import React, { useCallback, useEffect } from 'react'; import { pathUtils } from '@growi/core/dist/utils'; import { useTranslation } from 'next-i18next'; import { useForm } from 'react-hook-form'; import urljoin from 'url-join'; import AdminGeneralSecurityContainer from '~/client/services/AdminGeneralSecurityContainer'; import AdminOidcSecurityContainer from '~/client/services/AdminOidcSecurityContainer'; import { toastError, toastSuccess } from '~/client/util/toastr'; import { useSiteUrlWithEmptyValueWarn } from '~/states/global'; import { withUnstatedContainers } from '../../UnstatedUtils'; type Props = { adminGeneralSecurityContainer: AdminGeneralSecurityContainer; adminOidcSecurityContainer: AdminOidcSecurityContainer; }; const OidcSecurityManagementContents = (props: Props) => { const { t } = useTranslation('admin'); const siteUrl = useSiteUrlWithEmptyValueWarn(); const { adminGeneralSecurityContainer, adminOidcSecurityContainer } = props; const { isOidcEnabled } = adminGeneralSecurityContainer.state; const { oidcProviderName, oidcIssuerHost, oidcClientId, oidcClientSecret, oidcAuthorizationEndpoint, oidcTokenEndpoint, oidcRevocationEndpoint, oidcIntrospectionEndpoint, oidcUserInfoEndpoint, oidcEndSessionEndpoint, oidcRegistrationEndpoint, oidcJWKSUri, oidcAttrMapId, oidcAttrMapUserName, oidcAttrMapName, oidcAttrMapEmail, } = adminOidcSecurityContainer.state; const oidcCallbackUrl = urljoin( pathUtils.removeTrailingSlash(siteUrl), '/passport/oidc/callback', ); const { register, handleSubmit, reset } = useForm(); useEffect(() => { reset({ oidcProviderName, oidcIssuerHost, oidcClientId, oidcClientSecret, oidcAuthorizationEndpoint, oidcTokenEndpoint, oidcRevocationEndpoint, oidcIntrospectionEndpoint, oidcUserInfoEndpoint, oidcEndSessionEndpoint, oidcRegistrationEndpoint, oidcJWKSUri, oidcAttrMapId, oidcAttrMapUserName, oidcAttrMapName, oidcAttrMapEmail, }); }, [ reset, oidcProviderName, oidcIssuerHost, oidcClientId, oidcClientSecret, oidcAuthorizationEndpoint, oidcTokenEndpoint, oidcRevocationEndpoint, oidcIntrospectionEndpoint, oidcUserInfoEndpoint, oidcEndSessionEndpoint, oidcRegistrationEndpoint, oidcJWKSUri, oidcAttrMapId, oidcAttrMapUserName, oidcAttrMapName, oidcAttrMapEmail, ]); const onSubmit = useCallback( async (data) => { try { await adminOidcSecurityContainer.updateOidcSetting({ oidcProviderName: data.oidcProviderName, oidcIssuerHost: data.oidcIssuerHost, oidcClientId: data.oidcClientId, oidcClientSecret: data.oidcClientSecret, oidcAuthorizationEndpoint: data.oidcAuthorizationEndpoint, oidcTokenEndpoint: data.oidcTokenEndpoint, oidcRevocationEndpoint: data.oidcRevocationEndpoint, oidcIntrospectionEndpoint: data.oidcIntrospectionEndpoint, oidcUserInfoEndpoint: data.oidcUserInfoEndpoint, oidcEndSessionEndpoint: data.oidcEndSessionEndpoint, oidcRegistrationEndpoint: data.oidcRegistrationEndpoint, oidcJWKSUri: data.oidcJWKSUri, oidcAttrMapId: data.oidcAttrMapId, oidcAttrMapUserName: data.oidcAttrMapUserName, oidcAttrMapName: data.oidcAttrMapName, oidcAttrMapEmail: data.oidcAttrMapEmail, isSameUsernameTreatedAsIdenticalUser: adminOidcSecurityContainer.state .isSameUsernameTreatedAsIdenticalUser, isSameEmailTreatedAsIdenticalUser: adminOidcSecurityContainer.state.isSameEmailTreatedAsIdenticalUser, }); await adminGeneralSecurityContainer.retrieveSetupStratedies(); toastSuccess(t('security_settings.OAuth.OIDC.updated_oidc')); } catch (err) { toastError(err); } }, [t, adminOidcSecurityContainer, adminGeneralSecurityContainer], ); return ( <>

{t('security_settings.OAuth.OIDC.name')}

{ adminGeneralSecurityContainer.switchIsOidcEnabled(); }} />
{!adminGeneralSecurityContainer.state.setupStrategies.includes( 'oidc', ) && isOidcEnabled && (
{t('security_settings.setup_is_not_yet_complete')}
)}

{t('security_settings.desc_of_callback_URL', { AuthName: 'OAuth' })}

{(siteUrl == null || siteUrl === '') && (
error ${t('headers.app_settings', { ns: 'commons' })}login`, ns: 'commons', }), }} />
)}
{isOidcEnabled && (

{t('security_settings.configuration')}

Attribute Mapping ({t('optional')})

{t('security_settings.desc_of_callback_URL', { AuthName: 'OAuth', })}

{(siteUrl == null || siteUrl === '') && (
error ${t('headers.app_settings', { ns: 'commons' })}login`, ns: 'commons', }), }} />
)}
{ adminOidcSecurityContainer.switchIsSameUsernameTreatedAsIdenticalUser(); }} />

{ adminOidcSecurityContainer.switchIsSameEmailTreatedAsIdenticalUser(); }} />

)}

{' '} {t('security_settings.OAuth.how_to.oidc')}

  1. {t('security_settings.OAuth.OIDC.register_1')}
  3. {t('security_settings.OAuth.OIDC.register_3')}
); }; const OidcSecurityManagementContentsWrapper = withUnstatedContainers( OidcSecurityManagementContents, [AdminGeneralSecurityContainer, AdminOidcSecurityContainer], ); export default OidcSecurityManagementContentsWrapper;