zitadel/internal/ui/console/console.go

package console

import (
	"net/http"
	"os"
	"path"
	"strings"
	"time"

	"github.com/caos/zitadel/internal/api/http/middleware"
)

type Config struct {
	Port                string
	ConsoleOverwriteDir string
	ShortCache          middleware.CacheConfig
	LongCache           middleware.CacheConfig
	CSPDomain           string
}

type spaHandler struct {
	fileSystem http.FileSystem
}

const (
	envRequestPath    = "/assets/environment.json"
	consoleDefaultDir = "./console/"
	handlerPrefix     = "/console"
)

var (
	shortCacheFiles = []string{
		"/",
		"/index.html",
		"/manifest.webmanifest",
		"/ngsw.json",
		"/ngsw-worker.js",
		"/safety-worker.js",
		"/worker-basic.min.js",
	}
)

func (i *spaHandler) Open(name string) (http.File, error) {
	ret, err := i.fileSystem.Open(name)
	if !os.IsNotExist(err) || path.Ext(name) != "" {
		return ret, err
	}

	return i.fileSystem.Open("/index.html")
}

func Start(config Config) (http.Handler, string, error) {
	consoleDir := consoleDefaultDir
	if config.ConsoleOverwriteDir != "" {
		consoleDir = config.ConsoleOverwriteDir
	}
	consoleHTTPDir := http.Dir(consoleDir)
	cache := AssetsCacheInterceptorIgnoreManifest(
		config.ShortCache.MaxAge.Duration,
		config.ShortCache.SharedMaxAge.Duration,
		config.LongCache.MaxAge.Duration,
		config.LongCache.SharedMaxAge.Duration,
	)
	security := middleware.SecurityHeaders(csp(config.CSPDomain), nil)
	handler := &http.ServeMux{}
	handler.Handle("/", cache(security(http.FileServer(&spaHandler{consoleHTTPDir}))))
	handler.Handle(envRequestPath, cache(security(http.StripPrefix("/assets", http.FileServer(consoleHTTPDir)))))
	return handler, handlerPrefix, nil
}

func csp(zitadelDomain string) *middleware.CSP {
	if !strings.HasPrefix(zitadelDomain, "*.") {
		zitadelDomain = "*." + zitadelDomain
	}
	csp := middleware.DefaultSCP
	csp.StyleSrc = csp.StyleSrc.AddInline().AddHost("fonts.googleapis.com").AddHost("maxst.icons8.com") //TODO: host it
	csp.FontSrc = csp.FontSrc.AddHost("fonts.gstatic.com").AddHost("maxst.icons8.com")                  //TODO: host it
	csp.ScriptSrc = csp.ScriptSrc.AddEval()
	csp.ConnectSrc = csp.ConnectSrc.AddHost(zitadelDomain).
		AddHost("fonts.googleapis.com").
		AddHost("fonts.gstatic.com").
		AddHost("maxst.icons8.com") //TODO: host it
	csp.ImgSrc = csp.ImgSrc.AddHost(zitadelDomain).AddScheme("blob")
	return &csp
}

func AssetsCacheInterceptorIgnoreManifest(shortMaxAge, shortSharedMaxAge, longMaxAge, longSharedMaxAge time.Duration) func(http.Handler) http.Handler {
	return func(handler http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			for _, file := range shortCacheFiles {
				if r.URL.Path == file {
					middleware.AssetsCacheInterceptor(shortMaxAge, shortSharedMaxAge, handler).ServeHTTP(w, r)
					return
				}
			}
			middleware.AssetsCacheInterceptor(longMaxAge, longSharedMaxAge, handler).ServeHTTP(w, r)
			return
		})
	}
}
add basic config and change i18n pkg 2020-03-25 06:58:58 +00:00			`package console`

