Release v0.12.7 (#1310)

Signed-off-by: Benjamin Perez <benjamin@bexsoft.net>

.github/workflows/compiles.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/crosscompile-1.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/crosscompile-2.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/crosscompile-3.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/crosscompile-4.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/crosscompile-5.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/go-test-pkg.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/go.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x, 1.17.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

.github/workflows/integration.yml

@@ -8,14 +8,21 @@ on:
     branches:
       - master
 
+# This ensures that previous jobs for the PR are canceled when the PR is
+# updated.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref }}
+  cancel-in-progress: true
+
 jobs:
-  build:
+  minio-test:
     name: Integration Tests with Latest Distributed MinIO
-    runs-on: ${{ matrix.os }}
+    runs-on: ubuntu-latest
+
     strategy:
       matrix:
-        go-version: [1.16.x]
-        os: [ubuntu-latest]
+        go-version: [1.17.x]
+
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
         uses: actions/setup-go@v2
@@ -27,13 +34,5 @@ jobs:
         uses: actions/checkout@v2
 
       - name: Build on ${{ matrix.os }}
-        env:
-          GO111MODULE: on
-          GOOS: linux
-          CGO_ENABLED: 0
         run: |
-          wget -O /tmp/minio https://dl.minio.io/server/minio/release/linux-amd64/minio
-          chmod +x /tmp/minio
-          mkdir -p /tmp/certs-dir
-          /tmp/minio server --quiet -S /tmp/certs-dir /tmp/fs{1...4} &
-          go test github.com/minio/console/integration/...
+          make test-integration

.github/workflows/lint.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [1.16.x, 1.17.x]
+        go-version: [1.17.x]
         os: [ubuntu-latest]
     steps:
       - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}

Dockerfile

@@ -8,7 +8,7 @@ RUN yarn install
 
 COPY ./portal-ui .
 
-RUN yarn install && make build-static
+RUN make build-static
 
 USER node
 

Makefile

@@ -63,6 +63,11 @@ swagger-operator:
 assets:
 	@(cd portal-ui; yarn install; make build-static; yarn prettier --write . --loglevel warn;  cd ..)
 
+test-integration:
+	@(docker run -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4} && sleep 5)
+	@(GO111MODULE=on go test -race -v github.com/minio/console/integration/...)
+	@(docker stop minio)
+
 test:
 	@(GO111MODULE=on go test -race -v github.com/minio/console/restapi/...)
 

README.md

@@ -53,12 +53,12 @@ docker pull minio/console
 ```
 
 ### Build from source
+> You will need a working Go environment. Therefore, please follow [How to install Go](https://golang.org/doc/install).
+> Minimum version required is go1.17
 
