{text-decoration:none}.mui-tabs__bar>li.mui--is-active{border-bottom:2px solid #2196F3}.mui-tabs__bar>li.mui--is-active>a{color:#2196F3}.mui-tabs__bar.mui-tabs__bar--justified{display:table;width:100%;table-layout:fixed}.mui-tabs__bar.mui-tabs__bar--justified>li{display:table-cell}.mui-tabs__bar.mui-tabs__bar--justified>li>a{text-align:center;padding-left:0;padding-right:0}.mui-tabs__pane{display:none}.mui-tabs__pane.mui--is-active{display:block}.mui-textfield{display:block;padding-top:15px;margin-bottom:20px;position:relative}.mui-textfield>label{position:absolute;top:0;display:block;width:100%;color:rgba(0,0,0,.54);font-size:12px;font-weight:400;line-height:15px;overflow-x:hidden;text-overflow:ellipsis;white-space:nowrap}.mui-textfield>textarea{padding-top:5px}.mui-textfield>input:focus~label,.mui-textfield>textarea:focus~label{color:#2196F3}.mui-textfield--float-label>label{position:absolute;transform:translate(0,15px);font-size:16px;line-height:32px;color:rgba(0,0,0,.26);text-overflow:clip;cursor:text;pointer-events:none}.mui-textfield--float-label>input:focus~label,.mui-textfield--float-label>textarea:focus~label{transform:translate(0,0);font-size:12px;line-height:15px;text-overflow:ellipsis}.mui-textfield--float-label>input:not(:focus).mui--is-not-empty~label,.mui-textfield--float-label>input:not(:focus):not(:empty):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield--float-label>input:not(:focus)[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield--float-label>textarea:not(:focus).mui--is-not-empty~label,.mui-textfield--float-label>textarea:not(:focus):not(:empty):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield--float-label>textarea:not(:focus)[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty)~label{color:rgba(0,0,0,.54);font-size:12px;line-height:15px;transform:translate(0,0);text-overflow:ellipsis}.mui-textfield--wrap-label{display:table;width:100%;padding-top:0}.mui-textfield--wrap-label:not(.mui-textfield--float-label)>label{display:table-header-group;position:static;white-space:normal;overflow-x:visible}.mui-textfield>input,.mui-textfield>textarea{box-sizing:border-box;display:block;background-color:transparent;color:rgba(0,0,0,.87);border:none;border-bottom:1px solid rgba(0,0,0,.26);outline:0;width:100%;padding:0;box-shadow:none;border-radius:0;font-size:16px;font-family:inherit;line-height:inherit;background-image:none}.mui-textfield>input:focus,.mui-textfield>textarea:focus{border-color:#2196F3;border-width:2px}.mui-textfield>input:-moz-read-only,.mui-textfield>input:disabled,.mui-textfield>textarea:-moz-read-only,.mui-textfield>textarea:disabled{cursor:not-allowed;background-color:transparent;opacity:1}.mui-textfield>input:disabled,.mui-textfield>input:read-only,.mui-textfield>textarea:disabled,.mui-textfield>textarea:read-only{cursor:not-allowed;background-color:transparent;opacity:1}.mui-textfield>input::-webkit-input-placeholder,.mui-textfield>textarea::-webkit-input-placeholder{color:rgba(0,0,0,.26);opacity:1}.mui-textfield>input:-ms-input-placeholder,.mui-textfield>textarea:-ms-input-placeholder{color:rgba(0,0,0,.26);opacity:1}.mui-textfield>input::placeholder,.mui-textfield>textarea::placeholder{color:rgba(0,0,0,.26);opacity:1}.mui-textfield>input{height:32px}.mui-textfield>input:focus{height:33px;margin-bottom:-1px}.mui-textfield>textarea{min-height:64px}.mui-textfield>textarea[rows]:not([rows="2"]):focus{margin-bottom:-1px}.mui-textfield>input:focus{height:33px;margin-bottom:-1px}.mui-textfield>input:invalid:not(:focus):not(:required),.mui-textfield>input:invalid:not(:focus):required.mui--is-empty.mui--is-touched,.mui-textfield>input:invalid:not(:focus):required.mui--is-not-empty,.mui-textfield>input:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:not(:required),.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-empty.mui--is-touched,.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-not-empty,.mui-textfield>input:not(:focus).mui--is-invalid:required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:invalid:not(:focus):not(:required),.mui-textfield>textarea:invalid:not(:focus):required.mui--is-empty.mui--is-touched,.mui-textfield>textarea:invalid:not(:focus):required.mui--is-not-empty,.mui-textfield>textarea:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:not(:focus).mui--is-invalid:not(:required),.mui-textfield>textarea:not(:focus).mui--is-invalid:required.mui--is-empty.mui--is-touched,.mui-textfield>textarea:not(:focus).mui--is-invalid:required.mui--is-not-empty,.mui-textfield>textarea:not(:focus).mui--is-invalid:required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:not(:focus).mui--is-invalid:required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty){border-color:#F44336;border-width:2px}.mui-textfield>input:invalid:not(:focus):not(:required),.mui-textfield>input:invalid:not(:focus):required.mui--is-empty.mui--is-touched,.mui-textfield>input:invalid:not(:focus):required.mui--is-not-empty,.mui-textfield>input:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:not(:required),.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-empty.mui--is-touched,.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-not-empty,.mui-textfield>input:not(:focus).mui--is-invalid:required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty){height:33px;margin-bottom:-1px}.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):not(:required)~label,.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):required.mui--is-not-empty~label,.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):not(:required)~label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):required.mui--is-not-empty~label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty)~label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty)~label{color:#F44336}.mui-textfield:not(.mui-textfield--float-label)>input:invalid:not(:focus):not(:required)~label,.mui-textfield:not(.mui-textfield--float-label)>input:invalid:not(:focus):required.mui--is-empty.mui--is-touched~label,.mui-textfield:not(.mui-textfield--float-label)>input:invalid:not(:focus):required.mui--is-not-empty~label,.mui-textfield:not(.mui-textfield--float-label)>textarea:invalid:not(:focus):not(:required)~label,.mui-textfield:not(.mui-textfield--float-label)>textarea:invalid:not(:focus):required.mui--is-empty.mui--is-touched~label,.mui-textfield:not(.mui-textfield--float-label)>textarea:invalid:not(:focus):required.mui--is-not-empty~label{color:#F44336}.mui-textfield.mui-textfield--float-label>.mui--is-invalid.mui--is-not-empty:not(:focus)~label{color:#F44336}.mui-textfield:not(.mui-textfield--float-label)>.mui--is-invalid:not(:focus)~label{color:#F44336}.mui--no-transition{transition:none!important}.mui--no-user-select{-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.mui-caret{display:inline-block;width:0;height:0;margin-left:2px;vertical-align:middle;border-top:4px solid;border-right:4px solid transparent;border-left:4px solid transparent}.mui--text-left{text-align:left!important}.mui--text-right{text-align:right!important}.mui--text-center{text-align:center!important}.mui--text-justify{text-align:justify!important}.mui--text-nowrap{white-space:nowrap!important}.mui--align-baseline{vertical-align:baseline!important}.mui--align-top{vertical-align:top!important}.mui--align-middle{vertical-align:middle!important}.mui--align-bottom{vertical-align:bottom!important}.mui--text-dark{color:rgba(0,0,0,.87)}.mui--text-dark-secondary{color:rgba(0,0,0,.54)}.mui--text-dark-hint{color:rgba(0,0,0,.38)}.mui--text-light{color:#FFF}.mui--text-light-secondary{color:rgba(255,255,255,.7)}.mui--text-light-hint{color:rgba(255,255,255,.3)}.mui--text-accent{color:rgba(255,64,129,.87)}.mui--text-accent-secondary{color:rgba(255,64,129,.54)}.mui--text-accent-hint{color:rgba(255,64,129,.38)}.mui--text-black{color:#000}.mui--text-white{color:#FFF}.mui--text-danger{color:#F44336}.mui--bg-primary{background-color:#2196F3}.mui--bg-primary-dark{background-color:#1976D2}.mui--bg-primary-light{background-color:#BBDEFB}.mui--bg-accent{background-color:#FF4081}.mui--bg-accent-dark{background-color:#F50057}.mui--bg-accent-light{background-color:#FF80AB}.mui--bg-danger{background-color:#F44336}.mui-list--unstyled{padding-left:0;list-style:none}.mui-list--inline{padding-left:0;list-style:none;margin-left:-5px}.mui-list--inline>li{display:inline-block;padding-left:5px;padding-right:5px}.mui--z1,.mui-dropdown__menu,.mui-select__menu{box-shadow:0 1px 3px rgba(0,0,0,.12),0 1px 2px rgba(0,0,0,.24)}.mui--z2{box-shadow:0 3px 6px rgba(0,0,0,.16),0 3px 6px rgba(0,0,0,.23)}.mui--z3{box-shadow:0 10px 20px rgba(0,0,0,.19),0 6px 6px rgba(0,0,0,.23)}.mui--z4{box-shadow:0 14px 28px rgba(0,0,0,.25),0 10px 10px rgba(0,0,0,.22)}.mui--z5{box-shadow:0 19px 38px rgba(0,0,0,.3),0 15px 12px rgba(0,0,0,.22)}.mui--clearfix:after,.mui--clearfix:before{content:" ";display:table}.mui--clearfix:after{clear:both}.mui--pull-right{float:right!important}.mui--pull-left{float:left!important}.mui--hide{display:none!important}.mui--show{display:block!important}.mui--invisible{visibility:hidden}.mui--overflow-hidden{overflow:hidden!important}.mui--overflow-hidden-x{overflow-x:hidden!important}.mui--overflow-hidden-y{overflow-y:hidden!important}.mui--visible-lg-block,.mui--visible-lg-inline,.mui--visible-lg-inline-block,.mui--visible-md-block,.mui--visible-md-inline,.mui--visible-md-inline-block,.mui--visible-sm-block,.mui--visible-sm-inline,.mui--visible-sm-inline-block,.mui--visible-xl-block,.mui--visible-xl-inline,.mui--visible-xl-inline-block,.mui--visible-xs-block,.mui--visible-xs-inline,.mui--visible-xs-inline-block{display:none!important}@media (max-width:543px){.mui-visible-xs{display:block!important}table.mui-visible-xs{display:table}tr.mui-visible-xs{display:table-row!important}td.mui-visible-xs,th.mui-visible-xs{display:table-cell!important}.mui--visible-xs-block{display:block!important}.mui--visible-xs-inline{display:inline!important}.mui--visible-xs-inline-block{display:inline-block!important}}@media (min-width:544px) and (max-width:767px){.mui-visible-sm{display:block!important}table.mui-visible-sm{display:table}tr.mui-visible-sm{display:table-row!important}td.mui-visible-sm,th.mui-visible-sm{display:table-cell!important}.mui--visible-sm-block{display:block!important}.mui--visible-sm-inline{display:inline!important}.mui--visible-sm-inline-block{display:inline-block!important}}@media (min-width:768px) and (max-width:991px){.mui-visible-md{display:block!important}table.mui-visible-md{display:table}tr.mui-visible-md{display:table-row!important}td.mui-visible-md,th.mui-visible-md{display:table-cell!important}.mui--visible-md-block{display:block!important}.mui--visible-md-inline{display:inline!important}.mui--visible-md-inline-block{display:inline-block!important}}@media (min-width:992px) and (max-width:1199px){.mui-visible-lg{display:block!important}table.mui-visible-lg{display:table}tr.mui-visible-lg{display:table-row!important}td.mui-visible-lg,th.mui-visible-lg{display:table-cell!important}.mui--visible-lg-block{display:block!important}.mui--visible-lg-inline{display:inline!important}.mui--visible-lg-inline-block{display:inline-block!important}}@media (min-width:1200px){.mui-visible-xl{display:block!important}table.mui-visible-xl{display:table}tr.mui-visible-xl{display:table-row!important}td.mui-visible-xl,th.mui-visible-xl{display:table-cell!important}.mui--visible-xl-block{display:block!important}.mui--visible-xl-inline{display:inline!important}.mui--visible-xl-inline-block{display:inline-block!important}}@media (max-width:543px){.mui--hidden-xs{display:none!important}}@media (min-width:544px) and (max-width:767px){.mui--hidden-sm{display:none!important}}@media (min-width:768px) and (max-width:991px){.mui--hidden-md{display:none!important}}@media (min-width:992px) and (max-width:1199px){.mui--hidden-lg{display:none!important}}@media (min-width:1200px){.mui--hidden-xl{display:none!important}}.mui-scrlock--showbar-y{overflow-y:scroll!important}.mui-scrlock--showbar-x{overflow-x:scroll!important}#mui-overlay{position:fixed;top:0;right:0;bottom:0;left:0;z-index:99999999;background-color:rgba(0,0,0,.2);overflow:auto}.mui-btn__ripple-container{position:absolute;top:0;left:0;display:block;height:100%;width:100%;overflow:hidden;z-index:0;pointer-events:none}.mui-ripple{position:absolute;top:0;left:0;border-radius:50%;opacity:0;pointer-events:none;transform:scale(.0001,.0001)}.mui-ripple.mui--is-animating{transform:none;transition:transform .3s cubic-bezier(0,0,.2,1),width .3s cubic-bezier(0,0,.2,1),height .3s cubic-bezier(0,0,.2,1),opacity .3s cubic-bezier(0,0,.2,1)}.mui-ripple.mui--is-visible{opacity:.3}.mui-btn .mui-ripple{background-color:#a6a6a6}.mui-btn--primary .mui-ripple{background-color:#FFF}.mui-btn--dark .mui-ripple{background-color:#FFF}.mui-btn--danger .mui-ripple{background-color:#FFF}.mui-btn--accent .mui-ripple{background-color:#FFF}.mui-btn--flat .mui-ripple{background-color:#a6a6a6}.mui--text-display4{font-weight:300;font-size:112px;line-height:112px}.mui--text-display3{font-weight:400;font-size:56px;line-height:56px}.mui--text-display2{font-weight:400;font-size:45px;line-height:48px}.mui--text-display1,h1{font-weight:400;font-size:34px;line-height:40px}.mui--text-headline,h2{font-weight:400;font-size:24px;line-height:32px}.mui--text-title,h3{font-weight:400;font-size:20px;line-height:28px}.mui--text-subhead,h4{font-weight:400;font-size:16px;line-height:24px}.mui--text-body2,h5{font-weight:500;font-size:14px;line-height:24px}.mui--text-body1{font-weight:400;font-size:14px;line-height:20px}.mui--text-caption{font-weight:400;font-size:12px;line-height:16px}.mui--text-menu{font-weight:500;font-size:13px;line-height:17px}.mui--text-button{font-weight:500;font-size:14px;line-height:18px;text-transform:uppercase} diff --git a/dashboard/static/lib/mui/packages/cdn/js/mui.min.js b/dashboard/static/lib/mui/packages/cdn/js/mui.min.js index 30032f09..27c5877d 100644 --- a/dashboard/static/lib/mui/packages/cdn/js/mui.min.js +++ b/dashboard/static/lib/mui/packages/cdn/js/mui.min.js @@ -1 +1 @@ -!function t(e,i,n){function o(s,a){if(!i[s]){if(!e[s]){var l="function"==typeof require&&require;if(!a&&l)return l(s,!0);if(r)return r(s,!0);throw new Error("Cannot find module '"+s+"'")}var u=i[s]={exports:{}};e[s][0].call(u.exports,function(t){var i=e[s][1][t];return o(i||t)},u,u.exports,t,e,i,n)}return i[s].exports}for(var r="function"==typeof require&&require,s=0;s input","mui-textfield-inserted"],[".mui-textfield > textarea","mui-textfield-inserted"],[".mui-textfield > input:-webkit-autofill","mui-textfield-autofill"],[".mui-textfield > textarea:-webkit-autofill","mui-textfield-autofill"],[".mui-select > select","mui-select-inserted"],[".mui-select > select ~ .mui-event-trigger","mui-node-inserted"],[".mui-select > select:disabled ~ .mui-event-trigger","mui-node-disabled"]],i="",n=0,o=e.length;nd&&(p=a+(i+1)*s-(-1*n+o+r),h=e*s+2*a-f,v=Math.min(p,h)),{height:f+"px",top:n+"px",scrollTop:v}}var o=15,r=32,s=42,a=8;e.exports={getMenuPositionalCSS:n}},{}],5:[function(t,e,i){"use strict";function n(t,e){if(e&&t.setAttribute){for(var i,n=h(t),o=e.split(" "),r=0;r-1}function s(t){if(void 0===t)return"undefined";var e=Object.prototype.toString.call(t);if(0===e.indexOf("[object "))return e.slice(8,-1).toLowerCase();throw new Error("MUI: Could not understand type: "+e)}function a(t,e,i,n){n=void 0!==n&&n;var o=t._muiEventCache=t._muiEventCache||{};e.split(" ").map(function(e){t.addEventListener(e,i,n),o[e]=o[e]||[],o[e].push([i,n])})}function l(t,e,i,n){n=void 0!==n&&n;var o,r,s,a=t._muiEventCache=t._muiEventCache||{};e.split(" ").map(function(e){for(o=a[e]||[],s=o.length;s--;)r=o[s],(void 0===i||r[0]===i&&r[1]===n)&&(o.splice(s,1),t.removeEventListener(e,r[0],r[1]))})}function u(t,e,i,n){e.split(" ").map(function(e){a(t,e,function o(r){i&&i.apply(this,arguments),l(t,e,o,n)},n)})}function c(t,e){var i=window;if(void 0===e){if(t===i){var n=document.documentElement;return(i.pageXOffset||n.scrollLeft)-(n.clientLeft||0)}return t.scrollLeft}t===i?i.scrollTo(e,d(i)):t.scrollLeft=e}function d(t,e){var i=window;if(void 0===e){if(t===i){var n=document.documentElement;return(i.pageYOffset||n.scrollTop)-(n.clientTop||0)}return t.scrollTop}t===i?i.scrollTo(c(i),e):t.scrollTop=e}function m(t){var e=window,i=t.getBoundingClientRect(),n=d(e),o=c(e);return{top:i.top+n,left:i.left+o,height:i.height,width:i.width}}function f(t){var e=!1,i=!0,n=document,o=n.defaultView,r=n.documentElement,s=n.addEventListener?"addEventListener":"attachEvent",a=n.addEventListener?"removeEventListener":"detachEvent",l=n.addEventListener?"":"on",u=function(i){"readystatechange"==i.type&&"complete"!=n.readyState||(("load"==i.type?o:n)[a](l+i.type,u,!1),!e&&(e=!0)&&t.call(o,i.type||i))},c=function(){try{r.doScroll("left")}catch(t){return void setTimeout(c,50)}u("poll")};if("complete"==n.readyState)t.call(o,"lazy");else{if(n.createEventObject&&r.doScroll){try{i=!o.frameElement}catch(t){}i&&c()}n[s](l+"DOMContentLoaded",u,!1),n[s](l+"readystatechange",u,!1),o[s](l+"load",u,!1)}}function p(t,e){if(e&&t.setAttribute){for(var i,n=h(t),o=e.split(" "),r=0;r=0;)n=n.replace(" "+i+" "," ");t.setAttribute("class",n.trim())}}function h(t){return" "+(t.getAttribute("class")||"").replace(/[\n\t]/g,"")+" "}function v(t){return t.replace(g,function(t,e,i,n){return n?i.toUpperCase():i}).replace(y,"Moz$1")}function b(t,e,i){var n;return n=i.getPropertyValue(e),""!==n||t.ownerDocument||(n=t.style[v(e)]),n}var g=/([\:\-\_]+(.))/g,y=/^moz([A-Z])/;e.exports={addClass:n,css:o,hasClass:r,off:l,offset:m,on:a,one:u,ready:f,removeClass:p,type:s,scrollLeft:c,scrollTop:d}},{}],6:[function(t,e,i){"use strict";function n(){var t=window;if(g.debug&&void 0!==t.console)try{t.console.log.apply(t.console,arguments)}catch(i){var e=Array.prototype.slice.call(arguments);t.console.log(e.join("\n"))}}function o(t){var e,i=document;e=i.head||i.getElementsByTagName("head")[0]||i.documentElement;var n=i.createElement("style");return n.type="text/css",n.styleSheet?n.styleSheet.cssText=t:n.appendChild(i.createTextNode(t)),e.insertBefore(n,e.firstChild),n}function r(t,e){if(!e)throw new Error("MUI: "+t);"undefined"!=typeof console&&console.error("MUI Warning: "+t)}function s(t){var e="";for(var i in t)e+=t[i]?i+" ":"";return e.trim()}function a(){if(void 0!==b)return b;var t=document.createElement("x");return t.style.cssText="pointer-events:auto",b="auto"===t.style.pointerEvents}function l(t,e){return function(){t[e].apply(t,arguments)}}function u(t,e,i,n,o){var r,s=document.createEvent("HTMLEvents"),i=void 0===i||i,n=void 0===n||n;if(s.initEvent(e,i,n),o)for(r in o)s[r]=o[r];return t&&t.dispatchEvent(s),s}function c(){if(1===(C+=1)){var t,e,i,n=document,r=window,s=n.documentElement,a=n.body,l=x();t=["overflow:hidden"],l&&(s.scrollHeight>s.clientHeight&&(i=parseInt(y.css(a,"padding-right"))+l,t.push("padding-right:"+i+"px")),s.scrollWidth>s.clientWidth&&(i=parseInt(y.css(a,"padding-bottom"))+l,t.push("padding-bottom:"+i+"px"))),e="."+E+"{",e+=t.join(" !important;")+" !important;}",p=o(e),y.on(r,"scroll",h,!0),f={left:y.scrollLeft(r),top:y.scrollTop(r)},y.addClass(a,E)}}function d(t){0!==C&&0===(C-=1)&&(y.removeClass(document.body,E),p.parentNode.removeChild(p),t&&window.scrollTo(f.left,f.top),y.off(window,"scroll",h,!0))}function m(t){var e=window.requestAnimationFrame;e?e(t):setTimeout(t,0)}var f,p,h,v,b,g=t("../config"),y=t("./jqLite"),C=0,E="mui-scroll-lock";h=function(t){t.target.tagName||t.stopImmediatePropagation()};var x=function(){if(void 0!==v)return v;var t=document,e=t.body,i=t.createElement("div");return i.innerHTML='
',i=i.firstChild,e.appendChild(i),v=i.offsetWidth-i.clientWidth,e.removeChild(i),v};e.exports={callback:l,classNames:s,disableScrollLock:d,dispatchEvent:u,enableScrollLock:c,log:n,loadStyle:o,raiseError:r,requestAnimationFrame:m,supportsPointerEvents:a}},{"../config":2,"./jqLite":5}],7:[function(t,e,i){"use strict";function n(t){if(!0!==t._muiDropdown){t._muiDropdown=!0;var e=t.tagName;"INPUT"!==e&&"BUTTON"!==e||t.hasAttribute("type")||(t.type="button"),s.on(t,"click",o)}}function o(t){if(0===t.button){var e=this;null===e.getAttribute("disabled")&&r(e)}}function r(t){function e(){s.removeClass(n,u),s.off(o,"click",e)}var i=t.parentNode,n=t.nextElementSibling,o=i.ownerDocument;if(!n||!s.hasClass(n,c))return a.raiseError("Dropdown menu element not found");s.hasClass(n,u)?e():function(){var r=i.getBoundingClientRect(),a=t.getBoundingClientRect(),l=a.top-r.top+a.height;s.css(n,"top",l+"px"),s.addClass(n,u),setTimeout(function(){s.on(o,"click",e)},0)}()}var s=t("./lib/jqLite"),a=t("./lib/util"),l=t("./lib/animationHelpers"),u="mui--is-open",c="mui-dropdown__menu";e.exports={initListeners:function(){for(var t=document.querySelectorAll('[data-mui-toggle="dropdown"]'),e=t.length;e--;)n(t[e]);l.onAnimationStart("mui-dropdown-inserted",function(t){n(t.target)})}}},{"./lib/animationHelpers":3,"./lib/jqLite":5,"./lib/util":6}],8:[function(t,e,i){e.exports=t(5)},{}],9:[function(t,e,i){"use strict";function n(t){var e;if("on"===t){for(var i,n,s,a=arguments.length-1;a>0;a--)i=arguments[a],"object"===p.type(i)&&(n=i),i instanceof Element&&1===i.nodeType&&(s=i);n=n||{},void 0===n.keyboard&&(n.keyboard=!0),void 0===n.static&&(n.static=!1),e=o(n,s)}else"off"===t?e=r():f.raiseError("Expecting 'on' or 'off'");return e}function o(t,e){var i=document,n=i.body,o=i.getElementById(h);if(i.activeElement&&(m=i.activeElement),f.enableScrollLock(),o){for(;o.firstChild;)o.removeChild(o.firstChild);e&&o.appendChild(e)}else o=i.createElement("div"),o.setAttribute("id",h),o.setAttribute("tabindex","-1"),e&&o.appendChild(e),n.appendChild(o);return v.test(navigator.userAgent)&&p.css(o,"cursor","pointer"),t.keyboard?s():a(),t.static?c(o):u(o),o.muiOptions=t,o.focus(),o}function r(){var t,e=document.getElementById(h);if(e){for(;e.firstChild;)e.removeChild(e.firstChild);e.parentNode.removeChild(e),t=e.muiOptions.onclose,c(e)}return f.disableScrollLock(),a(),m&&m.focus(),t&&t(),e}function s(){p.on(document,"keyup",l)}function a(){p.off(document,"keyup",l)}function l(t){27===t.keyCode&&r()}function u(t){p.on(t,"click",d)}function c(t){p.off(t,"click",d)}function d(t){t.target.id===h&&r()}var m,f=t("./lib/util"),p=t("./lib/jqLite"),h="mui-overlay",v=/(iPad|iPhone|iPod)/g;e.exports=n},{"./lib/jqLite":5,"./lib/util":6}],10:[function(t,e,i){"use strict";function n(t){!0!