			`import (`
feat(console): integrate frontend (#95) * feat: console frontend * chore(dependabot): cycle and npm * chore: rename citadel to zitadel, remove generated files * chore: delete go files * chore(frontend): ci steps * chore: remove docker and envoy files * chore: remove docker file * chore: working dir * chore: run proto build * add console start * chore: restructure folders * chore: remove gui build * statikFs * generate proto for console * add statik import * import * chore: try statik * chore: path * chore: path * chore: script in root * chore: order build steps * chore: go get * chore: folder traversal * chore: non empty test file * chore: gitignore * chore: gitignore * chore: statik path * chore: switch to failing FE build * fix: build * fix: project-grant-test * fix: rm test * add statik.go * go mod tidy * chore: place test, seperate test from build * chore: lint all the world * chore: ci the world instead * chore: tune docker * chore: undo container test * chore: fix run * chore: docker build * chore: test docker build * chore: go build flags * finaly * fix caos_local * go mod Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Max Peintner <max@caos.ch> 2020-05-13 12:41:43 +00:00			`"net/http"`
			`"os"`
			`"path"`
fix: add interceptors for console (#255) * add interceptors for console * add interceptors for console to env.json 2020-06-22 11:17:29 +00:00			`"strings"`
			`"time"`
feat(console): integrate frontend (#95) * feat: console frontend * chore(dependabot): cycle and npm * chore: rename citadel to zitadel, remove generated files * chore: delete go files * chore(frontend): ci steps * chore: remove docker and envoy files * chore: remove docker file * chore: working dir * chore: run proto build * add console start * chore: restructure folders * chore: remove gui build * statikFs * generate proto for console * add statik import * import * chore: try statik * chore: path * chore: path * chore: script in root * chore: order build steps * chore: go get * chore: folder traversal * chore: non empty test file * chore: gitignore * chore: gitignore * chore: statik path * chore: switch to failing FE build * fix: build * fix: project-grant-test * fix: rm test * add statik.go * go mod tidy * chore: place test, seperate test from build * chore: lint all the world * chore: ci the world instead * chore: tune docker * chore: undo container test * chore: fix run * chore: docker build * chore: test docker build * chore: go build flags * finaly * fix caos_local * go mod Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Max Peintner <max@caos.ch> 2020-05-13 12:41:43 +00:00
fix: add interceptors for console (#255) * add interceptors for console * add interceptors for console to env.json 2020-06-22 11:17:29 +00:00			`"github.com/caos/zitadel/internal/api/http/middleware"`
add basic config and change i18n pkg 2020-03-25 06:58:58 +00:00			`)`

			`type Config struct {`
fix(zitadel-image): refactor dockerfiles and gh action (#2027) * early prototyp * fix some errors * remove docker image cache * add comment * add false * typo * test cache speed * upload artifact * remove tag * seperate after build step * debug * debug * debug * debug * debug * test gh * test * test * test * test * test golang * test go * test with release image * fix * use scratch to export * test * fix path * ref * typo * debug * test * debug * speed up docker * test * debug * debug * try scope * test cache * restore cache * reenable operator build * fix duplicate * fix buildpush version * test cache * improve caching * test release IF * only run console and zitadel without dispatch * test with reworked operator * testing without release step * lint yaml * fix if * improve wording * enable release step & only notify sentry on main * console from file system * update docker file paths * remove migration line * add statik for operator * console files using go 1.15 * fix console default path * improve code QL Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-07-27 12:34:56 +00:00			`Port string`
			`ConsoleOverwriteDir string`
			`ShortCache middleware.CacheConfig`
			`LongCache middleware.CacheConfig`
			`CSPDomain string`
feat(console): integrate frontend (#95) * feat: console frontend * chore(dependabot): cycle and npm * chore: rename citadel to zitadel, remove generated files * chore: delete go files * chore(frontend): ci steps * chore: remove docker and envoy files * chore: remove docker file * chore: working dir * chore: run proto build * add console start * chore: restructure folders * chore: remove gui build * statikFs * generate proto for console * add statik import * import * chore: try statik * chore: path * chore: path * chore: script in root * chore: order build steps * chore: go get * chore: folder traversal * chore: non empty test file * chore: gitignore * chore: gitignore * chore: statik path * chore: switch to failing FE build * fix: build * fix: project-grant-test * fix: rm test * add statik.go * go mod tidy * chore: place test, seperate test from build * chore: lint all the world * chore: ci the world instead * chore: tune docker * chore: undo container test * chore: fix run * chore: docker build * chore: test docker build * chore: go build flags * finaly * fix caos_local * go mod Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Max Peintner <max@caos.ch> 2020-05-13 12:41:43 +00:00			`}`