 ```
-GO111MODULE=on go install github.com/minio/console/cmd/console@latest
+go install github.com/minio/console/cmd/console@latest
 ```
-> You will need a working Go environment. Therefore, please follow [How to install Go](https://golang.org/doc/install).
-> Minimum version required is go1.16
 
 ## Setup
 

cmd/console/operator.go

@@ -21,6 +21,7 @@ import (
 	"io/ioutil"
 	"path/filepath"
 	"strconv"
+	"syscall"
 	"time"
 
 	"github.com/minio/console/restapi"
@@ -173,6 +174,10 @@ func loadOperatorAllCerts(ctx *cli.Context) error {
 		}
 	}
 
+	if restapi.GlobalTLSCertsManager != nil {
+		restapi.GlobalTLSCertsManager.ReloadOnSignal(syscall.SIGHUP)
+	}
+
 	return nil
 }
 

cmd/console/server.go

@@ -22,6 +22,7 @@ import (
 	"os"
 	"path/filepath"
 	"strconv"
+	"syscall"
 	"time"
 
 	"github.com/go-openapi/loads"
@@ -172,6 +173,10 @@ func loadAllCerts(ctx *cli.Context) error {
 		}
 	}
 
+	if restapi.GlobalTLSCertsManager != nil {
+		restapi.GlobalTLSCertsManager.ReloadOnSignal(syscall.SIGHUP)
+	}
+
 	return nil
 }
 

go.mod

@@ -1,6 +1,6 @@
 module github.com/minio/console
 
-go 1.16
+go 1.17
 
 require (
 	github.com/blang/semver/v4 v4.0.0
@@ -13,18 +13,19 @@ require (
 	github.com/go-openapi/strfmt v0.20.0
 	github.com/go-openapi/swag v0.19.14
 	github.com/go-openapi/validate v0.20.2
+	github.com/golang-jwt/jwt/v4 v4.1.0
 	github.com/gorilla/websocket v1.4.2
 	github.com/jessevdk/go-flags v1.4.0
 	github.com/klauspost/compress v1.13.6
 	github.com/minio/cli v1.22.0
 	github.com/minio/direct-csi v1.3.5-0.20210601185811-f7776f7961bf
 	github.com/minio/kes v0.11.0
-	github.com/minio/madmin-go v1.1.10
-	github.com/minio/mc v0.0.0-20211027024940-7866f97ef502
-	github.com/minio/minio-go/v7 v7.0.15-0.20211004160302-3b57c1e369ca
+	github.com/minio/madmin-go v1.1.12
+	github.com/minio/mc v0.0.0-20211110003602-1461b652d920
+	github.com/minio/minio-go/v7 v7.0.15
 	github.com/minio/operator v0.0.0-20211011212245-31460bbbc4b7
 	github.com/minio/operator/logsearchapi v0.0.0-20211011212245-31460bbbc4b7
-	github.com/minio/pkg v1.1.5
+	github.com/minio/pkg v1.1.9
 	github.com/minio/selfupdate v0.3.1
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/rs/xid v1.3.0
@@ -40,4 +41,115 @@ require (
 	k8s.io/client-go v0.21.1
 )
 
+require (
+	github.com/PuerkitoBio/purell v1.1.1 // indirect
+	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
+	github.com/StackExchange/wmi v1.2.1 // indirect
+	github.com/VividCortex/ewma v1.1.1 // indirect
+	github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/briandowns/spinner v1.16.0 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/cheggaaa/pb v1.0.29 // indirect
+	github.com/coreos/go-semver v0.3.0 // indirect
+	github.com/coreos/go-systemd/v22 v22.3.2 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0 // indirect
+	github.com/docker/go-units v0.4.0 // indirect
+	github.com/emicklei/go-restful v2.9.5+incompatible // indirect
+	github.com/evanphx/json-patch v4.9.0+incompatible // indirect
+	github.com/fatih/color v1.13.0 // indirect
+	github.com/fatih/structs v1.1.0 // indirect
+	github.com/georgysavva/scany v0.2.7 // indirect
+	github.com/go-logr/logr v0.4.0 // indirect
+	github.com/go-ole/go-ole v1.2.5 // indirect
+	github.com/go-openapi/analysis v0.20.0 // indirect
+	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/go-openapi/jsonreference v0.19.5 // indirect
+	github.com/go-stack/stack v1.8.0 // indirect
+	github.com/goccy/go-json v0.7.9 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
+	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/go-cmp v0.5.5 // indirect
+	github.com/google/gofuzz v1.1.0 // indirect
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/googleapis/gnostic v0.5.1 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/golang-lru v0.5.4 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
+	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.0 // indirect
+	github.com/lestrrat-go/httpcc v1.0.0 // indirect
+	github.com/lestrrat-go/iter v1.0.1 // indirect
+	github.com/lestrrat-go/jwx v1.2.7 // indirect
+	github.com/lestrrat-go/option v1.0.0 // indirect
+	github.com/mailru/easyjson v0.7.6 // indirect
+	github.com/mattn/go-colorable v0.1.10 // indirect
+	github.com/mattn/go-ieproxy v0.0.1 // indirect
+	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/mattn/go-runewidth v0.0.13 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
+	github.com/mb0/glob v0.0.0-20160210091149-1eb79d2de6c4 // indirect
+	github.com/minio/argon2 v1.0.0 // indirect
+	github.com/minio/colorjson v1.0.1 // indirect
+	github.com/minio/filepath v1.0.0 // indirect
+	github.com/minio/md5-simd v1.1.2 // indirect
+	github.com/minio/sha256-simd v1.0.0 // indirect
+	github.com/mitchellh/mapstructure v1.4.1 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/philhofer/fwd v1.1.1 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pkg/profile v1.6.0 // indirect
+	github.com/pkg/xattr v0.4.3 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+	github.com/posener/complete v1.2.3 // indirect
+	github.com/prometheus/client_golang v1.11.0 // indirect
+	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/prometheus/common v0.31.1 // indirect
+	github.com/prometheus/procfs v0.7.3 // indirect
+	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/rjeczalik/notify v0.9.2 // indirect
+	github.com/shirou/gopsutil/v3 v3.21.8 // indirect
+	github.com/sirupsen/logrus v1.8.1 // indirect
+	github.com/stretchr/objx v0.2.0 // indirect
+	github.com/tidwall/gjson v1.10.2 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.0 // indirect
+	github.com/tinylib/msgp v1.1.6 // indirect
+	github.com/tklauser/go-sysconf v0.3.9 // indirect
+	github.com/tklauser/numcpus v0.3.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.0 // indirect
+	go.mongodb.org/mongo-driver v1.4.6 // indirect
+	go.uber.org/atomic v1.9.0 // indirect
+	go.uber.org/multierr v1.7.0 // indirect
+	go.uber.org/zap v1.19.1 // indirect
+	golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6 // indirect
+	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
+	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
+	google.golang.org/appengine v1.6.6 // indirect
+	google.golang.org/genproto v0.0.0-20210928142010-c7af6a1a74c9 // indirect
+	google.golang.org/grpc v1.41.0 // indirect
+	google.golang.org/protobuf v1.27.1 // indirect
+	gopkg.in/h2non/filetype.v1 v1.0.5 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/ini.v1 v1.63.2 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+	k8s.io/klog/v2 v2.8.0 // indirect
+	k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7 // indirect
+	k8s.io/utils v0.0.0-20201110183641-67b214c5f920 // indirect
+	maze.io/x/duration v0.0.0-20160924141736-faac084b6075 // indirect
+	sigs.k8s.io/controller-runtime v0.8.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.1.0 // indirect
+	sigs.k8s.io/yaml v1.2.0 // indirect
+)
+
 replace google.golang.org/grpc => google.golang.org/grpc v1.29.1

go.sum

@@ -487,6 +487,8 @@ github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69
 github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
 github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
+github.com/golang-jwt/jwt/v4 v4.1.0 h1:XUgk2Ex5veyVFVeLm0xhusUTQybEbexJXrvPNOKkSY0=
+github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
@@ -909,16 +911,18 @@ github.com/minio/filepath v1.0.0/go.mod h1:/nRZA2ldl5z6jT9/KQuvZcQlxZIMQoFFQPvEX
 github.com/minio/kes v0.11.0 h1:8ma6OCVSxKT50b1uYXLJro3m7PmZtCLxBaTddQexI5k=
 github.com/minio/kes v0.11.0/go.mod h1:mTF1Bv8YVEtQqF/B7Felp4tLee44Pp+dgI0rhCvgNg8=
 github.com/minio/madmin-go v1.0.12/go.mod h1:BK+z4XRx7Y1v8SFWXsuLNqQqnq5BO/axJ8IDJfgyvfs=
-github.com/minio/madmin-go v1.1.10 h1:pfMgXkzdwADnNfVdNMJbwok2fjb2sJ7Q76kDt89RGzE=
-github.com/minio/madmin-go v1.1.10/go.mod h1:Iu0OnrMWNBYx1lqJTW+BFjBMx0Hi0wjw8VmqhiOs2Jo=
-github.com/minio/mc v0.0.0-20211027024940-7866f97ef502 h1:7ip9qTspUniv+WDENgOcfUr95IccxG5aDkBM4Z96kQg=
-github.com/minio/mc v0.0.0-20211027024940-7866f97ef502/go.mod h1:vxztwXLB9Gyl/h3Yh08Mpz1CB/0FO5Es0iQRpzxvS5I=
+github.com/minio/madmin-go v1.1.11-0.20211102182201-e51fd3d6b104/go.mod h1:Iu0OnrMWNBYx1lqJTW+BFjBMx0Hi0wjw8VmqhiOs2Jo=
+github.com/minio/madmin-go v1.1.12 h1:dtSPkOlzDa1Z2dnw9VQL0+OVVl+7O23o2lfztWs0Dqc=
+github.com/minio/madmin-go v1.1.12/go.mod h1:Iu0OnrMWNBYx1lqJTW+BFjBMx0Hi0wjw8VmqhiOs2Jo=
+github.com/minio/mc v0.0.0-20211110003602-1461b652d920 h1:3QhH/Ji1X6OsoQFkebmsU0D2R86bSpqm567xzWM7WtY=
+github.com/minio/mc v0.0.0-20211110003602-1461b652d920/go.mod h1:V8NmUfU0W3G/mrifeO6nm4CWFTiXY2nx7FJyMge/aHk=
 github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77ZrKZ0Gw=
 github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
 github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
 github.com/minio/minio-go/v7 v7.0.11-0.20210302210017-6ae69c73ce78/go.mod h1:mTh2uJuAbEqdhMVl6CMIIZLUeiMiWtJR4JB8/5g2skw=
-github.com/minio/minio-go/v7 v7.0.15-0.20211004160302-3b57c1e369ca h1:DKdUaXCMM6fFUwS9K68HGw8nlqqUZhQN106rPW1V/oI=
 github.com/minio/minio-go/v7 v7.0.15-0.20211004160302-3b57c1e369ca/go.mod h1:pUV0Pc+hPd1nccgmzQF/EXh48l/Z/yps6QPF1aaie4g=
+github.com/minio/minio-go/v7 v7.0.15 h1:r9/NhjJ+nXYrIYvbObhvc1wPj3YH1iDpJzz61uRKLyY=
+github.com/minio/minio-go/v7 v7.0.15/go.mod h1:pUV0Pc+hPd1nccgmzQF/EXh48l/Z/yps6QPF1aaie4g=
 github.com/minio/operator v0.0.0-20211011212245-31460bbbc4b7 h1:dkfuMNslMjGoJ4ArAMSoQhidYNdm3SgzLBP+f96O3/E=
 github.com/minio/operator v0.0.0-20211011212245-31460bbbc4b7/go.mod h1:lDpuz8nwsfhKlfiBaA3Z8AW019fWEAjO2gltfLbdorE=
 github.com/minio/operator/logsearchapi v0.0.0-20211011212245-31460bbbc4b7 h1:vFtQqCt67ETp0JAkOKRWTKkgwFv14Vc1jJSxmQ8wJE0=
@@ -927,8 +931,8 @@ github.com/minio/pkg v1.0.3/go.mod h1:obU54TZ9QlMv0TRaDgQ/JTzf11ZSXxnSfLrm4tMtBP
 github.com/minio/pkg v1.0.4/go.mod h1:obU54TZ9QlMv0TRaDgQ/JTzf11ZSXxnSfLrm4tMtBP8=
 github.com/minio/pkg v1.0.11/go.mod h1:32x/3OmGB0EOi1N+3ggnp+B5VFkSBBB9svPMVfpnf14=
 github.com/minio/pkg v1.1.3/go.mod h1:32x/3OmGB0EOi1N+3ggnp+B5VFkSBBB9svPMVfpnf14=
-github.com/minio/pkg v1.1.5 h1:phwKkJBQdVLyxOXC3RChPVGLtebplzQJ5jJ3l/HBvnk=
-github.com/minio/pkg v1.1.5/go.mod h1:32x/3OmGB0EOi1N+3ggnp+B5VFkSBBB9svPMVfpnf14=
+github.com/minio/pkg v1.1.9 h1:NJrcrQyFCSgyF+u6v7FbPXjjNV0oSnBuBevhsTKmA2U=
+github.com/minio/pkg v1.1.9/go.mod h1:32x/3OmGB0EOi1N+3ggnp+B5VFkSBBB9svPMVfpnf14=
 github.com/minio/selfupdate v0.3.1 h1:BWEFSNnrZVMUWXbXIgLDNDjbejkmpAmZvy/nCz1HlEs=
 github.com/minio/selfupdate v0.3.1/go.mod h1:b8ThJzzH7u2MkF6PcIra7KaXO9Khf6alWPvMSyTDCFM=
 github.com/minio/sha256-simd v0.1.1/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM=

iconos/Tools.svg

@@ -1,9 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="17" height="16.986" viewBox="0 0 17 16.986">
-  <g id="Tools" transform="translate(-56.747 -82.596)">
-    <g id="Grupo_1868" data-name="Grupo 1868">
-      <path id="Trazado_6843" data-name="Trazado 6843" d="M71.847,82.6,68.6,84.36l.016.961-2.387,2.387,2.411,2.411,2.42-2.42.871,0,1.82-3.206Z" fill="#bccee6"/>