==t._muiRipple&&(t._muiRipple=!0,"INPUT"!==t.tagName&&s.on(t,c,o))}function o(t){if("mousedown"!==t.type||0===t.button){var e=this,i=e._rippleEl;if(!e.disabled){if(!i){var n=document.createElement("span");n.className="mui-btn__ripple-container",n.innerHTML='',e.appendChild(n),i=e._rippleEl=n.children[0],s.on(e,d,r)}var o,l,u=s.offset(e),c="touchstart"===t.type?t.touches[0]:t;o=Math.sqrt(u.height*u.height+u.width*u.width),l=2*o+"px",s.css(i,{width:l,height:l,top:Math.round(c.pageY-u.top-o)+"px",left:Math.round(c.pageX-u.left-o)+"px"}),s.removeClass(i,"mui--is-animating"),s.addClass(i,"mui--is-visible"),a.requestAnimationFrame(function(){s.addClass(i,"mui--is-animating")})}}}function r(t){var e=this._rippleEl;a.requestAnimationFrame(function(){s.removeClass(e,"mui--is-visible")})}var s=t("./lib/jqLite"),a=t("./lib/util"),l=t("./lib/animationHelpers"),u="ontouchstart"in document.documentElement,c=u?"touchstart":"mousedown",d=u?"touchend":"mouseup mouseleave";e.exports={initListeners:function(){for(var t=document.getElementsByClassName("mui-btn"),e=t.length;e--;)n(t[e]);l.onAnimationStart("mui-btn-inserted",function(t){n(t.target)})}}},{"./lib/animationHelpers":3,"./lib/jqLite":5,"./lib/util":6}],11:[function(t,e,i){"use strict";function n(t){if(!0!==t._muiSelect&&(t._muiSelect=!0,!("ontouchstart"in v.documentElement))){var e=t.parentNode;e._selectEl=t,e._menu=null,e._q="",e._qTimeout=null,t.disabled||(e.tabIndex=0),t.tabIndex=-1,d.on(t,"mousedown",o),d.on(e,"click",l),d.on(e,"blur focus",r),d.on(e,"keydown",s),d.on(e,"keypress",a);var i=document.createElement("div");i.className="mui-event-trigger",e.appendChild(i),d.on(i,f.animationEvents,function(t){t.stopPropagation(),"mui-node-disabled"===t.animationName?t.target.parentNode.removeAttribute("tabIndex"):t.target.parentNode.tabIndex=0})}}function o(t){0===t.button&&t.preventDefault()}function r(t){m.dispatchEvent(this._selectEl,t.type,!1,!1)}function s(t){if(!t.defaultPrevented){var e=t.keyCode,i=this._menu;if(i){if(9===e)return i.destroy();27!==e&&40!==e&&38!==e&&13!==e||t.preventDefault(),27===e?i.destroy():40===e?i.increment():38===e?i.decrement():13===e&&(i.selectCurrent(),i.destroy())}else 32!==e&&38!==e&&40!==e||(t.preventDefault(),u(this))}}function a(t){var e=this._menu;if(!t.defaultPrevented&&e){var i=this;clearTimeout(this._qTimeout),this._q+=t.key,this._qTimeout=setTimeout(function(){i._q=""},300);var n,o=new RegExp("^"+this._q,"i"),r=e.itemArray;for(n in r)if(o.test(r[n].innerText)){e.selectPos(n);break}}}function l(t){0!==t.button||this._selectEl.disabled||(this.focus(),u(this))}function u(t){t._menu||(t._menu=new c(t,t._selectEl,function(){t._menu=null,t.focus()}))}function c(t,e,i){m.enableScrollLock(),this.itemArray=[],this.origPos=null,this.currentPos=null,this.selectEl=e,this.wrapperEl=t,this.menuEl=this._createMenuEl(t,e);var n=m.callback;this.onClickCB=n(this,"onClick"),this.destroyCB=n(this,"destroy"),this.wrapperCallbackFn=i,t.appendChild(this.menuEl),d.scrollTop(this.menuEl,this.menuEl._scrollTop);var o=this.destroyCB;d.on(this.menuEl,"click",this.onClickCB),d.on(b,"resize",o),setTimeout(function(){d.on(v,"click",o)},0)}var d=t("./lib/jqLite"),m=t("./lib/util"),f=t("./lib/animationHelpers"),p=t("./lib/forms"),h="mui--is-selected",v=document,b=window;c.prototype._createMenuEl=function(t,e){var i,n,o,r,s,a,l,u,c=v.createElement("div"),m=e.children,f=this.itemArray,b=0,g=0,y=0,C=document.createDocumentFragment();for(c.className="mui-select__menu",s=0,a=m.length;s select"),e=t.length;e--;)n(t[e]);f.onAnimationStart("mui-select-inserted",function(t){n(t.target)})}}},{"./lib/animationHelpers":3,"./lib/forms":4,"./lib/jqLite":5,"./lib/util":6}],12:[function(t,e,i){"use strict";function n(t){!0!==t._muiTabs&&(t._muiTabs=!0,a.on(t,"click",o))}function o(t){if(0===t.button){var e=this;null===e.getAttribute("disabled")&&r(e)}}function r(t){var e,i,n,o,r,u,v,b,g,y=t.parentNode,C=t.getAttribute(c),E=document.getElementById(C);a.hasClass(y,d)||(E||l.raiseError('Tab pane "'+C+'" not found'),i=s(E),n=i.id,g="["+c+'="'+n+'"]',o=document.querySelectorAll(g)[0],e=o.parentNode,r={paneId:C,relatedPaneId:n},u={paneId:n,relatedPaneId:C},v=l.dispatchEvent(o,p,!0,!0,u),b=l.dispatchEvent(t,m,!0,!0,r),setTimeout(function(){v.defaultPrevented||b.defaultPrevented||(e&&a.removeClass(e,d),i&&a.removeClass(i,d),a.addClass(y,d),a.addClass(E,d),l.dispatchEvent(o,h,!0,!1,u),l.dispatchEvent(t,f,!0,!1,r))},0))}function s(t){for(var e,i=t.parentNode.children,n=i.length,o=null;n--&&!o;)(e=i[n])!==t&&a.hasClass(e,d)&&(o=e);return o}var a=t("./lib/jqLite"),l=t("./lib/util"),u=t("./lib/animationHelpers"),c="data-mui-controls",d="mui--is-active",m="mui.tabs.showstart",f="mui.tabs.showend",p="mui.tabs.hidestart",h="mui.tabs.hideend";e.exports={initListeners:function(){for(var t=document.querySelectorAll('[data-mui-toggle="tab"]'),e=t.length;e--;)n(t[e]);u.onAnimationStart("mui-tab-inserted",function(t){n(t.target)})},api:{activate:function(t){var e="["+c+"="+t+"]",i=document.querySelectorAll(e);i.length||l.raiseError('Tab control for pane "'+t+'" not found'),r(i[0])}}}},{"./lib/animationHelpers":3,"./lib/jqLite":5,"./lib/util":6}],13:[function(t,e,i){"use strict";function n(t){!0!==t._muiTextfield&&(t._muiTextfield=!0,t.value.length?s.addClass(t,p):s.addClass(t,f),s.addClass(t,c+" "+d),s.on(t,"blur",function e(){document.activeElement!==t&&(s.removeClass(t,c),s.addClass(t,u),s.off(t,"blur",e))}),s.one(t,"input change",function(){s.removeClass(t,d),s.addClass(t,m)}),s.on(t,"input change",o))}function o(){var t=this;t.value.length?(s.removeClass(t,f),s.addClass(t,p)):(s.removeClass(t,p),s.addClass(t,f))}function r(t){!0===t._muiTextfield&&o.call(t)}var s=t("./lib/jqLite"),a=t("./lib/util"),l=t("./lib/animationHelpers"),u="mui--is-touched",c="mui--is-untouched",d="mui--is-pristine",m="mui--is-dirty",f="mui--is-empty",p="mui--is-not-empty";e.exports={initialize:n,initListeners:function(){for(var t=document,e=t.querySelectorAll(".mui-textfield > input, .mui-textfield > textarea"),i=e.length;i--;)n(e[i]);l.onAnimationStart("mui-textfield-inserted",function(t){n(t.target)}),setTimeout(function(){var t=".mui-textfield.mui-textfield--float-label > label {"+["-webkit-transition","-moz-transition","-o-transition","transition",""].join(":all .15s ease-out;")+"}";a.loadStyle(t)},150),l.onAnimationStart("mui-textfield-autofill",function(t){r(t.target)}),!1===a.supportsPointerEvents()&&s.on(t,"click",function(t){var e=t.target;if("LABEL"===e.tagName&&s.hasClass(e.parentNode,"mui-textfield--float-label")){var i=e.previousElementSibling;i&&i.focus()}})}}},{"./lib/animationHelpers":3,"./lib/jqLite":5,"./lib/util":6}]},{},[1]); \ No newline at end of file +!function t(e,i,n){function o(s,a){if(!i[s]){if(!e[s]){var l="function"==typeof require&&require;if(!a&&l)return l(s,!0);if(r)return r(s,!0);throw new Error("Cannot find module '"+s+"'")}var u=i[s]={exports:{}};e[s][0].call(u.exports,function(t){var i=e[s][1][t];return o(i||t)},u,u.exports,t,e,i,n)}return i[s].exports}for(var r="function"==typeof require&&require,s=0;s input","mui-textfield-inserted"],[".mui-textfield > textarea","mui-textfield-inserted"],[".mui-textfield > input:-webkit-autofill","mui-textfield-autofill"],[".mui-textfield > textarea:-webkit-autofill","mui-textfield-autofill"],[".mui-select > select","mui-select-inserted"],[".mui-select > select ~ .mui-event-trigger","mui-node-inserted"],[".mui-select > select:disabled ~ .mui-event-trigger","mui-node-disabled"]],i="",n=0,o=e.length;nd&&(p=a+(i+1)*s-(-1*n+o+r),h=e*s+2*a-f,v=Math.min(p,h)),{height:f+"px",top:n+"px",scrollTop:v}}var o=15,r=32,s=42,a=8;e.exports={getMenuPositionalCSS:n}},{}],5:[function(t,e,i){"use strict";function n(t,e){if(e&&t.setAttribute){for(var i,n=h(t),o=e.split(" "),r=0;r-1}function s(t){if(void 0===t)return"undefined";var e=Object.prototype.toString.call(t);if(0===e.indexOf("[object "))return e.slice(8,-1).toLowerCase();throw new Error("MUI: Could not understand type: "+e)}function a(t,e,i,n){n=void 0!==n&&n;var o=t._muiEventCache=t._muiEventCache||{};e.split(" ").map(function(e){t.addEventListener(e,i,n),o[e]=o[e]||[],o[e].push([i,n])})}function l(t,e,i,n){n=void 0!==n&&n;var o,r,s,a=t._muiEventCache=t._muiEventCache||{};e.split(" ").map(function(e){for(o=a[e]||[],s=o.length;s--;)r=o[s],(void 0===i||r[0]===i&&r[1]===n)&&(o.splice(s,1),t.removeEventListener(e,r[0],r[1]))})}function u(t,e,i,n){e.split(" ").map(function(e){a(t,e,function o(r){i&&i.apply(this,arguments),l(t,e,o,n)},n)})}function c(t,e){var i=window;if(void 0===e){if(t===i){var n=document.documentElement;return(i.pageXOffset||n.scrollLeft)-(n.clientLeft||0)}return t.scrollLeft}t===i?i.scrollTo(e,d(i)):t.scrollLeft=e}function d(t,e){var i=window;if(void 0===e){if(t===i){var n=document.documentElement;return(i.pageYOffset||n.scrollTop)-(n.clientTop||0)}return t.scrollTop}t===i?i.scrollTo(c(i),e):t.scrollTop=e}function m(t){var e=window,i=t.getBoundingClientRect(),n=d(e),o=c(e);return{top:i.top+n,left:i.left+o,height:i.height,width:i.width}}function f(t){var e=!1,i=!0,n=document,o=n.defaultView,r=n.documentElement,s=n.addEventListener?"addEventListener":"attachEvent",a=n.addEventListener?"removeEventListener":"detachEvent",l=n.addEventListener?"":"on",u=function(i){"readystatechange"==i.type&&"complete"!=n.readyState||(("load"==i.type?o:n)[a](l+i.type,u,!1),!e&&(e=!0)&&t.call(o,i.type||i))},c=function(){try{r.doScroll("left")}catch(t){return void setTimeout(c,50)}u("poll")};if("complete"==n.readyState)t.call(o,"lazy");else{if(n.createEventObject&&r.doScroll){try{i=!o.frameElement}catch(t){}i&&c()}n[s](l+"DOMContentLoaded",u,!1),n[s](l+"readystatechange",u,!1),o[s](l+"load",u,!1)}}function p(t,e){if(e&&t.setAttribute){for(var i,n=h(t),o=e.split(" "),r=0;r=0;)n=n.replace(" "+i+" "," ");t.setAttribute("class",n.trim())}}function h(t){return" "+(t.getAttribute("class")||"").replace(/[\n\t]/g,"")+" "}function v(t){return t.replace(g,function(t,e,i,n){return n?i.toUpperCase():i}).replace(y,"Moz$1")}function b(t,e,i){var n;return n=i.getPropertyValue(e),""!==n||t.ownerDocument||(n=t.style[v(e)]),n}var g=/([\:\-\_]+(.))/g,y=/^moz([A-Z])/;e.exports={addClass:n,css:o,hasClass:r,off:l,offset:m,on:a,one:u,ready:f,removeClass:p,type:s,scrollLeft:c,scrollTop:d}},{}],6:[function(t,e,i){"use strict";function n(){var t=window;if(g.debug&&void 0!==t.console)try{t.console.log.apply(t.console,arguments)}catch(i){var e=Array.prototype.slice.call(arguments);t.console.log(e.join("\n"))}}function o(t){var e,i=document;e=i.head||i.getElementsByTagName("head")[0]||i.documentElement;var n=i.createElement("style");return n.type="text/css",n.styleSheet?n.styleSheet.cssText=t:n.appendChild(i.createTextNode(t)),e.insertBefore(n,e.firstChild),n}function r(t,e){if(!e)throw new Error("MUI: "+t);"undefined"!=typeof console&&console.error("MUI Warning: "+t)}function s(t){var e="";for(var i in t)e+=t[i]?i+" ":"";return e.trim()}function a(){if(void 0!==b)return b;var t=document.createElement("x");return t.style.cssText="pointer-events:auto",b="auto"===t.style.pointerEvents}function l(t,e){return function(){t[e].apply(t,arguments)}}function u(t,e,i,n,o){var r,s=document.createEvent("HTMLEvents"),i=void 0===i||i,n=void 0===n||n;if(s.initEvent(e,i,n),o)for(r in o)s[r]=o[r];return t&&t.dispatchEvent(s),s}function c(){if(1===(C+=1)){var t,e,i,n=document,r=window,s=n.documentElement,a=n.body,l=x();t=["overflow:hidden"],l&&(s.scrollHeight>s.clientHeight&&(i=parseInt(y.css(a,"padding-right"))+l,t.push("padding-right:"+i+"px")),s.scrollWidth>s.clientWidth&&(i=parseInt(y.css(a,"padding-bottom"))+l,t.push("padding-bottom:"+i+"px"))),e="."+E+"{",e+=t.join(" !important;")+" !important;}",p=o(e),y.on(r,"scroll",h,!0),f={left:y.scrollLeft(r),top:y.scrollTop(r)},y.addClass(a,E)}}function d(t){0!==C&&0===(C-=1)&&(y.removeClass(document.body,E),p.parentNode.removeChild(p),t&&window.scrollTo(f.left,f.top),y.off(window,"scroll",h,!0))}function m(t){var e=window.requestAnimationFrame;e?e(t):setTimeout(t,0)}var f,p,h,v,b,g=t("../config"),y=t("./jqLite"),C=0,E="mui-scroll-lock";h=function(t){t.target.tagName||t.stopImmediatePropagation()};var x=function(){if(void 0!==v)return v;var t=document,e=t.body,i=t.createElement("div");return i.innerHTML='
