Handle rabbitmq session timeout

deps/rabbitmq_management/priv/www/index.html

@@ -27,16 +27,23 @@
 
       if (oauth.enable) {
         oauth_is_logged_in().then( status => {
-          if (!status.loggedIn) {
-            replace_content('outer', format('login_oauth', {}));
-          }  else {
-            oauth.logged_in = true
-            oauth.access_token = status.user.access_token
-            oauth.expiryDate = new Date(status.user.expires_at * 1000)  // it is epoch in seconds
-            console.log("token expires at : " + oauth.expiryDate);
-            oauth.user_name = status.user.profile["user_name"]
-            if (!oauth.user_name || oauth.user_name == "") oauth.user_name = status.user.profile["sub"]
-            oauth.scopes = status.user.scope
+          if (status.loggedIn && !has_auth_cookie_value()) {
+            console.log("Session has expired");
+            oauth.logged_in = false;
+            oauth_initiateLogout();
+            location.reload();
+          }else {
+            if (!status.loggedIn) {
+              replace_content('outer', format('login_oauth', {}));
+            }  else {
+              oauth.logged_in = true
+              oauth.access_token = status.user.access_token
+              oauth.expiryDate = new Date(status.user.expires_at * 1000)  // it is epoch in seconds
+              console.log("token expires at : " + oauth.expiryDate);
+              oauth.user_name = status.user.profile["user_name"]
+              if (!oauth.user_name || oauth.user_name == "") oauth.user_name = status.user.profile["sub"]
+              oauth.scopes = status.user.scope
+            }
           }
         });
       }else {

deps/rabbitmq_management/priv/www/js/dispatcher.js

@@ -14,7 +14,16 @@ dispatcher_add(function(sammy) {
             }
             render(reqs, 'overview', '#/');
         });
-
+    sammy.get('#/', function() {
+        var reqs = {'overview': {path:    '/overview',
+                                 options: {ranges: ['lengths-over',
+                                                    'msg-rates-over']}},
+                    'vhosts': '/vhosts'};
+        if (user_monitor) {
+            reqs['nodes'] = '/nodes';
+        }
+        render(reqs, 'overview', '#/');
+    });
     path('#/cluster-name', {'cluster_name': '/cluster-name'}, 'cluster-name');
     sammy.put('#/cluster-name', function() {
             if (sync_put(this, '/cluster-name')) {
@@ -291,12 +300,6 @@ dispatcher_add(function(sammy) {
         clear_cookie_value('auth');
         clear_cookie_value('m');
         if (oauth.logged_in) {
-            var redirect;
-            if (window.location.hash != "") {
-                redirect = window.location.href.split(window.location.hash)[0];
-            } else {
-                redirect = window.location.href
-            };
             oauth.logged_in = false;
             oauth_initiateLogout();
         }

deps/rabbitmq_management/priv/www/js/main.js

@@ -1,17 +1,29 @@
 
 $(document).ready(function() {
-    if (oauth.enable && !oauth.logged_in) {
-        get(oauth.readiness_url, "application/json", function(req) {
-            if (req.status !== 200) {
-                replace_content('outer', format('login_oauth', {}));
-                replace_content('login-status', '<p class="warning">' + oauth.url + " does not appear to be a running OAuth2.0 instance or may not have a trusted SSL certificate"  + '</p> <button id="loginWindow" onclick="oauth_initiateLogin()">Single Sign On</button>');
-            } else {
-                replace_content('outer', format('login_oauth', {}));
-            }
-        });
-    } else {
-        replace_content('outer', format('login', {}));
-        start_app_login();
+   var url_string = window.location.href;
+   var url = new URL(url_string);
+   var error = url.searchParams.get("error");
+   if (error) {
+     replace_content('outer', format('login_oauth', {}));
+     replace_content('login-status', '<p class="warning">' + error  + '</p> <button id="loginWindow" onclick="oauth_initiateLogin()">Single Sign On</button>');
+   }else {
+      if (oauth.enable) {
+        if (!oauth.logged_in ) {
+          get(oauth.readiness_url, "application/json", function(req) {
+              if (req.status !== 200) {
+                  replace_content('outer', format('login_oauth', {}));
+                  replace_content('login-status', '<p class="warning">' + oauth.authority + " does not appear to be a running OAuth2.0 instance or may not have a trusted SSL certificate"  + '</p> <button id="loginWindow" onclick="oauth_initiateLogin()">Single Sign On</button>');
+              } else {
+                  replace_content('outer', format('login_oauth', {}));
+              }
+          });
+        }else {
+          start_app_login();
+        }
+      } else {
+          replace_content('outer', format('login', {}));
+          start_app_login();
+      }
     }
 });
 
