Merge pull request #3624 from apinf/develop

release 0.58.0

QuickStart.md

@@ -0,0 +1,18 @@
+This document helps you getting started with APInf API management.
+
+### After successful installation ###
+
+1) sign-up (if you are the 1st user, you'll get admin rights!)
+2) sign-in 
+3) add a Proxy (if it does not already exist)
+5) add an API and connect it to a Proxy
+6) test
+7) Yay!
+
+### How to use the GUI: ###
+GUI is designed to be self explanatory, but check out this awesome getting started video on youtube!
+
+https://www.youtube.com/watch?v=yCR6pCnTm5w&t=190s
+
+#### Contact ####
+contact info@apinf.io if you ran into trouble.

apinf_packages/about/client/about.html

@@ -33,7 +33,7 @@ <h3>
               Apinf
             </dt>
             <dd>
-              0.57.0
+              0.58.0
             </dd>
             <dt>
               API Umbrella

apinf_packages/api_catalog/client/lib/router.js

@@ -44,6 +44,6 @@ FlowRouter.route('/myapis', {
   }],
   name: 'myApiCatalog',
   action: () => {
-    BlazeLayout.render('masterLayout', { main: 'apiCatalog' });
+    BlazeLayout.render('masterLayout', { bar: 'navbar', main: 'apiCatalog' });
   },
 });

apinf_packages/core/client/layouts/master_layout/master_layout.html

@@ -4,15 +4,15 @@
 https://joinup.ec.europa.eu/community/eupl/og_page/european-union-public-licence-eupl-v11 -->
 
 <template name="masterLayout">
-  {{> customStylesheet }}
-  {{# if Template.subscriptionsReady }}
-    <div class="master-layout">
-      {{> Template.dynamic template=bar data=branding }}
-      <div class="content-wrapper">
-        {{> Template.dynamic template=main }}
-        {{> sAlert }}
+    {{> customStylesheet }}
+    {{# if Template.subscriptionsReady }}
+      <div class="master-layout">
+        {{> Template.dynamic template=bar data=branding }}
+        <div class="content-wrapper">
+          {{> Template.dynamic template=main }}
+          {{> sAlert }}
+        </div>
+        {{> footer branding=branding }}
       </div>
-      {{> footer branding=branding }}
-    </div>
-  {{/ if }}
-</template>
+    {{/ if }}
+  </template>

apinf_packages/core/helper_functions/validate_settings.js

@@ -3,51 +3,6 @@ This file is covered by the EUPL license.
 You may obtain a copy of the licence at
 https://joinup.ec.europa.eu/community/eupl/og_page/european-union-public-licence-eupl-v11 */
 
-// Validates github configuration on LoginPlatforms
-export function githubSettingsValid (LoginPlatforms) {
-  // Verifies if LoginPlatforms exists and if it has the githubConfiguration property
-  if ((typeof LoginPlatforms !== 'undefined') && LoginPlatforms.githubConfiguration) {
-    // Verifies if githubConfiguration property has clientId and secret
-    if (LoginPlatforms.githubConfiguration.clientId && LoginPlatforms.githubConfiguration.secret) {
-      // returns true if get to this point. It has all the required fields
-      return true;
-    }
-  }
-  // Returns false if LoginPlatforms does not have all the required fields
-  return false;
-}
-
-// Validates FIWARE configuration on LoginPlatforms
-export function fiwareSettingsValid (LoginPlatforms) {
-  // Verifies if LoginPlatforms exists and if it has the fiwareConfiguration property
-  if ((typeof LoginPlatforms !== 'undefined') && LoginPlatforms.fiwareConfiguration) {
-    // Assigns object reference to variable for better readability
-    const fiwareConfiguration = LoginPlatforms.fiwareConfiguration;
-    // Verifies if fiwareConfiguration property has clientId, rootURL and secret
-    if (fiwareConfiguration.clientId && fiwareConfiguration.secret && fiwareConfiguration.rootURL) {
-      // returns true if get to this point. It has all the required fields
-      return true;
-    }
-  }
-  // Returns false if LoginPlatforms does not have all the required fields
-  return false;
-}
-
-// Validates OIDC configuration on LoginPlatforms
-export function oidcSettingsValid (LoginPlatforms) {
-  // Verifies if LoginPlatforms exists and if it has the fiwareConfiguration property
-  if ((typeof LoginPlatforms !== 'undefined') && LoginPlatforms.oidcConfiguration) {
-    // Verifies if oidcConfiguration property has clientId and secret
-    if (LoginPlatforms.oidcConfiguration.clientId &&
-        LoginPlatforms.oidcConfiguration.secret) {
-      // returns true if get to this point. It has all the required fields
-      return true;
-    }
-  }
-  // Returns false if LoginPlatforms does not have all the required fields
-  return false;
-}
-
 // Validates mail configuration settings
 export function mailSettingsValid (settings) {
   if ((typeof settings !== 'undefined') && settings.mail && settings.mail.enabled) {