',i=i.firstChild,e.appendChild(i),v=i.offsetWidth-i.clientWidth,e.removeChild(i),v};e.exports={callback:l,classNames:s,disableScrollLock:d,dispatchEvent:u,enableScrollLock:c,log:n,loadStyle:o,raiseError:r,requestAnimationFrame:m,supportsPointerEvents:a}},{"../config":2,"./jqLite":5}],7:[function(t,e,i){"use strict";function n(t){if(!0!==t._muiDropdown){t._muiDropdown=!0;var e=t.tagName;"INPUT"!==e&&"BUTTON"!==e||t.hasAttribute("type")||(t.type="button"),s.on(t,"click",o)}}function o(t){if(0===t.button){var e=this;null===e.getAttribute("disabled")&&r(e)}}function r(t){function e(){s.removeClass(n,u),s.off(o,"click",e)}var i=t.parentNode,n=t.nextElementSibling,o=i.ownerDocument;if(!n||!s.hasClass(n,c))return a.raiseError("Dropdown menu element not found");s.hasClass(n,u)?e():function(){var r=i.getBoundingClientRect(),a=t.getBoundingClientRect(),l=a.top-r.top+a.height;s.css(n,"top",l+"px"),s.addClass(n,u),setTimeout(function(){s.on(o,"click",e)},0)}()}var s=t("./lib/jqLite"),a=t("./lib/util"),l=t("./lib/animationHelpers"),u="mui--is-open",c="mui-dropdown__menu";e.exports={initListeners:function(){for(var t=document.querySelectorAll('[data-mui-toggle="dropdown"]'),e=t.length;e--;)n(t[e]);l.onAnimationStart("mui-dropdown-inserted",function(t){n(t.target)})}}},{"./lib/animationHelpers":3,"./lib/jqLite":5,"./lib/util":6}],8:[function(t,e,i){e.exports=t(5)},{}],9:[function(t,e,i){"use strict";function n(t){var e;if("on"===t){for(var i,n,s,a=arguments.length-1;a>0;a--)i=arguments[a],"object"===p.type(i)&&(n=i),i instanceof Element&&1===i.nodeType&&(s=i);n=n||{},void 0===n.keyboard&&(n.keyboard=!0),void 0===n.static&&(n.static=!1),e=o(n,s)}else"off"===t?e=r():f.raiseError("Expecting 'on' or 'off'");return e}function o(t,e){var i=document,n=i.body,o=i.getElementById(h);if(i.activeElement&&(m=i.activeElement),f.enableScrollLock(),o){for(;o.firstChild;)o.removeChild(o.firstChild);e&&o.appendChild(e)}else o=i.createElement("div"),o.setAttribute("id",h),o.setAttribute("tabindex","-1"),e&&o.appendChild(e),n.appendChild(o);return v.test(navigator.userAgent)&&p.css(o,"cursor","pointer"),t.keyboard?s():a(),t.static?c(o):u(o),o.muiOptions=t,o.focus(),o}function r(){var t,e=document.getElementById(h);if(e){for(;e.firstChild;)e.removeChild(e.firstChild);e.parentNode.removeChild(e),t=e.muiOptions.onclose,c(e)}return f.disableScrollLock(),a(),m&&m.focus(),t&&t(),e}function s(){p.on(document,"keyup",l)}function a(){p.off(document,"keyup",l)}function l(t){27===t.keyCode&&r()}function u(t){p.on(t,"click",d)}function c(t){p.off(t,"click",d)}function d(t){t.target.id===h&&r()}var m,f=t("./lib/util"),p=t("./lib/jqLite"),h="mui-overlay",v=/(iPad|iPhone|iPod)/g;e.exports=n},{"./lib/jqLite":5,"./lib/util":6}],10:[function(t,e,i){"use strict";function n(t){!0!==t._muiRipple&&(t._muiRipple=!0,"INPUT"!==t.tagName&&s.on(t,c,o))}function o(t){if("mousedown"!==t.type||0===t.button){var e=this,i=e._rippleEl;if(!e.disabled){if(!i){var n=document.createElement("span");n.className="mui-btn__ripple-container",n.innerHTML='',e.appendChild(n),i=e._rippleEl=n.children[0],s.on(e,d,r)}var o,l,u=s.offset(e),c="touchstart"===t.type?t.touches[0]:t;o=Math.sqrt(u.height*u.height+u.width*u.width),l=2*o+"px",s.css(i,{width:l,height:l,top:Math.round(c.pageY-u.top-o)+"px",left:Math.round(c.pageX-u.left-o)+"px"}),s.removeClass(i,"mui--is-animating"),s.addClass(i,"mui--is-visible"),a.requestAnimationFrame(function(){s.addClass(i,"mui--is-animating")})}}}function r(t){var e=this._rippleEl;a.requestAnimationFrame(function(){s.removeClass(e,"mui--is-visible")})}var s=t("./lib/jqLite"),a=t("./lib/util"),l=t("./lib/animationHelpers"),u="ontouchstart"in document.documentElement,c=u?"touchstart":"mousedown",d=u?"touchend":"mouseup mouseleave";e.exports={initListeners:function(){for(var t=document.getElementsByClassName("mui-btn"),e=t.length;e--;)n(t[e]);l.onAnimationStart("mui-btn-inserted",function(t){n(t.target)})}}},{"./lib/animationHelpers":3,"./lib/jqLite":5,"./lib/util":6}],11:[function(t,e,i){"use strict";function n(t){if(!0!==t._muiSelect&&(t._muiSelect=!0,!("ontouchstart"in v.documentElement))){var e=t.parentNode;e._selectEl=t,e._menu=null,e._q="",e._qTimeout=null,t.disabled||(e.tabIndex=0),t.tabIndex=-1,d.on(t,"mousedown",o),d.on(e,"click",l),d.on(e,"blur focus",r),d.on(e,"keydown",s),d.on(e,"keypress",a);var i=document.createElement("div");i.className="mui-event-trigger",e.appendChild(i),d.on(i,f.animationEvents,function(t){t.stopPropagation(),"mui-node-disabled"===t.animationName?t.target.parentNode.removeAttribute("tabIndex"):t.target.parentNode.tabIndex=0})}}function o(t){0===t.button&&t.preventDefault()}function r(t){m.dispatchEvent(this._selectEl,t.type,!1,!1)}function s(t){if(!t.defaultPrevented){var e=t.keyCode,i=this._menu;if(i){if(9===e)return i.destroy();27!==e&&40!==e&&38!==e&&13!==e||t.preventDefault(),27===e?i.destroy():40===e?i.increment():38===e?i.decrement():13===e&&(i.selectCurrent(),i.destroy())}else 32!==e&&38!==e&&40!==e||(t.preventDefault(),u(this))}}function a(t){var e=this._menu;if(!t.defaultPrevented&&e){var i=this;clearTimeout(this._qTimeout),this._q+=t.key,this._qTimeout=setTimeout(function(){i._q=""},300);var n,o=new RegExp("^"+this._q,"i"),r=e.itemArray;for(n in r)if(o.test(r[n].innerText)){e.selectPos(n);break}}}function l(t){0!==t.button||this._selectEl.disabled||(this.focus(),u(this))}function u(t){t._menu||(t._menu=new c(t,t._selectEl,function(){t._menu=null,t.focus()}))}function c(t,e,i){m.enableScrollLock(),this.itemArray=[],this.origPos=null,this.currentPos=null,this.selectEl=e,this.wrapperEl=t,this.menuEl=this._createMenuEl(t,e);var n=m.callback;this.onClickCB=n(this,"onClick"),this.destroyCB=n(this,"destroy"),this.wrapperCallbackFn=i,t.appendChild(this.menuEl),d.scrollTop(this.menuEl,this.menuEl._scrollTop);var o=this.destroyCB;d.on(this.menuEl,"click",this.onClickCB),d.on(b,"resize",o),setTimeout(function(){d.on(v,"click",o)},0)}var d=t("./lib/jqLite"),m=t("./lib/util"),f=t("./lib/animationHelpers"),p=t("./lib/forms"),h="mui--is-selected",v=document,b=window;c.prototype._createMenuEl=function(t,e){var i,n,o,r,s,a,l,u,c=v.createElement("div"),m=e.children,f=this.itemArray,b=0,g=0,y=0,C=document.createDocumentFragment();for(c.className="mui-select__menu",s=0,a=m.length;s select"),e=t.length;e--;)n(t[e]);f.onAnimationStart("mui-select-inserted",function(t){n(t.target)})}}},{"./lib/animationHelpers":3,"./lib/forms":4,"./lib/jqLite":5,"./lib/util":6}],12:[function(t,e,i){"use strict";function n(t){!0!==t._muiTabs&&(t._muiTabs=!0,a.on(t,"click",o))}function o(t){if(0===t.button){var e=this;null===e.getAttribute("disabled")&&r(e)}}function r(t){var e,i,n,o,r,u,v,b,g,y=t.parentNode,C=t.getAttribute(c),E=document.getElementById(C);a.hasClass(y,d)||(E||l.raiseError('Tab pane "'+C+'" not found'),i=s(E),n=i.id,g="["+c+'="'+n+'"]',o=document.querySelectorAll(g)[0],e=o.parentNode,r={paneId:C,relatedPaneId:n},u={paneId:n,relatedPaneId:C},v=l.dispatchEvent(o,p,!0,!0,u),b=l.dispatchEvent(t,m,!0,!0,r),setTimeout(function(){v.defaultPrevented||b.defaultPrevented||(e&&a.removeClass(e,d),i&&a.removeClass(i,d),a.addClass(y,d),a.addClass(E,d),l.dispatchEvent(o,h,!0,!1,u),l.dispatchEvent(t,f,!0,!1,r))},0))}function s(t){for(var e,i=t.parentNode.children,n=i.length,o=null;n--&&!o;)(e=i[n])!==t&&a.hasClass(e,d)&&(o=e);return o}var a=t("./lib/jqLite"),l=t("./lib/util"),u=t("./lib/animationHelpers"),c="data-mui-controls",d="mui--is-active",m="mui.tabs.showstart",f="mui.tabs.showend",p="mui.tabs.hidestart",h="mui.tabs.hideend";e.exports={initListeners:function(){for(var t=document.querySelectorAll('[data-mui-toggle="tab"]'),e=t.length;e--;)n(t[e]);u.onAnimationStart("mui-tab-inserted",function(t){n(t.target)})},api:{activate:function(t){var e="["+c+"="+t+"]",i=document.querySelectorAll(e);i.length||l.raiseError('Tab control for pane "'+t+'" not found'),r(i[0])}}}},{"./lib/animationHelpers":3,"./lib/jqLite":5,"./lib/util":6}],13:[function(t,e,i){"use strict";function n(t){!0!==t._muiTextfield&&(t._muiTextfield=!0,t.value.length?s.addClass(t,p):s.addClass(t,f),s.addClass(t,c+" "+d),s.on(t,"blur",function e(){document.activeElement!==t&&(s.removeClass(t,c),s.addClass(t,u),s.off(t,"blur",e))}),s.one(t,"input change",function(){s.removeClass(t,d),s.addClass(t,m)}),s.on(t,"input change",o))}function o(){var t=this;t.value.length?