feat: support for smoothly handling expired aws sso sessions

unxsist · Apr 29, 2024 · 5c96e03 · 5c96e03
1 parent a0741df
commit 5c96e03
Show file tree

Hide file tree

Showing 8 changed files with 169 additions and 20 deletions.
diff --git a/src-tauri/src/main.rs b/src-tauri/src/main.rs
@@ -13,7 +13,7 @@ use k8s_openapi::api::core::v1::{
     ConfigMap, Namespace, PersistentVolume, PersistentVolumeClaim, Pod, Secret, Service,
 };
 use kube::api::{DeleteParams, ListParams};
-use kube::config::{KubeConfigOptions, Kubeconfig, KubeconfigError};
+use kube::config::{KubeConfigOptions, Kubeconfig, KubeconfigError, NamedAuthInfo};
 use kube::{api::Api, Client, Config, Error};
 use portable_pty::{native_pty_system, CommandBuilder, PtySize};
 use serde::Serialize;
@@ -107,6 +107,36 @@ async fn list_contexts() -> Result<Vec<String>, SerializableKubeError> {
         .collect()
 }
 
+#[tauri::command]
+async fn get_context_auth_info(context: &str) -> Result<NamedAuthInfo, SerializableKubeError> {
+    let config = Kubeconfig::read().map_err(|err| SerializableKubeError::from(err))?;
+
+    let context_auth_info = config
+        .contexts
+        .iter()
+        .find(|c| c.name == context)
+        .map(|c| c.clone().context.unwrap().user.clone())
+        .ok_or(SerializableKubeError {
+            message: "Context not found".to_string(),
+            code: None,
+            reason: None,
+            details: None,
+        })?;
+
+    let auth_info = config
+        .auth_infos
+        .iter()
+        .find(|a| a.name == context_auth_info)
+        .ok_or(SerializableKubeError {
+            message: "Auth info not found".to_string(),
+            code: None,
+            reason: None,
+            details: None,
+        })?;
+
+    return Ok(auth_info.clone());
+}
+
 async fn client_with_context(context: &str) -> Result<Client, SerializableKubeError> {
     if context.to_string() != CURRENT_CONTEXT.lock().unwrap().as_ref().unwrap().clone() {
         let options = KubeConfigOptions {
@@ -663,7 +693,7 @@ fn write_to_pty(session_id: &str, data: &str) {
     }
 }
 
-fn main() {
+fn main() { 
     let _ = fix_path_env::fix();
 
     let metadata = AboutMetadata::new()
@@ -698,6 +728,7 @@ fn main() {
         })
         .invoke_handler(tauri::generate_handler![
             list_contexts,
+            get_context_auth_info,
             get_current_context,
             list_namespaces,
             get_core_api_versions,

diff --git a/src-tauri/tauri.conf.json b/src-tauri/tauri.conf.json
@@ -36,6 +36,11 @@
             "name": "kubectl",
             "cmd": "kubectl",
             "args": true
+          },
+          {
+            "name": "aws",
+            "cmd": "aws",
+            "args": true
           }
         ]
       }

diff --git a/src/App.vue b/src/App.vue
@@ -21,20 +21,20 @@ import UpdateHandler from "./components/UpdateHandler.vue";
     <Suspense>
       <SettingsContextProvider>
         <ColorSchemeProvider>
-          <KubeContextProvider>
-            <TabProvider>
-              <CommandPaletteProvider>
-                <DialogProvider>
+          <DialogProvider>
+            <KubeContextProvider>
+              <TabProvider>
+                <CommandPaletteProvider>
                   <Navigation />
                   <RouterViewport />
                   <Toaster />
                   <CommandPalette />
                   <DialogHandler />
                   <UpdateHandler />
-                </DialogProvider>
-              </CommandPaletteProvider>
-            </TabProvider>
-          </KubeContextProvider>
+                </CommandPaletteProvider>
+              </TabProvider>
+            </KubeContextProvider>
+          </DialogProvider>
         </ColorSchemeProvider>
       </SettingsContextProvider>
     </Suspense>