			`type spaHandler struct {`
			`fileSystem http.FileSystem`
			`}`

fix: serve console env from os (not statik) (#187) * fix: serve console env from os (not statik) * ZITADEL_CONSOLE_ENV_PATH for (local) overwrite possibility * name EnvOverwritePath 2020-06-09 05:38:44 +00:00			`const (`
fix(zitadel-image): refactor dockerfiles and gh action (#2027) * early prototyp * fix some errors * remove docker image cache * add comment * add false * typo * test cache speed * upload artifact * remove tag * seperate after build step * debug * debug * debug * debug * debug * test gh * test * test * test * test * test golang * test go * test with release image * fix * use scratch to export * test * fix path * ref * typo * debug * test * debug * speed up docker * test * debug * debug * try scope * test cache * restore cache * reenable operator build * fix duplicate * fix buildpush version * test cache * improve caching * test release IF * only run console and zitadel without dispatch * test with reworked operator * testing without release step * lint yaml * fix if * improve wording * enable release step & only notify sentry on main * console from file system * update docker file paths * remove migration line * add statik for operator * console files using go 1.15 * fix console default path * improve code QL Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-07-27 12:34:56 +00:00			`envRequestPath = "/assets/environment.json"`
			`consoleDefaultDir = "./console/"`
			`handlerPrefix = "/console"`
change caching for console (service worker) (#261) 2020-06-24 12:26:27 +00:00			`)`
fix: add interceptors for console (#255) * add interceptors for console * add interceptors for console to env.json 2020-06-22 11:17:29 +00:00
change caching for console (service worker) (#261) 2020-06-24 12:26:27 +00:00			`var (`
fix: handle short cache for console correctly (#993) 2020-11-20 07:47:28 +00:00			`shortCacheFiles = []string{`
			`"/",`
change caching for console (service worker) (#261) 2020-06-24 12:26:27 +00:00			`"/index.html",`
			`"/manifest.webmanifest",`
			`"/ngsw.json",`
			`"/ngsw-worker.js",`
			`"/safety-worker.js",`
			`"/worker-basic.min.js",`
			`}`
fix: serve console env from os (not statik) (#187) * fix: serve console env from os (not statik) * ZITADEL_CONSOLE_ENV_PATH for (local) overwrite possibility * name EnvOverwritePath 2020-06-09 05:38:44 +00:00			`)`

feat(console): integrate frontend (#95) * feat: console frontend * chore(dependabot): cycle and npm * chore: rename citadel to zitadel, remove generated files * chore: delete go files * chore(frontend): ci steps * chore: remove docker and envoy files * chore: remove docker file * chore: working dir * chore: run proto build * add console start * chore: restructure folders * chore: remove gui build * statikFs * generate proto for console * add statik import * import * chore: try statik * chore: path * chore: path * chore: script in root * chore: order build steps * chore: go get * chore: folder traversal * chore: non empty test file * chore: gitignore * chore: gitignore * chore: statik path * chore: switch to failing FE build * fix: build * fix: project-grant-test * fix: rm test * add statik.go * go mod tidy * chore: place test, seperate test from build * chore: lint all the world * chore: ci the world instead * chore: tune docker * chore: undo container test * chore: fix run * chore: docker build * chore: test docker build * chore: go build flags * finaly * fix caos_local * go mod Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Max Peintner <max@caos.ch> 2020-05-13 12:41:43 +00:00			`func (i *spaHandler) Open(name string) (http.File, error) {`
			`ret, err := i.fileSystem.Open(name)`
			`if !os.IsNotExist(err) \|\| path.Ext(name) != "" {`
			`return ret, err`
			`}`

