Skip to content

Commit 748596f

Browse files
bcmmbagabcmmbaga
authored
Add JWT allow groups support in account settings (#309)
1 parent b06cb0e commit 748596f

File tree

2 files changed

+60
-0
lines changed

2 files changed

+60
-0
lines changed

src/store/account/types.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ export interface Account {
88
jwt_groups_enabled: boolean;
99
groups_propagation_enabled: boolean;
1010
jwt_groups_claim_name: string;
11+
jwt_allow_groups: string[];
1112
extra: {
1213
peer_approval_enabled: boolean;
1314
}
@@ -19,6 +20,7 @@ export interface FormAccount extends Account {
1920
jwt_groups_enabled: boolean;
2021
groups_propagation_enabled: boolean;
2122
jwt_groups_claim_name: string;
23+
jwt_allow_groups: string[];
2224
peer_login_expiration_formatted: ExpiresInValue;
2325
peer_approval_enabled: boolean;
2426
}

src/views/Settings.tsx

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -142,6 +142,8 @@ export const Settings = () => {
142142
const [groupsPropagationEnabled, setGroupsPropagationEnabled] =
143143
useState(true);
144144
const [jwtGroupsClaimName, setJwtGroupsClaimName] = useState("");
145+
const [jwtAllowGroups, setJwtAllowGroups] = useState<string[]>([]);
146+
const [displayJWTAllowGroups, setDisplayJWTAllowGroups] = useState(false);
145147
const [confirmModal, confirmModalContextHolder] = Modal.useModal();
146148
const { confirm } = Modal;
147149

@@ -256,6 +258,7 @@ export const Settings = () => {
256258
account.settings.peer_login_expiration_enabled,
257259
jwt_groups_enabled: account.settings.jwt_groups_enabled,
258260
jwt_groups_claim_name: account.settings.jwt_groups_claim_name,
261+
jwt_allow_groups: account.settings.jwt_allow_groups? account.settings.jwt_allow_groups : [],
259262
groups_propagation_enabled: account.settings.groups_propagation_enabled,
260263
peer_approval_enabled: account.settings.extra ? account.settings.extra.peer_approval_enabled : false,
261264
} as FormAccount;
@@ -265,6 +268,7 @@ export const Settings = () => {
265268
setJwtGroupsEnabled(fAccount.jwt_groups_enabled);
266269
setGroupsPropagationEnabled(fAccount.groups_propagation_enabled);
267270
setJwtGroupsClaimName(fAccount.jwt_groups_claim_name);
271+
setJwtAllowGroups(fAccount.jwt_allow_groups);
268272
form.setFieldsValue(fAccount);
269273
}, [accounts]);
270274

@@ -430,6 +434,7 @@ export const Settings = () => {
430434
jwt_groups_enabled: updatedAccount.data.settings.jwt_groups_enabled,
431435
jwt_groups_claim_name:
432436
updatedAccount.data.settings.jwt_groups_claim_name,
437+
jwt_allow_groups: updatedAccount.data.settings.jwt_allow_groups,
433438
groups_propagation_enabled:
434439
updatedAccount.data.settings.groups_propagation_enabled,
435440
peer_approval_enabled: updatedAccount.data.settings.extra? updatedAccount.data.settings.extra.peer_approval_enabled : false,
@@ -466,6 +471,7 @@ export const Settings = () => {
466471
peer_login_expiration_enabled: formPeerExpirationEnabled,
467472
jwt_groups_enabled: jwtGroupsEnabled,
468473
jwt_groups_claim_name: jwtGroupsClaimName,
474+
jwt_allow_groups: jwtAllowGroups,
469475
groups_propagation_enabled: groupsPropagationEnabled,
470476
peer_approval_enabled: formPeerApprovalEnabled,
471477
});
@@ -495,6 +501,7 @@ export const Settings = () => {
495501
peer_login_expiration_enabled: values.peer_login_expiration_enabled,
496502
jwt_groups_enabled: jwtGroupsEnabled,
497503
jwt_groups_claim_name: jwtGroupsClaimName,
504+
jwt_allow_groups: jwtAllowGroups,
498505
groups_propagation_enabled: groupsPropagationEnabled,
499506
},
500507
} as Account;
@@ -532,6 +539,7 @@ export const Settings = () => {
532539

533540
const saveAccount = (newValues: FormAccount) => {
534541
let accountToSave = createAccountToSave(newValues);
542+
535543
dispatch(
536544
accountActions.updateAccount.request({
537545
getAccessTokenSilently: getTokenSilently,
@@ -875,6 +883,56 @@ export const Settings = () => {
875883
</Form.Item>
876884
</Col>
877885
</Row>
886+
<Row>
887+
<Col span={12}>
888+
<label
889+
style={{
890+
color: "rgba(0, 0, 0, 0.88)",
891+
fontSize: "14px",
892+
fontWeight: "500",
893+
}}
894+
>
895+
JWT allow group
896+
</label>
897+
<Paragraph
898+
type={"secondary"}
899+
style={{
900+
marginTop: "-2",
901+
fontWeight: "400",
902+
marginBottom: "5px",
903+
}}
904+
>
905+
Limit access to NetBird for the specified group name, e.g., NetBird users.
906+
To use the group, first you need to configure it first in your IdP.
907+
</Paragraph>
908+
</Col>
909+
</Row>
910+
<Row>
911+
<Col lg={6}>
912+
<Form.Item name="jwt_allow_groups" style={displayJWTAllowGroups ? {marginBottom: "2px",} : {}}>
913+
<Input
914+
value={jwtAllowGroups[0]}
915+
autoComplete="off"
916+
onChange={(e) => {
917+
setJwtAllowGroups([e.target.value]);
918+
setDisplayJWTAllowGroups(true);
919+
}}
920+
/>
921+
</Form.Item>
922+
</Col>
923+
</Row>
924+
{ displayJWTAllowGroups && (
925+
<Row>
926+
<Paragraph style={{
927+
marginTop: "-20",
928+
fontWeight: "400",
929+
marginBottom: "5px",
930+
color: "red"
931+
}}>
932+
To prevent losing access, ensure you are part of this group.
933+
</Paragraph>
934+
</Row>
935+
)}
878936
</>
879937
)}
880938
</div>

0 commit comments

Comments
 (0)