/** * Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com). * * WSO2 LLC. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ import { LegacyModeInterface } from "@thiva/core/models"; import { I18n } from "@thiva/i18n"; import { Code, DocumentationLink, EmphasizedSegment, GenericIcon, Heading, Popup, PrimaryButton, ResourceTab, ResourceTabPaneInterface, Text } from "@thiva/react-components"; import React, { ReactElement } from "react"; import { Trans } from "react-i18next"; import { Divider, Icon, Message } from "semantic-ui-react"; import { ApplicationGeneralTabOverride } from "./components/application-general-tab-overide"; import { MarketingConsentModalWrapper } from "./components/marketing-consent/components"; import { ApplicationConfig, ExtendedFeatureConfigInterface } from "./models"; import { APIAuthorization } from "@thiva/admin.applications.v1/components/api-authorization/api-authorization"; import { ExtendedClaimInterface, ExtendedExternalClaimInterface, SelectedDialectInterface } from "@thiva/admin.applications.v1/components/settings"; import { ApplicationManagementConstants } from "@thiva/admin.applications.v1/constants"; import { ApplicationInterface, ApplicationTabTypes, SupportedAuthProtocolTypes, additionalSpProperty } from "@thiva/admin.applications.v1/models"; import { ClaimManagementConstants } from "@thiva/admin.claims.v1/constants/claim-management-constants"; import { EventPublisher, FeatureConfigInterface } from "@thiva/admin.core.v1"; import { AppConstants } from "@thiva/admin.core.v1/constants"; import { ApplicationRoles } from "@thiva/admin.roles.v2/components/application-roles"; import MobileAppTemplate from "../application-templates/templates/mobile-application/mobile-application.json"; import OIDCWebAppTemplate from "../application-templates/templates/oidc-web-application/oidc-web-application.json"; import SamlWebAppTemplate from "../application-templates/templates/saml-web-application/saml-web-application.json"; import SinglePageAppTemplate from "../application-templates/templates/single-page-application/single-page-application.json"; import { getTryItClientId } from "../components/application/utils/try-it-utils"; import { getGettingStartedCardIllustrations } from "../components/getting-started/configs"; function isClaimInterface( claim: ExtendedClaimInterface | ExtendedExternalClaimInterface ): claim is ExtendedClaimInterface { if ((claim as ExtendedExternalClaimInterface).mappedLocalClaimURI == undefined) { return true; } return false; } const IS_ENTERPRISELOGIN_MANAGEMENT_APP: string = "isEnterpriseLoginManagementApp"; // Relative tab indexes. const API_AUTHORIZATION_INDEX: number = 4; const APPLICATION_ROLES_INDEX: number = 4; const M2M_API_AUTHORIZATION_INDEX: number = 2; const featureConfig: FeatureConfigInterface = window[ "AppUtils" ].getConfig().ui.features; /** * Check whether claims is identity claims or not. * * @param claim - claim * @returns boolean */ const isIdentityClaim = (claim: ExtendedClaimInterface | ExtendedExternalClaimInterface): boolean => { const enableIdentityClaims: boolean = window[ "AppUtils" ]?.getConfig()?.ui?.enableIdentityClaims; if (enableIdentityClaims) { return false; } const identityRegex: RegExp = new RegExp("wso2.org/claims/identity"); if (isClaimInterface(claim)) { return identityRegex.test(claim.claimURI); } return identityRegex.test(claim.mappedLocalClaimURI); }; export const applicationConfig: ApplicationConfig = { advancedConfigurations: { showEnableAuthorization: true, showFapiFeatureStatusChip: false, showMtlsAliases: false, showMyAccount: true, showMyAccountStatus: false, showReturnAuthenticatedIdPs: true, showSaaS: true }, allowedGrantTypes: { // single page app template [ "6a90e4b0-fbff-42d7-bfde-1efd98f07cd7" ]: [ ApplicationManagementConstants.AUTHORIZATION_CODE_GRANT, ApplicationManagementConstants.REFRESH_TOKEN_GRANT, ApplicationManagementConstants.IMPLICIT_GRANT, ApplicationManagementConstants.ORGANIZATION_SWITCH_GRANT ], // oidc traditional web app template [ "b9c5e11e-fc78-484b-9bec-015d247561b8" ]: [ ApplicationManagementConstants.AUTHORIZATION_CODE_GRANT, ApplicationManagementConstants.IMPLICIT_GRANT, ApplicationManagementConstants.CLIENT_CREDENTIALS_GRANT, ApplicationManagementConstants.REFRESH_TOKEN_GRANT, ApplicationManagementConstants.ORGANIZATION_SWITCH_GRANT, ApplicationManagementConstants.OAUTH2_TOKEN_EXCHANGE ], // oidc standard app template [ "custom-application" ]: [ ApplicationManagementConstants.AUTHORIZATION_CODE_GRANT, ApplicationManagementConstants.IMPLICIT_GRANT, ApplicationManagementConstants.PASSWORD, ApplicationManagementConstants.CLIENT_CREDENTIALS_GRANT, ApplicationManagementConstants.REFRESH_TOKEN_GRANT, ApplicationManagementConstants.ORGANIZATION_SWITCH_GRANT, ApplicationManagementConstants.DEVICE_GRANT, ApplicationManagementConstants.OAUTH2_TOKEN_EXCHANGE, ApplicationManagementConstants.SAML2_BEARER, ApplicationManagementConstants.JWT_BEARER, ApplicationManagementConstants.IWA_NTLM ], [ "m2m-application" ]: [ ApplicationManagementConstants.CLIENT_CREDENTIALS_GRANT ], [ "mobile-application" ]: [ ApplicationManagementConstants.AUTHORIZATION_CODE_GRANT, ApplicationManagementConstants.REFRESH_TOKEN_GRANT, ApplicationManagementConstants.IMPLICIT_GRANT, ApplicationManagementConstants.PASSWORD, ApplicationManagementConstants.DEVICE_GRANT, ApplicationManagementConstants.ORGANIZATION_SWITCH_GRANT, ApplicationManagementConstants.OAUTH2_TOKEN_EXCHANGE ] }, attributeSettings: { advancedAttributeSettings: { isLinkedAccountsEnabled: (templateId: string): boolean => { const allowedTemplates: string[] = [ ApplicationManagementConstants.CUSTOM_APPLICATION_PASSIVE_STS, ApplicationManagementConstants.CUSTOM_APPLICATION_SAML, ApplicationManagementConstants.TRADITIONAL_WEB_APPLICATION_SAML, ApplicationManagementConstants.MOBILE, ApplicationManagementConstants.CUSTOM_APPLICATION_OIDC, ApplicationManagementConstants.TRADITIONAL_WEB_APPLICATION_OIDC, ApplicationManagementConstants.SPA_APP_TEMPLATE_ID ]; return allowedTemplates.includes(templateId); }, showIncludeTenantDomain: true, showIncludeUserstoreDomainRole: true, showIncludeUserstoreDomainSubject: true, showMandateLinkedLocalAccount: false, showRoleAttribute: true, showRoleMapping: true, showSubjectAttribute: true, showValidateLinkedLocalAccount: true }, attributeSelection: { getClaims: (claims: ExtendedClaimInterface[]): ExtendedClaimInterface[] => { return claims.filter((claim: ExtendedClaimInterface) => isIdentityClaim(claim) == false); }, getExternalClaims: (claims: ExtendedExternalClaimInterface[]): ExtendedExternalClaimInterface[] => { return claims.filter((claim: ExtendedExternalClaimInterface) => isIdentityClaim(claim) == false); }, showAttributePlaceholderTitle: false, showShareAttributesHint: (selectedDialect: SelectedDialectInterface): boolean => { return selectedDialect.id === ClaimManagementConstants.ATTRIBUTE_DIALECT_IDS.get("OIDC"); } }, makeSubjectMandatory: true, roleMapping: true }, customApplication: { allowedProtocolTypes: [ SupportedAuthProtocolTypes.OAUTH2_OIDC, SupportedAuthProtocolTypes.SAML, SupportedAuthProtocolTypes.WS_FEDERATION ], defaultTabIndex: 1 }, editApplication: { extendTabs: false, getActions: (clientId: string, tenant: string, testId: string) => { const asgardeoLoginPlaygroundURL: string = window[ "AppUtils" ]?.getConfig()?.extensions?.asgardeoTryItURL; return ( clientId === getTryItClientId(tenant) ? ( { EventPublisher.getInstance().publish("tryit-try-login", { "client-id": clientId }); window.open(asgardeoLoginPlaygroundURL+"?client_id="+clientId+"&org="+tenant); } } data-testid={ `${ testId }-playground-button` } > Try Login ): null ); }, getOveriddenTab: (clientId: string, tabName: ApplicationTabTypes, defaultComponent: ReactElement, appName: string, appId: string, tenantDomain: string) => { if (clientId === getTryItClientId(tenantDomain) && tabName === ApplicationTabTypes.GENERAL) { return ( ); } if (clientId === getTryItClientId(tenantDomain) && tabName === ApplicationTabTypes.USER_ATTRIBUTES){ return (
User Attributes User attributes that are allowed to be shared with this application.
