From c09489a8daf85bba7eb040905ddd0ee0fe5398ba Mon Sep 17 00:00:00 2001 From: "Rafael Silva (rafaelsi)" Date: Mon, 22 Sep 2025 10:34:08 +0100 Subject: [PATCH 1/4] feat: auth type ui Signed-off-by: Rafael Silva (rafaelsi) --- frontend/.env.sample | 8 +++- frontend/README.md | 5 +-- .../components/layout/tests/side-nav.test.tsx | 2 +- frontend/src/config/index.tsx | 37 +++++++++++++------ frontend/src/hooks/use-auth.tsx | 18 ++++----- .../settings/base/settings-base.test.tsx | 2 +- .../providers/auth-provider/auth-provider.tsx | 15 +++++--- .../settings-provider.test.tsx | 2 +- frontend/src/utils/get-auth-config.ts | 27 ++++++++------ frontend/tests/setup.ts | 34 ++++++++++++++++- 10 files changed, 104 insertions(+), 46 deletions(-) diff --git a/frontend/.env.sample b/frontend/.env.sample index db82ac33..bfe6659c 100644 --- a/frontend/.env.sample +++ b/frontend/.env.sample @@ -48,6 +48,11 @@ VITE_DOCS_URL= # Example: /identity-service (for subdirectory deployment) VITE_APP_BASE_NAME=/ +# Authentication Type +# Specifies which authentication method to use +# Values: iam, oidc +VITE_AUTH_TYPE=iam + # ============================================================================= # IDENTITY AND ACCESS MANAGEMENT (IAM) CONFIGURATION # ============================================================================= @@ -82,8 +87,7 @@ VITE_IAM_OIDC_ISSUER= # - true: Uses IAM authentication with multi-tenant support # - false: Uses secondary OIDC provider authentication # Values: true, false -# Default: true -VITE_MULTI_TENANT=true +VITE_IAM_MULTI_TENANT=true # ============================================================================= # SECONDARY OIDC PROVIDER CONFIGURATION (Optional) diff --git a/frontend/README.md b/frontend/README.md index c1b64396..a8ae0550 100644 --- a/frontend/README.md +++ b/frontend/README.md @@ -88,9 +88,7 @@ Configure the following environment variables in your `.env` file: - `VITE_APP_LOG_LEVEL` - Logging level for the application - `VITE_DOCS_URL` - URL for application documentation - `VITE_APP_BASE_NAME` - Base name/path for the application routing -- `VITE_MULTI_TENANT` - Enable multi-tenant support (true/false). This setting also determines the authentication mode: - - `true` - Uses IAM authentication with multi-tenant support - - `false` - Uses secondary OIDC provider authentication +- `VITE_AUTH_TYPE` - Authentication method to use (values: `iam`, `oidc`) #### IAM Authentication @@ -99,6 +97,7 @@ Configure the following environment variables in your `.env` file: - `VITE_IAM_API` - IAM API service URL - `VITE_IAM_OIDC_CLIENT_ID` - OIDC client ID for authentication - `VITE_IAM_OIDC_ISSUER` - OIDC issuer URL +- `VITE_IAM_MULTI_TENANT` - Enable multi-tenant support (true/false) #### Secondary OIDC Provider diff --git a/frontend/src/components/layout/tests/side-nav.test.tsx b/frontend/src/components/layout/tests/side-nav.test.tsx index d450d36e..677f48d0 100644 --- a/frontend/src/components/layout/tests/side-nav.test.tsx +++ b/frontend/src/components/layout/tests/side-nav.test.tsx @@ -27,7 +27,7 @@ let mockIsTbacEnabled = true; vi.mock('@/config', () => ({ default: { - MULTI_TENANT: true, + IAM_MULTI_TENANT: true, IAM_UI: 'https://iam.example.com', IAM_OIDC_ISSUER: 'https://issuer.example.com', IAM_OIDC_CLIENT_ID: 'client-id' diff --git a/frontend/src/config/index.tsx b/frontend/src/config/index.tsx index 2b532714..97ec2abc 100644 --- a/frontend/src/config/index.tsx +++ b/frontend/src/config/index.tsx @@ -6,22 +6,28 @@ import isEnvSet from '@/utils/is-env-set'; import * as CookieConsentVanilla from 'vanilla-cookieconsent'; +export enum AuthType { + IAM = 'iam', + OIDC = 'oidc' +} + declare global { interface Window { apiUrl?: string; logLevel?: string; + authType?: AuthType; iamProductId?: string; iamUi?: string; iamApi?: string; iamOidcClientId?: string; iamOidcIssuer?: string; + iamMultiTenant?: boolean; oidcUi?: string; oidcClientId?: string; oidcIssuer?: string; segmentId?: string; docsUrl?: string; mazeId?: string; - multiTenant?: boolean; appBaseName?: string; CookieConsent: typeof CookieConsentVanilla; } @@ -37,32 +43,46 @@ export default { ? import.meta.env.VITE_IAM_PRODUCT_ID : typeof window !== 'undefined' ? window.iamProductId - : undefined, + : import.meta.env.MODE === 'test' ? 'test-product-id' : undefined, LOG_LEVEL: isEnvSet(import.meta.env.VITE_APP_LOG_LEVEL) ? import.meta.env.VITE_APP_LOG_LEVEL : typeof window !== 'undefined' ? window.logLevel : undefined, + AUTH_TYPE: isEnvSet(import.meta.env.VITE_AUTH_TYPE) + ? (import.meta.env.VITE_AUTH_TYPE as AuthType) + : typeof window !== 'undefined' + ? window.authType + : import.meta.env.MODE === 'test' + ? AuthType.IAM + : undefined, IAM_UI: isEnvSet(import.meta.env.VITE_IAM_UI) ? import.meta.env.VITE_IAM_UI : typeof window !== 'undefined' ? window.iamUi - : undefined, + : import.meta.env.MODE === 'test' ? 'http://localhost:3000' : undefined, IAM_API: isEnvSet(import.meta.env.VITE_IAM_API) ? import.meta.env.VITE_IAM_API : typeof window !== 'undefined' ? window.iamApi - : undefined, + : import.meta.env.MODE === 'test' ? 'http://localhost:8080' : undefined, IAM_OIDC_CLIENT_ID: isEnvSet(import.meta.env.VITE_IAM_OIDC_CLIENT_ID) ? import.meta.env.VITE_IAM_OIDC_CLIENT_ID : typeof window !== 'undefined' ? window.iamOidcClientId - : undefined, + : import.meta.env.MODE === 'test' ? 'test-client-id' : undefined, IAM_OIDC_ISSUER: isEnvSet(import.meta.env.VITE_IAM_OIDC_ISSUER) ? import.meta.env.VITE_IAM_OIDC_ISSUER : typeof window !== 'undefined' ? window.iamOidcIssuer - : undefined, + : import.meta.env.MODE === 'test' ? 'http://localhost:8080/oauth2/default' : undefined, + IAM_MULTI_TENANT: isEnvSet(import.meta.env.VITE_IAM_MULTI_TENANT) + ? import.meta.env.VITE_IAM_MULTI_TENANT === 'true' + : typeof window !== 'undefined' + ? window.iamMultiTenant + : import.meta.env.MODE === 'test' + ? true + : undefined, OIDC_UI: isEnvSet(import.meta.env.VITE_OIDC_UI) ? import.meta.env.VITE_OIDC_UI : typeof window !== 'undefined' @@ -93,11 +113,6 @@ export default { : typeof window !== 'undefined' ? window.mazeId : undefined, - MULTI_TENANT: isEnvSet(import.meta.env.VITE_MULTI_TENANT) - ? import.meta.env.VITE_MULTI_TENANT === 'true' - : typeof window !== 'undefined' - ? (window.multiTenant ?? true) - : true, APP_BASE_NAME: isEnvSet(import.meta.env.VITE_APP_BASE_NAME) ? import.meta.env.VITE_APP_BASE_NAME : typeof window !