conjur-asset-ui 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (133) hide show
  1. checksums.yaml +7 -0
  2. data/.git-hooks/pre_commit/ensure_livescript_compiled.rb +31 -0
  3. data/.git-hooks/pre_commit/trailing_whitespace.rb +26 -0
  4. data/.gitignore +20 -0
  5. data/.overcommit.yml +5 -0
  6. data/.project +18 -0
  7. data/CHANGELOG.md +3 -0
  8. data/Gemfile +8 -0
  9. data/LICENSE.txt +22 -0
  10. data/README.md +41 -0
  11. data/Rakefile +3 -0
  12. data/compile_ls +6 -0
  13. data/conjur-asset-ui.gemspec +37 -0
  14. data/lib/conjur/command/ui.rb +46 -0
  15. data/lib/conjur/webserver/api_proxy.rb +94 -0
  16. data/lib/conjur/webserver/authorize.rb +28 -0
  17. data/lib/conjur/webserver/conjur_info.rb +33 -0
  18. data/lib/conjur/webserver/home.rb +42 -0
  19. data/lib/conjur/webserver/login.rb +57 -0
  20. data/lib/conjur/webserver/renderer.rb +34 -0
  21. data/lib/conjur/webserver/server.rb +113 -0
  22. data/lib/conjur-asset-ui-version.rb +7 -0
  23. data/lib/conjur-asset-ui.rb +7 -0
  24. data/livescript/views/audit.ls +136 -0
  25. data/public/_client_code.html +42 -0
  26. data/public/_client_libs.html +24 -0
  27. data/public/css/bootstrap.css +7 -0
  28. data/public/css/styles.less +461 -0
  29. data/public/fonts/glyphicons-halflings-regular.eot +0 -0
  30. data/public/fonts/glyphicons-halflings-regular.svg +229 -0
  31. data/public/fonts/glyphicons-halflings-regular.ttf +0 -0
  32. data/public/fonts/glyphicons-halflings-regular.woff +0 -0
  33. data/public/images/conjur-logo.svg +26 -0
  34. data/public/images/icon-client-pc.svg +12 -0
  35. data/public/images/icon-environment.png +0 -0
  36. data/public/images/icon-person.svg +12 -0
  37. data/public/images/icon-policy.png +0 -0
  38. data/public/images/icon-resource.png +0 -0
  39. data/public/images/icon-service-dots.svg +13 -0
  40. data/public/images/icon-variable.png +0 -0
  41. data/public/index.html.erb +62 -0
  42. data/public/js/init.js +107 -0
  43. data/public/js/lib/JSXTransformer.js +10862 -0
  44. data/public/js/lib/async.js +958 -0
  45. data/public/js/lib/backbone.js +2 -0
  46. data/public/js/lib/bootstrap.js +6 -0
  47. data/public/js/lib/date.extensions.js +141 -0
  48. data/public/js/lib/less.js +16 -0
  49. data/public/js/lib/moment.js +7768 -0
  50. data/public/js/lib/pace.js +2 -0
  51. data/public/js/lib/prelude-browser-min.js +1 -0
  52. data/public/js/lib/react-bootstrap.js +5346 -0
  53. data/public/js/lib/react-bootstrap.min.js +4 -0
  54. data/public/js/lib/sorted-set.no-require.js +1170 -0
  55. data/public/js/lib/sorted-set.no-require.js.txt +6 -0
  56. data/public/js/lib/underscore-min.js +6 -0
  57. data/public/js/lib/underscore.string.min.js +1 -0
  58. data/public/js/main.js +57 -0
  59. data/public/js/models/groupRecord.js +70 -0
  60. data/public/js/models/hostRecord.js +55 -0
  61. data/public/js/models/layerRecord.js +77 -0
  62. data/public/js/models/namespace.js +10 -0
  63. data/public/js/models/policyList.js +14 -0
  64. data/public/js/models/policyRecord.js +54 -0
  65. data/public/js/models/record.js +85 -0
  66. data/public/js/models/resourceList.js +69 -0
  67. data/public/js/models/userList.js +20 -0
  68. data/public/js/models/userRecord.js +70 -0
  69. data/public/js/models/variableList.js +16 -0
  70. data/public/js/models/variableRecord.js +73 -0
  71. data/public/js/routers.js +205 -0
  72. data/public/js/views/annotations.js +36 -0
  73. data/public/js/views/audit.js +363 -0
