You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by sm...@apache.org on 2021/10/31 21:17:00 UTC

[knox] branch master updated: KNOX-2685 - Show/hide (enable/disable) Knox token management links on Home Page if required alias is created (#512)

This is an automated email from the ASF dual-hosted git repository.

smolnar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git


The following commit(s) were added to refs/heads/master by this push:
     new 86c1a96  KNOX-2685 - Show/hide (enable/disable) Knox token management links on Home Page if required alias is created (#512)
86c1a96 is described below

commit 86c1a96259604d33104a96259d4ce3e921bdc9bb
Author: Sandor Molnar <sm...@apache.org>
AuthorDate: Sun Oct 31 22:16:54 2021 +0100

    KNOX-2685 - Show/hide (enable/disable) Knox token management links on Home Page if required alias is created (#512)
---
 .../service/metadata/GeneralProxyInformation.java    | 12 ++++++++++++
 .../service/metadata/KnoxMetadataResource.java       | 20 ++++++++++++++++++++
 .../service/metadata/MetadataServiceMessages.java    |  6 ++++++
 .../general.proxy.information.component.html         |  2 +-
 .../general.proxy.information.component.ts           |  7 +++++++
 .../general.proxy.information.ts                     |  2 +-
 6 files changed, 47 insertions(+), 2 deletions(-)

diff --git a/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/GeneralProxyInformation.java b/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/GeneralProxyInformation.java
index 8443bc8..d5c72ba 100644
--- a/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/GeneralProxyInformation.java
+++ b/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/GeneralProxyInformation.java
@@ -39,6 +39,10 @@ public class GeneralProxyInformation {
   @ApiModelProperty(value = "The URL referencing the Admin API book in Knox's user guide")
   private String adminApiBookUrl;
 
+  @XmlElement
+  @ApiModelProperty(value = "A boolean flag indicating if Knox token management should be enabled on the Knox Home page")
+  private String enableTokenManagement = "false";
+
   public String getVersion() {
     return version;
   }
@@ -63,4 +67,12 @@ public class GeneralProxyInformation {
     this.adminApiBookUrl = adminApiBookUrl;
   }
 
+  public String getEnableTokenManagement() {
+    return enableTokenManagement;
+  }
+
+  public void setEnableTokenManagement(String enableTokenManagement) {
+    this.enableTokenManagement = enableTokenManagement;
+  }
+
 }
diff --git a/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/KnoxMetadataResource.java b/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/KnoxMetadataResource.java
index 564b06e..f4ad672 100644
--- a/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/KnoxMetadataResource.java
+++ b/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/KnoxMetadataResource.java
@@ -32,6 +32,7 @@ import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashSet;
+import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 import java.util.Optional;
@@ -60,8 +61,11 @@ import org.apache.knox.gateway.services.GatewayServices;
 import org.apache.knox.gateway.services.ServerInfoService;
 import org.apache.knox.gateway.services.ServiceType;
 import org.apache.knox.gateway.services.registry.ServiceDefinitionRegistry;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.knox.gateway.services.security.AliasServiceException;
 import org.apache.knox.gateway.services.security.KeystoreService;
 import org.apache.knox.gateway.services.security.KeystoreServiceException;
+import org.apache.knox.gateway.services.security.token.impl.TokenMAC;
 import org.apache.knox.gateway.services.topology.TopologyService;
 import org.apache.knox.gateway.topology.Service;
 import org.apache.knox.gateway.topology.Topology;
@@ -101,11 +105,27 @@ public class KnoxMetadataResource {
           String.format(Locale.ROOT, "https://knox.apache.org/books/knox-%s/user-guide.html#Admin+API", getAdminApiBookVersion(serviceInfoService.getBuildVersion())));
       final GatewayConfig config = (GatewayConfig) request.getServletContext().getAttribute(GatewayConfig.GATEWAY_CONFIG_ATTRIBUTE);
       proxyInfo.setAdminUiUrl(getBaseGatewayUrl(config) + "/manager/admin-ui/");
+
+      setTokenManagementEnabledFlag(proxyInfo, gatewayServices);
     }
 
