feat: dont pass entire server state for privacy

2025-12-31 13:39:52 -06:00 · 2025-01-20 12:32:56 -05:00
parent 3419837eb5
commit b969f3a9ab
5 changed files with 71 additions and 26 deletions
--- a/api/src/core/sso/auth-request-setup.ts
+++ b/api/src/core/sso/auth-request-setup.ts
@@ -0,0 +1,61 @@
+import { existsSync, write } from 'fs';
+import { readdir, readFile, writeFile } from 'fs/promises';
+import path from 'path';
+
+import { logger } from '@app/core/log';
+
+// Define constants
+const AUTH_REQUEST_FILE = '/usr/local/emhttp/auth-request.php';
+const WEB_COMPS_DIR = '/usr/local/emhttp/plugins/dynamix.my.servers/unraid-components/_nuxt/';
+
+export const setupAuthRequest = async () => {
+    // Function to log debug messages
+    // Find all .js files in WEB_COMPS_DIR
+    const getJSFiles = async (dir) => {
+        const jsFiles: string[] = [];
+
+        const findFiles = async (currentDir) => {
+            const files = await readdir(currentDir, { withFileTypes: true });
+            for (const file of files) {
+                const fullPath = path.join(currentDir, file.name);
+                if (file.isDirectory()) {
+                    findFiles(fullPath);
+                } else if (file.isFile() && file.name.endsWith('.js')) {
+                    jsFiles.push(fullPath.replace('/usr/local/emhttp', ''));
+                }
+            }
+        };
+
+        await findFiles(dir);
+        return jsFiles;
+    };
+
+    const JS_FILES = await getJSFiles(WEB_COMPS_DIR);
+    logger.debug(`Found ${JS_FILES.length} .js files in ${WEB_COMPS_DIR}`);
+
+    const FILES_TO_ADD = ['/webGui/images/partner-logo.svg', ...JS_FILES];
+
+    if (existsSync(AUTH_REQUEST_FILE)) {
+        const fileContent = await readFile(AUTH_REQUEST_FILE, 'utf8');
+
+        if (fileContent.includes('$arrWhitelist')) {
+            const backupFile = `${AUTH_REQUEST_FILE}.bak`;
+            await writeFile(backupFile, fileContent);
+            logger.debug(`Backup of ${AUTH_REQUEST_FILE} created at ${backupFile}`);
+
+            const filesToAddString = FILES_TO_ADD.map((file) => `  '${file}',`).join('\n');
+
+            const updatedContent = fileContent.replace(
+                /(\$arrWhitelist\s*=\s*\[)/,
+                `$1\n${filesToAddString}`
+            );
+
+            await writeFile(AUTH_REQUEST_FILE, updatedContent);
+            logger.debug(`Default values and .js files from ${WEB_COMPS_DIR} added to $arrWhitelist.`);
+        } else {
+            logger.debug(`$arrWhitelist array not found in the file.`);
+        }
+    } else {
+        logger.debug(`File ${AUTH_REQUEST_FILE} not found.`);
+    }
+};
--- a/api/src/index.ts
+++ b/api/src/index.ts
@@ -33,6 +33,7 @@ import { setupVarRunWatch } from '@app/store/watch/var-run-watch';
 import { bootstrapNestServer } from '@app/unraid-api/main';

 import { setupNewMothershipSubscription } from './mothership/subscribe-to-mothership';
+import { setupAuthRequest } from '@app/core/sso/auth-request-setup';

 let server: NestFastifyApplication<RawServerDefault> | null = null;

@@ -100,6 +101,7 @@ try {

    // If the config contains SSO IDs, enable SSO
    if (store.getState().config.remote.ssoSubIds) {
+        await setupAuthRequest();
        await setupSso();
    }

--- a/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/include/sso-login.php
+++ b/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/include/sso-login.php
@@ -18,5 +18,5 @@ echo $wcExtractor->getScriptTagHtml();
 ?>

 <unraid-i18n-host>
-    <unraid-sso-button server="<?= $serverState->getServerStateJsonForHtmlAttr() ?>"></unraid-sso-button>
+    <unraid-sso-button server="<?= $serverState->ssoSubIds ?>"></unraid-sso-button>
 </unraid-i18n-host>
--- a/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/include/state.php
+++ b/plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/include/state.php
@@ -56,7 +56,7 @@ class ServerState
    /**
     * SSO Sub IDs from the my servers config file.
     */
-    private $ssoSubIds = '';
+    public $ssoSubIds = '';
    private $osVersion;
    private $osVersionBranch;
    private $rebootDetails;
--- a/web/components/SsoButton.ce.vue
+++ b/web/components/SsoButton.ce.vue
@@ -1,32 +1,11 @@
 <script setup lang="ts">
 import Button from '~/components/Brand/Button.vue';
 import { ACCOUNT } from '~/helpers/urls';
-import { useServerStore } from '~/store/server';
-import type { Server } from '~/types/server';

 export interface Props {
-  server?: Server | string;
+  ssoSubIds?: string;
 }
 const props = defineProps<Props>();
-const serverStore = useServerStore();
-
-const { ssoSubIds } = storeToRefs(serverStore);
-
-onBeforeMount(() => {
-  if (!props.server) {
-    throw new Error('Server data not present');
-  }
-  console.log('props.server', props.server);
-
-  if (typeof props.server === 'object') {
-    // Handles the testing dev Vue component
-    serverStore.setServer(props.server);
-  } else if (typeof props.server === 'string') {
-    // Handle web component
-    const parsedServerProp = JSON.parse(props.server);
-    serverStore.setServer(parsedServerProp);
-  }
-});

 const queryParams = useUrlSearchParams<{ token: string }>();

@@ -65,15 +44,18 @@ watch(queryParams, (newVal) => {
 });

 const externalSSOUrl = computed(() => {
+  if (props.ssoSubIds === undefined) {
+    return '';
+  }
  const url = new URL('sso', ACCOUNT);
-  url.searchParams.append('uids', ssoSubIds.value);
+  url.searchParams.append('uids', props.ssoSubIds);
  url.searchParams.append('callbackUrl', window.location.href);
  return url.toString();
 });
 </script>

 <template>
-  <template v-if="ssoSubIds">
+  <template v-if="props.ssoSubIds">
    <Button target="_blank" :href="externalSSOUrl">Sign In With Unraid.net Account</Button>
  </template>
 </template>