apinf_packages/core/lib/i18n/en.i18n.json

@@ -440,6 +440,7 @@
   "invalidIdMessage": "Must be a valid alphanumeric ID",
   "invalidDomainMessage": "Must be a valid domain",
   "invalidEmailMessage": "Must be a valid e-mail address",
+  "invalidProxyBackendForm_forbiddenPrefixMessage": "You cannot use the following proxy base paths: / , /signup/ , /admin/ and /admin/...",
   "invalidProxyBasePathMessage": "Must begin and end with /. Allowed alphanumeric characters and -.?$*+'()/:#@!&,;=",
   "invalidApiBasePathMessage": "Must begin and end with /. Allowed alphanumeric characters and -.?$*+'()/:#@!&,;=",
   "invalidApiMonitoringEndpointMessage": "Must begin with /. Allowed alphanumeric characters and -.?$*+'()/:#@!&,;=",
@@ -449,6 +450,7 @@
   "latestApiBackends_MoreInfo": "More info",
   "latestApiBackends_NotFound": "Nothing found.",
   "loginPlatformsPage_title_loginPlatforms": "Login Platforms",
+  "loginPlatformsPageSettingsUpdatedMessage": "Login settings updated successfully: ",
   "loginVerify_errorMessage": "We have sent you an email. Please verify your email address.",
   "manageApiDocumentationModalUploadButton": "Choose file",
   "manageApiDocumentationModal_AddedFile_Message": "Documentation file successfully uploaded!",
@@ -492,6 +494,7 @@
   "notAuthorized_Title": "Not Authorized",
   "notFound_Message_Part1": "We could not find the page you were looking for.",
   "notFound_Title": "Oops! Page not found.",
+  "oauthHslNoMfa": "User has not MFA in use!", 
   "organizationApis_connectButton": "Connect",
   "organizationApisForm_successText": "The API and Organization are now connected.",
   "organizationCatalog_Title": "Organizations",
@@ -1210,8 +1213,8 @@
   "settings_development_features": "Enable development features",
   "settings_disabled_login_methods": "Disabled login methods",
   "settings_sdkCode_generator": "SDK Code Generator",
-  "settings_successMessage": "Settings saved",
   "settings_errorMessage": "Invalid Settings! Something is not right or a field is missing.",
+  "settings_successMessage": "Settings saved",
   "settings_title_supportsGraphql": "API Umbrella proxy supports GraphQL requests",
   "settingsPage_title_settings": "Settings",
   "settingsMenu_profile": "Profile",

apinf_packages/login_platforms/client/login_platforms.html

@@ -37,7 +37,7 @@ <h3 class="panel-title">
             {{> afQuickField name='githubConfiguration.secret' id="github-secret" }}
           </div>
         </div>
-        <!--div class="panel panel-default">
+        <div class="panel panel-default">
           <div class="panel-heading">
             <h3 class="panel-title">
               {{_ "settings_hsl" }}
@@ -51,7 +51,7 @@ <h3 class="panel-title">
             {{> afQuickField name='hslConfiguration.tokenEndpoint' id="hsl-tokenEp" }}
             {{> afQuickField name='hslConfiguration.userinfoEndpoint' id="hsl-uInfoEp" }}
           </div>
-        </div-->
+        </div>
         <div id="form-buttons">
           <button
             type="submit"