(s.removeClass(t,f),s.addClass(t,p)):(s.removeClass(t,p),s.addClass(t,f))}function r(t){!0===t._muiTextfield&&o.call(t)}var s=t("./lib/jqLite"),a=t("./lib/util"),l=t("./lib/animationHelpers"),u="mui--is-touched",c="mui--is-untouched",d="mui--is-pristine",m="mui--is-dirty",f="mui--is-empty",p="mui--is-not-empty";e.exports={initialize:n,initListeners:function(){for(var t=document,e=t.querySelectorAll(".mui-textfield > input, .mui-textfield > textarea"),i=e.length;i--;)n(e[i]);l.onAnimationStart("mui-textfield-inserted",function(t){n(t.target)}),setTimeout(function(){var t=".mui-textfield.mui-textfield--float-label > label {"+["-webkit-transition","-moz-transition","-o-transition","transition",""].join(":all .15s ease-out;")+"}";a.loadStyle(t)},150),l.onAnimationStart("mui-textfield-autofill",function(t){r(t.target)}),!1===a.supportsPointerEvents()&&s.on(t,"click",function(t){var e=t.target;if("LABEL"===e.tagName&&s.hasClass(e.parentNode,"mui-textfield--float-label")){var i=e.previousElementSibling;i&&i.focus()}})}}},{"./lib/animationHelpers":3,"./lib/jqLite":5,"./lib/util":6}]},{},[1]); diff --git a/dashboard/templates/icons/alert.svg b/dashboard/templates/icons/alert.svg index dd21c1c9..b1baf21c 100644 --- a/dashboard/templates/icons/alert.svg +++ b/dashboard/templates/icons/alert.svg @@ -1,2 +1 @@ - diff --git a/dashboard/templates/icons/arrow-right.svg b/dashboard/templates/icons/arrow-right.svg index 976cc46a..5064d793 100644 --- a/dashboard/templates/icons/arrow-right.svg +++ b/dashboard/templates/icons/arrow-right.svg @@ -1,2 +1 @@ - diff --git a/dashboard/templates/icons/info.svg b/dashboard/templates/icons/info.svg index b512f2c6..99a54608 100644 --- a/dashboard/templates/icons/info.svg +++ b/dashboard/templates/icons/info.svg @@ -1,2 +1 @@ - diff --git a/dashboard/templates/icons/notification.svg b/dashboard/templates/icons/notification.svg index 623b572e..b47ced44 100644 --- a/dashboard/templates/icons/notification.svg +++ b/dashboard/templates/icons/notification.svg @@ -1,2 +1 @@ - diff --git a/dashboard/vanity.py b/dashboard/vanity.py index 65cdc175..8d2e0b34 100644 --- a/dashboard/vanity.py +++ b/dashboard/vanity.py @@ -15,9 +15,7 @@ def setup(self): for vanity_url in url.keys(): try: self.app.add_url_rule(vanity_url, vanity_url, self.redirect_url) - self.app.add_url_rule( - vanity_url + "/", vanity_url + "/", self.redirect_url - ) + self.app.add_url_rule(vanity_url + "/", vanity_url + "/", self.redirect_url) except Exception as e: print(e) @@ -29,8 +27,7 @@ def redirect_url(self): if key == vanity_url: resp = make_response(redirect(match[vanity_url], code=301)) resp.headers["Cache-Control"] = ( - "no-store, no-cache, must-revalidate, " - "post-check=0, pre-check=0, max-age=0" + "no-store, no-cache, must-revalidate, " "post-check=0, pre-check=0, max-age=0" ) resp.headers["Expires"] = "-1" return resp diff --git a/docs/alert-center.md b/docs/alert-center.md index 434e4012..05e6f560 100644 --- a/docs/alert-center.md +++ b/docs/alert-center.md @@ -18,7 +18,7 @@ It is also important to understand the alert may not always been seen by the use ### Alert risk level -The alert risk levels are standardized and defined by the [Standard Levels](https://wiki.mozilla.org/Security/Standard_Levels) +The alert risk levels are standardized and defined by the [Standard Levels](https://wiki.mozilla.org/Security/Standard_Levels) This is a summary for convenience (refer to the above link for up-to-date 'official' information and complete definitions). @@ -72,7 +72,7 @@ We want to account for a user having a lot of alerts all at once. Let's say that as a user I am part of a major data breach, my house gets robbed, and attackers are logging in with one of my 2FA device(s) and password all over the globe. Instead of spamming the user, there should be a single dialog aggregating all alerts, such as: -> Important: You have 52 high and maximum risk alerts. View notification center. _or something like that_ +> Important: You have 52 high and maximum risk alerts. View notification center. _or something like that_ ### Remembering false-positives diff --git a/docs/architecture.mermaid b/docs/architecture.mermaid index 12d3d037..6131b10c 100644 --- a/docs/architecture.mermaid +++ b/docs/architecture.mermaid @@ -12,4 +12,4 @@ container --> dynamodb_table[alert_data via dynamo] cdn[cdn.sso.mozilla.com] --> access_file(apps.yml) -cdn[cdn.sso.mozilla.com] --> images(img, css, js) \ No newline at end of file +cdn[cdn.sso.mozilla.com] --> images(img, css, js) diff --git a/docs/development.md b/docs/development.md index 981f56a6..ee99571a 100644 --- a/docs/development.md +++ b/docs/development.md @@ -55,4 +55,4 @@ In the event that CI/CD is broken you may manually build the dashboard and relea ## Debugging a Failed Release -In order to debug a failed release you will need access to Graylog at `https://graylog.infra.iam.mozilla.com/search` stdout and stderr are shipped there. \ No newline at end of file +In order to debug a failed release you will need access to Graylog at `https://graylog.infra.iam.mozilla.com/search` stdout and stderr are shipped there. diff --git a/ansible/roles/dashboard/files/sso-dashboard.ini b/files/sso-dashboard.ini similarity index 100% rename from ansible/roles/dashboard/files/sso-dashboard.ini rename to files/sso-dashboard.ini diff --git a/files/start.sh b/files/start.sh new file mode 100644 index 00000000..87dcb0a8 --- /dev/null +++ b/files/start.sh @@ -0,0 +1,2 @@ +#!/bin/bash +exec python3 -m gunicorn.app.wsgiapp dashboard.app:app --worker-class gevent --bind 0.0.0.0:8000 --workers=${DASHBOARD_GUNICORN_WORKERS:-5} --reload diff --git a/k8s/Chart.yaml b/k8s/Chart.yaml deleted file mode 100644 index 1787334d..00000000 --- a/k8s/Chart.yaml +++ /dev/null @@ -1,2 +0,0 @@ -name: sso-dashboard -version: 0.0.1 diff --git a/k8s/templates/00-namespace.yaml b/k8s/templates/00-namespace.yaml deleted file mode 100644 index bde689ab..00000000 --- a/k8s/templates/00-namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: {{ .Values.namespace }} diff --git a/k8s/templates/deployment.yaml b/k8s/templates/deployment.yaml deleted file mode 100644 index 380923dc..00000000 --- a/k8s/templates/deployment.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Values.name }} - labels: - app: {{ .Values.name }} - namespace: {{ .Values.namespace }} -spec: - replicas: {{ .Values.replicas }} - selector: - matchLabels: - app: {{ .Values.name }} - template: - metadata: - annotations: - iam.amazonaws.com/role: {{ .Values.assume_role }} - labels: - app: {{ .Values.name }} - spec: - containers: - - name: {{ .Values.name }} - image: {{ .Values.registry }}:{{ .Values.rev }} - ports: - - containerPort: 8000 - resources: - requests: - memory: "768Mi" - cpu: "500m" - limits: - memory: "1024Mi" - cpu: "1000m" - env: - - name: AWS_DEFAULT_REGION - value: us-west-2 - - name: ENVIRONMENT - value: {{ .Values.environment }} - - name: MOZILLIANS_API_URL - value: https://mozillians.org/api/v2/users/ - - name: SERVER_NAME - value: {{ .Values.domain_name }} - - name: DASHBOARD_GUNICORN_WORKERS - value: "4" diff --git a/k8s/templates/ingress-controller.yaml b/k8s/templates/ingress-controller.yaml deleted file mode 100644 index 7bf9ac08..00000000 --- a/k8s/templates/ingress-controller.yaml +++ /dev/null @@ -1,190 +0,0 @@ -kind: ConfigMap -apiVersion: v1 -metadata: - name: nginx-configuration - namespace: {{ .Values.namespace }} - labels: - app: ingress-nginx - k8s-app: ingress-nginx -data: - use-proxy-protocol: "true" - enable-vts-status: "true" - proxy-buffer-size: "16k" ---- - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: nginx-ingress-serviceaccount - namespace: {{ .Values.namespace }} - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: nginx-ingress-role - namespace: {{ .Values.namespace }} -rules: - - apiGroups: - - "" - resources: - - configmaps - - pods - - secrets - - namespaces - - services - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - resourceNames: - # Defaults to "-" - # Here: "-" - # This has to be adapted if you change either parameter - # when launching the nginx-ingress-controller. - - "ingress-controller-leader-nginx-{{ .Values.namespace }}" - verbs: - - get - - update - - apiGroups: - - "" - resources: - - configmaps - - events - verbs: - - create - - apiGroups: - - "extensions" - resources: - - ingresses - verbs: - - list - - watch - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: nginx-ingress-role-nisa-binding - namespace: {{ .Values.namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: nginx-ingress-role -subjects: - - kind: ServiceAccount - name: nginx-ingress-serviceaccount - namespace: {{ .Values.namespace }} - ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nginx-ingress-controller - namespace: {{ .Values.namespace }} -spec: - replicas: 1 - selector: - matchLabels: - app: ingress-nginx - k8s-app: ingress-nginx - template: - metadata: - labels: - app: ingress-nginx - k8s-app: ingress-nginx - spec: - serviceAccountName: nginx-ingress-serviceaccount - containers: - - name: nginx-ingress-controller - image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.24.1 - args: - - /nginx-ingress-controller - - --ingress-class=nginx-{{ .Values.namespace }} - - --watch-namespace={{ .Values.namespace }} - - --configmap=$(POD_NAMESPACE)/nginx-configuration - - --publish-service=$(POD_NAMESPACE)/ingress-nginx - - --annotations-prefix=nginx.ingress.kubernetes.io - securityContext: - capabilities: - drop: - - ALL - add: - - NET_BIND_SERVICE - # www-data -> 33 - runAsUser: 33 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - ports: - - name: http - containerPort: 80 - - name: https - containerPort: 443 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - readinessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: 10254 - scheme: HTTP - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - limits: - cpu: 900m - memory: 1024Mi - requests: - cpu: 200m - memory: 256Mi ---- - -kind: Service -apiVersion: v1 -metadata: - name: ingress-nginx - namespace: {{ .Values.namespace }} - labels: - app: ingress-nginx - k8s-app: ingress-nginx - annotations: - # Enable PROXY protocol - service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: '*' - # Increase the ELB idle timeout to avoid issues with WebSockets or Server-Sent Events. - service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '3600' -spec: - type: LoadBalancer - selector: - app: ingress-nginx - ports: - - name: http - port: 80 - targetPort: http - - name: https - port: 443 - targetPort: https - diff --git a/k8s/templates/ingress.yaml b/k8s/templates/ingress.yaml deleted file mode 100644 index 8b524db3..00000000 --- a/k8s/templates/ingress.yaml +++ /dev/null @@ -1,26 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - cert-manager.io/cluster-issuer: letsencrypt-production - name: {{ .Values.name }} - namespace: {{ .Values.namespace }} -spec: - tls: - - hosts: - - {{ .Values.domain_name }} - secretName: {{ .Values.name }}-secret - rules: - - host: {{ .Values.domain_name }} - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: {{ .Values.name }} - port: - number: 8000 diff --git a/k8s/templates/service.yaml b/k8s/templates/service.yaml deleted file mode 100644 index 155603e8..00000000 --- a/k8s/templates/service.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.name }} - namespace: {{ .Values.namespace }} -spec: - ports: - - port: 8000 - targetPort: 8000 - protocol: TCP - selector: - app: {{ .Values.name }} - diff --git a/k8s/values.yaml b/k8s/values.yaml deleted file mode 100644 index c28f6e9d..00000000 --- a/k8s/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ -name: sso-dashboard -namespace: sso-dashboard-dev -rev: latest -assume_role: -registry: \ No newline at end of file diff --git a/k8s/values/dev.yaml b/k8s/values/dev.yaml deleted file mode 100644 index 76d0f7ac..00000000 --- a/k8s/values/dev.yaml +++ /dev/null @@ -1,7 +0,0 @@ -env: dev -environment: Development -domain_name: sso.allizom.org -namespace: sso-dashboard-dev -assume_role: -registry: -replicas: 1 diff --git a/k8s/values/prod.yaml b/k8s/values/prod.yaml deleted file mode 100644 index 0db3b6d6..00000000 --- a/k8s/values/prod.yaml +++ /dev/null @@ -1,7 +0,0 @@ -env: prod -environment: production -domain_name: sso.mozilla.com -namespace: sso-dashboard-prod -assume_role: -registry: -replicas: 3 diff --git a/k8s/values/staging.yaml b/k8s/values/staging.yaml deleted file mode 100644 index 03a8995d..00000000 --- a/k8s/values/staging.yaml +++ /dev/null @@ -1,7 +0,0 @@ -env: staging -environment: Development -domain_name: sso.allizom.org -namespace: sso-dashboard-staging -assume_role: -registry: -replicas: 2 diff --git a/man/man1/nosetests.1 b/man/man1/nosetests.1 deleted file mode 100644 index 57728456..00000000 --- a/man/man1/nosetests.1 +++ /dev/null @@ -1,581 +0,0 @@ -.