== 'undefined' diff --git a/frontend/src/hooks/use-auth.tsx b/frontend/src/hooks/use-auth.tsx index 4c7103d7..52c598e6 100644 --- a/frontend/src/hooks/use-auth.tsx +++ b/frontend/src/hooks/use-auth.tsx @@ -3,22 +3,22 @@ * SPDX-License-Identifier: Apache-2.0 */ -import {isMultiTenant} from '@/utils/get-auth-config'; import {useAuthIAM} from '@/providers/auth-provider/iam/use-auth-iam'; import {useAuthOIDC} from '@/providers/auth-provider/oicd/use-auth-oidc'; import {AuthContextIAM, AuthContextOIDC} from '@/types/okta'; +import config, {AuthType} from '@/config'; export const useAuth = (): AuthContextIAM | AuthContextOIDC => { - const multiTenant = isMultiTenant(); let auth: typeof useAuthIAM | typeof useAuthOIDC = useAuthOIDC; - switch (multiTenant) { - case true: - auth = useAuthIAM; - break; - case false: - auth = useAuthOIDC; - break; + if (!config.AUTH_TYPE) { + console.warn('No AUTH_TYPE configured...'); + } else if (config.AUTH_TYPE === AuthType.IAM) { + auth = useAuthIAM; + } else if (config.AUTH_TYPE === AuthType.OIDC) { + auth = useAuthOIDC; + } else { + console.warn(`Unknown AUTH_TYPE configured: ${config.AUTH_TYPE}`); } return {...auth()}; diff --git a/frontend/src/pages/settings/base/settings-base.test.tsx b/frontend/src/pages/settings/base/settings-base.test.tsx index cfbdcf67..83616184 100644 --- a/frontend/src/pages/settings/base/settings-base.test.tsx +++ b/frontend/src/pages/settings/base/settings-base.test.tsx @@ -13,7 +13,7 @@ import SettingsBase from './settings-base'; // Update the mock to use MULTI_TENANT instead of IAM_MULTI_TENANT vi.mock('@/config', () => ({ default: { - MULTI_TENANT: true, + IAM_MULTI_TENANT: true, IAM_UI: 'https://iam.example.com', IAM_OIDC_ISSUER: 'https://issuer.example.com', IAM_OIDC_CLIENT_ID: 'client-id' diff --git a/frontend/src/providers/auth-provider/auth-provider.tsx b/frontend/src/providers/auth-provider/auth-provider.tsx index 50b8d06c..d1e495bb 100644 --- a/frontend/src/providers/auth-provider/auth-provider.tsx +++ b/frontend/src/providers/auth-provider/auth-provider.tsx @@ -3,18 +3,21 @@ * SPDX-License-Identifier: Apache-2.0 */ -import {isMultiTenant} from '@/utils/get-auth-config'; import AuthProviderIAM from './iam/auth-provider-iam'; import AuthProviderOIDC from './oicd/auth-provider-oidc'; +import config, {AuthType} from '@/config'; +import {AuthError} from '@/components/router/auth-error'; const AuthProvider: React.FC = ({children}) => { - const isMultiTenantResult = isMultiTenant(); - - if (isMultiTenantResult) { + if (!config.AUTH_TYPE) { + return ; + } else if (config.AUTH_TYPE === AuthType.IAM) { return {children}; + } else if (config.AUTH_TYPE === AuthType.OIDC) { + return {children}; + } else { + return ; } - - return {children}; }; export default AuthProvider; diff --git a/frontend/src/providers/settings-provider/settings-provider.test.tsx b/frontend/src/providers/settings-provider/settings-provider.test.tsx index 53b02dec..99453520 100644 --- a/frontend/src/providers/settings-provider/settings-provider.test.tsx +++ b/frontend/src/providers/settings-provider/settings-provider.test.tsx @@ -13,7 +13,7 @@ import React from 'react'; // Mock the config vi.mock('@/config', () => ({ default: { - MULTI_TENANT: true, + IAM_MULTI_TENANT: true, IAM_UI: 'https://iam.example.com', IAM_OIDC_ISSUER: 'https://issuer.example.com', IAM_OIDC_CLIENT_ID: 'client-id' diff --git a/frontend/src/utils/get-auth-config.ts b/frontend/src/utils/get-auth-config.ts index 2ce04527..143dde06 100644 --- a/frontend/src/utils/get-auth-config.ts +++ b/frontend/src/utils/get-auth-config.ts @@ -3,31 +3,36 @@ * SPDX-License-Identifier: Apache-2.0 */ -import config from '@/config'; +import config, { AuthType } from '@/config'; import { AuthConfigIAM, AuthConfigOIDC } from '@/types/okta'; export const getAuthConfig = () => { - if (config.MULTI_TENANT) { - const iamConfig: