feat: Utilize Fabric Connect when possible

https://harperdb.atlassian.net/browse/STUDIO-583

Author: dawsontoth

src/config/getInstanceClient.ts

@@ -1,3 +1,4 @@
+import { apiClient } from '@/config/apiClient';
 import { authStore, EntityIds, OverallAppSignIn } from '@/features/auth/store/authStore';
 import { rejectReplicationFailures } from '@/lib/api/replication';
 import axios from 'axios';
@@ -9,7 +10,7 @@ interface InstanceClient {
 	secure?: boolean;
 }
 
-export function getInstanceClient({ id = OverallAppSignIn, operationsUrl, port, secure }: InstanceClient = {}) {
+export function getInstanceClient({ id = OverallAppSignIn, operationsUrl, port, secure, forceFabricConnect }: InstanceClient & { forceFabricConnect?: boolean} = {}) {
 	let baseURL = operationsUrl || authStore.getOperationsUrl(id);
 	if (baseURL) {
 		if (port || secure !== undefined) {
@@ -23,10 +24,21 @@ export function getInstanceClient({ id = OverallAppSignIn, operationsUrl, port,
 			baseURL = newURL.toString();
 		}
 	}
-	const auth = authStore.checkForBasicAuth(id);
+
+	const fabricConnect = forceFabricConnect || authStore.checkForFabricConnect(id);
+	if (fabricConnect) {
+		if (id.startsWith('clu-')) {
+			baseURL = apiClient.defaults.baseURL + `/Cluster/${id}/operation`;
+		} else if (id.startsWith('ins-')) {
+			baseURL = apiClient.defaults.baseURL + `/HDBInstance/${id}/operation`;
+		}
+	}
+
+	const basicAuth = authStore.checkForBasicAuth(id);
+
 	const client = axios.create({
-		auth,
-		withCredentials: !auth,
+		auth: fabricConnect ? undefined : basicAuth,
+		withCredentials: fabricConnect || !basicAuth,
 		timeout: 15000,
 		headers: {
 			'Content-Type': 'application/json',

src/features/auth/store/authStore.ts

@@ -45,6 +45,7 @@ class AuthStore {
 
 	private readonly potentiallyAuthenticatedKey = 'Studio:PotentiallyAuthenticated';
 	private readonly basicAuthKeyPrefix = 'Studio:BasicAuth:';
+	private readonly fabricConnectKeyPrefix = 'Studio:FabricConnect:';
 	private readonly potentiallyAuthenticated: Record<EntityIds, AuthenticatedConnectionKey>;
 	private readonly checkedAuthentication: Record<EntityIds, boolean> = {};
 	private readonly allConnections: Record<EntityIds, AuthenticatedConnection> = {};
@@ -113,6 +114,10 @@ class AuthStore {
 		if (!id || !key) {
 			return;
 		}
+		return this.setUserForIdAndKey(id, key, user);
+	}
+
+	public setUserForIdAndKey(id: EntityIds, key: AuthenticatedConnectionKey, user: AuthenticatedConnection['user']): void {
 		if (user) {
 			this.flagKeyAsSignedIn(id, key);
 		} else {
@@ -123,8 +128,7 @@ class AuthStore {
 
 	public updateUserForEntity(entity: EntityTypes, changes: Partial<AuthenticatedConnection['user']>): void {
 		const id = this.calculateIdFromEntity(entity);
-		const key = this.calculateKeyFromEntity(entity);
-		if (!id || !key) {
+		if (!id) {
 			return;
 		}
 		const connection = this.getConnectionById(id);
@@ -154,10 +158,18 @@ class AuthStore {
 	}
 
 	public flagForBasicAuth(id: EntityIds, credentials: null | { username: string; password: string; }) {
-		if (credentials === null) {
+		if (credentials !== null) {
+			localStorage.setItem(this.basicAuthKeyPrefix + id, btoa(JSON.stringify(credentials)));
+		} else {
 			localStorage.removeItem(this.basicAuthKeyPrefix + id);
+		}
+	}
+
+	public flagForFabricConnect(id: EntityIds, toggled: boolean) {
+		if (toggled) {
+			localStorage.setItem(this.fabricConnectKeyPrefix + id, 'true');
 		} else {
-			localStorage.setItem(this.basicAuthKeyPrefix + id, btoa(JSON.stringify(credentials)));
+			localStorage.removeItem(this.fabricConnectKeyPrefix + id);
 		}
 	}
 
@@ -166,6 +178,10 @@ class AuthStore {
 		return value ? JSON.parse(atob(value)) : undefined;
 	}
 