diff --git a/src/components/ContextSwitcher.vue b/src/components/ContextSwitcher.vue
@@ -4,6 +4,8 @@ import { injectStrict } from "@/lib/utils";
 import {
   ShowSingleCommandKey,
   RegisterCommandStateKey,
+  CloseCommandPaletteKey,
+  RerunLastCommandKey,
 } from "@/providers/CommandPaletteProvider";
 import {
   KubeContextSetContextKey,
@@ -12,13 +14,17 @@ import {
 import { KubeContextStateKey } from "@/providers/KubeContextProvider";
 import { Kubernetes } from "@/services/Kubernetes";
 import { SettingsContextStateKey } from "@/providers/SettingsContextProvider";
+import { DialogProviderSpawnDialogKey } from "@/providers/DialogProvider";
 
 const showSingleCommand = injectStrict(ShowSingleCommandKey);
 const registerCommand = injectStrict(RegisterCommandStateKey);
+const closeCommandPalette = injectStrict(CloseCommandPaletteKey);
+const rerunLastCommand = injectStrict(RerunLastCommandKey);
 const { context, namespace } = injectStrict(KubeContextStateKey);
 const setContext = injectStrict(KubeContextSetContextKey);
 const setNamespace = injectStrict(KubeContextSetNamespaceKey);
 const { settings } = injectStrict(SettingsContextStateKey);
+const spawnDialog = injectStrict(DialogProviderSpawnDialogKey);
 
 onMounted(() => {
   registerCommand({
@@ -38,7 +44,7 @@ onMounted(() => {
             (c) => c.context === context
           );
 
-          let namespaces = [];
+          let namespaces: string[] = [];
 
           if (
             clusterSettings &&
@@ -47,9 +53,49 @@ onMounted(() => {
           ) {
             namespaces = clusterSettings.namespaces;
           } else {
-            namespaces = await (
-              await Kubernetes.getNamespaces(context)
-            ).map((ns) => ns.metadata?.name || "");
+            try {
+              const contextNamespaces = await Kubernetes.getNamespaces(context);
+              namespaces = contextNamespaces.map(
+                (ns) => ns.metadata?.name || ""
+              );
+            } catch (e: any) {
+              const authErrorHandler = await Kubernetes.getAuthErrorHandler(
+                context,
+                e.message
+              );
+
+              if (authErrorHandler.canHandle) {
+                spawnDialog({
+                  title: "SSO Session expired",
+                  message:
+                    "Failed to authenticate as the SSO session has expired. Please login again.",
+                  buttons: [
+                    {
+                      label: "Close",
+                      variant: "ghost",
+                      handler: (dialog) => {
+                        dialog.close();
+                        closeCommandPalette();
+                      },
+                    },
+                    {
+                      label: "Login with SSO",
+                      handler: (dialog) => {
+                        dialog.buttons = [];
+                        dialog.title = "Awaiting SSO login";
+                        dialog.message = "Please wait while we redirect you.";
+                        authErrorHandler.callback(() => {
+                          dialog.close();
+                          rerunLastCommand();
+                        });
+                      },
+                    },
+                  ],
+                });
+              } else {
+                throw e;
+              }
+            }
           }
 
           return [

diff --git a/src/components/DialogHandler.vue b/src/components/DialogHandler.vue
@@ -1,14 +1,13 @@
 <script setup lang="ts">
 import {
   AlertDialog,
-  AlertDialogAction,
-  AlertDialogCancel,
   AlertDialogContent,
   AlertDialogDescription,
   AlertDialogFooter,
   AlertDialogHeader,
   AlertDialogTitle,
 } from "@/components/ui/alert-dialog";
+import { Button } from "@/components/ui/button";
 
 import { DialogProviderStateKey } from "@/providers/DialogProvider";
 import { injectStrict } from "@/lib/utils";
@@ -25,12 +24,13 @@ const { dialog } = injectStrict(DialogProviderStateKey);
           {{ dialog.message }}
         </AlertDialogDescription>
       </AlertDialogHeader>
-      <AlertDialogFooter>
-        <AlertDialogAction
+      <AlertDialogFooter v-if="dialog.buttons.length > 0">
+        <Button
           v-for="(button, index) in dialog.buttons"
           :key="index"
+          :variant="button.variant ?? 'default'"
           @click="button.handler(dialog)"
-          >{{ button.label }}</AlertDialogAction
+          >{{ button.label }}</Button
         >
       </AlertDialogFooter>
     </AlertDialogContent>