@@ -30,26 +42,20 @@ function dispatcher() {
 }
 
 function set_auth_pref(userinfo) {
-  set_auth_pref_with_expiry(userinfo, null)
-}
-function set_auth_pref_with_expiry(userinfo, expiryDate) {
     // clear a local storage value used by earlier versions
     clear_local_pref('auth');
 
     var b64 = b64_encode_utf8(userinfo);
+    var date  = new Date();
+    var login_session_timeout = get_login_session_timeout();
 
-    if (!expiryDate) {
-      expiryDate = new Date();
-      var login_session_timeout = get_login_session_timeout();
-
-      if (login_session_timeout) {
-          expiryDate.setMinutes(date.getMinutes() + login_session_timeout);
-      } else {
-          // 8 hours from now
-          expiryDate.setHours(date.getHours() + 8);
-      }
+    if (login_session_timeout) {
+        date.setMinutes(date.getMinutes() + login_session_timeout);
+    } else {
+        // 8 hours from now
+        date.setHours(date.getHours() + 8);
     }
-    store_cookie_value_with_expiration('auth', encodeURIComponent(b64), expiryDate);
+    store_cookie_value_with_expiration('auth', encodeURIComponent(b64), date);
 }
 
 function getParameterByName(name) {
@@ -62,6 +68,7 @@ function getAccessToken() {
 }
 
 function start_app_login() {
+    console.log("start_app_login begin");
     app = new Sammy.Application(function () {
         this.get('#/', function() {});
         this.put('#/login', function() {
@@ -72,9 +79,9 @@ function start_app_login() {
         });
     });
     if (oauth.enable) {
-        var token = oauth.access_token; //getAccessToken();
+        var token = oauth.access_token;
         if (token != null) {
-            set_auth_pref_with_expiry(oauth.user_name + ':' + oauth.access_token, oauth.expiryDate);
+            set_auth_pref(oauth.user_name + ':' + oauth.access_token);
             check_login();
         } else if(has_auth_cookie_value()) {
             check_login();
@@ -85,6 +92,7 @@ function start_app_login() {
             check_login();
         }
     }
+    console.log("start_app_login end");
 }
 
 
@@ -113,8 +121,7 @@ function check_login() {
         // Update auth login_session_timeout if changed
         if (has_auth_cookie_value() && !isNaN(user_login_session_timeout) &&
             user_login_session_timeout !== get_login_session_timeout()) {
-            if (oauth.enable && oauth.expiryDate) update_login_session_with_expiry(oauth.expiryDate);
-            else update_login_session_with_timeout(user_login_session_timeout);
+            update_login_session_timeout(user_login_session_timeout);
         }
         setup_global_vars();
         setup_constant_events();
@@ -123,12 +130,20 @@ function check_login() {
         setup_extensions();
     }
 }
+function print_logging_session_info(user_login_session_timeout) {
+  let var_has_auth_cookie_value = has_auth_cookie_value()
+  let login_session_timeout = get_login_session_timeout()
+  console.log("user_login_session_timeout: " + user_login_session_timeout)
+  console.log("has_auth_cookie_value: " + var_has_auth_cookie_value)
+  console.log("login_session_timeout: " + login_session_timeout)
+  console.log("isNaN(user_login_session_timeout): " + isNaN(user_login_session_timeout))
+}
 
 function get_login_session_timeout() {
     parseInt(get_cookie_value('login_session_timeout'));
 }
 