AuthConfigIAM = { + if (!config.AUTH_TYPE) { + console.warn('No AUTH_TYPE configured...'); + return undefined; + } else if (config.AUTH_TYPE === AuthType.IAM) { + return { iamUI: ((config.IAM_UI as string) ?? '').trim(), iamApi: ((config.IAM_API as string) ?? '').trim(), productId: ((config.IAM_PRODUCT_ID as string) ?? '').trim(), oktaIssuer: ((config.IAM_OIDC_ISSUER as string) ?? '').trim(), oktaClient: ((config.IAM_OIDC_CLIENT_ID as string) ?? '').trim() - }; - return iamConfig; - } else { - const oidcConfig: AuthConfigOIDC = { + } as AuthConfigIAM; + } else if (config.AUTH_TYPE === AuthType.OIDC) { + return { oidcUi: ((config.OIDC_UI as string) ?? '').trim(), oktaIssuer: ((config.OIDC_ISSUER as string) ?? '').trim(), oktaClient: ((config.OIDC_CLIENT_ID as string) ?? '').trim() - }; - return oidcConfig; + } as AuthConfigOIDC; + } else { + console.warn(`Unknown AUTH_TYPE configured: ${config.AUTH_TYPE}`); + return undefined; } }; export const isMultiTenant = () => { - const multiTenantFlag = Boolean(config.MULTI_TENANT); + const multiTenantFlag = Boolean(config.IAM_MULTI_TENANT); const hasIAMConfig = !!(config.IAM_UI && config.IAM_OIDC_ISSUER && config.IAM_OIDC_CLIENT_ID); - return multiTenantFlag && hasIAMConfig; + const isIam = config.AUTH_TYPE === AuthType.IAM; + return multiTenantFlag && hasIAMConfig && isIam; }; diff --git a/frontend/tests/setup.ts b/frontend/tests/setup.ts index db0e2b50..02976335 100644 --- a/frontend/tests/setup.ts +++ b/frontend/tests/setup.ts @@ -3,12 +3,44 @@ * SPDX-License-Identifier: Apache-2.0 */ -import {expect, afterEach} from 'vitest'; +import {expect, afterEach, beforeAll, vi} from 'vitest'; import {cleanup} from '@testing-library/react'; import * as matchers from '@testing-library/jest-dom/matchers'; expect.extend(matchers); +// Mock the getAuthConfig function to provide test defaults +beforeAll(() => { + // Mock the getAuthConfig utility function + vi.mock('@/utils/get-auth-config', () => ({ + getAuthConfig: vi.fn(() => ({ + iamUI: 'http://localhost:3000', + iamApi: 'http://localhost:8080', + productId: 'test-product-id', + oktaIssuer: 'http://localhost:8080/oauth2/default', + oktaClient: 'test-client-id' + })), + isMultiTenant: vi.fn(() => true) + })); + + // Mock import.meta.env with test defaults + vi.stubGlobal('import.meta', { + env: { + MODE: 'test', + VITE_AUTH_TYPE: 'iam', + VITE_IAM_API: 'http://localhost:8080', + VITE_IAM_UI: 'http://localhost:3000', + VITE_IAM_PRODUCT_ID: 'test-product-id', + VITE_IAM_OIDC_CLIENT_ID: 'test-client-id', + VITE_IAM_OIDC_ISSUER: 'http://localhost:8080/oauth2/default', + VITE_IAM_MULTI_TENANT: 'true', + VITE_API_URL: 'http://localhost:8080', + VITE_APP_CLIENT_PORT: '5500', + VITE_APP_LOG_LEVEL: 'info' + } + }); +}); + afterEach(() => { cleanup(); }); From 0442ea35083dd4fecd0054bd20a50a06c7f8173d Mon Sep 17 00:00:00 2001 From: "Rafael Silva (rafaelsi)" Date: Mon, 22 Sep 2025 10:34:24 +0100 Subject: [PATCH 2/4] feat: auth type ui Signed-off-by: Rafael Silva (rafaelsi) --- charts/identity-service-ui/values.yaml | 6 +++--- deployments/docker/frontend/nginx/entrypoint.sh | 2 +- deployments/docker/frontend/nginx/nginx.conf | 3 ++- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/charts/identity-service-ui/values.yaml b/charts/identity-service-ui/values.yaml index df4309d3..41d0e6c5 100644 --- a/charts/identity-service-ui/values.yaml +++ b/charts/identity-service-ui/values.yaml @@ -43,6 +43,7 @@ configmap: VITE_API_URL: "" VITE_APP_CLIENT_PORT: "5500" VITE_APP_LOG_LEVEL: "info" + VITE_AUTH_TYPE: "" # IAM defaults VITE_IAM_PRODUCT_ID: "" @@ -50,14 +51,13 @@ configmap: VITE_IAM_UI: "" VITE_IAM_API: "" VITE_IAM_OIDC_ISSUER: "" + VITE_IAM_MULTI_TENANT: "" # Secondary OIDC provider defaults VITE_OIDC_UI: "" VITE_OIDC_CLIENT_ID: "" VITE_OIDC_ISSUER: "" - # Multi-tenant and authentication mode - VITE_MULTI_TENANT: "" - + # Analytics and Feedback defaults VITE_SEGMENT_ID: "" VITE_MAZE_ID: "" diff --git a/deployments/docker/frontend/nginx/entrypoint.sh b/deployments/docker/frontend/nginx/entrypoint.sh index bed0e75d..f0b6e9b2 100755 --- a/deployments/docker/frontend/nginx/entrypoint.sh +++ b/deployments/docker/frontend/nginx/entrypoint.sh @@ -3,6 +3,6 @@ # SPDX-License-Identifier: Apache-2.0 -envsubst '$VITE_APP_CLIENT_PORT $VITE_API_URL $VITE_APP_LOG_LEVEL $VITE_SEGMENT_ID $VITE_NODE_ENV $VITE_IAM_PRODUCT_ID $VITE_IAM_UI $VITE_IAM_API $VITE_IAM_OIDC_CLIENT_ID $VITE_IAM_OIDC_ISSUER $VITE_OIDC_UI $VITE_OIDC_CLIENT_ID $VITE_OIDC_ISSUER $VITE_MULTI_TENANT $VITE_DOCS_URL $VITE_MAZE_ID $VITE_APP_BASE_NAME' < /home/web/nginx/nginx.env.conf > /home/web/nginx/nginx.conf +envsubst '$VITE_APP_CLIENT_PORT $VITE_API_URL $VITE_APP_LOG_LEVEL $VITE_SEGMENT_ID $VITE_NODE_ENV $VITE_IAM_PRODUCT_ID $VITE_IAM_UI $VITE_IAM_API $VITE_IAM_OIDC_CLIENT_ID $VITE_IAM_OIDC_ISSUER $VITE_AUTH_TYPE $VITE_OIDC_UI $VITE_OIDC_CLIENT_ID $VITE_OIDC_ISSUER $VITE_IAM_MULTI_TENANT $VITE_DOCS_URL $VITE_MAZE_ID $VITE_APP_BASE_NAME' < /home/web/nginx/nginx.env.conf > /home/web/nginx/nginx.conf envsubst '$VITE_OIDC_UI $VITE_API_URL' < /home/web/nginx/csp-header.env.conf > /home/web/nginx/csp-header.conf exec "$@" diff --git a/deployments/docker/frontend/nginx/nginx.conf b/deployments/docker/frontend/nginx/nginx.conf index fb747b67..de2c4cd8 100644 --- a/deployments/docker/frontend/nginx/nginx.conf +++ b/deployments/docker/frontend/nginx/nginx.conf @@ -104,6 +104,7 @@ http { ssi on; set $apiUrl "${VITE_API_URL}"; set $logLevel "${VITE_APP_LOG_LEVEL}"; + set $authType "${VITE_AUTH_TYPE}"; set $segmentId "${VITE_SEGMENT_ID}"; set $iamProductId "${VITE_IAM_PRODUCT_ID}"; set $iamUi "${VITE_IAM_UI}"; @@ -113,7 +114,7 @@ http { set $oidcUi "${VITE_OIDC_UI}"; set $oidcClientId "${VITE_OIDC_CLIENT_ID}"; set $oidcIssuer "${VITE_OIDC_ISSUER}"; - set $multiTenant "${VITE_MULTI_TENANT}"; + set $iamMultiTenant "${VITE_IAM_MULTI_TENANT}"; set $docsUrl "${VITE_DOCS_URL}"; set $mazeId "${VITE_MAZE_ID}"; set $appBaseName "${VITE_APP_BASE_NAME}"; From b52a0581b0addd26a70f73dfc90c13ac12c61d4a Mon Sep 17 00:00:00 2001 From: "Rafael Silva (rafaelsi)" Date: Mon, 22 Sep 2025 10:52:14 +0100 Subject: [PATCH 3/4] feat: auth type ui Signed-off-by: Rafael Silva (rafaelsi) --- frontend/README.md | 26 +++++++++++++++++++ frontend/src/api/services/iam-api.ts | 10 +++---- frontend/src/config/index.tsx | 20 ++++++++++---- frontend/src/constants/okta.ts | 2 +- .../auth-provider/iam/auth-provider-iam.tsx | 5 +--- .../auth-provider/oicd/auth-provider-oidc.tsx | 5 +--- 6 files changed, 49 insertions(+), 19 deletions(-) diff --git a/frontend/README.md b/frontend/README.md index a8ae0550..854f4144 100644 --- a/frontend/README.md +++ b/frontend/README.md @@ -110,6 +110,32 @@ Configure the following environment variables in your `.env` file: - `VITE_SEGMENT_ID` - Segment analytics tracking ID - `VITE_MAZE_ID` - Maze analytics tracking