feat: dont pass entire server state for privacy

api/src/core/sso/auth-request-setup.ts

@@ -0,0 +1,61 @@
+import { existsSync, write } from 'fs';
+import { readdir, readFile, writeFile } from 'fs/promises';
+import path from 'path';
+
+import { logger } from '@app/core/log';
+
+// Define constants
+const AUTH_REQUEST_FILE = '/usr/local/emhttp/auth-request.php';
+const WEB_COMPS_DIR = '/usr/local/emhttp/plugins/dynamix.my.servers/unraid-components/_nuxt/';
+
+export const setupAuthRequest = async () => {
+    // Function to log debug messages
+    // Find all .js files in WEB_COMPS_DIR
+    const getJSFiles = async (dir) => {
+        const jsFiles: string[] = [];
+
+        const findFiles = async (currentDir) => {
+            const files = await readdir(currentDir, { withFileTypes: true });
+            for (const file of files) {
+                const fullPath = path.join(currentDir, file.name);
+                if (file.isDirectory()) {
+                    findFiles(fullPath);
+                } else if (file.isFile() && file.name.endsWith('.js')) {
+                    jsFiles.push(fullPath.replace('/usr/local/emhttp', ''));
+                }
+            }
+        };
+
+        await findFiles(dir);
+        return jsFiles;
+    };
+
+    const JS_FILES = await getJSFiles(WEB_COMPS_DIR);
+    logger.debug(`Found ${JS_FILES.length} .js files in ${WEB_COMPS_DIR}`);
+
+    const FILES_TO_ADD = ['/webGui/images/partner-logo.svg', ...JS_FILES];
+
+    if (existsSync(AUTH_REQUEST_FILE)) {
+        const fileContent = await readFile(AUTH_REQUEST_FILE, 'utf8');
+
+        if (fileContent.includes('$arrWhitelist')) {
+            const backupFile = `${AUTH_REQUEST_FILE}.bak`;
+            await writeFile(backupFile, fileContent);
+            logger.debug(`Backup of ${AUTH_REQUEST_FILE} created at ${backupFile}`);
+
+            const filesToAddString = FILES_TO_ADD.map((file) => `  '${file}',`).join('\n');
+
+            const updatedContent = fileContent.replace(
+                /(\$arrWhitelist\s*=\s*\[)/,
+                `$1\n${filesToAddString}`
+            );
+
+            await writeFile(AUTH_REQUEST_FILE, updatedContent);
+            logger.debug(`Default values and .js files from ${WEB_COMPS_DIR} added to $arrWhitelist.`);
+        } else {
+            logger.debug(`$arrWhitelist array not found in the file.`);
+        }
+    } else {
+        logger.debug(`File ${AUTH_REQUEST_FILE} not found.`);
+    }
+};

api/src/index.ts

@@ -33,6 +33,7 @@ import { setupVarRunWatch } from '@app/store/watch/var-run-watch';
 import { bootstrapNestServer } from '@app/unraid-api/main';
 
 import { setupNewMothershipSubscription } from './mothership/subscribe-to-mothership';
+import { setupAuthRequest } from '@app/core/sso/auth-request-setup';
 
 let server: NestFastifyApplication<RawServerDefault> | null = null;
 
@@ -100,6 +101,7 @@ try {
 
     // If the config contains SSO IDs, enable SSO
     if (store.getState().config.remote.ssoSubIds) {
+        await setupAuthRequest();
         await setupSso();
     }
 

plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/include/sso-login.php

@@ -18,5 +18,5 @@ echo $wcExtractor->getScriptTagHtml();
 ?>
 
 <unraid-i18n-host>
-    <unraid-sso-button server="<?= $serverState->getServerStateJsonForHtmlAttr() ?>"></unraid-sso-button>
+    <unraid-sso-button server="<?= $serverState->ssoSubIds ?>"></unraid-sso-button>
 </unraid-i18n-host>

plugin/source/dynamix.unraid.net/usr/local/emhttp/plugins/dynamix.my.servers/include/state.php

@@ -56,7 +56,7 @@ class ServerState
     /**
      * SSO Sub IDs from the my servers config file.
      */
-    private $ssoSubIds = '';
+    public $ssoSubIds = '';
     private $osVersion;
     private $osVersionBranch;
     private $rebootDetails;

web/components/SsoButton.ce.vue

@@ -1,32 +1,11 @@
 <script setup lang="ts">
 import Button from '~/components/Brand/Button.vue';
 import { ACCOUNT } from '~/helpers/urls';
-import { useServerStore } from '~/store/server';
-import type { Server } from '~/types/server';
 
 export interface Props {
-  server?: Server | string;
+  ssoSubIds?: string;
 }
 const props = defineProps<Props>();
-const serverStore = useServerStore();
-
-const { ssoSubIds } = storeToRefs(serverStore);
-
-onBeforeMount(() => {
-  if (!props.server) {
-    throw new Error('Server data not present');
-  }
-  console.log('props.server', props.server);
-
-  if (typeof props.server === 'object') {
-    // Handles the testing dev Vue component
-    serverStore.setServer(props.server);
-  } else if (typeof props.server === 'string') {
-    // Handle web component
-    const parsedServerProp = JSON.parse(props.server);
-    serverStore.setServer(parsedServerProp);
-  }
-});
 
 const queryParams = useUrlSearchParams<{ token: string }>();
 
@@ -65,15 +44,18 @@ watch(queryParams, (newVal) => {
 });
 
 const externalSSOUrl = computed(() => {
+  if (props.ssoSubIds === undefined) {
+    return '';
+  }
   const url = new URL('sso', ACCOUNT);
-  url.searchParams.append('uids', ssoSubIds.value);
+  url.searchParams.append('uids', props.ssoSubIds);
   url.searchParams.append('callbackUrl', window.location.href);
   return url.toString();
 });
 </script>
 
 <template>
-  <template v-if="ssoSubIds">
+  <template v-if="props.ssoSubIds">
     <Button target="_blank" :href="externalSSOUrl">Sign In With Unraid.net Account</Button>
   </template>
 </template>