+	public checkForFabricConnect(id: EntityIds): boolean {
+		return localStorage.getItem(this.fabricConnectKeyPrefix + id) === 'true';
+	}
+
 	public async signOutFromPotentiallyAuthenticatedInstances() {
 		for (const entityId in this.potentiallyAuthenticated) {
 			this.allConnections[entityId].user = null;

src/features/clusters/components/ClusterCard.tsx

@@ -50,6 +50,8 @@ export function ClusterCard({ cluster }: { cluster: Cluster; }) {
 
 	const isActive = useMemo(() => cluster.status && activeClusterStatuses.includes(cluster.status), [cluster.status]);
 	const isSelfManaged = clusterIsSelfManaged(cluster);
+	const isFabricConnect = authStore.checkForFabricConnect(cluster.id);
+	const isDirectConnect = !isFabricConnect && !!auth.user;
 	const isTerminated = useMemo(
 		() => cluster.status && deletedClusterStatuses.includes(cluster.status),
 		[cluster.status],
@@ -150,7 +152,7 @@ export function ClusterCard({ cluster }: { cluster: Cluster; }) {
 				Copy API URL
 			</DropdownMenuItem>
 		),
-		isActive && view && !!operationsUrl && !auth.isLoading && auth.user && (
+		isActive && view && !!operationsUrl && !auth.isLoading && isDirectConnect && (
 			<DropdownMenuItem onClick={onSignOutClick} disabled={signingOut}>
 				Direct Sign Out
 			</DropdownMenuItem>

src/features/clusters/components/ClusterCardAction.tsx

@@ -1,5 +1,6 @@
 import { Button } from '@/components/ui/button';
 import { defaultInstanceRoute } from '@/config/constants';
+import { authStore } from '@/features/auth/store/authStore';
 import { useInstanceAuth } from '@/hooks/useAuth';
 import { useOrganizationClusterPermissions } from '@/hooks/usePermissions';
 import { Cluster } from '@/lib/api.patch';
@@ -10,6 +11,8 @@ import { ArrowRight } from 'lucide-react';
 export function ClusterCardAction({ cluster }: { cluster: Cluster }) {
 	const auth = useInstanceAuth(cluster.id);
 	const { view, update } = useOrganizationClusterPermissions(cluster.organizationId, cluster.id);
+	const isFabricConnect = authStore.checkForFabricConnect(cluster.id);
+	const isDirectConnect = !isFabricConnect && !!auth.user;
 
 	if (!view) {
 		return undefined;
@@ -40,7 +43,7 @@ export function ClusterCardAction({ cluster }: { cluster: Cluster }) {
 		return undefined;
 	}
 
-	if (auth.user) {
+	if (isDirectConnect) {
 		return <Link to={`/${cluster.organizationId}/${cluster.id}${defaultInstanceRoute}`} className="text-sm text-nowrap" aria-label={`View ${cluster.name}`} title={`View ${cluster.name}`}>
 			<span className="py-2 hover:border-b-2">
 				Direct Connect <ArrowRight className="inline-block" />

src/features/instance/instanceLayoutRoute.ts

@@ -1,55 +1,103 @@
+import { getInstanceClient } from '@/config/getInstanceClient';
 import { getInstanceClientIdFromParams } from '@/config/useInstanceClient';
+import {
+	AuthenticatedCloudConnection,
+	AuthenticatedConnection,
+	authStore,
+	OverallAppSignIn,
+} from '@/features/auth/store/authStore';
 import { clusterLayoutRoute } from '@/features/cluster/clusterLayoutRoute';
 import { InstanceLayout } from '@/features/instance/InstanceLayout';
+import { getInstanceUserInfo } from '@/features/instance/operations/queries/getInstanceUserInfo';
 import { getRegistrationInfoQueryOptions } from '@/features/instance/operations/queries/getRegistrationInfo';
+import { getOrganizationClusterInstancePermissions, getOrganizationClusterPermissions } from '@/hooks/usePermissions';
 import { buildRedirectInSearch } from '@/lib/urls/buildRedirectInSearch';
 import { dashboardLayout } from '@/router/dashboardRoute';
+import { QueryClient } from '@tanstack/react-query';
 import { createRoute, redirect } from '@tanstack/react-router';
 