ID +#### Authentication Configuration + +The application uses default authentication configuration options defined in `src/constants/okta.ts`. These default options apply to both IAM and OIDC authentication providers: + +```typescript +export const defaultAuthConfigOptions: AuthConfigOptions = { + scopes: ['openid', 'offline_access'], + renew: 'auto', + redirectUri: `${window.location.protocol}//${window.location.host}`, + devMode: false, + renewOnTabActivation: true, + tabInactivityDuration: 1800, // 30 minutes + syncStorage: true +}; +``` + +These options control: + +- **scopes**: OAuth 2.0 scopes requested during authentication +- **renew**: Token renewal strategy ('auto' for automatic renewal) +- **redirectUri**: URI to redirect to after authentication +- **devMode**: Development mode flag for additional debugging +- **renewOnTabActivation**: Whether to renew tokens when tab becomes active +- **tabInactivityDuration**: Time in seconds before considering tab inactive +- **syncStorage**: Whether to synchronize authentication state across browser tabs + ### 4. Global Configuration Setup Configure the application's global settings by editing `src/config/global.ts`: diff --git a/frontend/src/api/services/iam-api.ts b/frontend/src/api/services/iam-api.ts index 31690fd0..f46821d4 100644 --- a/frontend/src/api/services/iam-api.ts +++ b/frontend/src/api/services/iam-api.ts @@ -29,11 +29,11 @@ export class IamAPIClass { clearTokensBeforeRedirect?: boolean; }) => void; - protected authConfig = getAuthConfig() as AuthConfigIAM; + protected authConfig = getAuthConfig() as AuthConfigIAM | undefined; constructor() { this.instance = axios.create({ - baseURL: this.authConfig.iamApi, + baseURL: this.authConfig?.iamApi, headers: { 'Content-Type': 'application/json' } @@ -59,7 +59,7 @@ export class IamAPIClass { public getTenants = () => { return this.instance.get('/tenant', { params: { - product: this.authConfig.productId + product: this.authConfig?.productId } }); }; @@ -71,7 +71,7 @@ export class IamAPIClass { public createTenant = () => { return this.instance.post('/tenant/user', undefined, { params: { - product: this.authConfig.productId + product: this.authConfig?.productId } }); }; @@ -88,7 +88,7 @@ export class IamAPIClass { public inviteUser = (groupId: string, data: InviteUserPayload) => { return this.instance.post(`/user/request/invite`, data, { params: { - product: this.authConfig.productId, + product: this.authConfig?.productId, group: groupId } }); diff --git a/frontend/src/config/index.tsx b/frontend/src/config/index.tsx index 97ec2abc..6bb61ec8 100644 --- a/frontend/src/config/index.tsx +++ b/frontend/src/config/index.tsx @@ -43,7 +43,9 @@ export default { ? import.meta.env.VITE_IAM_PRODUCT_ID : typeof window !== 'undefined' ? window.iamProductId - : import.meta.env.MODE === 'test' ? 'test-product-id' : undefined, + : import.meta.env.MODE === 'test' + ? 'test-product-id' + : undefined, LOG_LEVEL: isEnvSet(import.meta.env.VITE_APP_LOG_LEVEL) ? import.meta.env.VITE_APP_LOG_LEVEL : typeof window !== 'undefined' @@ -60,22 +62,30 @@ export default { ? import.meta.env.VITE_IAM_UI : typeof window !== 'undefined' ? window.iamUi - : import.meta.env.MODE === 'test' ? 'http://localhost:3000' : undefined, + : import.meta.env.MODE === 'test' + ? 'http://localhost:3000' + : undefined, IAM_API: isEnvSet(import.meta.env.VITE_IAM_API) ? import.meta.env.VITE_IAM_API : typeof window !