update auth bits from enterprise

insmac · insmac · commit 123b6cb58cb1 · 2024-03-28T17:19:16.000+01:00
diff --git a/packages/web-console/src/modules/OAuth2/views/login.tsx b/packages/web-console/src/modules/OAuth2/views/login.tsx
@@ -238,7 +238,7 @@ export const Login = ({
     }, 5000)
   }, [errorMessage])
 
-  return (
+  return settings["acl.basic.auth.realm.enabled"] ? null : (
     <div>
       <Header>
         <a href={"https://questdb.io"}>
@@ -259,19 +259,19 @@ export const Login = ({
           */}
         <Title>Please Sign In</Title>
         {settings["acl.oidc.enabled"] && (
-            <SSOCard>
-              <StyledButton
-                skin="secondary"
-                prefixIcon={<User size="18px" />}
-                onClick={() => onOAuthLogin()}
-              >
-                Continue with SSO
-              </StyledButton>
-              <Line>
-                <LineText color="gray2">or</LineText>
-              </Line>
-            </SSOCard>
-          )}
+          <SSOCard>
+            <StyledButton
+              skin="secondary"
+              prefixIcon={<User size="18px" />}
+              onClick={() => onOAuthLogin()}
+            >
+              Continue with SSO
+            </StyledButton>
+            <Line>
+              <LineText color="gray2">or</LineText>
+            </Line>
+          </SSOCard>
+        )}
         <Card hasError={errorMessage}>
           <Form<FormValues>
             name="login"
diff --git a/packages/web-console/src/providers/AuthProvider.tsx b/packages/web-console/src/providers/AuthProvider.tsx
@@ -60,8 +60,6 @@ export const AuthProvider = ({ children }: { children: React.ReactNode }) => {
   )
   const [loggedOut, setLoggedOut] = useState(false)
 
-  const basicAuthEnabled = settings["acl.basic.auth.realm.enabled"]
-
   const setAuthToken = (tokenResponse: AuthPayload) => {
     if (tokenResponse.access_token) {
       setValue(
@@ -187,25 +185,41 @@ export const AuthProvider = ({ children }: { children: React.ReactNode }) => {
           )
           // Stop loading and display the login state
         } else {
-          checkIfBasicAuth()
+          uiAuthLogin()
         }
       }
-    } else if (basicAuthEnabled) {
-      // run a simple query to force basic auth by browser
-      await fetch(`${window.location.origin}/exec?query=select 42`)
+    } else if (
+      // We need to explicitly check for the Boolean value, because the settings response might not come up from the API
+      // yet, and therefore be still undefined by default
+      typeof settings["acl.basic.auth.realm.enabled"] !== "undefined"
+    ) {
+      if (settings["acl.basic.auth.realm.enabled"]) {
+        await basicAuthLogin()
+      } else {
+        // Subscribe for any subsequent REST 401 responses (incorrect token, etc)
+        eventBus.subscribe(EventType.MSG_CONNECTION_UNAUTHORIZED, () => {
+          logout()
+        })
+
+        //username + pwd via login page
+        uiAuthLogin()
+      }
+    }
+  }
+
+  const basicAuthLogin = async () => {
+    // run a simple query to force basic auth by browser
+    const response = await fetch(
+      `${window.location.origin}/exec?query=select 42`,
+    )
+    if (response.status === 200) {
       setReady(true)
     } else {
-      // Subscribe for any subsequent REST 401 responses (incorrect token, etc)
-      eventBus.subscribe(EventType.MSG_CONNECTION_UNAUTHORIZED, () => {
-        logout()
-      })
-
-      //username + pwd via login page
-      checkIfBasicAuth()
+      await basicAuthLogin()
     }
   }
 
-  const checkIfBasicAuth = () => {
+  const uiAuthLogin = () => {
     // Check if user is authenticated already with basic auth
     const token = getValue(StoreKey.REST_TOKEN)
     if (token) {
@@ -289,7 +303,7 @@ export const AuthProvider = ({ children }: { children: React.ReactNode }) => {
         <Error
           errorMessage={errorMessage}
           onLogout={logout}
-          basicAuthEnabled={basicAuthEnabled}
+          basicAuthEnabled={settings["acl.basic.auth.realm.enabled"] ?? false}
         />
       )
     } else if (loading) {
diff --git a/packages/web-console/src/store/Console/reducers.ts b/packages/web-console/src/store/Console/reducers.ts
@@ -52,7 +52,7 @@ export const defaultSettings: ConsoleSettingsShape = {
   "acl.oidc.authorization.endpoint": "",
   "acl.oidc.token.endpoint": "",
   "acl.oidc.pkce.required": true,
-  "acl.basic.auth.realm.enabled": false,
+  "acl.basic.auth.realm.enabled": undefined,
 }
 
 const _console = (
diff --git a/packages/web-console/src/store/Console/types.ts b/packages/web-console/src/store/Console/types.ts
@@ -49,7 +49,7 @@ export type ConsoleSettings = Readonly<{
   "acl.oidc.authorization.endpoint": string
   "acl.oidc.token.endpoint": string
   "acl.oidc.pkce.required": boolean
-  "acl.basic.auth.realm.enabled": boolean
+  "acl.basic.auth.realm.enabled"?: boolean
 }>
 
 export type ConsoleSettingsShape = Readonly<ConsoleSettings>

Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,7 @@ export const defaultSettings: ConsoleSettingsShape = {`
`52`	`52`	`"acl.oidc.authorization.endpoint": "",`
`53`	`53`	`"acl.oidc.token.endpoint": "",`
`54`	`54`	`"acl.oidc.pkce.required": true,`
`55`		`- "acl.basic.auth.realm.enabled": false,`
	`55`	`+ "acl.basic.auth.realm.enabled": undefined,`
`56`	`56`	`}`
`57`	`57`
`58`	`58`	`const _console = (`