apinf_packages/login_platforms/client/login_platforms.js

@@ -36,8 +36,8 @@ Template.loginPlatforms.onCreated(function () {
   .then(result => {
     if (result) {
       // Get settings form success message translation
-      const message = TAPi18n.__('settings_successMessage');
-      // Alert the user of successful save
+      const message = TAPi18n.__('loginPlatformsPageSettingsUpdatedMessage') + result;
+      // Alert the user of successful update
       sAlert.success(message);
     }
   })

apinf_packages/login_platforms/server/methods.js

@@ -68,12 +68,11 @@ const updateFunctions = {
         authorizationEndpoint: settings.hslConfiguration.authorizationEndpoint,
         tokenEndpoint: settings.hslConfiguration.tokenEndpoint,
         userinfoEndpoint: settings.hslConfiguration.userinfoEndpoint,
-   //     idTokenWhitelistFields: settings.hslConfiguration.idTokenWhitelistFields || [],
       });
     }
 
     // Return status message
-    return 'OIDC configuration updated successfully';
+    return 'HSL configuration updated successfully';
   },
 };
 
@@ -93,7 +92,7 @@ Meteor.methods({
       status = updateFunctions.saveHslConfiguration(settings);
     } catch (error) {
       // otherwise show an error
-      const message = `Update gitHub configuration: ${error}`;
+      const message = `Error in update login method configuration: ${error}`;
 
       // Show an error message
       throw new Meteor.Error(message);
@@ -109,7 +108,7 @@ Meteor.methods({
 
     // Variable to be returned to client
     let loginParameterId;
-    let changesFound = false;
+    let changesFound = '';
 
     // Try if settings exist
     try {
@@ -146,7 +145,7 @@ Meteor.methods({
         };
         // Store github parameters
         loginParameters.githubConfiguration = githubConfiguration;
-        changesFound = true;
+        changesFound = 'Github';
       }
 
       // Get parameters for fiware from configuration DB
@@ -176,13 +175,13 @@ Meteor.methods({
         };
         // Store fiware values
         loginParameters.fiwareConfiguration = fiwareConfiguration;
-        changesFound = true;
+        changesFound += ' Fiware';
       }
-      // Get parameters for OIDC from configuration DB
+      // Get parameters for HSL from configuration DB
       const configHslParameters = ServiceConfiguration.configurations
       .findOne({ service: 'hsl' });
 
-      // Check OIDC
+      // Check HSL
       if (!configHslParameters) {
         // Remove possible login parameters, if no configuration
         if (loginParameters && loginParameters.hslConfiguration) {
@@ -212,9 +211,9 @@ Meteor.methods({
           tokenEndpoint: configHslParameters.tokenEndpoint,
           userinfoEndpoint: configHslParameters.userinfoEndpoint,
         };
-        // store OIDC values
+        // store HSL values
         loginParameters.hslConfiguration = hslConfiguration;
-        changesFound = true;
+        changesFound += ' HSL';
       }
 
       // In case values were different, update Login values with Config values
@@ -226,14 +225,14 @@ Meteor.methods({
       }
     } catch (error) {
       // otherwise show an error
-      const message = `Update gitHub configuration: ${error}`;
+      const message = `Error in update login platform configuration: ${error}`;
 
       // Show an error message
       throw new Meteor.Error(message);
     }
 
-    // Return method status to the client
-    return true;
+    // Return method status to the client, so inform about successful update only after it is done
+    return changesFound;
   },
 });
 

apinf_packages/oauth_hsl/client/hsl.js

@@ -0,0 +1,25 @@
+/* Copyright 2018 Apinf Oy
+This file is covered by the EUPL license.
+You may obtain a copy of the licence at
+https://joinup.ec.europa.eu/community/eupl/og_page/european-union-public-licence-eupl-v11 */
+
+// Meteor packages imports
+import { Meteor } from 'meteor/meteor';
+import { Accounts } from 'meteor/accounts-base';
+
+Accounts.oauth.registerService('hsl');
+
+Meteor.loginWithHsl = function (optionsIn, callbackIn) {
+  let options = optionsIn;
+  let callback = callbackIn;
+  // support a callback without options
+  if (!callback && typeof options === 'function') {
+    callback = options;
+    options = null;
+  }
+
+  const credentialRequestCompleteCallback =
+    Accounts.oauth.credentialRequestCompleteHandler(callback);
+  /* global Hsl */
+  Hsl.requestCredential(options, credentialRequestCompleteCallback);
+};