== 'undefined' ? window.iamApi - : import.meta.env.MODE === 'test' ? 'http://localhost:8080' : undefined, + : import.meta.env.MODE === 'test' + ? 'http://localhost:8080' + : undefined, IAM_OIDC_CLIENT_ID: isEnvSet(import.meta.env.VITE_IAM_OIDC_CLIENT_ID) ? import.meta.env.VITE_IAM_OIDC_CLIENT_ID : typeof window !== 'undefined' ? window.iamOidcClientId - : import.meta.env.MODE === 'test' ? 'test-client-id' : undefined, + : import.meta.env.MODE === 'test' + ? 'test-client-id' + : undefined, IAM_OIDC_ISSUER: isEnvSet(import.meta.env.VITE_IAM_OIDC_ISSUER) ? import.meta.env.VITE_IAM_OIDC_ISSUER : typeof window !== 'undefined' ? window.iamOidcIssuer - : import.meta.env.MODE === 'test' ? 'http://localhost:8080/oauth2/default' : undefined, + : import.meta.env.MODE === 'test' + ? 'http://localhost:8080/oauth2/default' + : undefined, IAM_MULTI_TENANT: isEnvSet(import.meta.env.VITE_IAM_MULTI_TENANT) ? import.meta.env.VITE_IAM_MULTI_TENANT === 'true' : typeof window !== 'undefined' diff --git a/frontend/src/constants/okta.ts b/frontend/src/constants/okta.ts index 16b0641b..0a3f7b06 100644 --- a/frontend/src/constants/okta.ts +++ b/frontend/src/constants/okta.ts @@ -8,7 +8,7 @@ import {AuthConfigOptions} from '@/types/okta'; export const defaultAuthConfigOptions: AuthConfigOptions = { scopes: ['openid', 'offline_access'], renew: 'auto', - redirectUri: `${window.location.protocol}//${window.location.host}/`, + redirectUri: `${window.location.protocol}//${window.location.host}`, devMode: false, renewOnTabActivation: true, tabInactivityDuration: 1800, // 30 minutes diff --git a/frontend/src/providers/auth-provider/iam/auth-provider-iam.tsx b/frontend/src/providers/auth-provider/iam/auth-provider-iam.tsx index 80da61fa..1d21703e 100644 --- a/frontend/src/providers/auth-provider/iam/auth-provider-iam.tsx +++ b/frontend/src/providers/auth-provider/iam/auth-provider-iam.tsx @@ -21,10 +21,7 @@ const AuthProviderIAM: React.FC = ({children}) => { const authConfig: AuthConfigIAM = useMemo(() => { return { - ...(getAuthConfig() as AuthConfigIAM), - configOptions: { - redirectUri: `${window.location.protocol}//${window.location.host}` - } + ...(getAuthConfig() as AuthConfigIAM) }; }, []); diff --git a/frontend/src/providers/auth-provider/oicd/auth-provider-oidc.tsx b/frontend/src/providers/auth-provider/oicd/auth-provider-oidc.tsx index d9beabfe..913e7bf7 100644 --- a/frontend/src/providers/auth-provider/oicd/auth-provider-oidc.tsx +++ b/frontend/src/providers/auth-provider/oicd/auth-provider-oidc.tsx @@ -21,10 +21,7 @@ const AuthProviderOIDC: React.FC = ({children}) => { const authConfig: AuthConfigOIDC = React.useMemo(() => { return { - ...(getAuthConfig() as AuthConfigOIDC), - configOptions: { - redirectUri: `${window.location.protocol}//${window.location.host}` - } + ...(getAuthConfig() as AuthConfigOIDC) }; }, []); From bec54ee143e084526f384ed4d79b394bfe54f3c6 Mon Sep 17 00:00:00 2001 From: "Rafael Silva (rafaelsi)" Date: Mon, 22 Sep 2025 10:52:21 +0100 Subject: [PATCH 4/4] feat: auth type ui Signed-off-by: Rafael Silva (rafaelsi) --- deployments/docker/frontend/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployments/docker/frontend/Dockerfile b/deployments/docker/frontend/Dockerfile index 282eec8b..a1dd97c0 100644 --- a/deployments/docker/frontend/Dockerfile +++ b/deployments/docker/frontend/Dockerfile @@ -47,7 +47,7 @@ RUN mkdir ./nginx/logs && \ RUN sed -i 's/