Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-10350 Corrected Registry User Authorization for OIDC 

- Moved refresh of Registry Configuration to checkLogin functions
- Refreshing Registry Configuration allows the user interface to reflect the correct status for OIDC and other authentication strategies

Signed-off-by: Nathan Gough <thenatog@gmail.com>

This closes #6295.
This commit is contained in:
exceptionfactory 2022-08-11 15:03:13 -05:00 committed by Nathan Gough
parent 0a065538e2
commit 6bfc798515
2 changed files with 23 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nifi-registry/nifi-registry-core/nifi-registry-web-ui/src/main/webapp/components/login/dialogs/nf-registry-user-login.js
View File

@ -56,13 +56,9 @@ NfRegistryUserLogin.prototype = {
var self = this;
this.nfRegistryApi.postToLogin(username.value, password.value).subscribe(function (response) {
if (response || response.status === 200) {
//successful login update registry config
self.nfRegistryApi.getRegistryConfig().subscribe(function (registryConfig) {
self.nfRegistryService.registry.config = registryConfig;
self.nfRegistryService.currentUser.anonymous = false;
self.dialogRef.close();
self.nfRegistryLoginAuthGuard.checkLogin(self.nfRegistryService.redirectUrl);
});
self.nfRegistryService.currentUser.anonymous = false;
self.dialogRef.close();
self.nfRegistryLoginAuthGuard.checkLogin(self.nfRegistryService.redirectUrl);
}
});
},

20
nifi-registry/nifi-registry-core/nifi-registry-web-ui/src/main/webapp/services/nf-registry.auth-guard.service.js
View File

@ -78,6 +78,11 @@ NfRegistryUsersAdministrationAuthGuard.prototype = {
// render the logout button if there is a token locally
if (self.nfStorage.getItem('jwt') !== null) {
self.nfRegistryService.currentUser.canLogout = true;
// Update Registry Configuration following successful login
self.nfRegistryApi.getRegistryConfig().subscribe(function (registryConfig) {
self.nfRegistryService.registry.config = registryConfig;
});
}
// redirect to explorer perspective if not admin
@ -201,6 +206,11 @@ NfRegistryWorkflowsAdministrationAuthGuard.prototype = {
// render the logout button if there is a token locally
if (self.nfStorage.getItem('jwt') !== null) {
self.nfRegistryService.currentUser.canLogout = true;
// Update Registry Configuration following successful login
self.nfRegistryApi.getRegistryConfig().subscribe(function (registryConfig) {
self.nfRegistryService.registry.config = registryConfig;
});
}
// redirect to explorer perspective if not admin
@ -303,6 +313,11 @@ NfRegistryLoginAuthGuard.prototype = {
// render the logout button if there is a token locally
if (self.nfStorage.getItem('jwt') !== null) {
self.nfRegistryService.currentUser.canLogout = true;
// Update Registry Configuration following successful login
self.nfRegistryApi.getRegistryConfig().subscribe(function (registryConfig) {
self.nfRegistryService.registry.config = registryConfig;
});
}
self.nfRegistryService.currentUser.canActivateResourcesAuthGuard = true;
resolve(false);
@ -382,6 +397,11 @@ NfRegistryResourcesAuthGuard.prototype = {
if (self.nfStorage.hasItem('jwt')) {
self.nfRegistryService.currentUser.canLogout = true;
self.nfRegistryService.currentUser.canActivateResourcesAuthGuard = true;
// Update Registry Configuration following successful login
self.nfRegistryApi.getRegistryConfig().subscribe(function (registryConfig) {
self.nfRegistryService.registry.config = registryConfig;
});
resolve(true);
} else {
self.router.navigateByUrl('login');