-      <path id="Trazado_6844" data-name="Trazado 6844" d="M61.539,92.4l-4.525,4.525a.852.852,0,0,0,0,1.205l1.205,1.206a.853.853,0,0,0,1.206,0l4.524-4.525Z" fill="#bccee6"/>
-    </g>
-    <path id="Trazado_6845" data-name="Trazado 6845" d="M73.162,96.921l-9.736-9.735a3.381,3.381,0,0,0-4.152-4.153L61.343,85.1l-2.411,2.411-2.069-2.069A3.381,3.381,0,0,0,61.016,89.6l9.735,9.736a.853.853,0,0,0,1.206,0l1.205-1.206A.852.852,0,0,0,73.162,96.921Z" fill="#bccee6"/>
-  </g>
-</svg>

integration/buckets_test.go

@@ -123,16 +123,17 @@ func TestMain(m *testing.M) {
 	}
 
 	if response != nil {
-		bodyBytes, _ := ioutil.ReadAll(response.Body)
-
-		loginResponse := models.LoginResponse{}
-		err = json.Unmarshal(bodyBytes, &loginResponse)
-		if err != nil {
-			log.Println(err)
+		for _, cookie := range response.Cookies() {
+			if cookie.Name == "token" {
+				token = cookie.Value
+				break
+			}
 		}
+	}
 
-		token = loginResponse.SessionID
-
+	if token == "" {
+		log.Println("authentication token not found in cookies response")
+		return
 	}
 
 	code := m.Run()
@@ -207,6 +208,153 @@ func TestAddBucket(t *testing.T) {
 	}
 }
 
+func TestGetBucket(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	requestDataAdd := map[string]interface{}{
+		"name":       "test3",
+		"versioning": false,
+		"locking":    false,
+	}
+
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	// put bucket
+	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/buckets", requestDataBody)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	// get bucket
+	request, err = http.NewRequest("GET", "http://localhost:9090/api/v1/buckets/test3", nil)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	if response != nil {
+		assert.Equal(200, response.StatusCode, "Status Code is incorrect")
+	}
+}
+
+func TestSetBucketTags(t *testing.T) {
+	assert := assert.New(t)
+
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+
+	requestDataAdd := map[string]interface{}{
+		"name":       "test4",
+		"versioning": false,
+		"locking":    false,
+	}
+
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	// put bucket
+	request, err := http.NewRequest("POST", "http://localhost:9090/api/v1/buckets", requestDataBody)
+	request.Close = true
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err := client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	requestDataTags := map[string]interface{}{
+		"tags": map[string]interface{}{
+			"test": "TAG",
+		},
+	}
+
+	requestTagsJSON, _ := json.Marshal(requestDataTags)
+
+	requestTagsBody := bytes.NewBuffer(requestTagsJSON)
+
+	request, err = http.NewRequest(http.MethodPut, "http://localhost:9090/api/v1/buckets/test4/tags", requestTagsBody)
+	request.Close = true
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	// get bucket
+	request, err = http.NewRequest("GET", "http://localhost:9090/api/v1/buckets/test4", nil)
+	request.Close = true
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+
+	response, err = client.Do(request)
+	assert.Nil(err)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	bodyBytes, _ := ioutil.ReadAll(response.Body)
+
+	bucket := models.Bucket{}
+	err = json.Unmarshal(bodyBytes, &bucket)
+	if err != nil {
+		log.Println(err)
+	}
+
+	assert.Equal("TAG", bucket.Details.Tags["test"], "Failed to add tag")
+}
+
 func TestBucketVersioning(t *testing.T) {
 	assert := assert.New(t)
 

k8s/operator-console/base/console-deployment.yaml

@@ -15,7 +15,7 @@ spec:
       serviceAccountName: console-sa
       containers:
         - name: console
-          image: minio/console:v0.12.0
+          image: minio/console:v0.12.7
           imagePullPolicy: "IfNotPresent"
           env:
             - name: CONSOLE_OPERATOR_MODE

k8s/operator-console/standalone/console-deployment.yaml

@@ -32,7 +32,7 @@ spec:
     spec:
       containers:
         - name: console
-          image: miniodev/console:dev
+          image: minio/console:v0.12.7
           imagePullPolicy: "IfNotPresent"
           env:
             - name: CONSOLE_MINIO_SERVER

models/admin_info_response.go

@@ -42,6 +42,9 @@ type AdminInfoResponse struct {
 	// objects
 	Objects int64 `json:"objects,omitempty"`
 
+	// prometheus not ready
+	PrometheusNotReady bool `json:"prometheusNotReady,omitempty"`
+
 	// servers
 	Servers []*ServerProperties `json:"servers"`
 

models/bucket.go

@@ -40,18 +40,12 @@ type Bucket struct {
 	// access
 	Access *BucketAccess `json:"access,omitempty"`
 
-	// allowed actions
-	AllowedActions []string `json:"allowedActions"`
-
 	// creation date
 	CreationDate string `json:"creation_date,omitempty"`
 
 	// details
 	Details *BucketDetails `json:"details,omitempty"`
 
-	// manage
-	Manage bool `json:"manage,omitempty"`
-
 	// name
 	// Required: true
 	// Min Length: 3

models/put_bucket_tags_request.go

@@ -0,0 +1,67 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// PutBucketTagsRequest put bucket tags request
+//
+// swagger:model putBucketTagsRequest
+type PutBucketTagsRequest struct {
+
+	// tags
+	Tags map[string]string `json:"tags,omitempty"`
+}
+
+// Validate validates this put bucket tags request
+func (m *PutBucketTagsRequest) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this put bucket tags request based on context it is used
+func (m *PutBucketTagsRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (m *PutBucketTagsRequest) MarshalBinary() ([]byte, error) {
+	if m == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *PutBucketTagsRequest) UnmarshalBinary(b []byte) error {
+	var res PutBucketTagsRequest
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*m = res
+	return nil
+}

models/session_response.go

@@ -49,8 +49,8 @@ type SessionResponse struct {
 	// pages
 	Pages []string `json:"pages"`
 
-	// policy
-	Policy *IamPolicy `json:"policy,omitempty"`
+	// permissions
+	Permissions map[string][]string `json:"permissions,omitempty"`
 
 	// status
 	// Enum: [ok]
@@ -61,10 +61,6 @@ type SessionResponse struct {
 func (m *SessionResponse) Validate(formats strfmt.Registry) error {
 	var res []error
 
-	if err := m.validatePolicy(formats); err != nil {
-		res = append(res, err)
-	}
-
 	if err := m.validateStatus(formats); err != nil {
 		res = append(res, err)
 	}
@@ -75,23 +71,6 @@ func (m *SessionResponse) Validate(formats strfmt.Registry) error {
 	return nil
 }
 
-func (m *SessionResponse) validatePolicy(formats strfmt.Registry) error {
-	if swag.IsZero(m.Policy) { // not required
-		return nil
-	}
-
-	if m.Policy != nil {
-		if err := m.Policy.Validate(formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("policy")
-			}
-			return err
-		}
-	}
-
-	return nil
-}
-
 var sessionResponseTypeStatusPropEnum []interface{}
 
 func init() {
@@ -131,31 +110,8 @@ func (m *SessionResponse) validateStatus(formats strfmt.Registry) error {
 	return nil
 }
 
-// ContextValidate validate this session response based on the context it is used
+// ContextValidate validates this session response based on context it is used
 func (m *SessionResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
-	var res []error
-
-	if err := m.contextValidatePolicy(ctx, formats); err != nil {
-		res = append(res, err)
-	}
-
-	if len(res) > 0 {
-		return errors.CompositeValidationError(res...)
-	}
-	return nil
-}
-
-func (m *SessionResponse) contextValidatePolicy(ctx context.Context, formats strfmt.Registry) error {
-
-	if m.Policy != nil {
-		if err := m.Policy.ContextValidate(ctx, formats); err != nil {
-			if ve, ok := err.(*errors.Validation); ok {
-				return ve.ValidateName("policy")
-			}
-			return err
-		}
-	}
-
 	return nil
 }
 

operatorapi/embedded_spec.go

@@ -272,38 +272,6 @@ func init() {
             }
           }
         }
-      },
-      "post": {
-        "security": [],
-        "tags": [
-          "UserAPI"
-        ],
-        "summary": "Login to Console",
-        "operationId": "Login",
-        "parameters": [
-          {
-            "name": "body",
-            "in": "body",
-            "required": true,
-            "schema": {
-              "$ref": "#/definitions/loginRequest"
-            }
-          }
-        ],
-        "responses": {
-          "201": {
-            "description": "A successful login.",
-            "schema": {
-              "$ref": "#/definitions/loginResponse"
-            }
-          },
-          "default": {
-            "description": "Generic error response.",
-            "schema": {
-              "$ref": "#/definitions/error"
-            }
-          }
-        }
       }
     },
     "/login/oauth2/auth": {
@@ -325,11 +293,8 @@ func init() {
           }
         ],
         "responses": {
-          "201": {
-            "description": "A successful login.",
-            "schema": {
-              "$ref": "#/definitions/loginResponse"
-            }
+          "204": {
+            "description": "A successful login."
           },
           "default": {
             "description": "Generic error response.",
@@ -359,11 +324,8 @@ func init() {
           }
         ],
         "responses": {
-          "201": {
-            "description": "A successful login.",
-            "schema": {
-              "$ref": "#/definitions/loginResponse"
-            }
+          "204": {
+            "description": "A successful login."
           },
           "default": {
             "description": "Generic error response.",
@@ -2215,14 +2177,6 @@ func init() {
         }
       }
     },
-    "loginResponse": {
-      "type": "object",
-      "properties": {
-        "sessionId": {
-          "type": "string"
-        }
-      }
-    },
     "maxAllocatableMemResponse": {
       "type": "object",
       "properties": {
@@ -3456,38 +3410,6 @@ func init() {
             }
           }
         }
-      },
-      "post": {
-        "security": [],
-        "tags": [
-          "UserAPI"
-        ],
-        "summary": "Login to Console",
-        "operationId": "Login",
-        "parameters": [
-          {
-            "name": "body",
-            "in": "body",
-            "required": true,
-            "schema": {
-              "$ref": "#/definitions/loginRequest"
-            }
-          }
-        ],
-        "responses": {
-          "201": {
-            "description": "A successful login.",
-            "schema": {
-              "$ref": "#/definitions/loginResponse"
-            }
-          },
-          "default": {
-            "description": "Generic error response.",
-            "schema": {
-              "$ref": "#/definitions/error"
-            }
-          }
-        }
       }
     },
     "/login/oauth2/auth": {
@@ -3509,11 +3431,8 @@ func init() {
           }
         ],
         "responses": {
-          "201": {
-            "description": "A successful login.",
-            "schema": {
-              "$ref": "#/definitions/loginResponse"
-            }
+          "204": {
+            "description": "A successful login."
           },
           "default": {
             "description": "Generic error response.",
@@ -3543,11 +3462,8 @@ func init() {
           }
         ],
         "responses": {
-          "201": {
-            "description": "A successful login.",