\" Man page generated from reStructuredText. -. -.TH "NOSETESTS" "1" "April 04, 2015" "1.3" "nose" -.SH NAME -nosetests \- Nicer testing for Python -. -.nr rst2man-indent-level 0 -. -.de1 rstReportMargin -\\$1 \\n[an-margin] -level \\n[rst2man-indent-level] -level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] -- -\\n[rst2man-indent0] -\\n[rst2man-indent1] -\\n[rst2man-indent2] -.. -.de1 INDENT -.\" .rstReportMargin pre: -. RS \\$1 -. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] -. nr rst2man-indent-level +1 -.\" .rstReportMargin post: -.. -.de UNINDENT -. RE -.\" indent \\n[an-margin] -.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] -.nr rst2man-indent-level -1 -.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] -.in \\n[rst2man-indent\\n[rst2man-indent-level]]u -.. -.SH NICER TESTING FOR PYTHON -.SS SYNOPSIS -.INDENT 0.0 -.INDENT 3.5 -nosetests [options] [names] -.UNINDENT -.UNINDENT -.SS DESCRIPTION -.sp -nose collects tests automatically from python source files, -directories and packages found in its working directory (which -defaults to the current working directory). Any python source file, -directory or package that matches the testMatch regular expression -(by default: \fI(?:^|[b_.\-])[Tt]est)\fP will be collected as a test (or -source for collection of tests). In addition, all other packages -found in the working directory will be examined for python source files -or directories that match testMatch. Package discovery descends all -the way down the tree, so package.tests and package.sub.tests and -package.sub.sub2.tests will all be collected. -.sp -Within a test directory or package, any python source file matching -testMatch will be examined for test cases. Within a test module, -functions and classes whose names match testMatch and TestCase -subclasses with any name will be loaded and executed as tests. Tests -may use the assert keyword or raise AssertionErrors to indicate test -failure. TestCase subclasses may do the same or use the various -TestCase methods available. -.sp -\fBIt is important to note that the default behavior of nose is to -not include tests from files which are executable.\fP To include -tests from such files, remove their executable bit or use -the \-\-exe flag (see \(aqOptions\(aq section below). -.SS Selecting Tests -.sp -To specify which tests to run, pass test names on the command line: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -nosetests only_test_this.py -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Test names specified may be file or module names, and may optionally -indicate the test case to run by separating the module or file name -from the test case name with a colon. Filenames may be relative or -absolute. Examples: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -nosetests test.module -nosetests another.test:TestCase.test_method -nosetests a.test:TestCase -nosetests /path/to/test/file.py:test_function -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -You may also change the working directory where nose looks for tests -by using the \-w switch: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -nosetests \-w /path/to/tests -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Note, however, that support for multiple \-w arguments is now deprecated -and will be removed in a future release. As of nose 0.10, you can get -the same behavior by specifying the target directories \fIwithout\fP -the \-w switch: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -nosetests /path/to/tests /another/path/to/tests -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -Further customization of test selection and loading is possible -through the use of plugins. -.sp -Test result output is identical to that of unittest, except for -the additional features (error classes, and plugin\-supplied -features such as output capture and assert introspection) detailed -in the options below. -.SS Configuration -.sp -In addition to passing command\-line options, you may also put -configuration options in your project\(aqs \fIsetup.cfg\fP file, or a .noserc -or nose.cfg file in your home directory. In any of these standard -ini\-style config files, you put your nosetests configuration in a -\fB[nosetests]\fP section. Options are the same as on the command line, -with the \-\- prefix removed. For options that are simple switches, you -must supply a value: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -[nosetests] -verbosity=3 -with\-doctest=1 -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -All configuration files that are found will be loaded and their -options combined. You can override the standard config file loading -with the \fB\-c\fP option. -.SS Using Plugins -.sp -There are numerous nose plugins available via easy_install and -elsewhere. To use a plugin, just install it. The plugin will add -command line options to nosetests. To verify that the plugin is installed, -run: -.INDENT 0.0 -.INDENT 3.5 -.sp -.nf -.ft C -nosetests \-\-plugins -.ft P -.fi -.UNINDENT -.UNINDENT -.sp -You can add \-v or \-vv to that command to show more information -about each plugin. -.sp -If you are running nose.main() or nose.run() from a script, you -can specify a list of plugins to use by passing a list of plugins -with the plugins keyword argument. -.SS 0.9 plugins -.sp -nose 1.0 can use SOME plugins that were written for nose 0.9. The -default plugin manager inserts a compatibility wrapper around 0.9 -plugins that adapts the changed plugin api calls. However, plugins -that access nose internals are likely to fail, especially if they -attempt to access test case or test suite classes. For example, -plugins that try to determine if a test passed to startTest is an -individual test or a suite will fail, partly because suites are no -longer passed to startTest and partly because it\(aqs likely that the -plugin is trying to find out if the test is an instance of a class -that no longer exists. -.SS 0.10 and 0.11 plugins -.sp -All plugins written for nose 0.10 and 0.11 should work with nose 1.0. -.SS Options -.INDENT 0.0 -.TP -.B \-V, \-\-version -Output nose version and exit -.UNINDENT -.INDENT 0.0 -.TP -.B \-p, \-\-plugins -Output list of available plugins and exit. Combine with higher verbosity for greater detail -.UNINDENT -.INDENT 0.0 -.TP -.B \-v=DEFAULT, \-\-verbose=DEFAULT -Be more verbose. [NOSE_VERBOSE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-verbosity=VERBOSITY -Set verbosity; \-\-verbosity=2 is the same as \-v -.UNINDENT -.INDENT 0.0 -.TP -.B \-q=DEFAULT, \-\-quiet=DEFAULT -Be less verbose -.UNINDENT -.INDENT 0.0 -.TP -.B \-c=FILES, \-\-config=FILES -Load configuration from config file(s). May be specified multiple times; in that case, all config files will be loaded and combined -.UNINDENT -.INDENT 0.0 -.TP -.B \-w=WHERE, \-\-where=WHERE -Look for tests in this directory. May be specified multiple times. The first directory passed will be used as the working directory, in place of the current working directory, which is the default. Others will be added to the list of tests to execute. [NOSE_WHERE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-py3where=PY3WHERE -Look for tests in this directory under Python 3.x. Functions the same as \(aqwhere\(aq, but only applies if running under Python 3.x or above. Note that, if present under 3.x, this option completely replaces any directories specified with \(aqwhere\(aq, so the \(aqwhere\(aq option becomes ineffective. [NOSE_PY3WHERE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-m=REGEX, \-\-match=REGEX, \-\-testmatch=REGEX -Files, directories, function names, and class names that match this regular expression are considered tests. Default: (?:^|[b_./\-])[Tt]est [NOSE_TESTMATCH] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-tests=NAMES -Run these tests (comma\-separated list). This argument is useful mainly from configuration files; on the command line, just pass the tests to run as additional arguments with no switch. -.UNINDENT -.INDENT 0.0 -.TP -.B \-l=DEFAULT, \-\-debug=DEFAULT -Activate debug logging for one or more systems. Available debug loggers: nose, nose.importer, nose.inspector, nose.plugins, nose.result and nose.selector. Separate multiple names with a comma. -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-debug\-log=FILE -Log debug messages to this file (default: sys.stderr) -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-logging\-config=FILE, \-\-log\-config=FILE -Load logging config from this file \-\- bypasses all other logging config settings. -.UNINDENT -.INDENT 0.0 -.TP -.B \-I=REGEX, \-\-ignore\-files=REGEX -Completely ignore any file that matches this regular expression. Takes precedence over any other settings or plugins. Specifying this option will replace the default setting. Specify this option multiple times to add more regular expressions [NOSE_IGNORE_FILES] -.UNINDENT -.INDENT 0.0 -.TP -.B \-e=REGEX, \-\-exclude=REGEX -Don\(aqt run tests that match regular expression [NOSE_EXCLUDE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-i=REGEX, \-\-include=REGEX -This regular expression will be applied to files, directories, function names, and class names for a chance to include additional tests that do not match TESTMATCH. Specify this option multiple times to add more regular expressions [NOSE_INCLUDE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-x, \-\-stop -Stop running tests after the first error or failure -.UNINDENT -.INDENT 0.0 -.TP -.B \-P, \-\-no\-path\-adjustment -Don\(aqt make any changes to sys.path when loading tests [NOSE_NOPATH] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-exe -Look for tests in python modules that are executable. Normal behavior is to exclude executable modules, since they may not be import\-safe [NOSE_INCLUDE_EXE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-noexe -DO NOT look for tests in python modules that are executable. (The default on the windows platform is to do so.) -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-traverse\-namespace -Traverse through all path entries of a namespace package -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-first\-package\-wins, \-\-first\-pkg\-wins, \-\-1st\-pkg\-wins -nose\(aqs importer will normally evict a package from sys.modules if it sees a package with the same name