			`return i.fileSystem.Open("/index.html")`
add basic config and change i18n pkg 2020-03-25 06:58:58 +00:00			`}`

fix: cookie handling (#654) * feat: set cookie prefix and max age * cookie prefix on csrf cookie * fix: check user agent cookie in login * update oidc pkg * cleanup 2020-08-31 06:49:35 +00:00			`func Start(config Config) (http.Handler, string, error) {`
fix(zitadel-image): refactor dockerfiles and gh action (#2027) * early prototyp * fix some errors * remove docker image cache * add comment * add false * typo * test cache speed * upload artifact * remove tag * seperate after build step * debug * debug * debug * debug * debug * test gh * test * test * test * test * test golang * test go * test with release image * fix * use scratch to export * test * fix path * ref * typo * debug * test * debug * speed up docker * test * debug * debug * try scope * test cache * restore cache * reenable operator build * fix duplicate * fix buildpush version * test cache * improve caching * test release IF * only run console and zitadel without dispatch * test with reworked operator * testing without release step * lint yaml * fix if * improve wording * enable release step & only notify sentry on main * console from file system * update docker file paths * remove migration line * add statik for operator * console files using go 1.15 * fix console default path * improve code QL Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-07-27 12:34:56 +00:00			`consoleDir := consoleDefaultDir`
			`if config.ConsoleOverwriteDir != "" {`
			`consoleDir = config.ConsoleOverwriteDir`
fix: serve console env from os (not statik) (#187) * fix: serve console env from os (not statik) * ZITADEL_CONSOLE_ENV_PATH for (local) overwrite possibility * name EnvOverwritePath 2020-06-09 05:38:44 +00:00			`}`
fix(zitadel-image): refactor dockerfiles and gh action (#2027) * early prototyp * fix some errors * remove docker image cache * add comment * add false * typo * test cache speed * upload artifact * remove tag * seperate after build step * debug * debug * debug * debug * debug * test gh * test * test * test * test * test golang * test go * test with release image * fix * use scratch to export * test * fix path * ref * typo * debug * test * debug * speed up docker * test * debug * debug * try scope * test cache * restore cache * reenable operator build * fix duplicate * fix buildpush version * test cache * improve caching * test release IF * only run console and zitadel without dispatch * test with reworked operator * testing without release step * lint yaml * fix if * improve wording * enable release step & only notify sentry on main * console from file system * update docker file paths * remove migration line * add statik for operator * console files using go 1.15 * fix console default path * improve code QL Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-07-27 12:34:56 +00:00			`consoleHTTPDir := http.Dir(consoleDir)`
change caching for console (service worker) (#261) 2020-06-24 12:26:27 +00:00			`cache := AssetsCacheInterceptorIgnoreManifest(`
			`config.ShortCache.MaxAge.Duration,`
			`config.ShortCache.SharedMaxAge.Duration,`
			`config.LongCache.MaxAge.Duration,`
			`config.LongCache.SharedMaxAge.Duration,`
			`)`
fix: add interceptors for console (#255) * add interceptors for console * add interceptors for console to env.json 2020-06-22 11:17:29 +00:00			`security := middleware.SecurityHeaders(csp(config.CSPDomain), nil)`
feat: port reduction (#323) * move mgmt pkg * begin package restructure * rename auth package to authz * begin start api * move auth * move admin * fix merge * configs and interceptors * interceptor * revert generate-grpc.sh * some cleanups * console * move console * fix tests and merging * js linting * merge * merging and configs * change k8s base to current ports * fixes * cleanup * regenerate proto * remove unnecessary whitespace * missing param * go mod tidy * fix merging * move login pkg * cleanup * move api pkgs again * fix pkg naming * fix generate-static.sh for login * update workflow * fixes * logging * remove duplicate * comment for optional gateway interfaces * regenerate protos * fix proto imports for grpc web * protos * grpc web generate * grpc web generate * fix changes * add translation interceptor * fix merging * regenerate mgmt proto 2020-07-08 11:56:37 +00:00			`handler := &http.ServeMux{}`
fix(zitadel-image): refactor dockerfiles and gh action (#2027) * early prototyp * fix some errors * remove docker image cache * add comment * add false * typo * test cache speed * upload artifact * remove tag * seperate after build step * debug * debug * debug * debug * debug * test gh * test * test * test * test * test golang * test go * test with release image * fix * use scratch to export * test * fix path * ref * typo * debug * test * debug * speed up docker * test * debug * debug * try scope * test cache * restore cache * reenable operator build * fix duplicate * fix buildpush version * test cache * improve caching * test release IF * only run console and zitadel without dispatch * test with reworked operator * testing without release step * lint yaml * fix if * improve wording * enable release step & only notify sentry on main * console from file system * update docker file paths * remove migration line * add statik for operator * console files using go 1.15 * fix console default path * improve code QL Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-07-27 12:34:56 +00:00			`handler.Handle("/", cache(security(http.FileServer(&spaHandler{consoleHTTPDir}))))`
			`handler.Handle(envRequestPath, cache(security(http.StripPrefix("/assets", http.FileServer(consoleHTTPDir)))))`
fix: cookie handling (#654) * feat: set cookie prefix and max age * cookie prefix on csrf cookie * fix: check user agent cookie in login * update oidc pkg * cleanup 2020-08-31 06:49:35 +00:00			`return handler, handlerPrefix, nil`
add basic config and change i18n pkg 2020-03-25 06:58:58 +00:00			`}`
fix: add interceptors for console (#255) * add interceptors for console * add interceptors for console to env.json 2020-06-22 11:17:29 +00:00
			`func csp(zitadelDomain string) *middleware.CSP {`
			`if !strings.HasPrefix(zitadelDomain, "*.") {`
			`zitadelDomain = "*." + zitadelDomain`
			`}`
			`csp := middleware.DefaultSCP`
			`csp.StyleSrc = csp.StyleSrc.AddInline().AddHost("fonts.googleapis.com").AddHost("maxst.icons8.com") //TODO: host it`
			`csp.FontSrc = csp.FontSrc.AddHost("fonts.gstatic.com").AddHost("maxst.icons8.com") //TODO: host it`
			`csp.ScriptSrc = csp.ScriptSrc.AddEval()`
fix(console): add style / font src hosts to connect src (#259) 2020-06-23 06:43:41 +00:00			`csp.ConnectSrc = csp.ConnectSrc.AddHost(zitadelDomain).`
			`AddHost("fonts.googleapis.com").`
			`AddHost("fonts.gstatic.com").`
			`AddHost("maxst.icons8.com") //TODO: host it`
fix(console): remove cropper, set avatar url if available (#1865) * set avatarurl if available * lint * force sidemargin * dont load image via asset * rm log * stylelint * add ZITADEL domain to csp img src * sanitize url * fix undefined link projects * use name as fallback * operator: rename uploadServiceURL to assetServiceURL in environment json for console * remove data * rm logs * center crop image * add avatar to changes Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-06-14 11:53:40 +00:00			`csp.ImgSrc = csp.ImgSrc.AddHost(zitadelDomain).AddScheme("blob")`
fix: add interceptors for console (#255) * add interceptors for console * add interceptors for console to env.json 2020-06-22 11:17:29 +00:00			`return &csp`
			`}`