  74. data/public/js/views/dashboard.js +67 -0
  75. data/public/js/views/generic.js +115 -0
  76. data/public/js/views/group.js +61 -0
  77. data/public/js/views/groups.js +30 -0
  78. data/public/js/views/host.js +64 -0
  79. data/public/js/views/hosts.js +30 -0
  80. data/public/js/views/layer.js +92 -0
  81. data/public/js/views/layers.js +30 -0
  82. data/public/js/views/mixins/search.js +15 -0
  83. data/public/js/views/mixins/tabs.js +114 -0
  84. data/public/js/views/namespaces.js +40 -0
  85. data/public/js/views/navSearch.js +25 -0
  86. data/public/js/views/owned.js +178 -0
  87. data/public/js/views/permissions.js +188 -0
  88. data/public/js/views/policies.js +28 -0
  89. data/public/js/views/policy.js +43 -0
  90. data/public/js/views/resource.js +39 -0
  91. data/public/js/views/role.js +41 -0
  92. data/public/js/views/searchResults.js +145 -0
  93. data/public/js/views/time.js +14 -0
  94. data/public/js/views/user.js +68 -0
  95. data/public/js/views/users.js +31 -0
  96. data/public/js/views/variable.js +70 -0
  97. data/public/js/views/variables.js +30 -0
  98. data/spec/javascripts/helpers/.gitkeep +0 -0
  99. data/spec/javascripts/support/jasmine.yml +112 -0
  100. data/spec/javascripts/support/jasmine_helper.rb +22 -0
  101. data/spec/javascripts/support/run.html.erb +23 -0
  102. data/spec/javascripts/views/AuditSpec.js +22 -0
  103. data/spec/javascripts/views/AuditSpec.ls +18 -0
  104. data/vendor/prelude-ls/.gitignore +2 -0
  105. data/vendor/prelude-ls/.travis.yml +3 -0
  106. data/vendor/prelude-ls/CHANGELOG.md +81 -0
  107. data/vendor/prelude-ls/LICENSE +22 -0
  108. data/vendor/prelude-ls/Makefile +50 -0
  109. data/vendor/prelude-ls/README.md +15 -0
  110. data/vendor/prelude-ls/browser/prelude-browser-min.js +1 -0
  111. data/vendor/prelude-ls/browser/prelude-browser.js +1172 -0
  112. data/vendor/prelude-ls/lib/Func.js +40 -0
  113. data/vendor/prelude-ls/lib/List.js +602 -0
  114. data/vendor/prelude-ls/lib/Num.js +129 -0
  115. data/vendor/prelude-ls/lib/Obj.js +153 -0
  116. data/vendor/prelude-ls/lib/Str.js +68 -0
  117. data/vendor/prelude-ls/lib/index.js +164 -0
  118. data/vendor/prelude-ls/package.json +50 -0
  119. data/vendor/prelude-ls/package.ls +46 -0
  120. data/vendor/prelude-ls/src/Func.ls +17 -0
  121. data/vendor/prelude-ls/src/List.ls +299 -0
  122. data/vendor/prelude-ls/src/Num.ls +83 -0
  123. data/vendor/prelude-ls/src/Obj.ls +61 -0
  124. data/vendor/prelude-ls/src/Str.ls +32 -0
  125. data/vendor/prelude-ls/src/index.ls +56 -0
  126. data/vendor/prelude-ls/test/Func.ls +36 -0
  127. data/vendor/prelude-ls/test/List.ls +751 -0
  128. data/vendor/prelude-ls/test/Num.ls +258 -0
  129. data/vendor/prelude-ls/test/Obj.ls +145 -0
  130. data/vendor/prelude-ls/test/Prelude.ls +49 -0
  131. data/vendor/prelude-ls/test/Str.ls +208 -0
  132. data/vendor/prelude-ls/test/browser.html +5 -0
  133. metadata +369 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 797e36ccfd5fb14495ce552972ae5f3cc2cc8047
4
+ data.tar.gz: aa0c926a8d45522ff5d373053c8fda223193fdd5
5
+ SHA512:
6
+ metadata.gz: 046312f295fe2b3da327bc129f02ca90dd57d781e2e9805dacf42eebcc12a4a127c62b4d87510a46f5c773aabda54524e097f1059c6f932c84eceaa5d93cd02c
7
+ data.tar.gz: 082f28dad66cc39ea27b14b8846320a23375400affea0bfe32c9081f1999c7c425c2ddf3cdefde80e79f362012e1c69dd2853937bf5911dae0af980a93a01067
@@ -0,0 +1,31 @@
1
+ require 'pathname'
2
+
3
+ module Overcommit::Hook::PreCommit
4
+ # Ensure the livescript source files are compiled.