); } return defaultComponent; }, getOverriddenDescription: (clientId: string, tenantDomain: string, _templateName: string) => { if (clientId === getTryItClientId(tenantDomain)){ return (
You can try out different login flows of Asgardeo with our Try It app. ) } trigger={ ( You can try out different login flows of Asgardeo with our Try It app. ) } />
); } return null; }, getOverriddenImage: (clientId: string, tenantDomain: string) => { if(clientId === getTryItClientId(tenantDomain)) { return ( ); } return null; }, getStrongAuthenticationFlowTabIndex: ( clientId: string, tenantDomain: string ): number => { if (clientId === getTryItClientId(tenantDomain)) { return ApplicationManagementConstants.TRY_IT_SIGNIN_TAB; // For Asgardeo Try It App } else { return ApplicationManagementConstants.APPLICATION_SIGNIN_TAB; // For other applications } }, getTabExtensions: ( props: Record, features: FeatureConfigInterface, isReadOnly: boolean ): ResourceTabPaneInterface[] => { const extendedFeatureConfig: ExtendedFeatureConfigInterface = features as ExtendedFeatureConfigInterface; const apiResourceFeatureEnabled: boolean = extendedFeatureConfig?.apiResources?.enabled; const application: ApplicationInterface = props?.application as ApplicationInterface; const onApplicationUpdate: () => void = props?.onApplicationUpdate as () => void; const tabExtensions: ResourceTabPaneInterface[] = []; const legacyMode: LegacyModeInterface = window["AppUtils"]?.getConfig()?.ui?.legacyMode; // Enable the API authorization tab for supported templates when the api resources config is enabled. if ( apiResourceFeatureEnabled && !application?.advancedConfigurations?.fragment && legacyMode?.apiResourcesV2 && ( application?.templateId === ApplicationManagementConstants.CUSTOM_APPLICATION_OIDC || application?.templateId === MobileAppTemplate?.id || application?.templateId === OIDCWebAppTemplate?.id || application?.templateId === SinglePageAppTemplate?.id || application?.templateId === ApplicationManagementConstants.M2M_APP_TEMPLATE_ID ) && application.name !== ApplicationManagementConstants.MY_ACCOUNT_APP_NAME ) { tabExtensions.push( { componentId: "api-authorization", index: application?.templateId === ApplicationManagementConstants.M2M_APP_TEMPLATE_ID ? M2M_API_AUTHORIZATION_INDEX + tabExtensions.length : API_AUTHORIZATION_INDEX + tabExtensions.length, menuItem: I18n.instance.t( "extensions:develop.applications.edit.sections.apiAuthorization.title" ), render: () => ( ) } ); } // Enable the roles tab for supported templates when the api resources config is enabled. if (apiResourceFeatureEnabled && !legacyMode?.rolesV1 && (!application?.advancedConfigurations?.fragment || window["AppUtils"].getConfig().ui.features?. applicationRoles?.enabled) && ( application?.advancedConfigurations?.fragment || (application?.templateId === ApplicationManagementConstants.CUSTOM_APPLICATION_OIDC || application?.templateId === ApplicationManagementConstants.CUSTOM_APPLICATION_SAML || application?.templateId === MobileAppTemplate?.id || application?.templateId === OIDCWebAppTemplate?.id || application?.templateId === SinglePageAppTemplate?.id || application?.templateId === SamlWebAppTemplate?.id) ) && application.name !== ApplicationManagementConstants.MY_ACCOUNT_APP_NAME ) { tabExtensions.push( { componentId: "application-roles", index: APPLICATION_ROLES_INDEX + tabExtensions.length, menuItem: I18n.instance.t( "extensions:develop.applications.edit.sections.roles.heading" ), render: () => ( ) } ); } return tabExtensions; }, getTabPanelReadOnlyStatus: (tabPanelName: string, application: ApplicationInterface): boolean => { // Restrict modifying configurations for Enterprise IDP Login Applications. let isEnterpriseLoginMgt: string; if (application?.advancedConfigurations?.additionalSpProperties?.length > 0) { application?.advancedConfigurations?.additionalSpProperties?. forEach((item: additionalSpProperty) => { if (item.name === IS_ENTERPRISELOGIN_MANAGEMENT_APP && item.value === "true") { isEnterpriseLoginMgt = "true"; } }); } if (application.name.startsWith("WSO2_LOGIN_FOR_") || isEnterpriseLoginMgt==="true") { return [ "APPLICATION_EDIT_GENERAL_SETTINGS", "APPLICATION_EDIT_ACCESS_CONFIG", "APPLICATION_EDIT_PROVISIONING_SETTINGS" ].includes(tabPanelName); } return false; }, isTabEnabledForApp: (clientId: string, tabType: ApplicationTabTypes, tenantDomain: string): boolean => { if(clientId === getTryItClientId(tenantDomain)) { if(tabType === ApplicationTabTypes.PROVISIONING || tabType === ApplicationTabTypes.INFO || tabType === ApplicationTabTypes.ROLES || tabType === ApplicationTabTypes.PROTOCOL){ return false; } } return true; }, renderHelpPanelItems: () => { return ( <>