apinf_packages/oauth_hsl/client/hsl_client.js

@@ -0,0 +1,84 @@
+/* Copyright 2018 Apinf Oy
+This file is covered by the EUPL license.
+You may obtain a copy of the licence at
+https://joinup.ec.europa.eu/community/eupl/og_page/european-union-public-licence-eupl-v11 */
+
+// Npm packages imports
+import { Random } from 'meteor/random';
+import { OAuth } from 'meteor/oauth';
+
+// Meteor contributed packages imports
+import { ServiceConfiguration } from 'meteor/service-configuration';
+
+/* global Hsl:true */
+Hsl = {};
+
+// Request OpenID Connect credentials for the user
+// @param options {optional}
+// @param credentialRequestCompleteCallback {Function} Callback function to call on
+//   completion. Takes one argument, credentialToken on success, or Error on
+//   error.
+/* global Hsl:true */
+Hsl.requestCredential = function (optionsIn, credentialRequestCompleteCallbackIn) {
+  let options = optionsIn;
+  let credentialRequestCompleteCallback = credentialRequestCompleteCallbackIn;
+  // support both (options, callback) and (callback).
+  if (!credentialRequestCompleteCallback && typeof options === 'function') {
+    credentialRequestCompleteCallback = options;
+    options = {};
+  }
+
+  const config = ServiceConfiguration.configurations.findOne({ service: 'hsl' });
+  if (!config) {
+    // eslint-disable-next-line
+    credentialRequestCompleteCallback && credentialRequestCompleteCallback(new ServiceConfiguration.ConfigError('Service hsl not configured.'));
+    return;
+  }
+  // eslint-disable-next-line
+  /* eslint no-underscore-dangle: ["error", { "allow": ["_loginStyle", "_redirectUri", "_stateParam"]}] */
+
+  const credentialToken = Random.secret();
+  const loginStyle = OAuth._loginStyle('hsl', config, options);
+  const scope = config.requestPermissions || ['openid', 'profile', 'email'];
+
+  // options
+  options = options || {};
+  options.client_id = config.clientId;
+  options.response_type = options.response_type || 'code';
+  options.redirect_uri = OAuth._redirectUri('hsl', config);
+  options.state = OAuth._stateParam(loginStyle, credentialToken, options.redirectUrl);
+  options.scope = scope.join(' ');
+
+  if (config.loginStyle && config.loginStyle === 'popup') {
+    options.display = 'popup';
+  }
+
+  let loginUrl = config.serverUrl + config.authorizationEndpoint;
+  // check if the loginUrl already contains a "?"
+  let first = loginUrl.indexOf('?') === -1;
+  Object.keys(options).forEach((key) => {
+    if (first) {
+      loginUrl += '?';
+      first = false;
+    } else {
+      loginUrl += '&';
+    }
+    loginUrl += `${encodeURIComponent(key)}=${encodeURIComponent(options[key])}`;
+  });
+
+  // pop-up window size
+  options.popupOptions = options.popupOptions || {};
+  const popupOptions = {
+    width: options.popupOptions.width || 320,
+    height: options.popupOptions.height || 450,
+  };
+
+  OAuth.launchLogin({
+    loginService: 'hsl',
+    loginStyle,
+    loginUrl,
+    credentialRequestCompleteCallback,
+    credentialToken,
+    popupOptions,
+  });
+};

apinf_packages/oauth_hsl/client/hsl_configure.html

@@ -0,0 +1,11 @@
+<!-- Copyright 2018 Apinf Oy
+This file is covered by the EUPL license.
+You may obtain a copy of the licence at
+https://joinup.ec.europa.eu/community/eupl/og_page/european-union-public-licence-eupl-v11 -->
+
+<template name="configureLoginServiceDialogForHsl">
+  <p>
+    You'll need to create an OpenID Connect client configuration with your provider (HSL).
+    Set App Callbacks URLs to: <span class="url">{{siteUrl}}_oauth/hsl</span>
+  </p>
+</template>