5
+ # Also make sure they're included in the commit.
6
+ class EnsureLivescriptCompiled < Base
7
+ def compiled_path ls
8
+ ls.sub('livescript/', 'public/js/').sub(/\.ls$/, '.js')
9
+ end
10
+
11
+ def relative path
12
+ Pathname.new(path).relative_path_from Pathname.getwd
13
+ end
14
+
15
+ def check_file lsfile
16
+ compiled = compiled_path lsfile
17
+
18
+ return "#{relative compiled}: older than #{relative lsfile}.
19
+ $ ./compile_ls &" if File.stat(lsfile) > File.stat(compiled)
20
+
21
+ return "#{relative lsfile}: compiled file not added.
22
+ $ git add #{relative compiled}" unless modified_files.include? compiled
23
+ end
24
+
25
+ def run
26
+ errs = applicable_files.map(&method(:check_file)).compact
27
+ return :bad, errs.join('\n') unless errs.empty?
28
+ :good
29
+ end
30
+ end
31
+ end
@@ -0,0 +1,26 @@
1
+ module Overcommit::Hook::PreCommit
2
+ # Checks for trailing whitespace in files.
3
+ class TrailingWhitespace < Base
4
+ def message
5
+ "Trailing whitespace detected"
6
+ end
7
+
8
+ def lint_split output, message = message
9
+ # Keep lines from the output for files that we actually modified
10
+ error_lines, warning_lines = output.split("\n").partition do |output_line|
11
+ _, file, line = output_line.match(/^([^:]+):(\d+)/).to_a
12
+ modified_lines(file).include?(line.to_i)
13
+ end
14
+
15
+ return :bad, message + ":\n" + error_lines.join("\n") unless error_lines.empty?
16
+ return :warn, message + " (on lines you didn't modify):\n" + warning_lines.join("\n")\
17
+ unless warning_lines.empty?
18
+
19
+ :good
20
+ end
21
+
22
+ def run
23
+ lint_split execute(%w[grep -IHn \s$] + applicable_files).stdout
24
+ end
25
+ end
26
+ end
data/.gitignore ADDED
@@ -0,0 +1,20 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
18
+ .idea
19
+ .DS_Store
20
+
data/.overcommit.yml ADDED
@@ -0,0 +1,5 @@
1
+ PreCommit:
2
+ EnsureLivescriptCompiled:
3
+ description: 'Checking if LiveScript files are compiled'
4
+ include: 'livescript/*.ls'
5
+ requires_files: true
data/.project ADDED
@@ -0,0 +1,18 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <projectDescription>
3
+ <name>conjur-asset-ui</name>
4
+ <comment></comment>
5
+ <projects>
6
+ </projects>
7
+ <buildSpec>
8
+ <buildCommand>
9
+ <name>com.aptana.ide.core.unifiedBuilder</name>
10
+ <arguments>
11
+ </arguments>
12
+ </buildCommand>
13
+ </buildSpec>
14
+ <natures>
15
+ <nature>com.aptana.ruby.core.rubynature</nature>
16
+ <nature>com.aptana.projects.webnature</nature>
17
+ </natures>
18
+ </projectDescription>
data/CHANGELOG.md ADDED
@@ -0,0 +1,3 @@
1
+ # v1.3.0
2
+
3
+ * resurrection of the UI
data/Gemfile ADDED
@@ -0,0 +1,8 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in conjur-asset-pubkeys.gemspec
4
+ gemspec
5
+
6
+ group :development do
7
+ gem 'pry'
8
+ end
data/LICENSE.txt ADDED
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2013 Kevin Gilpin
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,41 @@
1
+ conjur-asset-ui
2
+ ===============
3
+
4
+ This Gem is a Conjur plugin providing UI features.
5
+
6
+ Usage
7
+ -----
8
+
9
+ First install the gem, with the rather clumsy name `conjur-asset-ui-api`.