in a different location. Set this option to disable that behavior. -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-no\-byte\-compile -Prevent nose from byte\-compiling the source into .pyc files while nose is scanning for and running tests. -.UNINDENT -.INDENT 0.0 -.TP -.B \-a=ATTR, \-\-attr=ATTR -Run only tests that have attributes specified by ATTR [NOSE_ATTR] -.UNINDENT -.INDENT 0.0 -.TP -.B \-A=EXPR, \-\-eval\-attr=EXPR -Run only tests for whose attributes the Python expression EXPR evaluates to True [NOSE_EVAL_ATTR] -.UNINDENT -.INDENT 0.0 -.TP -.B \-s, \-\-nocapture -Don\(aqt capture stdout (any stdout output will be printed immediately) [NOSE_NOCAPTURE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-nologcapture -Disable logging capture plugin. Logging configuration will be left intact. [NOSE_NOLOGCAPTURE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-logging\-format=FORMAT -Specify custom format to print statements. Uses the same format as used by standard logging handlers. [NOSE_LOGFORMAT] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-logging\-datefmt=FORMAT -Specify custom date/time format to print statements. Uses the same format as used by standard logging handlers. [NOSE_LOGDATEFMT] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-logging\-filter=FILTER -Specify which statements to filter in/out. By default, everything is captured. If the output is too verbose, -use this option to filter out needless output. -Example: filter=foo will capture statements issued ONLY to - foo or foo.what.ever.sub but not foobar or other logger. -Specify multiple loggers with comma: filter=foo,bar,baz. -If any logger name is prefixed with a minus, eg filter=\-foo, -it will be excluded rather than included. Default: exclude logging messages from nose itself (\-nose). [NOSE_LOGFILTER] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-logging\-clear\-handlers -Clear all other logging handlers -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-logging\-level=DEFAULT -Set the log level to capture -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-with\-coverage -Enable plugin Coverage: -Activate a coverage report using Ned Batchelder\(aqs coverage module. - [NOSE_WITH_COVERAGE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-cover\-package=PACKAGE -Restrict coverage output to selected packages [NOSE_COVER_PACKAGE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-cover\-erase -Erase previously collected coverage statistics before run -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-cover\-tests -Include test modules in coverage report [NOSE_COVER_TESTS] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-cover\-min\-percentage=DEFAULT -Minimum percentage of coverage for tests to pass [NOSE_COVER_MIN_PERCENTAGE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-cover\-inclusive -Include all python files under working directory in coverage report. Useful for discovering holes in test coverage if not all files are imported by the test suite. [NOSE_COVER_INCLUSIVE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-cover\-html -Produce HTML coverage information -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-cover\-html\-dir=DIR -Produce HTML coverage information in dir -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-cover\-branches -Include branch coverage in coverage report [NOSE_COVER_BRANCHES] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-cover\-xml -Produce XML coverage information -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-cover\-xml\-file=FILE -Produce XML coverage information in file -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-pdb -Drop into debugger on failures or errors -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-pdb\-failures -Drop into debugger on failures -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-pdb\-errors -Drop into debugger on errors -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-no\-deprecated -Disable special handling of DeprecatedTest exceptions. -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-with\-doctest -Enable plugin Doctest: -Activate doctest plugin to find and run doctests in non\-test modules. - [NOSE_WITH_DOCTEST] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-doctest\-tests -Also look for doctests in test modules. Note that classes, methods and functions should have either doctests or non\-doctest tests, not both. [NOSE_DOCTEST_TESTS] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-doctest\-extension=EXT -Also look for doctests in files with this extension [NOSE_DOCTEST_EXTENSION] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-doctest\-result\-variable=VAR -Change the variable name set to the result of the last interpreter command from the default \(aq_\(aq. Can be used to avoid conflicts with the _() function used for text translation. [NOSE_DOCTEST_RESULT_VAR] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-doctest\-fixtures=SUFFIX -Find fixtures for a doctest file in module with this name appended to the base name of the doctest file -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-doctest\-options=OPTIONS -Specify options to pass to doctest. Eg. \(aq+ELLIPSIS,+NORMALIZE_WHITESPACE\(aq -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-with\-isolation -Enable plugin IsolationPlugin: -Activate the isolation plugin to isolate changes to external -modules to a single test module or package. The isolation plugin -resets the contents of sys.modules after each test module or -package runs to its state before the test. PLEASE NOTE that this -plugin should not be used with the coverage plugin, or in any other case -where module reloading may produce undesirable side\-effects. - [NOSE_WITH_ISOLATION] -.UNINDENT -.INDENT 0.0 -.TP -.B \-d, \-\-detailed\-errors, \-\-failure\-detail -Add detail to error output by attempting to evaluate failed asserts [NOSE_DETAILED_ERRORS] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-with\-profile -Enable plugin Profile: -Use this plugin to run tests using the hotshot profiler. - [NOSE_WITH_PROFILE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-profile\-sort=SORT -Set sort order for profiler output -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-profile\-stats\-file=FILE -Profiler stats file; default is a new temp file on each run -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-profile\-restrict=RESTRICT -Restrict profiler output. See help for pstats.Stats for details -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-no\-skip -Disable special handling of SkipTest exceptions. -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-with\-id -Enable plugin TestId: -Activate to add a test id (like #1) to each test name output. Activate -with \-\-failed to rerun failing tests only. - [NOSE_WITH_ID] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-id\-file=FILE -Store test ids found in test runs in this file. Default is the file .noseids in the working directory. -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-failed -Run the tests that failed in the last test run. -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-processes=NUM -Spread test run among this many processes. Set a number equal to the number of processors or cores in your machine for best results. Pass a negative number to have the number of processes automatically set to the number of cores. Passing 0 means to disable parallel testing. Default is 0 unless NOSE_PROCESSES is set. [NOSE_PROCESSES] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-process\-timeout=SECONDS -Set timeout for return of results from each test runner process. Default is 10. [NOSE_PROCESS_TIMEOUT] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-process\-restartworker -If set, will restart each worker process once their tests are done, this helps control memory leaks from killing the system. [NOSE_PROCESS_RESTARTWORKER] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-with\-xunit -Enable plugin Xunit: This plugin provides test results in the standard XUnit XML format. [NOSE_WITH_XUNIT] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-xunit\-file=FILE -Path to xml file to store the xunit report in. Default is nosetests.xml in the working directory [NOSE_XUNIT_FILE] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-xunit\-testsuite\-name=PACKAGE -Name of the testsuite in the xunit xml, generated by plugin. Default test suite name is nosetests. -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-all\-modules -Enable plugin AllModules: Collect tests from all python modules. - [NOSE_ALL_MODULES] -.UNINDENT -.INDENT 0.0 -.TP -.B \-\-collect\-only -Enable collect\-only: -Collect and output test names only, don\(aqt run any tests. - [COLLECT_ONLY] -.UNINDENT -.SH AUTHOR -Nose developers -.SH COPYRIGHT -2009, Jason Pellerin -.\" Generated by docutils manpage writer. -. diff --git a/pip-selfcheck.json b/pip-selfcheck.json deleted file mode 100644 index 7544439b..00000000 --- a/pip-selfcheck.json +++ /dev/null @@ -1 +0,0 @@ -{"last_check":"2017-02-15T17:20:52Z","pypi_version":"9.0.1"} \ No newline at end of file diff --git a/requirements-dev.txt b/requirements-dev.txt deleted file mode 100644 index 7e46b74d..00000000 --- a/requirements-dev.txt +++ /dev/null @@ -1,4 +0,0 @@ -pytest-moto -pytest -pytest-cov -pytest-watch diff --git a/requirements.txt b/requirements.txt index 2b4d7520..e5c8efa7 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,88 +1,76 @@ -alabaster==0.7.10 -apipkg==1.4 -argh==0.26.2 -asn1crypto==0.23.0 -attrs==17.3.0 -aws-xray-sdk==0.95 -Beaker==1.9.0 -boto==2.49.0 -boto3==1.7.79 -botocore==1.10.79 -certifi==2017.11.5 -cffi==1.11.2 -chardet==3.0.4 -click==6.7 -configobj==5.0.6 -cookies==2.2.1 -credstash==1.14.0 -cryptography==2.0 +async-timeout==4.0.2 +Beaker==1.12.1 +boto3==1.26.142 +botocore==1.29.142 +cachetools==5.3.1 +certifi==2023.5.7 +cffi==1.15.1 +cfgv==3.3.1 +chardet==5.1.0 +charset-normalizer==3.1.0 +click==8.1.3 +colorama==0.4.6 +configobj==5.0.8 +cryptography==40.0.2 cssmin==0.2.0 -docker==3.7.2 -docker-pycreds==0.4.0 -docutils==0.14 -ecdsa==0.13.3 -everett==0.9 -execnet==1.5.0 -Faker==0.8.7 -Flask==1.0 -Flask-Assets==0.12 -Flask-pyoidc==1.3.0 -flask-talisman==0.7.0 -future==0.16.0 -gevent==1.4.0 -greenlet==0.4.15 -gunicorn==19.9.0 -idna==2.6 -itsdangerous==0.24 -Jinja2==2.10 -jmespath==0.9.3 -josepy==1.0.1 -jsmin==3.0.0 -jsondiff==1.1.1 -jsonpickle==1.1 -Mako==1.0.7 -MarkupSafe==2.0.1 -mirakuru==1.1.0 -mock==2.0.0 -mockredis==0.1.3.dev0 -moto==1.3.4 -nose==1.3.7 -nose-watch==0.9.2 -oic==0.11.0.1 -pathtools==0.1.2 -pbr==5.1.3 -pluggy==0.6.0 -prometheus-client==0.3.1 -prometheus-flask-exporter==0.2.2 -psutil==5.6.1 -py==1.5.2 -pyaml==19.4.1 -pyasn1==0.4.3 -pycparser==2.18 -pycryptodome==3.8.1 -pycryptodomex==3.4.7 -pyjwkest==1.4.0 -pyOpenSSL==17.3.0 -pytest==3.3.1 -pytest-flask==0.10.0 -pytest-forked==0.2 -pytest-moto==0.2.0 -pytest-xdist==1.20.1 -python-dateutil==2.6.1 -python-jose==2.0.2 -pytz==2019.1 -PyYAML==5.1 -requests==2.18.4 -responses==0.10.6 -rsa==3.4.2 -s3transfer==0.1.12 -six==1.11.0 -text-unidecode==1.1 -urllib3==1.22 -watchdog==0.8.3 -watchtower==0.5.2 -webassets==0.12.1 -websocket-client==0.56.0 -Werkzeug>=0.14 -wrapt==1.11.1 -xmltodict==0.12.0 +defusedxml==0.7.1 +distlib==0.3.6 +ecdsa==0.18.0 +everett==3.2.0 +Faker==18.9.0 +filelock==3.12.1 +Flask==2.2.5 +Flask-Assets==2.0 +Flask-KVSession==0.6.2 +Flask-pyoidc==3.13.0 +flask-talisman==1.0.0 +future==0.18.3 +gevent==22.10.2 +greenlet==2.0.2 +gunicorn==20.1.0 +identify==2.5.24 +idna==3.4 +importlib-metadata==6.6.0 +importlib-resources==5.12.0 +itsdangerous==2.1.2 +Jinja2==3.1.2 +jmespath==1.0.1 +josepy==1.13.0 +jsmin==3.0.1 +Mako==1.2.4 +MarkupSafe==2.1.2 +moto==4.1.10 +nodeenv==1.8.0 +oic==1.4.0 +packaging==23.1 +platformdirs==3.5.3 +pluggy==1.0.0 +pre-commit==2.21.0 +pyasn1==0.5.0 +pycparser==2.21 +pycryptodomex==3.18.0 +pyjwkest==1.4.2 +pyOpenSSL==23.1.1 +pyproject_api==1.5.1 +python-dateutil==2.8.2 +python-jose==3.3.0 +PyYAML==6.0 +redis==4.5.5 +requests==2.31.0 +responses==0.23.1 +rsa==4.9 +s3transfer==0.6.1 +simplekv==0.14.1 +six==1.16.0 +tomli==2.0.1 +tox==4.6.0 +types-PyYAML==6.0.12.10 +typing_extensions==4.6.3 +urllib3==1.26.16 +virtualenv==20.23.0 +webassets==2.0 +Werkzeug==2.2.3 +xmltodict==0.13.0 +zipp==3.15.0 +zope.event==4.6 +zope.interface==6.0 diff --git a/scripts/build-environment.sh b/scripts/build-environment.sh deleted file mode 100644 index 87c066e1..00000000 --- a/scripts/build-environment.