-            "schema": {
-              "$ref": "#/definitions/loginResponse"
-            }
+          "204": {
+            "description": "A successful login."
           },
           "default": {
             "description": "Generic error response.",
@@ -6112,14 +6028,6 @@ func init() {
         }
       }
     },
-    "loginResponse": {
-      "type": "object",
-      "properties": {
-        "sessionId": {
-          "type": "string"
-        }
-      }
-    },
     "maxAllocatableMemResponse": {
       "type": "object",
       "properties": {

operatorapi/operations/operator_api.go

@@ -123,9 +123,6 @@ func NewOperatorAPI(spec *loads.Document) *OperatorAPI {
 		OperatorAPIListTenantsHandler: operator_api.ListTenantsHandlerFunc(func(params operator_api.ListTenantsParams, principal *models.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation operator_api.ListTenants has not yet been implemented")
 		}),
-		UserAPILoginHandler: user_api.LoginHandlerFunc(func(params user_api.LoginParams) middleware.Responder {
-			return middleware.NotImplemented("operation user_api.Login has not yet been implemented")
-		}),
 		UserAPILoginDetailHandler: user_api.LoginDetailHandlerFunc(func(params user_api.LoginDetailParams) middleware.Responder {
 			return middleware.NotImplemented("operation user_api.LoginDetail has not yet been implemented")
 		}),
@@ -269,8 +266,6 @@ type OperatorAPI struct {
 	OperatorAPIListPVCsForTenantHandler operator_api.ListPVCsForTenantHandler
 	// OperatorAPIListTenantsHandler sets the operation handler for the list tenants operation
 	OperatorAPIListTenantsHandler operator_api.ListTenantsHandler
-	// UserAPILoginHandler sets the operation handler for the login operation
-	UserAPILoginHandler user_api.LoginHandler
 	// UserAPILoginDetailHandler sets the operation handler for the login detail operation
 	UserAPILoginDetailHandler user_api.LoginDetailHandler
 	// UserAPILoginOauth2AuthHandler sets the operation handler for the login oauth2 auth operation
@@ -448,9 +443,6 @@ func (o *OperatorAPI) Validate() error {
 	if o.OperatorAPIListTenantsHandler == nil {
 		unregistered = append(unregistered, "operator_api.ListTenantsHandler")
 	}
-	if o.UserAPILoginHandler == nil {
-		unregistered = append(unregistered, "user_api.LoginHandler")
-	}
 	if o.UserAPILoginDetailHandler == nil {
 		unregistered = append(unregistered, "user_api.LoginDetailHandler")
 	}
@@ -683,10 +675,6 @@ func (o *OperatorAPI) initHandlerCache() {
 		o.handlers["GET"] = make(map[string]http.Handler)
 	}
 	o.handlers["GET"]["/namespaces/{namespace}/tenants"] = operator_api.NewListTenants(o.context, o.OperatorAPIListTenantsHandler)
-	if o.handlers["POST"] == nil {
-		o.handlers["POST"] = make(map[string]http.Handler)
-	}
-	o.handlers["POST"]["/login"] = user_api.NewLogin(o.context, o.UserAPILoginHandler)
 	if o.handlers["GET"] == nil {
 		o.handlers["GET"] = make(map[string]http.Handler)
 	}

operatorapi/operations/user_api/login.go

@@ -1,73 +0,0 @@
-// Code generated by go-swagger; DO NOT EDIT.
-
-// This file is part of MinIO Console Server
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-//
-
-package user_api
-
-// This file was generated by the swagger tool.
-// Editing this file might prove futile when you re-run the generate command
-
-import (
-	"net/http"
-
-	"github.com/go-openapi/runtime/middleware"
-)
-
-// LoginHandlerFunc turns a function with the right signature into a login handler
-type LoginHandlerFunc func(LoginParams) middleware.Responder
-
-// Handle executing the request and returning a response
-func (fn LoginHandlerFunc) Handle(params LoginParams) middleware.Responder {
-	return fn(params)
-}
-
-// LoginHandler interface for that can handle valid login params
-type LoginHandler interface {
-	Handle(LoginParams) middleware.Responder
-}
-
-// NewLogin creates a new http.Handler for the login operation
-func NewLogin(ctx *middleware.Context, handler LoginHandler) *Login {
-	return &Login{Context: ctx, Handler: handler}
-}
-
-/* Login swagger:route POST /login UserAPI login
-
-Login to Console
-
-*/
-type Login struct {
-	Context *middleware.Context
-	Handler LoginHandler
-}
-
-func (o *Login) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
-	route, rCtx, _ := o.Context.RouteInfo(r)
-	if rCtx != nil {
-		*r = *rCtx
-	}
-	var Params = NewLoginParams()
-	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
-		o.Context.Respond(rw, r, route.Produces, route, err)
-		return
-	}
-
-	res := o.Handler.Handle(Params) // actually handle the request
-	o.Context.Respond(rw, r, route.Produces, route, res)
-
-}

operatorapi/operations/user_api/login_oauth2_auth_responses.go

@@ -30,48 +30,28 @@ import (
 	"github.com/minio/console/models"
 )
 
-// LoginOauth2AuthCreatedCode is the HTTP code returned for type LoginOauth2AuthCreated
-const LoginOauth2AuthCreatedCode int = 201
+// LoginOauth2AuthNoContentCode is the HTTP code returned for type LoginOauth2AuthNoContent
+const LoginOauth2AuthNoContentCode int = 204
 
-/*LoginOauth2AuthCreated A successful login.
+/*LoginOauth2AuthNoContent A successful login.
 
-swagger:response loginOauth2AuthCreated
+swagger:response loginOauth2AuthNoContent
 */
-type LoginOauth2AuthCreated struct {
-
-	/*
-	  In: Body
-	*/
-	Payload *models.LoginResponse `json:"body,omitempty"`
+type LoginOauth2AuthNoContent struct {
 }
 
-// NewLoginOauth2AuthCreated creates LoginOauth2AuthCreated with default headers values
-func NewLoginOauth2AuthCreated() *LoginOauth2AuthCreated {
+// NewLoginOauth2AuthNoContent creates LoginOauth2AuthNoContent with default headers values
+func NewLoginOauth2AuthNoContent() *LoginOauth2AuthNoContent {
 
-	return &LoginOauth2AuthCreated{}
-}
-
-// WithPayload adds the payload to the login oauth2 auth created response
-func (o *LoginOauth2AuthCreated) WithPayload(payload *models.LoginResponse) *LoginOauth2AuthCreated {
-	o.Payload = payload
-	return o
-}
-
-// SetPayload sets the payload to the login oauth2 auth created response
-func (o *LoginOauth2AuthCreated) SetPayload(payload *models.LoginResponse) {
-	o.Payload = payload
+	return &LoginOauth2AuthNoContent{}
 }
 
 // WriteResponse to the client
-func (o *LoginOauth2AuthCreated) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+func (o *LoginOauth2AuthNoContent) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 
-	rw.WriteHeader(201)
-	if o.Payload != nil {
-		payload := o.Payload
-		if err := producer.Produce(rw, payload); err != nil {
-			panic(err) // let the recovery middleware deal with this
-		}
-	}
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(204)
 }
 
 /*LoginOauth2AuthDefault Generic error response.

operatorapi/operations/user_api/login_operator_responses.go

@@ -30,48 +30,28 @@ import (
 	"github.com/minio/console/models"
 )
 
-// LoginOperatorCreatedCode is the HTTP code returned for type LoginOperatorCreated
-const LoginOperatorCreatedCode int = 201
+// LoginOperatorNoContentCode is the HTTP code returned for type LoginOperatorNoContent
+const LoginOperatorNoContentCode int = 204
 
-/*LoginOperatorCreated A successful login.
+/*LoginOperatorNoContent A successful login.
 
-swagger:response loginOperatorCreated
+swagger:response loginOperatorNoContent
 */
-type LoginOperatorCreated struct {
-
-	/*
-	  In: Body
-	*/
-	Payload *models.LoginResponse `json:"body,omitempty"`
+type LoginOperatorNoContent struct {
 }
 
-// NewLoginOperatorCreated creates LoginOperatorCreated with default headers values
-func NewLoginOperatorCreated() *LoginOperatorCreated {
+// NewLoginOperatorNoContent creates LoginOperatorNoContent with default headers values
+func NewLoginOperatorNoContent() *LoginOperatorNoContent {
 
-	return &LoginOperatorCreated{}
-}
-
-// WithPayload adds the payload to the login operator created response
-func (o *LoginOperatorCreated) WithPayload(payload *models.LoginResponse) *LoginOperatorCreated {
-	o.Payload = payload
-	return o
-}
-
-// SetPayload sets the payload to the login operator created response
-func (o *LoginOperatorCreated) SetPayload(payload *models.LoginResponse) {
-	o.Payload = payload
+	return &LoginOperatorNoContent{}
 }
 
 // WriteResponse to the client
-func (o *LoginOperatorCreated) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+func (o *LoginOperatorNoContent) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
 
-	rw.WriteHeader(201)
-	if o.Payload != nil {
-		payload := o.Payload
-		if err := producer.Produce(rw, payload); err != nil {
-			panic(err) // let the recovery middleware deal with this
-		}
-	}
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(204)
 }
 
 /*LoginOperatorDefault Generic error response.

operatorapi/operator_login.go

@@ -17,7 +17,11 @@
 package operatorapi
 
 import (
+	"context"
 	"net/http"
+	"time"
+
+	xoauth2 "golang.org/x/oauth2"
 
 	"github.com/minio/minio-go/v7/pkg/credentials"
 
@@ -33,39 +37,15 @@ import (
 )
 
 func registerLoginHandlers(api *operations.OperatorAPI) {
-	// get login strategy
+	// GET login strategy
 	api.UserAPILoginDetailHandler = user_api.LoginDetailHandlerFunc(func(params user_api.LoginDetailParams) middleware.Responder {
-		loginDetails, err := getLoginDetailsResponse()
+		loginDetails, err := getLoginDetailsResponse(params.HTTPRequest)
 		if err != nil {
 			return user_api.NewLoginDetailDefault(int(err.Code)).WithPayload(err)
 		}
 		return user_api.NewLoginDetailOK().WithPayload(loginDetails)
 	})
-	// post login
-	api.UserAPILoginHandler = user_api.LoginHandlerFunc(func(params user_api.LoginParams) middleware.Responder {
-		loginResponse, err := getLoginResponse(params.Body)
-		if err != nil {
-			return user_api.NewLoginDefault(int(err.Code)).WithPayload(err)
-		}
-		// Custom response writer to set the session cookies
-		return middleware.ResponderFunc(func(w http.ResponseWriter, p runtime.Producer) {
-			cookie := restapi.NewSessionCookieForConsole(loginResponse.SessionID)
-			http.SetCookie(w, &cookie)
-			user_api.NewLoginCreated().WithPayload(loginResponse).WriteResponse(w, p)
-		})
-	})
-	api.UserAPILoginOauth2AuthHandler = user_api.LoginOauth2AuthHandlerFunc(func(params user_api.LoginOauth2AuthParams) middleware.Responder {
-		loginResponse, err := getLoginOauth2AuthResponse()
-		if err != nil {
-			return user_api.NewLoginOauth2AuthDefault(int(err.Code)).WithPayload(err)
-		}
-		// Custom response writer to set the session cookies
-		return middleware.ResponderFunc(func(w http.ResponseWriter, p runtime.Producer) {
-			cookie := restapi.NewSessionCookieForConsole(loginResponse.SessionID)
-			http.SetCookie(w, &cookie)
-			user_api.NewLoginOauth2AuthCreated().WithPayload(loginResponse).WriteResponse(w, p)
-		})
-	})
+	// POST login using k8s service account token
 	api.UserAPILoginOperatorHandler = user_api.LoginOperatorHandlerFunc(func(params user_api.LoginOperatorParams) middleware.Responder {
 		loginResponse, err := getLoginOperatorResponse(params.Body)
 		if err != nil {
@@ -75,7 +55,20 @@ func registerLoginHandlers(api *operations.OperatorAPI) {
 		return middleware.ResponderFunc(func(w http.ResponseWriter, p runtime.Producer) {
