Add AAD Endpoints for Data Explorer in Portal (#1943)

* Fix API endpoint for CassandraProxy query API * activate Mongo Proxy and Cassandra Proxy in Prod * Add CP Prod endpoint * Run npm format and tests * Revert code * fix bug that blocked local mongo proxy and cassandra proxy development * Add prod endpoint * fix pr check tests * Remove prod * Remove prod endpoint * Remove dev endpoint * Support data plane RBAC * Support data plane RBAC * Add additional changes for Portal RBAC functionality * Remove unnecessary code * Remove unnecessary code * Add code to fix VCoreMongo/PG bug * Address feedback * Add more logs for RBAC feature * Add more logs for RBAC features * Add AAD endpoints for all environments * Add AAD endpoints * Run npm format --------- Co-authored-by: Asier Isayas <aisayas@microsoft.com>
2024-08-28 09:11:21 -07:00 · 2024-08-28 09:11:21 -07:00 · c5b7f599b3
parent 6aeac542b1
commit c5b7f599b3
3 changed files with 38 additions and 1 deletions
--- a/src/Common/Constants.ts
+++ b/src/Common/Constants.ts
@ -184,6 +184,12 @@ export class CassandraProxyAPIs {
  public static readonly connectionStringSchemaApi: string = "api/connectionstring/cassandra/schema";
 }

+export class AadEndpoints {
+  public static readonly Prod: string = "https://login.microsoftonline.com/";
+  public static readonly Fairfax: string = "https://login.microsoftonline.us/";
+  public static readonly Mooncake: string = "https://login.partner.microsoftonline.cn/";
+}
+
 export class Queries {
  public static CustomPageOption: string = "custom";
  public static UnlimitedPageOption: string = "unlimited";
--- a/src/Utils/EndpointUtils.ts
+++ b/src/Utils/EndpointUtils.ts
@ -52,7 +52,11 @@ export const defaultAllowedArmEndpoints: ReadonlyArray<string> = [
  "https://management.chinacloudapi.cn",
 ];

-export const allowedAadEndpoints: ReadonlyArray<string> = ["https://login.microsoftonline.com/"];
+export const allowedAadEndpoints: ReadonlyArray<string> = [
+  "https://login.microsoftonline.com/",
+  "https://login.microsoftonline.us/",
+  "https://login.partner.microsoftonline.cn/",
+];

 export const defaultAllowedBackendEndpoints: ReadonlyArray<string> = [
  "https://main.documentdb.ext.azure.com",
--- a/src/hooks/useKnockoutExplorer.ts
+++ b/src/hooks/useKnockoutExplorer.ts
@ -619,6 +619,31 @@ function shouldForwardMessage(message: PortalMessage, messageOrigin: string) {
  return messageOrigin === window.document.location.origin && message.type === MessageTypes.TelemetryInfo;
 }

+function updateAADEndpoints(portalEnv: PortalEnv) {
+  switch (portalEnv) {
+    case "prod1":
+    case "prod":
+      updateConfigContext({
+        AAD_ENDPOINT: Constants.AadEndpoints.Prod,
+      });
+      break;
+    case "fairfax":
+      updateConfigContext({
+        AAD_ENDPOINT: Constants.AadEndpoints.Fairfax,
+      });
+      break;
+    case "mooncake":
+      updateConfigContext({
+        AAD_ENDPOINT: Constants.AadEndpoints.Mooncake,
+      });
+      break;
+
+    default:
+      console.warn(`Unknown portal environment: ${portalEnv}`);
+      break;
+  }
+}
+
 function updateContextsFromPortalMessage(inputs: DataExplorerInputsFrame) {
  if (
    configContext.BACKEND_ENDPOINT &&
@ -639,6 +664,8 @@ function updateContextsFromPortalMessage(inputs: DataExplorerInputsFrame) {
    PORTAL_BACKEND_ENDPOINT: inputs.portalBackendEndpoint,
  });

+  updateAADEndpoints(inputs.serverId as PortalEnv);
+
  updateUserContext({
    authorizationToken,
    databaseAccount,