     return proxyInfo;
   }
 
+  private void setTokenManagementEnabledFlag(final GeneralProxyInformation proxyInfo, final GatewayServices gatewayServices) {
+    try {
+      final AliasService aliasService = gatewayServices.getService(ServiceType.ALIAS_SERVICE);
+      final List<String> aliases = aliasService.getAliasesForCluster(AliasService.NO_CLUSTER_NAME);
+      final boolean tokenManagementEnabled = aliases.contains(TokenMAC.KNOX_TOKEN_HASH_KEY_ALIAS_NAME);
+      proxyInfo.setEnableTokenManagement(Boolean.toString(tokenManagementEnabled));
+      if (!tokenManagementEnabled) {
+        LOG.tokenManagementDisabled();
+      }
+    } catch (AliasServiceException e) {
+      LOG.failedToFetchGatewayAliasList(e.getMessage(), e);
+    }
+  }
+
   private String getAdminApiBookVersion(String buildVersion) {
     return buildVersion.replaceAll(SNAPSHOT_VERSION_POSTFIX, "").replaceAll("\\.", "-");
   }
diff --git a/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/MetadataServiceMessages.java b/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/MetadataServiceMessages.java
index 3d5e702..b63ea6e 100644
--- a/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/MetadataServiceMessages.java
+++ b/gateway-service-metadata/src/main/java/org/apache/knox/gateway/service/metadata/MetadataServiceMessages.java
@@ -31,4 +31,10 @@ public interface MetadataServiceMessages {
   @Message(level = MessageLevel.ERROR, text = "Failed to generate public certificate {0}: {1}")
   void failedToGeneratePublicCert(String certificateType, String errorMessage, @StackTrace(level = MessageLevel.DEBUG) Exception e);
 
+  @Message(level = MessageLevel.ERROR, text = "Failed to fetch Gateway alias list: {0}")
+  void failedToFetchGatewayAliasList(String errorMessage, @StackTrace(level = MessageLevel.DEBUG) Exception e);
+
+  @Message(level = MessageLevel.WARN, text = "Knox token management is disabled. Please configure knox.token.hash.key Gateway alias for this feature to work")
+  void tokenManagementDisabled();
+
 }
diff --git a/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.component.html b/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.component.html
index 09812af..987b9df 100644
--- a/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.component.html
+++ b/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.component.html
@@ -58,7 +58,7 @@
                     <a href="{{ getMetadataAPIUrl('topologies') }}" target="_blank">Topologies</a>
                 </td>
             </tr>
-            <tr *ngIf="this['showTokens']">
+            <tr *ngIf="this.isTokenManagementEnabled() && this['showTokens']">
                 <td>
                     Integration Tokens
                 </td>
diff --git a/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.component.ts b/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.component.ts
index 6a59cfd..d33ce2b 100644
--- a/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.component.ts
+++ b/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.component.ts
@@ -78,6 +78,13 @@ export class GeneralProxyInformationComponent implements OnInit {
         return this.getAdminUiUrl().replace(new RegExp('manager/admin-ui/*'), 'homepage/token-management/index.html');
     }
 
+    isTokenManagementEnabled() {
+        if (this.generalProxyInformation) {
+	        return this.generalProxyInformation.enableTokenManagement === 'true';
+	    }
+        return false;
+    }
+
     ngOnInit(): void {
         console.debug('GeneralProxyInformationComponent --> ngOnInit() --> ');
         this.homepageService.getGeneralProxyInformation()
diff --git a/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.ts b/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.ts
index 109ee68..f13617c 100644
--- a/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.ts
+++ b/knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.ts
@@ -19,5 +19,5 @@ export class GeneralProxyInformation {
     version: string;
     adminUiUrl: string;
     adminApiBookUrl: string;
-    tokenGenerationUrl: string;
+    enableTokenManagement: string;
 }