From 23ce2bb1af0444a926ab915cd4ec81f9790a70b5 Mon Sep 17 00:00:00 2001 From: Eric Wittmann Date: Wed, 18 Sep 2024 12:36:51 -0400 Subject: [PATCH] Allow logout redirect URl to be configurable (#5199) * Allow logout redirect URl to be configurable * Change the default value of the logout URL * Fix linting error * Revert createLink change --- .../io/apicurio/registry/rest/v3/SystemResourceImpl.java | 3 +++ .../registry/ui/UserInterfaceConfigProperties.java | 3 +++ .../getting-started/ref-registry-all-configs.adoc | 5 +++++ ui/.docker-scripts/create-config.cjs | 4 ++++ ui/ui-app/package-lock.json | 8 ++++---- ui/ui-app/package.json | 2 +- ui/ui-app/src/app/App.tsx | 9 +++++++-- ui/ui-app/src/services/useConfigService.ts | 1 + 8 files changed, 28 insertions(+), 7 deletions(-) diff --git a/app/src/main/java/io/apicurio/registry/rest/v3/SystemResourceImpl.java b/app/src/main/java/io/apicurio/registry/rest/v3/SystemResourceImpl.java index 2ca17a32da..113c6b3289 100644 --- a/app/src/main/java/io/apicurio/registry/rest/v3/SystemResourceImpl.java +++ b/app/src/main/java/io/apicurio/registry/rest/v3/SystemResourceImpl.java @@ -114,6 +114,9 @@ private UserInterfaceConfigAuth uiAuthConfig() { options.put("url", uiConfig.authOidcUrl); options.put("redirectUri", uiConfig.authOidcRedirectUri); options.put("clientId", uiConfig.authOidcClientId); + if (!"f5".equals(uiConfig.authOidcLogoutUrl)) { + options.put("logoutUrl", uiConfig.authOidcLogoutUrl); + } rval.setOptions(options); } return rval; diff --git a/app/src/main/java/io/apicurio/registry/ui/UserInterfaceConfigProperties.java b/app/src/main/java/io/apicurio/registry/ui/UserInterfaceConfigProperties.java index 290308e4ba..ee4ce9f061 100644 --- a/app/src/main/java/io/apicurio/registry/ui/UserInterfaceConfigProperties.java +++ b/app/src/main/java/io/apicurio/registry/ui/UserInterfaceConfigProperties.java @@ -25,6 +25,9 @@ public class UserInterfaceConfigProperties { @ConfigProperty(name = "apicurio.ui.auth.oidc.client-id", defaultValue = "apicurio-registry-ui") @Info(category = "ui", description = "The OIDC clientId", availableSince = "3.0.0") public String authOidcClientId; + @ConfigProperty(name = "apicurio.ui.auth.oidc.logout-url", defaultValue = "f5") + @Info(category = "ui", description = "The OIDC logout URL", availableSince = "3.0.0") + public String authOidcLogoutUrl; @ConfigProperty(name = "apicurio.ui.features.read-only.enabled", defaultValue = "false") @Info(category = "ui", description = "Enabled to set the UI to read-only mode", availableSince = "3.0.0") diff --git a/docs/modules/ROOT/partials/getting-started/ref-registry-all-configs.adoc b/docs/modules/ROOT/partials/getting-started/ref-registry-all-configs.adoc index effe21840d..32022f5645 100644 --- a/docs/modules/ROOT/partials/getting-started/ref-registry-all-configs.adoc +++ b/docs/modules/ROOT/partials/getting-started/ref-registry-all-configs.adoc @@ -845,6 +845,11 @@ The following {registry} configuration options are available for each component |`apicurio-registry-ui` |`3.0.0` |The OIDC clientId +|`apicurio.ui.auth.oidc.logout-url` +|`string` +|`f5` +|`3.0.0` +|The OIDC logout URL |`apicurio.ui.auth.oidc.redirect-uri` |`string` |`/` diff --git a/ui/.docker-scripts/create-config.cjs b/ui/.docker-scripts/create-config.cjs index 846fb546b8..65ca64da6c 100755 --- a/ui/.docker-scripts/create-config.cjs +++ b/ui/.docker-scripts/create-config.cjs @@ -19,6 +19,7 @@ const AUTH_URL=process.env["REGISTRY_AUTH_URL"]; const AUTH_CLIENT_ID=process.env["REGISTRY_AUTH_CLIENT_ID"]; const