From 4ed5f074013d10262e4e7645f0807952cc646cb7 Mon Sep 17 00:00:00 2001 From: flyinghermit Date: Fri, 13 Dec 2024 13:18:07 -0500 Subject: [PATCH 1/3] handle AWS Identity Center app launch URL --- .../AwsLaunchButton/AwsLaunchButton.tsx | 9 +++- .../UnifiedResources/ResourceActionButton.tsx | 45 ++++++++++++++----- .../teleport/src/services/apps/makeApps.ts | 4 +- 3 files changed, 44 insertions(+), 14 deletions(-) diff --git a/web/packages/shared/components/AwsLaunchButton/AwsLaunchButton.tsx b/web/packages/shared/components/AwsLaunchButton/AwsLaunchButton.tsx index 3fd51c5b1fe53..1bb9d7bc85627 100644 --- a/web/packages/shared/components/AwsLaunchButton/AwsLaunchButton.tsx +++ b/web/packages/shared/components/AwsLaunchButton/AwsLaunchButton.tsx @@ -48,7 +48,8 @@ export class AwsLaunchButton extends React.Component { render() { const { open } = this.state; - const { awsRoles, getLaunchUrl, onLaunchUrl } = this.props; + const { awsRoles, getLaunchUrl, onLaunchUrl, isAwsIdentityCenterApp } = + this.props; return ( <> { onLaunchUrl={onLaunchUrl} closeMenu={this.onClose} onChange={this.onChange} + isAwsIdentityCenterApp={isAwsIdentityCenterApp} /> @@ -107,6 +109,7 @@ function RoleItemList({ closeMenu, onChange, onLaunchUrl, + isAwsIdentityCenterApp, }: Props & { closeMenu: () => void; onChange: (event: React.ChangeEvent) => void; @@ -118,6 +121,9 @@ function RoleItemList({ if (display !== name) { text = `${text} (${name})`; } + if (isAwsIdentityCenterApp) { + text = name; + } return ( { samlApp, samlAppSsoUrl, samlAppPreset, + subKind, + permissionSets, } = app; const { actions, userSamlIdPPerm } = useSamlAppAction(); - if (awsConsole) { + + const isAwsIdentityCenterApp = subKind === AppSubKind.AwsIcAccount; + if (awsConsole || isAwsIdentityCenterApp) { + let awsConsoleOrIdentityCenterRoles: AwsRole[] = awsRoles; + if (isAwsIdentityCenterApp) { + awsConsoleOrIdentityCenterRoles = permissionSets.map( + (ps): AwsRole => ({ + name: ps.name, + arn: ps.name, + display: ps.name, + accountId: name, + }) + ); + } + function getAwsLaunchUrl(arnOrPermSetName: string) { + if (isAwsIdentityCenterApp) { + return `${publicAddr}&role_name=${arnOrPermSetName}`; + } else { + return cfg.getAppLauncherRoute({ + fqdn, + clusterId, + publicAddr, + arn: arnOrPermSetName, + }); + } + } + return ( - cfg.getAppLauncherRoute({ - fqdn, - clusterId, - publicAddr, - arn, - }) - } + awsRoles={awsConsoleOrIdentityCenterRoles} + getLaunchUrl={getAwsLaunchUrl} + isAwsIdentityCenterApp={isAwsIdentityCenterApp} /> ); } diff --git a/web/packages/teleport/src/services/apps/makeApps.ts b/web/packages/teleport/src/services/apps/makeApps.ts index d8309c753956e..749ffc1937386 100644 --- a/web/packages/teleport/src/services/apps/makeApps.ts +++ b/web/packages/teleport/src/services/apps/makeApps.ts @@ -20,7 +20,7 @@ import { AwsRole } from 'shared/services/apps'; import cfg from 'teleport/config'; -import { App } from './types'; +import { App, PermissionSet } from './types'; export default function makeApp(json: any): App { json = json || {}; @@ -38,7 +38,6 @@ export default function makeApp(json: any): App { integration = '', samlAppPreset, subKind, - permissionSets, } = json; const canCreateUrl = fqdn && clusterId && publicAddr; @@ -49,6 +48,7 @@ export default function makeApp(json: any): App { const labels = json.labels || []; const awsRoles: AwsRole[] = json.awsRoles || []; const userGroups = json.userGroups || []; + const permissionSets: PermissionSet[] = json.permissionSets || []; const isTcp = uri && uri.startsWith('tcp://'); const isCloud = uri && uri.startsWith('cloud://'); From 778ed2f8bc08cd96104ab937c386fcb7a0ac9349 Mon Sep 17 00:00:00 2001 From: flyinghermit Date: Fri, 13 Dec 2024 13:36:04 -0500 Subject: [PATCH 2/3] update import order and test template --- .../teleport/src/UnifiedResources/ResourceActionButton.tsx | 3 +-- web/packages/teleport/src/services/apps/apps.test.ts | 4 ++++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/web/packages/teleport/src/UnifiedResources/ResourceActionButton.tsx b/web/packages/teleport/src/UnifiedResources/ResourceActionButton.tsx index 4d92abb18849d..63f6661fdbe0d 100644 --- a/web/packages/teleport/src/UnifiedResources/ResourceActionButton.tsx +++ b/web/packages/teleport/src/UnifiedResources/ResourceActionButton.tsx @@ -24,7 +24,7 @@ import { MenuLogin, } from 'shared/components/MenuLogin'; import { AwsLaunchButton } from 'shared/components/AwsLaunchButton'; - +import { AwsRole } from 'shared/services/apps'; import { UnifiedResource } from 'teleport/services/agents'; import cfg from 'teleport/config'; import useTeleport from 'teleport/useTeleport'; @@ -42,7 +42,6 @@ import { DiscoverEventResource } from 'teleport/services/userEvent'; import { useSamlAppAction } from 'teleport/SamlApplications/useSamlAppActions'; import type { ResourceSpec } from 'teleport/Discover/SelectResource/types'; -import { AwsRole } from 'shared/services/apps'; type Props = { resource: UnifiedResource; diff --git a/web/packages/teleport/src/services/apps/apps.test.ts b/web/packages/teleport/src/services/apps/apps.test.ts index c9a7148c4e483..e044fc89ca951 100644 --- a/web/packages/teleport/src/services/apps/apps.test.ts +++ b/web/packages/teleport/src/services/apps/apps.test.ts @@ -48,6 +48,7 @@ test('correct formatting of apps fetch response', async () => { samlApp: false, samlAppSsoUrl: '', integration: '', + permissionSets: [], }, { kind: 'app', @@ -69,6 +70,7 @@ test('correct formatting of apps fetch response', async () => { samlApp: false, samlAppSsoUrl: '', integration: '', + permissionSets: [], }, { kind: 'app', @@ -90,6 +92,7 @@ test('correct formatting of apps fetch response', async () => { samlApp: false, samlAppSsoUrl: '', integration: '', + permissionSets: [], }, { kind: 'app', @@ -112,6 +115,7 @@ test('correct formatting of apps fetch response', async () => { samlAppSsoUrl: 'http://localhost/enterprise/saml-idp/login/saml-app', samlAppPreset: 'gcp-workforce', integration: '', + permissionSets: [], }, ], startKey: mockResponse.startKey, From 3f5d2eb5c2b1d962776ad554f0f1fbb1f5cedace Mon Sep 17 00:00:00 2001 From: flyinghermit Date: Fri, 13 Dec 2024 18:31:21 -0500 Subject: [PATCH 3/3] fix linter warnings --- .../UnifiedResources/ResourceActionButton.tsx | 25 ++++++++++--------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/web/packages/teleport/src/UnifiedResources/ResourceActionButton.tsx b/web/packages/teleport/src/UnifiedResources/ResourceActionButton.tsx index 63f6661fdbe0d..2ab59b413b25e 100644 --- a/web/packages/teleport/src/UnifiedResources/ResourceActionButton.tsx +++ b/web/packages/teleport/src/UnifiedResources/ResourceActionButton.tsx @@ -25,6 +25,7 @@ import { } from 'shared/components/MenuLogin'; import { AwsLaunchButton } from 'shared/components/AwsLaunchButton'; import { AwsRole } from 'shared/services/apps'; + import { UnifiedResource } from 'teleport/services/agents'; import cfg from 'teleport/config'; import useTeleport from 'teleport/useTeleport'; @@ -168,6 +169,18 @@ const AppLaunch = ({ app }: AppLaunchProps) => { const { actions, userSamlIdPPerm } = useSamlAppAction(); const isAwsIdentityCenterApp = subKind === AppSubKind.AwsIcAccount; + function getAwsLaunchUrl(arnOrPermSetName: string) { + if (isAwsIdentityCenterApp) { + return `${publicAddr}&role_name=${arnOrPermSetName}`; + } else { + return cfg.getAppLauncherRoute({ + fqdn, + clusterId, + publicAddr, + arn: arnOrPermSetName, + }); + } + } if (awsConsole || isAwsIdentityCenterApp) { let awsConsoleOrIdentityCenterRoles: AwsRole[] = awsRoles; if (isAwsIdentityCenterApp) { @@ -180,18 +193,6 @@ const AppLaunch = ({ app }: AppLaunchProps) => { }) ); } - function getAwsLaunchUrl(arnOrPermSetName: string) { - if (isAwsIdentityCenterApp) { - return `${publicAddr}&role_name=${arnOrPermSetName}`; - } else { - return cfg.getAppLauncherRoute({ - fqdn, - clusterId, - publicAddr, - arn: arnOrPermSetName, - }); - } - } return (