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -#Clean up old images -docker images -q |xargs docker rmi - -cd /home/ec2-user/app - -ACCOUNT_ID=`aws sts get-caller-identity | grep Account | cut -d '"' -f4` - -sed -i s/656532927350/${ACCOUNT_ID}/g docker-compose.yml - -aws ecr get-login --region us-west-2 --no-include-email | bash - -/usr/local/bin/docker-compose pull diff --git a/scripts/post-deploy.sh b/scripts/post-deploy.sh deleted file mode 100644 index 8c91057c..00000000 --- a/scripts/post-deploy.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -cd /home/ec2-user/app -/usr/local/bin/docker-compose up -d \ No newline at end of file diff --git a/scripts/prep-deploy.sh b/scripts/prep-deploy.sh deleted file mode 100644 index bebb2410..00000000 --- a/scripts/prep-deploy.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -cd /home/ec2-user/app - -# Clear the old containers -/usr/local/bin/docker-compose stop -/usr/local/bin/docker-compose rm -f - -rm -rf /home/ec2-user/app - -mkdir -p /home/ec2-user/app - -#Grab an ECR Login -aws ecr get-login --region us-west-2 --no-include-email | bash diff --git a/scripts/validate-deploy.sh b/scripts/validate-deploy.sh deleted file mode 100644 index 7f4bcafd..00000000 --- a/scripts/validate-deploy.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -sleep 60 - -result=$(curl -s http://localhost:8000/) - -if [[ "$result" =~ "Mozilla SSO Dashboard" ]]; then - echo "The system is up." - exit 0 -else - echo "The system is not up" - exit 1 -fi diff --git a/setup.py b/setup.py index 6e2438da..c012f250 100644 --- a/setup.py +++ b/setup.py @@ -8,9 +8,9 @@ requirements = [] -setup_requirements = ['pytest-runner', 'credstash', 'everett', 'josepy', 'flask_pyoidc'] +setup_requirements = ["pytest-runner", "credstash", "everett", "josepy", "flask_pyoidc"] -test_requirements = ['pytest', 'pytest-watch', 'pytest-cov', 'moto', 'pytest-moto', 'faker'] +test_requirements = ["pytest", "pytest-watch", "pytest-cov", "moto", "pytest-moto", "faker"] setup( name="dashboard", @@ -28,9 +28,9 @@ install_requires=requirements, license="Mozilla Public License 2.0", include_package_data=True, - packages=find_packages(include=['sso_dashboard']), + packages=find_packages(), setup_requires=setup_requirements, - test_suite='tests', + test_suite="tests", tests_require=test_requirements, - zip_safe=False + zip_safe=False, ) diff --git a/tests/test_alerts.py b/tests/test_alerts.py deleted file mode 100644 index 379b4b18..00000000 --- a/tests/test_alerts.py +++ /dev/null @@ -1,167 +0,0 @@ -from boto3 import Session -from moto import mock_dynamodb2 - -from dashboard.models import alert - - -class TestAlerts(object): - def test_delegate_object_init(self): - a = alert.Alert() - assert a.alert_table_name == 'sso-dashboard-alert' - assert a is not None - - def test_create_alert_id(self): - a = alert.Alert() - id = a._create_alert_id() - assert id is id - - @mock_dynamodb2 - def test_create_alert(self): - session = Session() - # Get the service resource - dynamodb = session.resource('dynamodb') - dynamodb.create_table( - TableName='sso-dashboard-alert1', - KeySchema=[ - { - 'AttributeName': 'alert_id', - 'KeyType': 'HASH' - } - ], - AttributeDefinitions=[ - { - 'AttributeName': 'alert_id', - 'AttributeType': 'S' - } - ], - ProvisionedThroughput={ - 'ReadCapacityUnits': 5, - 'WriteCapacityUnits': 5 - } - ) - self.table = dynamodb.Table('sso-dashboard-alert1') - self.table.meta.client.get_waiter('table_exists').wait(TableName='sso-dashboard-alert1') - - a = alert.Alert() - a.dynamodb = self.table - - alert_dict = { - 'user_id': 'bob|ad|123456', - 'message': 'foo', - 'severity': 'HIGH' - } - # - res = a.create(alert_dict=alert_dict) - sample_alert_id = res['Attributes']['alert_id'] - - assert res['ResponseMetadata']['HTTPStatusCode'] == 200 - - res = a.find('bob|ad|123456') - assert len(res) == 4 - - updated_alert_dict = { - 'user_id': 'bob|ad|123456', - 'message': 'foo', - 'severity': 'MEDIUM' - } - - res = a.update(alert_id=sample_alert_id, alert_dict=updated_alert_dict) - assert res['ResponseMetadata']['HTTPStatusCode'] == 200 - - res = a.destroy(alert_id=sample_alert_id, user_id='bob|ad|123456') - assert res['ResponseMetadata']['HTTPStatusCode'] == 200 - - @mock_dynamodb2 - def test_alert_purge(self): - session = Session() - # Get the service resource - dynamodb = session.resource('dynamodb') - dynamodb.create_table( - TableName='sso-dashboard-alert1', - KeySchema=[ - { - 'AttributeName': 'alert_id', - 'KeyType': 'HASH' - } - ], - AttributeDefinitions=[ - { - 'AttributeName': 'alert_id', - 'AttributeType': 'S' - } - ], - ProvisionedThroughput={ - 'ReadCapacityUnits': 5, - 'WriteCapacityUnits': 5 - } - ) - - client = session.client('dynamodb') - response = client.update_table( - TableName='sso-dashboard-alert1', - GlobalSecondaryIndexUpdates=[ - { - 'Create': { - 'IndexName': 'user_id-index', - 'KeySchema': [ - { - 'AttributeName': 'user_id', - 'KeyType': 'HASH' - } - ], - 'Projection': { - 'ProjectionType': 'ALL' - }, - 'ProvisionedThroughput': { - 'ReadCapacityUnits': 5, - 'WriteCapacityUnits': 5 - } - } - } - ], - ) - - assert response is not None - - self.table = dynamodb.Table('sso-dashboard-alert1') - self.table.meta.client.get_waiter('table_exists').wait(TableName='sso-dashboard-alert1') - - a = alert.Alert() - a.dynamodb = self.table - - alert_dict = { - "alert_code": "416c65727447656f6d6f64656c", - "alert_id": "1c7c506eb221f6206becb8ef0d96f6", - "alert_str_json": "foo", - "date": "2018-08-05", - "description": "This alert is created based on geo ip information about the last login of a user.", - "duplicate": True, - "risk": "high", - "summary": "Did you recently login from Lewisham, United Kingdom (x.x.x.x)?", - "url": "https://mana.mozilla.org/wiki/display/SECURITY/Alert%3A+Change+in+Country", - "url_title": "Get Help", - "user_id": "ad|Mozilla-LDAP|akrug" - } - - res = a.create(alert_dict=alert_dict) - assert res is not None - assert res['ResponseMetadata']['HTTPStatusCode'] == 200 - - res = a.find('ad|Mozilla-LDAP|akrug') - - for this_alert in res.get('visible_alerts'): - if alert_dict.get('alert_id') == this_alert.get('alert_id'): - assert 0 - else: - pass - - -class TestRules(object): - def test_object_init(self): - a = alert.Rules(userinfo=None, request=None) - - assert a is not None - - -class TestFeedback(object): - pass diff --git a/tests/test_error.py b/tests/test_error.py index 85c8e59a..a6a273ea 100644 --- a/tests/test_error.py +++ b/tests/test_error.py @@ -5,28 +5,15 @@ class ErrorTest(object): - public_key_file = os.path.join( - os.path.abspath( - os.path.dirname(__file__) - ), - 'data/public-signing-key.pem' - ) + public_key_file = os.path.join(os.path.abspath(os.path.dirname(__file__)), "data/public-signing-key.pem") public_key = open(public_key_file).read() - sample_jwt_file = os.path.join( - os.path.abspath( - os.path.dirname(__file__) - ), - 'data/mfa-required-jwt' - ) + sample_jwt_file = os.path.join(os.path.abspath(os.path.dirname(__file__)), "data/mfa-required-jwt") sample_json_web_token = open(sample_jwt_file).read() - tv = oidc_auth.tokenVerification( - public_key=public_key.encode(), - jws=sample_json_web_token.encode() - ) + tv = oidc_auth.tokenVerification(public_key=public_key.encode(), jws=sample_json_web_token.encode()) assert tv is not None verification_result = tv.verify diff --git a/tests/test_tile.py b/tests/test_tile.py index 26b30c2a..466c9eec 100644 --- a/tests/test_tile.py +++ b/tests/test_tile.py @@ -1,6 +1,3 @@ - - class TestTile(object): - def test_dynamo_object_init(self): pass diff --git a/tests/test_user.py b/tests/test_user.py index def47a2e..cbe101f5 100644 --- a/tests/test_user.py +++ b/tests/test_user.py @@ -6,22 +6,13 @@ class TestUser(object): def setup(self): - self.fixture_file = os.path.join( - os.path.abspath( - os.path.dirname(__file__) - ), - 'data/userinfo.json' - ) + self.fixture_file = os.path.join(os.path.abspath(os.path.dirname(__file__)), "data/userinfo.json") self.session_fixture = json.loads(open(self.fixture_file).read()) - self.good_apps_list = { - 'apps': [ - ] - - } + self.good_apps_list = {"apps": []} self.u = user.User(session=self.session_fixture, app_config=None) - self.u.api_token = 'foo' + self.u.api_token = "foo" def test_object_init(self): assert self.u is not None @@ -38,8 +29,8 @@ def test_user_name(self): f_name = self.u.first_name l_name = self.u.last_name - assert f_name == '' - assert l_name == '' + assert f_name == "" + assert l_name == "" def test_user_identifiers(self): assert len(self.u.user_identifiers()) == 2 diff --git a/tox.ini b/tox.ini new file mode 100644 index 00000000..24b998e8 --- /dev/null +++ b/tox.ini @@ -0,0 +1,42 @@ +[tox] +env_list = + eslint, lint, py37 +minversion = 4.6.0 + +[testenv] +description = run the tests with pytest +package = wheel +wheel_build_env = .pkg +deps = + pytest>=6 + -rrequirements.txt +commands = + pytest {tty:--color=yes} {posargs} + +[testenv:lint] +description = run linters +skip_install = true +deps = + black==22.12 +commands = black --check {posargs:.} + +[testenv:eslint] +description = run eslint +skip_install = true +deps = + nodeenv +commands = + nodeenv --prebuilt -p --node 14.21.3 + npm install eslint + npx eslint 'dashboard/static/js/*.js' +allowlist_externals = eslint + +[testenv:stylelint] +description = run stylelint +skip_install = true +deps = + nodeenv +commands = + nodeenv --prebuilt -p --node 14.21.3 + npm install stylelint stylelint-config-standard-scss + npx stylelint 'dashboard/static/css/*.scss'