 			cookie := restapi.NewSessionCookieForConsole(loginResponse.SessionID)
 			http.SetCookie(w, &cookie)
-			user_api.NewLoginOperatorCreated().WithPayload(loginResponse).WriteResponse(w, p)
+			user_api.NewLoginOperatorNoContent().WriteResponse(w, p)
+		})
+	})
+	// POST login using external IDP
+	api.UserAPILoginOauth2AuthHandler = user_api.LoginOauth2AuthHandlerFunc(func(params user_api.LoginOauth2AuthParams) middleware.Responder {
+		loginResponse, err := getLoginOauth2AuthResponse(params.HTTPRequest, params.Body)
+		if err != nil {
+			return user_api.NewLoginOauth2AuthDefault(int(err.Code)).WithPayload(err)
+		}
+		// Custom response writer to set the session cookies
+		return middleware.ResponderFunc(func(w http.ResponseWriter, p runtime.Producer) {
+			cookie := restapi.NewSessionCookieForConsole(loginResponse.SessionID)
+			http.SetCookie(w, &cookie)
+			user_api.NewLoginOauth2AuthNoContent().WriteResponse(w, p)
 		})
 	})
 }
@@ -97,45 +90,15 @@ func login(credentials restapi.ConsoleCredentialsI) (*string, error) {
 	return &token, nil
 }
 
-// getConsoleCredentials will return consoleCredentials interface including the associated policy of the current account
-func getConsoleCredentials(accessKey, secretKey string) (*restapi.ConsoleCredentials, error) {
-	creds, err := newConsoleCredentials(secretKey)
-	if err != nil {
-		return nil, err
-	}
-	return &restapi.ConsoleCredentials{
-		ConsoleCredentials: creds,
-		AccountAccessKey:   accessKey,
-	}, nil
-}
-
-// getLoginResponse performs login() and serializes it to the handler's output
-func getLoginResponse(lr *models.LoginRequest) (*models.LoginResponse, *models.Error) {
-	// prepare console credentials
-	consolCreds, err := getConsoleCredentials(*lr.AccessKey, *lr.SecretKey)
-	if err != nil {
-		return nil, prepareError(errInvalidCredentials, nil, err)
-	}
-	sessionID, err := login(consolCreds)
-	if err != nil {
-		return nil, prepareError(errInvalidCredentials, nil, err)
-	}
-	// serialize output
-	loginResponse := &models.LoginResponse{
-		SessionID: *sessionID,
-	}
-	return loginResponse, nil
-}
-
 // getLoginDetailsResponse returns information regarding the Console authentication mechanism.
-func getLoginDetailsResponse() (*models.LoginDetails, *models.Error) {
+func getLoginDetailsResponse(r *http.Request) (*models.LoginDetails, *models.Error) {
 	loginStrategy := models.LoginDetailsLoginStrategyServiceDashAccount
 	redirectURL := ""
 
 	if oauth2.IsIDPEnabled() {
 		loginStrategy = models.LoginDetailsLoginStrategyRedirect
 		// initialize new oauth2 client
-		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, restapi.GetConsoleHTTPClient())
+		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient())
 		if err != nil {
 			return nil, prepareError(err)
 		}
@@ -151,22 +114,48 @@ func getLoginDetailsResponse() (*models.LoginDetails, *models.Error) {
 	return loginDetails, nil
 }
 
-func getLoginOauth2AuthResponse() (*models.LoginResponse, *models.Error) {
+// verifyUserAgainstIDP will verify user identity against the configured IDP and return MinIO credentials
+func verifyUserAgainstIDP(ctx context.Context, provider auth.IdentityProviderI, code, state string) (*xoauth2.Token, error) {
+	oauth2Token, err := provider.VerifyIdentityForOperator(ctx, code, state)
+	if err != nil {
+		return nil, err
+	}
+	return oauth2Token, nil
+}
 
-	creds, err := newConsoleCredentials(getK8sSAToken())
-	if err != nil {
-		return nil, prepareError(err)
+func getLoginOauth2AuthResponse(r *http.Request, lr *models.LoginOauth2AuthRequest) (*models.LoginResponse, *models.Error) {
+	ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
+	defer cancel()
+	if oauth2.IsIDPEnabled() {
+		// initialize new oauth2 client
+		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, r, restapi.GetConsoleHTTPClient())
+		if err != nil {
+			return nil, prepareError(err)
+		}
+		// initialize new identity provider
+		identityProvider := auth.IdentityProvider{Client: oauth2Client}
+		// Validate user against IDP
+		_, err = verifyUserAgainstIDP(ctx, identityProvider, *lr.Code, *lr.State)
+		if err != nil {
+			return nil, prepareError(err)
+		}
+		// If we pass here that means the IDP correctly authenticate the user with the operator resource
+		// we proceed to use the service account token configured in the operator-console pod
+		creds, err := newConsoleCredentials(getK8sSAToken())
+		if err != nil {
+			return nil, prepareError(err)
+		}
+		token, err := login(restapi.ConsoleCredentials{ConsoleCredentials: creds})
+		if err != nil {
+			return nil, prepareError(errInvalidCredentials, nil, err)
+		}
+		// serialize output
+		loginResponse := &models.LoginResponse{
+			SessionID: *token,
+		}
+		return loginResponse, nil
 	}
-	consoleCredentials := restapi.ConsoleCredentials{ConsoleCredentials: creds}
-	token, err := login(consoleCredentials)
-	if err != nil {
-		return nil, prepareError(errInvalidCredentials, nil, err)
-	}
-	// serialize output
-	loginResponse := &models.LoginResponse{
-		SessionID: *token,
-	}
-	return loginResponse, nil
+	return nil, prepareError(errorGeneric)
 }
 
 func newConsoleCredentials(secretKey string) (*credentials.Credentials, error) {

operatorapi/operator_tenants.go

@@ -943,6 +943,11 @@ func getTenantCreatedResponse(session *models.Principal, params operator_api.Cre
 		},
 	}
 
+	_, err = clientSet.CoreV1().Secrets(ns).Create(ctx, &instanceSecret, metav1.CreateOptions{})
+	if err != nil {
+		return nil, prepareError(err)
+	}
+
 	// Enable/Disable console object browser for MinIO tenant (default is on)
 	enabledConsole := "on"
 	if tenantReq.EnableConsole != nil && !*tenantReq.EnableConsole {
@@ -952,11 +957,6 @@ func getTenantCreatedResponse(session *models.Principal, params operator_api.Cre
 	tenantConfigurationENV["MINIO_ROOT_USER"] = accessKey
 	tenantConfigurationENV["MINIO_ROOT_PASSWORD"] = secretKey
 
-	_, err = clientSet.CoreV1().Secrets(ns).Create(ctx, &instanceSecret, metav1.CreateOptions{})
-	if err != nil {
-		return nil, prepareError(err)
-	}
-
 	// delete secrets created if an error occurred during tenant creation,
 	defer func() {
 		if mError != nil {

operatorapi/operator_tenants_helper.go

@@ -19,6 +19,7 @@ package operatorapi
 import (
 	"context"
 	"crypto"
+	"crypto/tls"
 	"encoding/base64"
 	"encoding/hex"
 	"fmt"
@@ -307,6 +308,10 @@ func createOrReplaceExternalCertSecrets(ctx context.Context, clientSet K8sClient
 		if err != nil {
 			return nil, err
 		}
+		// check if the key pair is valid
+		if _, err = tls.X509KeyPair(tlsCrt, tlsKey); err != nil {
+			return nil, err
+		}
 		externalTLSCertificateSecret := &corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
 				Name: keyPairSecretName,

operatorapi/proxy.go

@@ -185,7 +185,8 @@ func serveProxy(responseWriter http.ResponseWriter, req *http.Request) {
 		responseWriter.WriteHeader(500)
 		return
 	}
-	targetURL.Path = strings.Replace(req.URL.Path, fmt.Sprintf("/api/proxy/%s/%s", tenant.Namespace, tenant.Name), "", -1)
+	tenantBase := fmt.Sprintf("/api/proxy/%s/%s", tenant.Namespace, tenant.Name)
+	targetURL.Path = strings.Replace(req.URL.Path, tenantBase, "", -1)
 
 	proxiedCookie := &http.Cookie{
 		Name:     "token",
@@ -207,8 +208,17 @@ func serveProxy(responseWriter http.ResponseWriter, req *http.Request) {
 		CheckRedirect: func(req *http.Request, via []*http.Request) error {
 			return http.ErrUseLastResponse
 		}}
+
+	// are we proxying something with cp=y? (console proxy) then add cpb (console proxy base) so the console
+	// on the other side updates the <base href="" /> to this value overriding sub path or root
+	if v := req.URL.Query().Get("cp"); v == "y" {
+		q := req.URL.Query()
+		q.Add("cpb", tenantBase)
+		req.URL.RawQuery = q.Encode()
+	}
 	// copy query params
 	targetURL.RawQuery = req.URL.Query().Encode()
+
 	proxRequest, err := http.NewRequest(req.Method, targetURL.String(), req.Body)
 	if err != nil {
 		log.Println(err)

pkg/acl/endpoints.go

@@ -39,6 +39,7 @@ var (
 	dashboard                   = "/dashboard"
 	metrics                     = "/metrics"
 	profiling                   = "/profiling"
+	addBucket                   = "/add-bucket"
 	buckets                     = "/buckets"
 	bucketsGeneral              = "/buckets/*"
 	bucketsAdmin                = "/buckets/:bucketName/admin/*"
@@ -74,6 +75,7 @@ var (
 	tools                       = "/tools"
 	logs                        = "/tools/logs"
 	auditLogs                   = "/tools/audit-logs"
+	speedtest                   = "/tools/speedtest"
 	healthInfo                  = "/tools/diagnostics"
 )
 
@@ -294,6 +296,16 @@ var healthInfoActionSet = ConfigurationActionSet{
 	),
 }
 
+// logsActionSet contains the list of admin actions required for this endpoint to work
+var speedtestActionSet = ConfigurationActionSet{
+	actionTypes: iampolicy.NewActionSet(
+		iampolicy.AllAdminActions,
+	),
+	actions: iampolicy.NewActionSet(
+		iampolicy.HealthInfoAdminAction,
+	),
+}
+
 var displayRules = map[string]func() bool{
 	// disable users page if LDAP is enabled
 	users: func() bool {
@@ -324,6 +336,7 @@ var endpointRules = map[string]ConfigurationActionSet{
 	dashboard:                   dashboardActionSet,
 	metrics:                     dashboardActionSet,
 	profiling:                   profilingActionSet,
+	addBucket:                   bucketsActionSet,
 	buckets:                     bucketsActionSet,
 	bucketsGeneral:              bucketsActionSet,
 	bucketsAdmin:                bucketsActionSet,
@@ -344,6 +357,7 @@ var endpointRules = map[string]ConfigurationActionSet{
 	auditLogs:                   logsActionSet,
 	tools:                       toolsActionSet,
 	healthInfo:                  healthInfoActionSet,
+	speedtest:                   speedtestActionSet,
 }
 
 // operatorRules contains the mapping between endpoints and ActionSets for operator only mode

pkg/acl/endpoints_test.go

@@ -70,7 +70,7 @@ func TestGetAuthorizedEndpoints(t *testing.T) {
 					"admin:*",
 				},
 			},
-			want: 33,
+			want: 34,
 		},
 		{
 			name: "all s3 endpoints",
@@ -79,7 +79,7 @@ func TestGetAuthorizedEndpoints(t *testing.T) {
 					"s3:*",
 				},
 			},
-			want: 9,
+			want: 10,
 		},
 		{
 			name: "all admin and s3 endpoints",
@@ -89,7 +89,7 @@ func TestGetAuthorizedEndpoints(t *testing.T) {
 					"s3:*",
 				},
 			},
-			want: 35,
+			want: 37,
 		},
 		{
 			name: "Console User - default endpoints",

pkg/acl/permissions.go

@@ -1,81 +0,0 @@
-// This file is part of MinIO Orchestrator
-// Copyright (c) 2021 MinIO, Inc.
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package acl
-
-import iampolicy "github.com/minio/pkg/iam/policy"
-
-var BucketViewerRole = iampolicy.NewActionSet(
-	iampolicy.ListBucketAction,
-	iampolicy.GetObjectAction,
-)
-
-var BucketEditorRole = iampolicy.NewActionSet(
-	iampolicy.ListBucketAction,
-	iampolicy.GetObjectAction,
-	iampolicy.DeleteObjectAction,
-	iampolicy.PutObjectAction,
-)
-var BucketAdminRole = iampolicy.NewActionSet(
-	iampolicy.AbortMultipartUploadAction,
-	iampolicy.CreateBucketAction,