AUTH_CLIENT_SCOPES=process.env["REGISTRY_AUTH_CLIENT_SCOPES"]; const AUTH_REDIRECT_URL=process.env["REGISTRY_AUTH_REDIRECT_URL"]; +const AUTH_LOGOUT_URL=process.env["REGISTRY_AUTH_LOGOUT_URL"]; const FEATURE_READ_ONLY=process.env["REGISTRY_FEATURE_READ_ONLY"]; const FEATURE_BREADCRUMBS=process.env["REGISTRY_FEATURE_BREADCRUMBS"]; @@ -77,6 +78,9 @@ if (AUTH_TYPE === "oidc") { if (AUTH_CLIENT_SCOPES) { CONFIG.auth.options.scope = AUTH_CLIENT_SCOPES; } + if (AUTH_LOGOUT_URL) { + CONFIG.auth.options.logoutUrl = AUTH_LOGOUT_URL; + } } // Configure features diff --git a/ui/ui-app/package-lock.json b/ui/ui-app/package-lock.json index 8f142755cb..9ee049c31b 100644 --- a/ui/ui-app/package-lock.json +++ b/ui/ui-app/package-lock.json @@ -11,7 +11,7 @@ "license": "Apache-2.0", "dependencies": { "@apicurio/apicurio-registry-sdk": "file:../../typescript-sdk", - "@apicurio/common-ui-components": "2.0.3", + "@apicurio/common-ui-components": "2.0.4", "@apicurio/data-models": "1.1.27", "@microsoft/kiota-abstractions": "1.0.0-preview.66", "@microsoft/kiota-http-fetchlibrary": "1.0.0-preview.65", @@ -104,9 +104,9 @@ "link": true }, "node_modules/@apicurio/common-ui-components": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@apicurio/common-ui-components/-/common-ui-components-2.0.3.tgz", - "integrity": "sha512-5iRWIhDu+d52a1V4YkrgfDn3CRfKmaxNLjlgIy9ieU4xYHTUEx9Gc7C7AHPZIK7MvqfcjHH3SZylBtFoGIyw6Q==", + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/@apicurio/common-ui-components/-/common-ui-components-2.0.4.tgz", + "integrity": "sha512-8cq2jeLWGzvw0bRKg3R35SQDDOQKUGJ+D8ltl5Q3w589ep0sT1PxgBin4DIe0YA3U61I+BtN/W4Mc41y8XPc/Q==", "peerDependencies": { "@patternfly/patternfly": "~5", "@patternfly/react-core": "~5", diff --git a/ui/ui-app/package.json b/ui/ui-app/package.json index cd63ecaffc..bc48336a85 100644 --- a/ui/ui-app/package.json +++ b/ui/ui-app/package.json @@ -31,7 +31,7 @@ "vite-tsconfig-paths": "5.0.1" }, "dependencies": { - "@apicurio/common-ui-components": "2.0.3", + "@apicurio/common-ui-components": "2.0.4", "@apicurio/apicurio-registry-sdk": "file:../../typescript-sdk", "@apicurio/data-models": "1.1.27", "@microsoft/kiota-abstractions": "1.0.0-preview.66", diff --git a/ui/ui-app/src/app/App.tsx b/ui/ui-app/src/app/App.tsx index 1b9e83815b..24f4c6c365 100644 --- a/ui/ui-app/src/app/App.tsx +++ b/ui/ui-app/src/app/App.tsx @@ -31,8 +31,13 @@ export const App: FunctionComponent = () => { type: config.authType() as "none" | "oidc", options: config.authOptions() }; - if (authConfig.type === "oidc" && (authConfig.options.redirectUri && authConfig.options.redirectUri.startsWith("/"))) { - authConfig.options.redirectUri = window.location.origin + authConfig.options.redirectUri; + if (authConfig.type === "oidc") { + if (authConfig.options.redirectUri && authConfig.options.redirectUri.startsWith("/")) { + authConfig.options.redirectUri = window.location.origin + authConfig.options.redirectUri; + } + if (authConfig.options.logoutUrl && authConfig.options.logoutUrl.startsWith("/")) { + authConfig.options.logoutUrl = window.location.origin + authConfig.options.logoutUrl; + } } return ( diff --git a/ui/ui-app/src/services/useConfigService.ts b/ui/ui-app/src/services/useConfigService.ts index fe0c7ff3c6..593de9f652 100644 --- a/ui/ui-app/src/services/useConfigService.ts +++ b/ui/ui-app/src/services/useConfigService.ts @@ -86,6 +86,7 @@ export interface OidcJsAuthOptions { redirectUri: string; clientId: string; scope: string; + logoutUrl?: string; } // Used when `type=keycloakjs`