10
+
11
+ ```
12
+ gem install conjur-asset-ui-api
13
+ ```
14
+
15
+ Or add the following line to your `Gemfile`:
16
+
17
+ ```
18
+ gem 'conjur-asset-ruby-api'
19
+ ```
20
+
21
+ Next, edit your `.conjurrc` file to add the `"ui"` plugin, for example:
22
+
23
+ ```
24
+ stack: v4
25
+ account: sandbox
26
+ plugins:
27
+ - ui
28
+ - layer
29
+ ```
30
+
31
+ Make sure you are logged into conjur:
32
+
33
+ ```
34
+ conjur authn:login
35
+ ```
36
+
37
+ And run the UI:
38
+
39
+ ```
40
+ conjur ui
41
+ ```
data/Rakefile ADDED
@@ -0,0 +1,3 @@
1
+ require "bundler/gem_tasks"
2
+ require 'jasmine'
3
+ load 'jasmine/tasks/jasmine.rake'
data/compile_ls ADDED
@@ -0,0 +1,6 @@
1
+ #!/bin/bash
2
+ lsc -w -c -o public/js livescript &
3
+ lsc -w -c -o spec spec &
4
+ while sleep 42; do true; done
5
+ kill `jobs -p`
6
+
@@ -0,0 +1,37 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'conjur-asset-ui-version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "conjur-asset-ui"
8
+ spec.version = Conjur::Asset::UI::VERSION
9
+ spec.authors = ["Jon Mason", "Kevin Gilpin", "Rafa\305\202 Rzepecki", "Hleb Rubanau"]
10
+ spec.email = ["jon@conjur.net", "kgilpin@conjur.net", "rafal@conjur.net", "hleb@conjur.net"]
11
+ spec.homepage = "http://conjur.net"
12
+ spec.summary = "Conjur User Interface Plugin"
13
+ spec.homepage = ""
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_dependency "puma"
22
+ spec.add_dependency "conjur-api", ">= 4.10.2"
23
+ spec.add_dependency "launchy"
24
+ spec.add_dependency "rack"
25
+
26
+ # we're monkey patching hackily, so fix the version
27
+ spec.add_dependency "rack-streaming-proxy", "= 2.0.1"
28
+
29
+ spec.add_development_dependency "conjur-cli"
30
+ spec.add_development_dependency "bundler", "~> 1.3"
31
+ spec.add_development_dependency "rake"
32
+ spec.add_development_dependency "rspec"
33
+ spec.add_development_dependency "simplecov"
34
+ spec.add_development_dependency "spork"
35
+ spec.add_development_dependency "ci_reporter"
36
+ spec.add_development_dependency "jasmine"
37
+ end
@@ -0,0 +1,46 @@
1
+ #
2
+ # Copyright (C) 2013 Conjur Inc
3
+ #
4
+ # Permission is hereby granted, free of charge, to any person obtaining a copy of
5
+ # this software and associated documentation files (the "Software"), to deal in
6
+ # the Software without restriction, including without limitation the rights to
7
+ # use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
8
+ # the Software, and to permit persons to whom the Software is furnished to do so,
9
+ # subject to the following conditions:
10
+ #
11
+ # The above copyright notice and this permission notice shall be included in all
12
+ # copies or substantial portions of the Software.
13
+ #
14
+ # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
+ # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
16
+ # FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
17
+ # COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
18
+ # IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
19
+ # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
20
+ #
21
+ class Conjur::Command::UI < Conjur::Command
22
+ desc "Launch a UI"
23
+ arg_name "root-path"
24
+ Conjur::CLI.command :ui do |c|
25
+ c.action do |global_options,options,args|
26
+ root = args.pop || File.expand_path('../../../public', File.dirname(__FILE__))
27
+
28
+ #TODO: login page
29
+ api # just initialize API so if user is not logged in it will be asked for credentials *before* server is launched
30
+ @@api=nil # reset to avoid conflicts on server launch
31
+
32
+ # ugly hack to override Configuration.env issues which are not working any more
33
+ # after removal of sticky configurations support
34
+ ENV["RACK_ENV"]="production"
35
+
36
+ require 'conjur/webserver/server'
37
+ server = Conjur::WebServer::Server.new
38
+ thread = Thread.new do
39
+ server.start(root)
40
+ end
41
+ sleep 0.5
42
+ server.open
43
+ thread.join
44
+ end
45
+ end
46
+ end
@@ -0,0 +1,94 @@
1
+ module Conjur
2
+ module WebServer
3
+ require 'rack/streaming_proxy'
4
+
5
+ class APIProxy < Rack::StreamingProxy::Proxy
6
+
7
+ class Request < Rack::StreamingProxy::Request
8
+ def initialize env
9
+ path = env["PATH_INFO"]
10
+
11
+ path =~ /^\/([^\/]+)(.*)/
12
+ app = $1
13
+ path_remainder = $2
14
+
15
+ new_url = case app
16
+ when 'authn', 'authz', 'audit', 'pubkeys'
17
+ [ Conjur.configuration.send("#{app}_url"), path_remainder ].join
18
+ else
19
+ [ Conjur.configuration.send("core_url"), path ].join
20
+ end
21
+ if query = env["QUERY_STRING"]
22
+ new_url = [ new_url, query ].join('?')