-	iampolicy.DeleteBucketAction,
-	iampolicy.ForceDeleteBucketAction,
-	iampolicy.DeleteBucketPolicyAction,
-	iampolicy.GetBucketLocationAction,
-	iampolicy.GetBucketNotificationAction,
-	iampolicy.GetBucketPolicyAction,
-	iampolicy.HeadBucketAction,
-	iampolicy.ListAllMyBucketsAction,
-	iampolicy.GetBucketPolicyStatusAction,
-	iampolicy.ListBucketVersionsAction,
-	iampolicy.ListBucketMultipartUploadsAction,
-	iampolicy.ListenNotificationAction,
-	iampolicy.ListenBucketNotificationAction,
-	iampolicy.ListMultipartUploadPartsAction,
-	iampolicy.PutBucketLifecycleAction,
-	iampolicy.GetBucketLifecycleAction,
-	iampolicy.PutBucketNotificationAction,
-	iampolicy.PutBucketPolicyAction,
-	iampolicy.BypassGovernanceRetentionAction,
-	iampolicy.PutObjectRetentionAction,
-	iampolicy.GetObjectRetentionAction,
-	iampolicy.GetObjectLegalHoldAction,
-	iampolicy.PutObjectLegalHoldAction,
-	iampolicy.GetBucketObjectLockConfigurationAction,
-	iampolicy.PutBucketObjectLockConfigurationAction,
-	iampolicy.GetBucketTaggingAction,
-	iampolicy.PutBucketTaggingAction,
-	iampolicy.GetObjectVersionAction,
-	iampolicy.GetObjectVersionTaggingAction,
-	iampolicy.DeleteObjectVersionAction,
-	iampolicy.DeleteObjectVersionTaggingAction,
-	iampolicy.PutObjectVersionTaggingAction,
-	iampolicy.GetObjectTaggingAction,
-	iampolicy.PutObjectTaggingAction,
-	iampolicy.DeleteObjectTaggingAction,
-	iampolicy.PutBucketEncryptionAction,
-	iampolicy.GetBucketEncryptionAction,
-	iampolicy.PutBucketVersioningAction,
-	iampolicy.GetBucketVersioningAction,
-	iampolicy.GetReplicationConfigurationAction,
-	iampolicy.PutReplicationConfigurationAction,
-	iampolicy.ReplicateObjectAction,
-	iampolicy.ReplicateDeleteAction,
-	iampolicy.ReplicateTagsAction,
-	iampolicy.GetObjectVersionForReplicationAction,
-	iampolicy.AllActions,
-)

pkg/auth/idp.go

@@ -20,8 +20,8 @@ import (
 	"context"
 
 	"github.com/minio/console/pkg/auth/idp/oauth2"
-
 	"github.com/minio/minio-go/v7/pkg/credentials"
+	xoauth2 "golang.org/x/oauth2"
 )
 
 // IdentityProviderI interface with all functions to be implemented
@@ -29,6 +29,7 @@ import (
 // that are used within this project.
 type IdentityProviderI interface {
 	VerifyIdentity(ctx context.Context, code, state string) (*credentials.Credentials, error)
+	VerifyIdentityForOperator(ctx context.Context, code, state string) (*xoauth2.Token, error)
 	GenerateLoginURL() string
 }
 
@@ -45,6 +46,11 @@ func (c IdentityProvider) VerifyIdentity(ctx context.Context, code, state string
 	return c.Client.VerifyIdentity(ctx, code, state)
 }
 
+// VerifyIdentityForOperator will verify the user identity against the idp using the authorization code flow
+func (c IdentityProvider) VerifyIdentityForOperator(ctx context.Context, code, state string) (*xoauth2.Token, error) {
+	return c.Client.VerifyIdentityForOperator(ctx, code, state)
+}
+
 // GenerateLoginURL returns a new URL used by the user to login against the idp
 func (c IdentityProvider) GenerateLoginURL() string {
 	return c.Client.GenerateLoginURL()

pkg/auth/idp/oauth2/config.go

@@ -45,15 +45,19 @@ func GetIDPSecret() string {
 	return env.Get(ConsoleIDPSecret, "")
 }
 
-// Public endpoint used by the identity oidcProvider when redirecting the user after identity verification
+// Public endpoint used by the identity oidcProvider when redirecting
+// the user after identity verification
 func GetIDPCallbackURL() string {
 	return env.Get(ConsoleIDPCallbackURL, "")
 }
 
+func GetIDPCallbackURLDynamic() bool {
+	return env.Get(ConsoleIDPCallbackURLDynamic, "") == "on"
+}
+
 func IsIDPEnabled() bool {
 	return GetIDPURL() != "" &&
-		GetIDPClientID() != "" &&
-		GetIDPCallbackURL() != ""
+		GetIDPClientID() != ""
 }
 
 var defaultPassphraseForIDPHmac = utils.RandomCharString(64)

pkg/auth/idp/oauth2/const.go

@@ -18,14 +18,15 @@ package oauth2
 
 // Environment constants for console IDP/SSO configuration
 const (
-	ConsoleMinIOServer        = "CONSOLE_MINIO_SERVER"
-	ConsoleIDPURL             = "CONSOLE_IDP_URL"
-	ConsoleIDPClientID        = "CONSOLE_IDP_CLIENT_ID"
-	ConsoleIDPSecret          = "CONSOLE_IDP_SECRET"
-	ConsoleIDPCallbackURL     = "CONSOLE_IDP_CALLBACK"
-	ConsoleIDPHmacPassphrase  = "CONSOLE_IDP_HMAC_PASSPHRASE"
-	ConsoleIDPHmacSalt        = "CONSOLE_IDP_HMAC_SALT"
-	ConsoleIDPScopes          = "CONSOLE_IDP_SCOPES"
-	ConsoleIDPUserInfo        = "CONSOLE_IDP_USERINFO"
-	ConsoleIDPTokenExpiration = "CONSOLE_IDP_TOKEN_EXPIRATION"
+	ConsoleMinIOServer           = "CONSOLE_MINIO_SERVER"
+	ConsoleIDPURL                = "CONSOLE_IDP_URL"
+	ConsoleIDPClientID           = "CONSOLE_IDP_CLIENT_ID"
+	ConsoleIDPSecret             = "CONSOLE_IDP_SECRET"
+	ConsoleIDPCallbackURL        = "CONSOLE_IDP_CALLBACK"
+	ConsoleIDPCallbackURLDynamic = "CONSOLE_IDP_CALLBACK_DYNAMIC"
+	ConsoleIDPHmacPassphrase     = "CONSOLE_IDP_HMAC_PASSPHRASE"
+	ConsoleIDPHmacSalt           = "CONSOLE_IDP_HMAC_SALT"
+	ConsoleIDPScopes             = "CONSOLE_IDP_SCOPES"
+	ConsoleIDPUserInfo           = "CONSOLE_IDP_USERINFO"
+	ConsoleIDPTokenExpiration    = "CONSOLE_IDP_TOKEN_EXPIRATION"
 )

pkg/auth/idp/oauth2/provider.go

@@ -119,11 +119,33 @@ var derivedKey = func() []byte {
 	return pbkdf2.Key([]byte(getPassphraseForIDPHmac()), []byte(getSaltForIDPHmac()), 4096, 32, sha1.New)
 }
 
+const (
+	schemeHTTP  = "http"
+	schemeHTTPS = "https"
+)
+
+func getLoginCallbackURL(r *http.Request) string {
+	scheme := getSourceScheme(r)
+	if scheme == "" {
+		if r.TLS != nil {
+			scheme = schemeHTTPS
+		} else {
+			scheme = schemeHTTP
+		}
+	}
+
+	redirectURL := scheme + "://" + r.Host + "/oauth_callback"
+	_, err := url.Parse(redirectURL)
+	if err != nil {
+		panic(err)
+	}
+	return redirectURL
+}
+
 // NewOauth2ProviderClient instantiates a new oauth2 client using the configured credentials
 // it returns a *Provider object that contains the necessary configuration to initiate an
 // oauth2 authentication flow
-func NewOauth2ProviderClient(scopes []string, httpClient *http.Client) (*Provider, error) {
-
+func NewOauth2ProviderClient(scopes []string, r *http.Request, httpClient *http.Client) (*Provider, error) {
 	ddoc, err := parseDiscoveryDoc(GetIDPURL(), httpClient)
 	if err != nil {
 		return nil, err
@@ -134,6 +156,13 @@ func NewOauth2ProviderClient(scopes []string, httpClient *http.Client) (*Provide
 		scopes = strings.Split(getIDPScopes(), ",")
 	}
 
+	redirectURL := GetIDPCallbackURL()
+	if GetIDPCallbackURLDynamic() {
+		// dynamic redirect if set, will generate redirect URLs
+		// dynamically based on incoming requests.
+		redirectURL = getLoginCallbackURL(r)
+	}
+
 	// add "openid" scope always.
 	scopes = append(scopes, "openid")
 
@@ -141,7 +170,7 @@ func NewOauth2ProviderClient(scopes []string, httpClient *http.Client) (*Provide
 	client.oauth2Config = &xoauth2.Config{
 		ClientID:     GetIDPClientID(),
 		ClientSecret: GetIDPSecret(),
-		RedirectURL:  GetIDPCallbackURL(),
+		RedirectURL:  redirectURL,
 		Endpoint: oauth2.Endpoint{
 			AuthURL:  ddoc.AuthEndpoint,
 			TokenURL: ddoc.TokenEndpoint,
@@ -181,7 +210,8 @@ type User struct {
 	Username          string                 `json:"username"`
 }
 
-// VerifyIdentity will contact the configured IDP and validate the user identity based on the authorization code
+// VerifyIdentity will contact the configured IDP to the user identity based on the authorization code and state
+// if the user is valid, then it will contact MinIO to get valid sts credentials based on the identity provided by the IDP
 func (client *Provider) VerifyIdentity(ctx context.Context, code, state string) (*credentials.Credentials, error) {
 	// verify the provided state is valid (prevents CSRF attacks)
 	if err := validateOauth2State(state); err != nil {
@@ -232,6 +262,23 @@ func (client *Provider) VerifyIdentity(ctx context.Context, code, state string)
 	return sts, nil
 }
 
+// VerifyIdentityForOperator will contact the configured IDP and validate the user identity based on the authorization code and state
+func (client *Provider) VerifyIdentityForOperator(ctx context.Context, code, state string) (*xoauth2.Token, error) {
+	// verify the provided state is valid (prevents CSRF attacks)
+	if err := validateOauth2State(state); err != nil {
+		return nil, err
+	}
+	customCtx := context.WithValue(ctx, oauth2.HTTPClient, client.provHTTPClient)
+	oauth2Token, err := client.oauth2Config.Exchange(customCtx, code)
+	if err != nil {
+		return nil, err
+	}
+	if !oauth2Token.Valid() {
+		return nil, errors.New("invalid token")
+	}
+	return oauth2Token, nil
+}
+
 // validateOauth2State validates the provided state was originated using the same
 // instance (or one configured using the same secrets) of Console, this is basically used to prevent CSRF attacks
 // https://security.stackexchange.com/questions/20187/oauth2-cross-site-request-forgery-and-state-parameter

pkg/auth/idp/oauth2/proxy.go

@@ -0,0 +1,70 @@
+// This file is part of MinIO Console Server
+// Copyright (c) 2021 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package oauth2
+
+import (
+	"net/http"
+	"regexp"
+	"strings"
+)
+
+var (
+	// De-facto standard header keys.
+	xForwardedProto  = http.CanonicalHeaderKey("X-Forwarded-Proto")
+	xForwardedScheme = http.CanonicalHeaderKey("X-Forwarded-Scheme")
+)
+
+var (
+	// RFC7239 defines a new "Forwarded: " header designed to replace the
+	// existing use of X-Forwarded-* headers.
+	// e.g. Forwarded: for=192.0.2.60;proto=https;by=203.0.113.43
+	forwarded = http.CanonicalHeaderKey("Forwarded")
+	// Allows for a sub-match of the first value after 'for=' to the next
+	// comma, semi-colon or space. The match is case-insensitive.
+	forRegex = regexp.MustCompile(`(?i)(?:for=)([^(;|,| )]+)(.*)`)
+	// Allows for a sub-match for the first instance of scheme (http|https)
+	// prefixed by 'proto='. The match is case-insensitive.
+	protoRegex = regexp.MustCompile(`(?i)^(;|,| )+(?:proto=)(https|http)`)
+)
+
+// getSourceScheme retrieves the scheme from the X-Forwarded-Proto and RFC7239
+// Forwarded headers (in that order).
+func getSourceScheme(r *http.Request) string {
+	var scheme string
+
+	// Retrieve the scheme from X-Forwarded-Proto.
+	if proto := r.Header.Get(xForwardedProto); proto != "" {
+		scheme = strings.ToLower(proto)
+	} else if proto = r.Header.Get(xForwardedScheme); proto != "" {
+		scheme = strings.ToLower(proto)
+	} else if proto := r.Header.Get(forwarded); proto != "" {
+		// match should contain at least two elements if the protocol was
+		// specified in the Forwarded header. The first element will always be
+		// the 'for=', which we ignore, subsequently we proceed to look for
+		// 'proto=' which should precede right after `for=` if not
+		// we simply ignore the values and return empty. This is in line
+		// with the approach we took for returning first ip from multiple
+		// params.
+		if match := forRegex.FindStringSubmatch(proto); len(match) > 1 {
+			if match = protoRegex.FindStringSubmatch(match[2]); len(match) > 1 {
+				scheme = strings.ToLower(match[2])
+			}
+		}
+	}
+
+	return scheme
+}

pkg/auth/token.go