 export function createInstanceLayoutRoute(mode: 'local' | 'cluster' | 'instance') {
-	if (mode === 'local') {
-		return createRoute({
-			getParentRoute: () => dashboardLayout,
-			id: '_instanceLayout',
-			component: InstanceLayout,
-			loader: async ({ context, params }) => {
-				const operationsParams = getInstanceClientIdFromParams(params);
-				return context.queryClient.ensureQueryData(getRegistrationInfoQueryOptions(operationsParams));
-			},
-		});
+	switch (mode) {
+		case 'local':
+			return createRoute({
+				getParentRoute: () => dashboardLayout,
+				id: '_instanceLayout',
+				component: InstanceLayout,
+				loader: registrationInfoLoader,
+			});
+		case 'cluster':
+			return createRoute({
+				getParentRoute: () => clusterLayoutRoute,
+				id: '_instanceLayout',
+				component: InstanceLayout,
+				beforeLoad: checkClusterInstanceAuthenticationBeforeLoad,
+				loader: registrationInfoLoader,
+			});
+		case 'instance':
+			return createRoute({
+				getParentRoute: () => clusterLayoutRoute,
+				path: 'instance/$instanceId',
+				component: InstanceLayout,
+				beforeLoad: checkClusterInstanceAuthenticationBeforeLoad,
+				loader: registrationInfoLoader,
+			});
 	}
-	if (mode === 'cluster') {
-		return createRoute({
-			getParentRoute: () => clusterLayoutRoute,
-			id: '_instanceLayout',
-			component: InstanceLayout,
-			beforeLoad: async ({ context, params }) => {
-				const auth = context.authentication[params.clusterId];
-				if (!auth || (!auth.isLoading && !auth.user)) {
-					const to = `/${params.organizationId}/${params.clusterId}/sign-in`;
-					throw redirect({ to, search: buildRedirectInSearch() });
-				}
-			},
-			loader: async ({ context, params }) => {
-				const operationsParams = getInstanceClientIdFromParams(params);
-				return context.queryClient.ensureQueryData(getRegistrationInfoQueryOptions(operationsParams));
-			},
+}
+
+async function checkClusterInstanceAuthenticationBeforeLoad({
+	context,
+	params,
+}: {
+	context: { authentication: Record<string, AuthenticatedConnection> },
+	params: { organizationId: string; clusterId: string, instanceId?: string }
+}) {
+	// Are we already authenticated?
+	const auth = context.authentication[params.instanceId || params.clusterId];
+	if (auth?.isLoading || auth?.user) {
+		return;
+	}
+
+	// See if we can Fabric Connect.
+	const overallAuth = context.authentication[OverallAppSignIn] as AuthenticatedCloudConnection;
+	if (overallAuth?.isLoading) {
+		return;
+	}
+	const { update } = params.instanceId
+		? getOrganizationClusterInstancePermissions(overallAuth.user, params.organizationId, params.clusterId)
+		: getOrganizationClusterPermissions(overallAuth.user, params.organizationId, params.clusterId);
+	if (update) {
+		const entityId = params.instanceId || params.clusterId;
+		const instanceClient = getInstanceClient({
+			id: entityId,
+			forceFabricConnect: true,
 		});
+		try {
+			const user = await getInstanceUserInfo({ instanceClient });
+			authStore.setUserForIdAndKey(
+				entityId,
+				instanceClient.defaults.baseURL!,
+				user,
+			);
+			authStore.flagForFabricConnect(entityId, true);
+			return;
+		} catch (err) {
+			console.error('Fabric Connect not established', err);
+		}
 	}
-	return createRoute({
-		getParentRoute: () => clusterLayoutRoute,
-		path: 'instance/$instanceId',
-		component: InstanceLayout,
-		beforeLoad: async ({ context, params }) => {
-			const auth = context.authentication[params.instanceId];
-			if (!auth || (!auth.isLoading && !auth.user)) {
-				const to = `/${params.organizationId}/${params.clusterId}/instance/${params.instanceId}/sign-in`;
-				throw redirect({ to, search: buildRedirectInSearch() });
-			}
-		},
-		loader: async ({ context, params }) => {
-			const operationsParams = getInstanceClientIdFromParams(params);
-			return context.queryClient.ensureQueryData(getRegistrationInfoQueryOptions(operationsParams));
-		},
-	});
+
+	const to = `/${params.organizationId}/${params.clusterId}/`
+		+ (params.instanceId ? `instance/${params.instanceId}` : '')
+		+ `/sign-in`;
+	throw redirect({ to, search: buildRedirectInSearch() });
+}
+
+function registrationInfoLoader({
+	context,
+	params,
+}: {
+	context: { queryClient: QueryClient },
+	params: { organizationId?: string; clusterId?: string, instanceId?: string },
+}) {
+	const operationsParams = getInstanceClientIdFromParams(params);
+	return context.queryClient.ensureQueryData(getRegistrationInfoQueryOptions(operationsParams));
 }