Add feature hide-menu for embedded screens on Operator UI (#1604)

* Add feature hide-menu for embedded screens on Operator UI Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>
2022-02-21 21:42:18 -08:00
parent 28dcd19dd9
commit 56c4311a6b
27 changed files with 381 additions and 166 deletions
--- a/pkg/auth/token.go
+++ b/pkg/auth/token.go
@@ -66,6 +66,12 @@ type TokenClaims struct {
 	STSSecretAccessKey string `json:"stsSecretAccessKey,omitempty"`
 	STSSessionToken    string `json:"stsSessionToken,omitempty"`
 	AccountAccessKey   string `json:"accountAccessKey,omitempty"`
+	HideMenu           bool   `json:"hm,omitempty"`
+}
+
+// SessionFeatures represents features stored in the session
+type SessionFeatures struct {
+	HideMenu bool
 }

 // SessionTokenAuthenticate takes a session token, decode it, extract claims and validate the signature
@@ -96,14 +102,18 @@ func SessionTokenAuthenticate(token string) (*TokenClaims, error) {

 // NewEncryptedTokenForClient generates a new session token with claims based on the provided STS credentials, first
 // encrypts the claims and the sign them
-func NewEncryptedTokenForClient(credentials *credentials.Value, accountAccessKey string) (string, error) {
+func NewEncryptedTokenForClient(credentials *credentials.Value, accountAccessKey string, features *SessionFeatures) (string, error) {
 	if credentials != nil {
-		encryptedClaims, err := encryptClaims(&TokenClaims{
+		tokenClaims := &TokenClaims{
 			STSAccessKeyID:     credentials.AccessKeyID,
 			STSSecretAccessKey: credentials.SecretAccessKey,
 			STSSessionToken:    credentials.SessionToken,
 			AccountAccessKey:   accountAccessKey,
-		})
+		}
+		if features != nil {
+			tokenClaims.HideMenu = features.HideMenu
+		}
+		encryptedClaims, err := encryptClaims(tokenClaims)
 		if err != nil {
 			return "", err
 		}
--- a/pkg/auth/token_test.go
+++ b/pkg/auth/token_test.go
@@ -36,14 +36,14 @@ func TestNewJWTWithClaimsForClient(t *testing.T) {
 	funcAssert := assert.New(t)
 	// Test-1 : NewEncryptedTokenForClient() is generated correctly without errors
 	function := "NewEncryptedTokenForClient()"
-	token, err := NewEncryptedTokenForClient(creds, "")
+	token, err := NewEncryptedTokenForClient(creds, "", nil)
 	if err != nil || token == "" {
 		t.Errorf("Failed on %s:, error occurred: %s", function, err)
 	}
 	// saving token for future tests
 	goodToken = token
 	// Test-2 : NewEncryptedTokenForClient() throws error because of empty credentials
-	if _, err = NewEncryptedTokenForClient(nil, ""); err != nil {
+	if _, err = NewEncryptedTokenForClient(nil, "", nil); err != nil {
 		funcAssert.Equal("provided credentials are empty", err.Error())
 	}
 }