@@ -54,7 +54,7 @@ var derivedKey = func() []byte {
 	return pbkdf2.Key([]byte(token.GetPBKDFPassphrase()), []byte(token.GetPBKDFSalt()), 4096, 32, sha1.New)
 }
 
-// IsSessionTokenValid returns true or false depending if the provided session token is valid or not
+// IsSessionTokenValid returns true or false depending upon the provided session if the token is valid or not
 func IsSessionTokenValid(token string) bool {
 	_, err := SessionTokenAuthenticate(token)
 	return err == nil

pkg/auth/token/config.go

@@ -17,17 +17,25 @@
 package token
 
 import (
-	"strconv"
+	"time"
 
 	"github.com/minio/console/pkg/auth/utils"
 	"github.com/minio/pkg/env"
 )
 
-// ConsoleSTSDurationSeconds returns the default session duration for the STS requested tokens.
-func GetConsoleSTSDurationInSeconds() int {
-	duration, err := strconv.Atoi(env.Get(ConsoleSTSDurationSeconds, "3600"))
+// GetConsoleSTSDuration returns the default session duration for the STS requested tokens (defaults to 1h)
+func GetConsoleSTSDuration() time.Duration {
+	durationSeconds := env.Get(ConsoleSTSDurationSeconds, "")
+	if durationSeconds != "" {
+		duration, err := time.ParseDuration(durationSeconds + "s")
+		if err != nil {
+			duration = 1 * time.Hour
+		}
+		return duration
+	}
+	duration, err := time.ParseDuration(env.Get(ConsoleSTSDuration, "1h"))
 	if err != nil {
-		duration = 3600
+		duration = 1 * time.Hour
 	}
 	return duration
 }

pkg/auth/token/const.go

@@ -17,7 +17,8 @@
 package token
 
 const (
-	ConsoleSTSDurationSeconds = "CONSOLE_STS_DURATION_SECONDS"
+	ConsoleSTSDurationSeconds = "CONSOLE_STS_DURATION_SECONDS" // (deprecated), set value in seconds for sts session, ie: 3600
+	ConsoleSTSDuration        = "CONSOLE_STS_DURATION"         // time.Duration format, ie: 3600s, 2h45m, 1h, etc
 	ConsolePBKDFPassphrase    = "CONSOLE_PBKDF_PASSPHRASE"
 	ConsolePBKDFSalt          = "CONSOLE_PBKDF_SALT"
 )

portal-ui/build/asset-manifest.json

@@ -1,23 +1,352 @@
 {
   "files": {
+    "static/js/0.61f3644c.chunk.js": "./static/js/0.61f3644c.chunk.js",
+    "static/js/0.61f3644c.chunk.js.map": "./static/js/0.61f3644c.chunk.js.map",
+    "static/js/1.909ad498.chunk.js": "./static/js/1.909ad498.chunk.js",
+    "static/js/1.909ad498.chunk.js.map": "./static/js/1.909ad498.chunk.js.map",
+    "static/js/2.ecc7230a.chunk.js": "./static/js/2.ecc7230a.chunk.js",
+    "static/js/2.ecc7230a.chunk.js.map": "./static/js/2.ecc7230a.chunk.js.map",
+    "static/js/3.c0ebfa31.chunk.js": "./static/js/3.c0ebfa31.chunk.js",
+    "static/js/3.c0ebfa31.chunk.js.map": "./static/js/3.c0ebfa31.chunk.js.map",
+    "static/js/4.8cfd9458.chunk.js": "./static/js/4.8cfd9458.chunk.js",
+    "static/js/4.8cfd9458.chunk.js.map": "./static/js/4.8cfd9458.chunk.js.map",
+    "static/js/5.460b09ee.chunk.js": "./static/js/5.460b09ee.chunk.js",
+    "static/js/5.460b09ee.chunk.js.map": "./static/js/5.460b09ee.chunk.js.map",
+    "static/css/6.6b194dc9.chunk.css": "./static/css/6.6b194dc9.chunk.css",
+    "static/js/6.248a5046.chunk.js": "./static/js/6.248a5046.chunk.js",
+    "static/js/6.248a5046.chunk.js.map": "./static/js/6.248a5046.chunk.js.map",
+    "static/js/7.9ccae3d0.chunk.js": "./static/js/7.9ccae3d0.chunk.js",
+    "static/js/7.9ccae3d0.chunk.js.map": "./static/js/7.9ccae3d0.chunk.js.map",
+    "static/js/8.bc8a93a2.chunk.js": "./static/js/8.bc8a93a2.chunk.js",
+    "static/js/8.bc8a93a2.chunk.js.map": "./static/js/8.bc8a93a2.chunk.js.map",
+    "static/js/9.5ced61a9.chunk.js": "./static/js/9.5ced61a9.chunk.js",
+    "static/js/9.5ced61a9.chunk.js.map": "./static/js/9.5ced61a9.chunk.js.map",
+    "static/js/10.12577671.chunk.js": "./static/js/10.12577671.chunk.js",
+    "static/js/10.12577671.chunk.js.map": "./static/js/10.12577671.chunk.js.map",
+    "static/js/11.f6f635a3.chunk.js": "./static/js/11.f6f635a3.chunk.js",
+    "static/js/11.f6f635a3.chunk.js.map": "./static/js/11.f6f635a3.chunk.js.map",
     "main.css": "./static/css/main.ed78990a.chunk.css",
-    "main.js": "./static/js/main.a67784b5.chunk.js",
-    "main.js.map": "./static/js/main.a67784b5.chunk.js.map",
-    "runtime-main.js": "./static/js/runtime-main.30f8243a.js",
-    "runtime-main.js.map": "./static/js/runtime-main.30f8243a.js.map",
-    "static/css/2.71021f35.chunk.css": "./static/css/2.71021f35.chunk.css",
-    "static/js/2.fe356bb7.chunk.js": "./static/js/2.fe356bb7.chunk.js",
-    "static/js/2.fe356bb7.chunk.js.map": "./static/js/2.fe356bb7.chunk.js.map",
+    "main.js": "./static/js/main.e40b054c.chunk.js",
+    "main.js.map": "./static/js/main.e40b054c.chunk.js.map",
+    "runtime-main.js": "./static/js/runtime-main.ee8f7324.js",
+    "runtime-main.js.map": "./static/js/runtime-main.ee8f7324.js.map",
+    "static/js/14.f3490e05.chunk.js": "./static/js/14.f3490e05.chunk.js",
+    "static/js/14.f3490e05.chunk.js.map": "./static/js/14.f3490e05.chunk.js.map",
+    "static/js/15.00c253c4.chunk.js": "./static/js/15.00c253c4.chunk.js",
+    "static/js/15.00c253c4.chunk.js.map": "./static/js/15.00c253c4.chunk.js.map",
+    "static/js/16.18cdc9c7.chunk.js": "./static/js/16.18cdc9c7.chunk.js",
+    "static/js/16.18cdc9c7.chunk.js.map": "./static/js/16.18cdc9c7.chunk.js.map",
+    "static/css/17.f324abd6.chunk.css": "./static/css/17.f324abd6.chunk.css",
+    "static/js/17.7e4557ae.chunk.js": "./static/js/17.7e4557ae.chunk.js",
+    "static/js/17.7e4557ae.chunk.js.map": "./static/js/17.7e4557ae.chunk.js.map",
+    "static/js/18.71f69284.chunk.js": "./static/js/18.71f69284.chunk.js",
+    "static/js/18.71f69284.chunk.js.map": "./static/js/18.71f69284.chunk.js.map",
+    "static/js/19.79ee63d3.chunk.js": "./static/js/19.79ee63d3.chunk.js",
+    "static/js/19.79ee63d3.chunk.js.map": "./static/js/19.79ee63d3.chunk.js.map",
+    "static/css/20.6b194dc9.chunk.css": "./static/css/20.6b194dc9.chunk.css",
+    "static/js/20.8e9d85a7.chunk.js": "./static/js/20.8e9d85a7.chunk.js",
+    "static/js/20.8e9d85a7.chunk.js.map": "./static/js/20.8e9d85a7.chunk.js.map",
+    "static/js/21.dbf1b8d0.chunk.js": "./static/js/21.dbf1b8d0.chunk.js",
+    "static/js/21.dbf1b8d0.chunk.js.map": "./static/js/21.dbf1b8d0.chunk.js.map",
+    "static/js/22.92c8aa77.chunk.js": "./static/js/22.92c8aa77.chunk.js",
+    "static/js/22.92c8aa77.chunk.js.map": "./static/js/22.92c8aa77.chunk.js.map",
+    "static/js/23.03fea2c8.chunk.js": "./static/js/23.03fea2c8.chunk.js",
+    "static/js/23.03fea2c8.chunk.js.map": "./static/js/23.03fea2c8.chunk.js.map",
+    "static/js/24.cf0242e2.chunk.js": "./static/js/24.cf0242e2.chunk.js",
+    "static/js/24.cf0242e2.chunk.js.map": "./static/js/24.cf0242e2.chunk.js.map",
+    "static/css/25.6b194dc9.chunk.css": "./static/css/25.6b194dc9.chunk.css",
+    "static/js/25.f3579ae3.chunk.js": "./static/js/25.f3579ae3.chunk.js",
+    "static/js/25.f3579ae3.chunk.js.map": "./static/js/25.f3579ae3.chunk.js.map",
+    "static/js/26.48a3487e.chunk.js": "./static/js/26.48a3487e.chunk.js",
+    "static/js/26.48a3487e.chunk.js.map": "./static/js/26.48a3487e.chunk.js.map",
+    "static/js/27.d516d2ab.chunk.js": "./static/js/27.d516d2ab.chunk.js",
+    "static/js/27.d516d2ab.chunk.js.map": "./static/js/27.d516d2ab.chunk.js.map",
+    "static/js/28.a1a209c4.chunk.js": "./static/js/28.a1a209c4.chunk.js",
+    "static/js/28.a1a209c4.chunk.js.map": "./static/js/28.a1a209c4.chunk.js.map",
+    "static/js/29.683934ed.chunk.js": "./static/js/29.683934ed.chunk.js",
+    "static/js/29.683934ed.chunk.js.map": "./static/js/29.683934ed.chunk.js.map",
+    "static/js/30.24a0fc1f.chunk.js": "./static/js/30.24a0fc1f.chunk.js",
+    "static/js/30.24a0fc1f.chunk.js.map": "./static/js/30.24a0fc1f.chunk.js.map",
+    "static/js/31.7c715d85.chunk.js": "./static/js/31.7c715d85.chunk.js",
+    "static/js/31.7c715d85.chunk.js.map": "./static/js/31.7c715d85.chunk.js.map",
+    "static/js/32.c51425a1.chunk.js": "./static/js/32.c51425a1.chunk.js",
+    "static/js/32.c51425a1.chunk.js.map": "./static/js/32.c51425a1.chunk.js.map",
+    "static/js/33.1bb1ba8d.chunk.js": "./static/js/33.1bb1ba8d.chunk.js",
+    "static/js/33.1bb1ba8d.chunk.js.map": "./static/js/33.1bb1ba8d.chunk.js.map",
+    "static/js/34.40e55d18.chunk.js": "./static/js/34.40e55d18.chunk.js",
+    "static/js/34.40e55d18.chunk.js.map": "./static/js/34.40e55d18.chunk.js.map",
+    "static/js/35.02f9b7b2.chunk.js": "./static/js/35.02f9b7b2.chunk.js",
+    "static/js/35.02f9b7b2.chunk.js.map": "./static/js/35.02f9b7b2.chunk.js.map",
+    "static/js/36.5cecbf70.chunk.js": "./static/js/36.5cecbf70.chunk.js",
+    "static/js/36.5cecbf70.chunk.js.map": "./static/js/36.5cecbf70.chunk.js.map",
+    "static/js/37.363c05a9.chunk.js": "./static/js/37.363c05a9.chunk.js",
+    "static/js/37.363c05a9.chunk.js.map": "./static/js/37.363c05a9.chunk.js.map",
+    "static/js/38.d596f67d.chunk.js": "./static/js/38.d596f67d.chunk.js",
+    "static/js/38.d596f67d.chunk.js.map": "./static/js/38.d596f67d.chunk.js.map",
+    "static/js/39.43ce6c4c.chunk.js": "./static/js/39.43ce6c4c.chunk.js",
+    "static/js/39.43ce6c4c.chunk.js.map": "./static/js/39.43ce6c4c.chunk.js.map",
+    "static/js/40.20dd0324.chunk.js": "./static/js/40.20dd0324.chunk.js",
+    "static/js/40.20dd0324.chunk.js.map": "./static/js/40.20dd0324.chunk.js.map",
+    "static/js/41.a9eb0e10.chunk.js": "./static/js/41.a9eb0e10.chunk.js",
+    "static/js/41.a9eb0e10.chunk.js.map": "./static/js/41.a9eb0e10.chunk.js.map",
+    "static/js/42.b5ede466.chunk.js": "./static/js/42.b5ede466.chunk.js",
+    "static/js/42.b5ede466.chunk.js.map": "./static/js/42.b5ede466.chunk.js.map",
+    "static/js/43.6b575051.chunk.js": "./static/js/43.6b575051.chunk.js",
+    "static/js/43.6b575051.chunk.js.map": "./static/js/43.6b575051.chunk.js.map",
+    "static/js/44.c6a32e7d.chunk.js": "./static/js/44.c6a32e7d.chunk.js",
+    "static/js/44.c6a32e7d.chunk.js.map": "./static/js/44.c6a32e7d.chunk.js.map",
+    "static/js/45.5fe946a8.chunk.js": "./static/js/45.5fe946a8.chunk.js",
+    "static/js/45.5fe946a8.chunk.js.map": "./static/js/45.5fe946a8.chunk.js.map",
+    "static/js/46.9d3dcbab.chunk.js": "./static/js/46.9d3dcbab.chunk.js",
+    "static/js/46.9d3dcbab.chunk.js.map": "./static/js/46.9d3dcbab.chunk.js.map",
+    "static/js/47.af12a257.chunk.js": "./static/js/47.af12a257.chunk.js",
+    "static/js/47.af12a257.chunk.js.map": "./static/js/47.af12a257.chunk.js.map",
+    "static/js/48.c908bb8e.chunk.js": "./static/js/48.c908bb8e.chunk.js",
+    "static/js/48.c908bb8e.chunk.js.map": "./static/js/48.c908bb8e.chunk.js.map",
+    "static/js/49.61181ac1.chunk.js": "./static/js/49.61181ac1.chunk.js",
+    "static/js/49.61181ac1.chunk.js.map": "./static/js/49.61181ac1.chunk.js.map",
+    "static/js/50.98757151.chunk.js": "./static/js/50.98757151.chunk.js",
+    "static/js/50.98757151.chunk.js.map": "./static/js/50.98757151.chunk.js.map",
+    "static/js/51.e28f373d.chunk.js": "./static/js/51.e28f373d.chunk.js",
+    "static/js/51.e28f373d.chunk.js.map": "./static/js/51.e28f373d.chunk.js.map",
+    "static/js/52.cd881eb0.chunk.js": "./static/js/52.cd881eb0.chunk.js",
+    "static/js/52.cd881eb0.chunk.js.map": "./static/js/52.cd881eb0.chunk.js.map",