23
+ end
24
+
25
+ super new_url.to_s, Rack::Request.new(env)
26
+ end
27
+ end
28
+
29
+ Rack::StreamingProxy::Proxy.set_default_configuration
30
+
31
+ def initialize
32
+ super nil
33
+ end
34
+
35
+ def call env
36
+ request = Request.new(env)
37
+ request.http_request['Authorization'] = authorization_header
38
+ response = Rack::StreamingProxy::Session.new(request).start
39
+ rewrite_response(env, response.status, response.headers, response)
40
+ end
41
+
42
+ def rewrite_response(*args)
43
+ env, status, headers, body = args
44
+
45
+ source_request = Rack::Request.new(env)
46
+
47
+ headers = Hash[*headers.flat_map { |k, v| [capitalize_header(k), v] }]
48
+ headers.delete 'Transfer-Encoding' # let Puma handle chunking
49
+
50
+ # Rewrite location
51
+ if location = headers["Location"]
52
+ headers["Location"] = location.gsub(Conjur.configuration.service_url, "http://#{source_request.host}:#{source_request.port}")
53
+ end
54
+
55
+ [ status, headers, body ]
56
+ end
57
+
58
+ protected
59
+
60
+ def authorization_header
61
+ require 'conjur/authn'
62
+ require 'base64'
63
+ token = Conjur::Authn.authenticate
64
+ "Token token=\"#{Base64.strict_encode64(token.to_json)}\""
65
+ end
66
+
67
+ def perform_request(env)
68
+ triplet = super(env)
69
+ [ env ] + triplet
70
+ end
71
+
72
+ private
73
+
74
+ def capitalize_header hdr
75
+ hdr.split('-').map(&:capitalize).join('-')
76
+ end
77
+ end
78
+ end
79
+ end
80
+
81
+ # Rack::StreamingProxy by default doesn't handle closing, which leads to stale
82
+ # (but still running) connections. Handle the close by quitting the child
83
+ # (it will close connection with upstream automatically).
84
+ class Rack::StreamingProxy::Response
85
+ def initialize piper
86
+ @piper = piper
87
+ @client_http_version = '1.0'
88
+ receive
89
+ end
90
+
91
+ def close
92
+ @piper.signal :QUIT
93
+ end
94
+ end
@@ -0,0 +1,28 @@
1
+ module Conjur
2
+ module WebServer
3
+ # Verifies that the request contains the authorization token, and then strips it.