-function update_login_session_with_timeout(login_session_timeout) {
+function update_login_session_timeout(login_session_timeout) {
     var auth_info = get_cookie_value('auth');
     var date = new Date();
     date.setMinutes(date.getMinutes() + login_session_timeout);
@@ -164,8 +179,7 @@ function start_app() {
     // just leave the history here.
     //Sammy.HashLocationProxy._interval = null;
 
-    app = new Sammy.Application(dispatcher);
-    app.run();
+
 
     var url = this.location.toString();
     var hash = this.location.hash;
@@ -179,6 +193,9 @@ function start_app() {
         // so we can redirect to `/#/`
         this.location = url.replace(/#token_type.+/gi, "#/");
     }
+
+    app = new Sammy.Application(dispatcher);
+    app.run();
 }
 
 function setup_constant_events() {

deps/rabbitmq_management/priv/www/js/oidc-oauth/helper.js

@@ -53,8 +53,8 @@ function auth_settings_apply_defaults(authSettings) {
 function oauth_initialize(authSettings) {
     oauth = {
       "logged_in": false,
-      "enable" : authSettings.oauth_enable
-
+      "enable" : authSettings.oauth_enable,
+      "authority" : authSettings.oauth_provider_url
     }
 
     if (!oauth.enable) return oauth;
@@ -159,16 +159,21 @@ function oauth_initiateLogin() {
         log(err);
     });
 }
-function oauth_redirectToHome() {
+function oauth_redirectToHome(oauth) {
+  set_auth_pref(oauth.user_name + ':' + oauth.access_token);
   location.href = "/"
 }
-function oauth_redirectToLogin() {
-  location.href = "/"
+function oauth_redirectToLogin(error) {
+  if (!error) location.href = "/"
+  else {
+    location.href = "/?error=" + error
+  }
 }
 function oauth_completeLogin() {
-    mgr.signinRedirectCallback().then(user => oauth_redirectToHome()).catch(function(err) {
+    mgr.signinRedirectCallback().then(user => oauth_redirectToHome(user)).catch(function(err) {
         console.error(err);
         log(err);
+        oauth_redirectToLogin(err)
     });
 }
 

deps/rabbitmq_management/priv/www/js/oidc-oauth/login-callback.html

@@ -4,9 +4,31 @@
 
 </head>
 <body>
+  <script src="../jquery-3.5.1.min.js"></script>
+  <script src="../base64.js" type="text/javascript"></script>
+  <script src="../prefs.js" ></script>
   <script src="./oidc-client-ts.js" ></script>
   <script src="./helper.js"></script>
     <script type="text/javascript">
+      function set_auth_pref(userinfo) {
+          // clear a local storage value used by earlier versions
+          clear_local_pref('auth');
+
+          var b64 = b64_encode_utf8(userinfo);
+          var date  = new Date();
+          date.setHours(date.getHours() + 8);
+
+          store_cookie_value_with_expiration('auth', encodeURIComponent(b64), date);
+      }
+      function b64_encode_utf8(str) {
+          return base64.encode(encode_utf8(str));
+      }
+      // encodeURIComponent handles utf-8, unescape does not. Neat!
+      function encode_utf8(str) {
+        return unescape(encodeURIComponent(str));
+      }
+
+
       if (oauth_initialize_if_required()) oauth_completeLogin()
     </script>
 </body>

deps/rabbitmq_management/priv/www/js/prefs.js

@@ -133,7 +133,8 @@ function store_cookie_with_expiration(dict, expiration_date) {
     for (var k in dict) {
         enc.push(k + ':' + escape(dict[k]));
     }
-    document.cookie = 'm=' + enc.join('|') + '; expires=' + expiration_date.toUTCString();
+    document.cookie = 'm=' + enc.join('|') + '; expires=' + expiration_date.toUTCString() + "; path=/";
+    console.log("Cookie m expires at " + expiration_date);
 }
 
 function get_cookie(key) {