change caching for console (service worker) (#261) 2020-06-24 12:26:27 +00:00			`func AssetsCacheInterceptorIgnoreManifest(shortMaxAge, shortSharedMaxAge, longMaxAge, longSharedMaxAge time.Duration) func(http.Handler) http.Handler {`
fix: add interceptors for console (#255) * add interceptors for console * add interceptors for console to env.json 2020-06-22 11:17:29 +00:00			`return func(handler http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
fix: handle short cache for console correctly (#993) 2020-11-20 07:47:28 +00:00			`for _, file := range shortCacheFiles {`
			`if r.URL.Path == file {`
change caching for console (service worker) (#261) 2020-06-24 12:26:27 +00:00			`middleware.AssetsCacheInterceptor(shortMaxAge, shortSharedMaxAge, handler).ServeHTTP(w, r)`
			`return`
			`}`
fix: add interceptors for console (#255) * add interceptors for console * add interceptors for console to env.json 2020-06-22 11:17:29 +00:00			`}`
fix: handle short cache for console correctly (#993) 2020-11-20 07:47:28 +00:00			`middleware.AssetsCacheInterceptor(longMaxAge, longSharedMaxAge, handler).ServeHTTP(w, r)`
			`return`
fix: add interceptors for console (#255) * add interceptors for console * add interceptors for console to env.json 2020-06-22 11:17:29 +00:00			`})`
			`}`
			`}`