b13ff51dda
Under the hood, this uses AuthProvider as supplied by oidc-react. Most of the theory is explained in the comment in ZuulAuthProvider.jsx The benefit of doing this is that we allow the AuthProvider and userManager to handle the callback logic, so we don't need to handle the callback logic ourselves. A callback page is still required though in order to deal with the parameters passed in a successful redirection from the Identity Provider. The challenge in using these classes as-is is that our authority endpoints (eg, the IDP itself) may change from one tenant to the next; these classes aren't set up for that. So we need to be careful about how and when we change those authority URLs. In terms of functionalities: if the default realm's authentication driver is set to "OpenIDConnect", display a "Sign in" button. If the the user is logged in, redirect to the last page visited prior to logging in; fetch user authorizations and add them to the redux store; display the user's preferred username in the upper right corner. Clicking on the user icon in the right corner displays a modal with user information such as the user's zuul-client configuration, and a sign out button. Clicking on the sign out button removes user information from the store (note that it does not log the user out from the Identity Provider). Add some basic documentation explaining how to configure Zuul with Google's authentication, and with a Keycloak server. (This squashes https://review.opendev.org/c/zuul/zuul/+/816208 into https://review.opendev.org/c/zuul/zuul/+/734082 ) Co-authored-by: James E. Blair <jim@acmegating.com> Change-Id: I31e71f2795f3f7c4253d0d5b8ed309bfd7d4f98e
44 lines
1.5 KiB
JavaScript
44 lines
1.5 KiB
JavaScript
// Copyright 2020 BMW Group
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
// not use this file except in compliance with the License. You may obtain
|
|
// a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
// License for the specific language governing permissions and limitations
|
|
// under the License.
|
|
|
|
import { applyMiddleware, compose, createStore } from 'redux'
|
|
import appReducer from './reducers'
|
|
import reduxImmutableStateInvariant from 'redux-immutable-state-invariant'
|
|
import thunk from 'redux-thunk'
|
|
|
|
export default function configureStore(initialState) {
|
|
// Add support for Redux devtools
|
|
const composeEnhancers =
|
|
window.__REDUX_DEVTOOLS_EXTENSION_COMPOSE__ || compose
|
|
return createStore(
|
|
appReducer,
|
|
initialState,
|
|
// Warn us if we accidentially mutate state directly in the Redux store
|
|
// (only during development).
|
|
composeEnhancers(
|
|
applyMiddleware(
|
|
thunk,
|
|
// TODO (felix): Re-enable the status.status path once we know how to
|
|
// solve the weird state mutations that are done somewhere deep within
|
|
// the logic of the status page (or its child components).
|
|
reduxImmutableStateInvariant({
|
|
ignore: [
|
|
'status.status',
|
|
]
|
|
})
|
|
)
|
|
)
|
|
)
|
|
}
|