mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-22 07:01:09 +02:00
31051ef1e4
* change entity_id to camel casing, remove "backends" key from stored auth data * fix tokenExpirationEpoch returning NaN, use authSuccess in auth service tests * camel case mfa_requirement references * refactor auth service * implement api service for token method * implement api service in standard auth methods * add lookupSelf request to persistAuthData method in auht service instead of calling in components * implement api service in oidc-jwt component * implement api service in okta component * implement api service in saml component * use api service for wrapped_token query param * remaining test updates, enterprise tests and stabilize auth helpers * upate renew() to use new persistAuthData method, add a test * revert as this will be addressed upstream * rename supported-login-methods to auth-form-helpers and delete old supported-auth-backends helper, update tests * cleanup normalize after testing mfa validation for each auth method * update type declarations, set displayName in each method component * stabilize redirect tests by waiting for login before asserting url * stabilize tests * modernize typescript syntax, move error const to util * use mirage instead of vault server to resolve test race conditions * fix file import
46 lines
1.8 KiB
TypeScript
46 lines
1.8 KiB
TypeScript
/**
|
|
* Copyright (c) HashiCorp, Inc.
|
|
* SPDX-License-Identifier: BUSL-1.1
|
|
*/
|
|
|
|
/**
|
|
* The web UI only supports logging in with these auth methods.
|
|
* This is a subset of the methods found in the `all-engines-metadata` util,
|
|
* which includes all the methods that can be enabled and mounted.
|
|
*/
|
|
|
|
const BASE_LOGIN_METHODS = ['github', 'jwt', 'ldap', 'oidc', 'okta', 'radius', 'token', 'userpass'];
|
|
|
|
export const ENTERPRISE_LOGIN_METHODS = ['saml'];
|
|
|
|
export const supportedTypes = (isEnterprise: boolean) => {
|
|
return isEnterprise ? [...BASE_LOGIN_METHODS, ...ENTERPRISE_LOGIN_METHODS] : [...BASE_LOGIN_METHODS];
|
|
};
|
|
|
|
// this ensures no unexpected params are injected and submitted in the login form
|
|
// 'namespace' and 'path' are intentionally omitted because they are handled explicitly
|
|
export const POSSIBLE_FIELDS = ['role', 'jwt', 'password', 'token', 'username'];
|
|
|
|
// maps OIDC provider domain to display name for oidc-jwt auth form
|
|
export const DOMAIN_PROVIDER_MAP = {
|
|
'github.com': 'GitHub',
|
|
'gitlab.com': 'GitLab',
|
|
'google.com': 'Google',
|
|
'ping.com': 'Ping Identity',
|
|
'okta.com': 'Okta',
|
|
'auth0.com': 'Auth0',
|
|
'login.microsoftonline.com': 'Azure',
|
|
};
|
|
|
|
export const ERROR_POPUP_FAILED =
|
|
'Your web browser may have blocked or closed a pop-up window. Please check your settings and click "Sign in" to try again.';
|
|
|
|
export const ERROR_WINDOW_CLOSED = `The provider window was closed before authentication was complete. ${ERROR_POPUP_FAILED}`;
|
|
|
|
export const ERROR_JWT_LOGIN = 'OIDC login is not configured for this mount';
|
|
|
|
export const ERROR_MISSING_PARAMS =
|
|
'The callback from the provider did not supply all of the required parameters. Please click Sign In to try again. If the problem persists, you may want to contact your administrator.';
|
|
|
|
export const ERROR_TIMEOUT = 'The authentication request has timed out. Please click "Sign in" to try again.';
|