4
+ class Authorize
5
+ attr_reader :app, :sessionid
6
+
7
+ def initialize(app, sessionid)
8
+ @app = app
9
+ @sessionid = sessionid
10
+ end
11
+
12
+ def call(env)
13
+ if token_valid?(env)
14
+ @app.call env
15
+ else
16
+ [403, {}, ["Authorization is missing or invalid"]]
17
+ end
18
+ end
19
+
20
+ protected
21
+
22
+ def token_valid?(env)
23
+ request = Rack::Request.new(env)
24
+ request.session[:sessionid] == sessionid
25
+ end
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,33 @@
1
+ module Conjur
2
+ module WebServer
3
+ # Middleware that adds some conjur info to the rack environment
4
+ class ConjurInfo
5
+ def initialize app
6
+ @app = app
7
+ end
8
+
9
+ def call env
10
+ update_env env
11
+ @app.call env
12
+ end
13
+
14
+ def update_env env
15
+ PROPERTIES.each{|name| env["conjur.#{name}"] = send(name)}
16
+ end
17
+
18
+ PROPERTIES = %w(roleid account stack)
19
+
20
+ def roleid
21
+ "#{account}:user:#{Conjur::Authn.get_credentials[0]}"
22
+ end
23
+
24
+ def account
25
+ Conjur.account
26
+ end
27
+
28
+ def stack
29
+ Conjur.stack
30
+ end
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,42 @@
1
+ require 'time'
2
+ require 'rack/utils'
3
+ require 'rack/mime'
4
+
5
+ require 'conjur/webserver/renderer'
6
+
7
+ module Conjur
8
+ module WebServer
9
+ class Home
10
+ def initialize(root)
11
+ @root = root
12
+ end
13
+
14
+ # From Rack::File
15
+ def call(env)
16
+ path = File.expand_path(INDEX, @root)
17
+ renderer = Renderer.new @root
18
+
19
+ page = renderer.render File.read(path)
20
+ files = renderer.files + [path]
21
+
22
+ last_modified = files.map(&File.method(:mtime)).max.httpdate
23
+
24
+ return [304, {}, []] if env['HTTP_IF_MODIFIED_SINCE'] == last_modified
25
+
26
+ size = Rack::Utils.bytesize(page)
27
+
28
+ headers = {
29
+ "Last-Modified" => last_modified,
30
+ "Content-Type" => "text/html",
31
+ "Content-Length" => size.to_s
32
+ }
33
+
34
+ [200, headers, env["REQUEST_METHOD"] == "HEAD" ? [] : [page]]
35
+ end
36
+
37
+ private
38
+
39
+ INDEX = 'index.html.erb'.freeze
40
+ end
41
+ end
42
+ end
@@ -0,0 +1,57 @@
1
+
2
+ module Conjur
3
+ module WebServer
4
+ class Login
5
+ attr_reader :sessionid
6
+
7
+ def initialize(sessionid)
8
+ @sessionid = sessionid
9
+ end
10
+
11
+ def call(env)
12
+ if sessionid = token_valid?(env)
13
+ require 'conjur/authn'
14
+ require 'base64'
15
+ token = Conjur::Authn.authenticate
16
+ api = Conjur::API.new_from_token token
17
+ userid = [ Conjur.configuration.account, "user", api.username ].join(':')
18
+
19
+ env["rack.session"][:sessionid] = sessionid
20
+ response = Rack::Response.new(env)
21
+ configuration = {
22
+ account: Conjur.configuration.account,
23
+ stack: Conjur.configuration.stack,
24
+ appliance_url: Conjur.configuration.appliance_url,
25
+ login: Conjur::Authn.get_credentials[0]
26
+ }
27
+ response.status = 302
28
+ response.set_cookie('conjur_configuration', value: JSON.pretty_generate(configuration), path: '/')
29
+ response.set_cookie('conjur_userid', value: userid, path: '/')
30
+ response['Location'] = "/ui"
31
+ response.finish
32
+ else
33
+ [ 403, {}, ["Authorization is missing or invalid"] ]
34
+ end
35
+ end
36
+
37
+ protected
38
+
39
+ def token_valid?(env)
40
+ token = extract_token(env)
41
+ if token == sessionid
42
+ sessionid
43
+ else
44
+ nil
45
+ end
46
+ end
47
+
48
+ def extract_token(env)
49
+ require 'cgi'
50
+ require 'uri'
51
+ query = URI.parse(env['REQUEST_URI']).query
52
+ query && ( sessionid = CGI.parse(query)['sessionid'] ) && sessionid[0]
53
+ end
54
+ end
55
+ end
56
+ end
57
+
@@ -0,0 +1,34 @@
1
+ module Conjur
2
+ module WebServer
3
+ # a helper class to render HTML partials
4
+ class Renderer
5
+ def initialize root
6
+ @root = root
7
+ @files = []
8
+ end
9
+
10
+ attr_reader :files
11
+
12
+ def render template
13
+ ERB.new(template).result binding
14
+ end
15
+
16
+ private
17
+
18
+ def method_missing name, *a, &b
19
+ super if !a.empty? || block_given?
20
+
21
+ # try to load fragments
22
+ path = expand_path "_#{name}.html"
23
+ super unless File.exists? path
24
+
25
+ @files << path
26
+ File.read path
27
+ end
28
+
29
+ def expand_path filename
30
+ File.expand_path(filename, @root)
31
+ end
32
+ end
33
+ end
34
+ end