diff --git a/src/providers/CommandPaletteProvider.ts b/src/providers/CommandPaletteProvider.ts
@@ -14,6 +14,8 @@ export const CloseCommandPaletteKey: InjectionKey<() => void> = Symbol(
 );
 export const ExecuteCommandKey: InjectionKey<(command: Command) => void> =
   Symbol("ExecuteCommand");
+export const RerunLastCommandKey: InjectionKey<() => void> =
+  Symbol("ExecuteCommand");
 export const ClearCommandCallStackKey: InjectionKey<() => void> = Symbol(
   "ClearCommandCallStack"
 );
@@ -143,9 +145,23 @@ export default {
       }
     };
 
+    const rerunLastCommand = () => {
+      const lastCommand = Array.from(state.callStack.keys())[
+        state.callStack.size - 1
+      ];
+
+      if (!lastCommand) {
+        return;
+      }
+
+      pop();
+      executeCommand(lastCommand);
+    };
+
     provide(OpenCommandPaletteKey, open);
     provide(CloseCommandPaletteKey, close);
     provide(ExecuteCommandKey, executeCommand);
+    provide(RerunLastCommandKey, rerunLastCommand);
     provide(ClearCommandCallStackKey, clearStack);
     provide(ShowSingleCommandKey, showSingleCommand);
     provide(RegisterCommandStateKey, registerCommand);

diff --git a/src/providers/DialogProvider.ts b/src/providers/DialogProvider.ts
@@ -1,14 +1,16 @@
 import { ToRefs } from "vue";
+import { buttonVariants } from "@/components/ui/button";
 
 export const DialogProviderStateKey: InjectionKey<ToRefs<DialogProviderState>> =
   Symbol("DialogProviderState");
 
 export const DialogProviderSpawnDialogKey: InjectionKey<
-  (dialog: DialogInterface) => void
+  (dialog: BaseDialogInterface) => void
 > = Symbol("DialogProviderSpawnDialog");
 
 export interface DialogButtonInterface {
   label: string;
+  variant?: NonNullable<Parameters<typeof buttonVariants>[0]>["variant"];
   handler: (dialog: DialogInterface) => void;
 }
 

diff --git a/src/services/Kubernetes.ts b/src/services/Kubernetes.ts
@@ -15,6 +15,7 @@ import {
 } from "@kubernetes/client-node";
 import { VirtualService } from "@kubernetes-models/istio/networking.istio.io/v1beta1";
 import { invoke } from "@tauri-apps/api/tauri";
+import { Child, Command } from "@tauri-apps/api/shell";
 
 export interface KubernetesError {
   message: string;
@@ -24,6 +25,54 @@ export interface KubernetesError {
 }
 
 export class Kubernetes {
+  static async getAuthErrorHandler(
+    context: string,
+    errorMessage: string
+  ): Promise<{
+    canHandle: boolean;
+    callback: (authCompletedCallback?: () => void) => void;
+  }> {
+    // AWS SSO
+    if (
+      errorMessage.includes("AWS_PROFILE") &&
+      errorMessage.includes("Error loading SSO Token")
+    ) {
+      const context_auth_info = (await invoke("get_context_auth_info", {
+        context: context,
+      })) as any;
+
+      let aws_profile = null;
+      try {
+        aws_profile = context_auth_info.user.exec.env.find(
+          (env: any) => env.name === "AWS_PROFILE"
+        ).value;
+      } catch {}
+
+      return {
+        canHandle: aws_profile !== null,
+        callback: async (authCompletedCallback?) => {
+          const command = new Command("aws", [
+            "sso",
+            "login",
+            "--profile",
+            aws_profile,
+          ]);
+          command.addListener("close", async () => {
+            authCompletedCallback?.();
+          });
+          await command.spawn();
+        },
+      };
+    }
+
+    return {
+      canHandle: false,
+      callback: () => {
+        console.log("void");
+      },
+    };
+  }
+
   static async getCurrentContext(): Promise<string> {
     return invoke("get_current_context", {});
   }