+    "static/js/53.e5adbe59.chunk.js": "./static/js/53.e5adbe59.chunk.js",
+    "static/js/53.e5adbe59.chunk.js.map": "./static/js/53.e5adbe59.chunk.js.map",
+    "static/js/54.cf9d7673.chunk.js": "./static/js/54.cf9d7673.chunk.js",
+    "static/js/54.cf9d7673.chunk.js.map": "./static/js/54.cf9d7673.chunk.js.map",
+    "static/js/55.2fbfa093.chunk.js": "./static/js/55.2fbfa093.chunk.js",
+    "static/js/55.2fbfa093.chunk.js.map": "./static/js/55.2fbfa093.chunk.js.map",
+    "static/js/56.ee7dcc38.chunk.js": "./static/js/56.ee7dcc38.chunk.js",
+    "static/js/56.ee7dcc38.chunk.js.map": "./static/js/56.ee7dcc38.chunk.js.map",
+    "static/js/57.e0f68bd3.chunk.js": "./static/js/57.e0f68bd3.chunk.js",
+    "static/js/57.e0f68bd3.chunk.js.map": "./static/js/57.e0f68bd3.chunk.js.map",
+    "static/js/58.77498455.chunk.js": "./static/js/58.77498455.chunk.js",
+    "static/js/58.77498455.chunk.js.map": "./static/js/58.77498455.chunk.js.map",
+    "static/js/59.0fa5f1b1.chunk.js": "./static/js/59.0fa5f1b1.chunk.js",
+    "static/js/59.0fa5f1b1.chunk.js.map": "./static/js/59.0fa5f1b1.chunk.js.map",
+    "static/js/60.e201b935.chunk.js": "./static/js/60.e201b935.chunk.js",
+    "static/js/60.e201b935.chunk.js.map": "./static/js/60.e201b935.chunk.js.map",
+    "static/js/61.b72124f8.chunk.js": "./static/js/61.b72124f8.chunk.js",
+    "static/js/61.b72124f8.chunk.js.map": "./static/js/61.b72124f8.chunk.js.map",
+    "static/js/62.b1e16db4.chunk.js": "./static/js/62.b1e16db4.chunk.js",
+    "static/js/62.b1e16db4.chunk.js.map": "./static/js/62.b1e16db4.chunk.js.map",
+    "static/js/63.eb84598f.chunk.js": "./static/js/63.eb84598f.chunk.js",
+    "static/js/63.eb84598f.chunk.js.map": "./static/js/63.eb84598f.chunk.js.map",
+    "static/js/64.ddf2eea5.chunk.js": "./static/js/64.ddf2eea5.chunk.js",
+    "static/js/64.ddf2eea5.chunk.js.map": "./static/js/64.ddf2eea5.chunk.js.map",
+    "static/js/65.b43728b6.chunk.js": "./static/js/65.b43728b6.chunk.js",
+    "static/js/65.b43728b6.chunk.js.map": "./static/js/65.b43728b6.chunk.js.map",
+    "static/js/66.914d4538.chunk.js": "./static/js/66.914d4538.chunk.js",
+    "static/js/66.914d4538.chunk.js.map": "./static/js/66.914d4538.chunk.js.map",
+    "static/js/67.7e3487d8.chunk.js": "./static/js/67.7e3487d8.chunk.js",
+    "static/js/67.7e3487d8.chunk.js.map": "./static/js/67.7e3487d8.chunk.js.map",
+    "static/js/68.398881bf.chunk.js": "./static/js/68.398881bf.chunk.js",
+    "static/js/68.398881bf.chunk.js.map": "./static/js/68.398881bf.chunk.js.map",
+    "static/js/69.a2fe17dd.chunk.js": "./static/js/69.a2fe17dd.chunk.js",
+    "static/js/69.a2fe17dd.chunk.js.map": "./static/js/69.a2fe17dd.chunk.js.map",
+    "static/js/70.47d790dc.chunk.js": "./static/js/70.47d790dc.chunk.js",
+    "static/js/70.47d790dc.chunk.js.map": "./static/js/70.47d790dc.chunk.js.map",
+    "static/js/71.7d5ecadc.chunk.js": "./static/js/71.7d5ecadc.chunk.js",
+    "static/js/71.7d5ecadc.chunk.js.map": "./static/js/71.7d5ecadc.chunk.js.map",
+    "static/js/72.13f824ab.chunk.js": "./static/js/72.13f824ab.chunk.js",
+    "static/js/72.13f824ab.chunk.js.map": "./static/js/72.13f824ab.chunk.js.map",
+    "static/js/73.3f4e674d.chunk.js": "./static/js/73.3f4e674d.chunk.js",
+    "static/js/73.3f4e674d.chunk.js.map": "./static/js/73.3f4e674d.chunk.js.map",
+    "static/js/74.79f7d32f.chunk.js": "./static/js/74.79f7d32f.chunk.js",
+    "static/js/74.79f7d32f.chunk.js.map": "./static/js/74.79f7d32f.chunk.js.map",
+    "static/js/75.6805412c.chunk.js": "./static/js/75.6805412c.chunk.js",
+    "static/js/75.6805412c.chunk.js.map": "./static/js/75.6805412c.chunk.js.map",
+    "static/js/76.515a4452.chunk.js": "./static/js/76.515a4452.chunk.js",
+    "static/js/76.515a4452.chunk.js.map": "./static/js/76.515a4452.chunk.js.map",
+    "static/js/77.1acc486e.chunk.js": "./static/js/77.1acc486e.chunk.js",
+    "static/js/77.1acc486e.chunk.js.map": "./static/js/77.1acc486e.chunk.js.map",
+    "static/js/78.e7ba6703.chunk.js": "./static/js/78.e7ba6703.chunk.js",
+    "static/js/78.e7ba6703.chunk.js.map": "./static/js/78.e7ba6703.chunk.js.map",
+    "static/js/79.fb80fe39.chunk.js": "./static/js/79.fb80fe39.chunk.js",
+    "static/js/79.fb80fe39.chunk.js.map": "./static/js/79.fb80fe39.chunk.js.map",
+    "static/js/80.dbe4c2d4.chunk.js": "./static/js/80.dbe4c2d4.chunk.js",
+    "static/js/80.dbe4c2d4.chunk.js.map": "./static/js/80.dbe4c2d4.chunk.js.map",
+    "static/js/81.bdcdb43a.chunk.js": "./static/js/81.bdcdb43a.chunk.js",
+    "static/js/81.bdcdb43a.chunk.js.map": "./static/js/81.bdcdb43a.chunk.js.map",
+    "static/js/82.abe7dcc8.chunk.js": "./static/js/82.abe7dcc8.chunk.js",
+    "static/js/82.abe7dcc8.chunk.js.map": "./static/js/82.abe7dcc8.chunk.js.map",
+    "static/js/83.3e43c769.chunk.js": "./static/js/83.3e43c769.chunk.js",
+    "static/js/83.3e43c769.chunk.js.map": "./static/js/83.3e43c769.chunk.js.map",
+    "static/js/84.ecc30be6.chunk.js": "./static/js/84.ecc30be6.chunk.js",
+    "static/js/84.ecc30be6.chunk.js.map": "./static/js/84.ecc30be6.chunk.js.map",
+    "static/js/85.6ef6af14.chunk.js": "./static/js/85.6ef6af14.chunk.js",
+    "static/js/85.6ef6af14.chunk.js.map": "./static/js/85.6ef6af14.chunk.js.map",
+    "static/js/86.f1012815.chunk.js": "./static/js/86.f1012815.chunk.js",
+    "static/js/86.f1012815.chunk.js.map": "./static/js/86.f1012815.chunk.js.map",
+    "static/js/87.8f592d81.chunk.js": "./static/js/87.8f592d81.chunk.js",
+    "static/js/87.8f592d81.chunk.js.map": "./static/js/87.8f592d81.chunk.js.map",
+    "static/js/88.04fa3796.chunk.js": "./static/js/88.04fa3796.chunk.js",
+    "static/js/88.04fa3796.chunk.js.map": "./static/js/88.04fa3796.chunk.js.map",
+    "static/js/89.e0ff45df.chunk.js": "./static/js/89.e0ff45df.chunk.js",
+    "static/js/89.e0ff45df.chunk.js.map": "./static/js/89.e0ff45df.chunk.js.map",
+    "static/js/90.089c3b04.chunk.js": "./static/js/90.089c3b04.chunk.js",
+    "static/js/90.089c3b04.chunk.js.map": "./static/js/90.089c3b04.chunk.js.map",
+    "static/js/91.f3c00545.chunk.js": "./static/js/91.f3c00545.chunk.js",
+    "static/js/91.f3c00545.chunk.js.map": "./static/js/91.f3c00545.chunk.js.map",
+    "static/js/92.f8ff5411.chunk.js": "./static/js/92.f8ff5411.chunk.js",
+    "static/js/92.f8ff5411.chunk.js.map": "./static/js/92.f8ff5411.chunk.js.map",
+    "static/js/93.7bc300b0.chunk.js": "./static/js/93.7bc300b0.chunk.js",
+    "static/js/93.7bc300b0.chunk.js.map": "./static/js/93.7bc300b0.chunk.js.map",
+    "static/js/94.8d89feec.chunk.js": "./static/js/94.8d89feec.chunk.js",
+    "static/js/94.8d89feec.chunk.js.map": "./static/js/94.8d89feec.chunk.js.map",
+    "static/js/95.4b4807ce.chunk.js": "./static/js/95.4b4807ce.chunk.js",
+    "static/js/95.4b4807ce.chunk.js.map": "./static/js/95.4b4807ce.chunk.js.map",
+    "static/js/96.e9a0ccc8.chunk.js": "./static/js/96.e9a0ccc8.chunk.js",
+    "static/js/96.e9a0ccc8.chunk.js.map": "./static/js/96.e9a0ccc8.chunk.js.map",
+    "static/js/97.5169517e.chunk.js": "./static/js/97.5169517e.chunk.js",
+    "static/js/97.5169517e.chunk.js.map": "./static/js/97.5169517e.chunk.js.map",
+    "static/js/98.8de210ca.chunk.js": "./static/js/98.8de210ca.chunk.js",
+    "static/js/98.8de210ca.chunk.js.map": "./static/js/98.8de210ca.chunk.js.map",
+    "static/js/99.b6b6ba6b.chunk.js": "./static/js/99.b6b6ba6b.chunk.js",
+    "static/js/99.b6b6ba6b.chunk.js.map": "./static/js/99.b6b6ba6b.chunk.js.map",
+    "static/js/100.a7a3e210.chunk.js": "./static/js/100.a7a3e210.chunk.js",
+    "static/js/100.a7a3e210.chunk.js.map": "./static/js/100.a7a3e210.chunk.js.map",
+    "static/js/101.dfdd0f65.chunk.js": "./static/js/101.dfdd0f65.chunk.js",
+    "static/js/101.dfdd0f65.chunk.js.map": "./static/js/101.dfdd0f65.chunk.js.map",
+    "static/js/102.4c9c3ea7.chunk.js": "./static/js/102.4c9c3ea7.chunk.js",
+    "static/js/102.4c9c3ea7.chunk.js.map": "./static/js/102.4c9c3ea7.chunk.js.map",
+    "static/js/103.d09754e7.chunk.js": "./static/js/103.d09754e7.chunk.js",
+    "static/js/103.d09754e7.chunk.js.map": "./static/js/103.d09754e7.chunk.js.map",
+    "static/js/104.253486d4.chunk.js": "./static/js/104.253486d4.chunk.js",
+    "static/js/104.253486d4.chunk.js.map": "./static/js/104.253486d4.chunk.js.map",
+    "static/js/105.c160967b.chunk.js": "./static/js/105.c160967b.chunk.js",
+    "static/js/105.c160967b.chunk.js.map": "./static/js/105.c160967b.chunk.js.map",
+    "static/js/106.d17875b1.chunk.js": "./static/js/106.d17875b1.chunk.js",
+    "static/js/106.d17875b1.chunk.js.map": "./static/js/106.d17875b1.chunk.js.map",
+    "static/js/107.98a497fe.chunk.js": "./static/js/107.98a497fe.chunk.js",
+    "static/js/107.98a497fe.chunk.js.map": "./static/js/107.98a497fe.chunk.js.map",
+    "static/js/108.2851355f.chunk.js": "./static/js/108.2851355f.chunk.js",
+    "static/js/108.2851355f.chunk.js.map": "./static/js/108.2851355f.chunk.js.map",
+    "static/js/109.e3a25743.chunk.js": "./static/js/109.e3a25743.chunk.js",
+    "static/js/109.e3a25743.chunk.js.map": "./static/js/109.e3a25743.chunk.js.map",
+    "static/js/110.4cd2e97d.chunk.js": "./static/js/110.4cd2e97d.chunk.js",
+    "static/js/110.4cd2e97d.chunk.js.map": "./static/js/110.4cd2e97d.chunk.js.map",
+    "static/js/111.5951b981.chunk.js": "./static/js/111.5951b981.chunk.js",
+    "static/js/111.5951b981.chunk.js.map": "./static/js/111.5951b981.chunk.js.map",
+    "static/js/112.3e2fa5fc.chunk.js": "./static/js/112.3e2fa5fc.chunk.js",
+    "static/js/112.3e2fa5fc.chunk.js.map": "./static/js/112.3e2fa5fc.chunk.js.map",
+    "static/js/113.e0f1b6cb.chunk.js": "./static/js/113.e0f1b6cb.chunk.js",
+    "static/js/113.e0f1b6cb.chunk.js.map": "./static/js/113.e0f1b6cb.chunk.js.map",
+    "static/js/114.f99aef95.chunk.js": "./static/js/114.f99aef95.chunk.js",
+    "static/js/114.f99aef95.chunk.js.map": "./static/js/114.f99aef95.chunk.js.map",
+    "static/js/115.d2c2a999.chunk.js": "./static/js/115.d2c2a999.chunk.js",
+    "static/js/115.d2c2a999.chunk.js.map": "./static/js/115.d2c2a999.chunk.js.map",
+    "static/js/116.81d7ab0d.chunk.js": "./static/js/116.81d7ab0d.chunk.js",
+    "static/js/116.81d7ab0d.chunk.js.map": "./static/js/116.81d7ab0d.chunk.js.map",
+    "static/js/117.94e71859.chunk.js": "./static/js/117.94e71859.chunk.js",
+    "static/js/117.94e71859.chunk.js.map": "./static/js/117.94e71859.chunk.js.map",
+    "static/js/118.eb249205.chunk.js": "./static/js/118.eb249205.chunk.js",
+    "static/js/118.eb249205.chunk.js.map": "./static/js/118.eb249205.chunk.js.map",
+    "static/js/119.a4fe4289.chunk.js": "./static/js/119.a4fe4289.chunk.js",
+    "static/js/119.a4fe4289.chunk.js.map": "./static/js/119.a4fe4289.chunk.js.map",
+    "static/js/120.fda6734d.chunk.js": "./static/js/120.fda6734d.chunk.js",
+    "static/js/120.fda6734d.chunk.js.map": "./static/js/120.fda6734d.chunk.js.map",
+    "static/js/121.c7c190d0.chunk.js": "./static/js/121.c7c190d0.chunk.js",
+    "static/js/121.c7c190d0.chunk.js.map": "./static/js/121.c7c190d0.chunk.js.map",
+    "static/js/122.4b3ddf32.chunk.js": "./static/js/122.4b3ddf32.chunk.js",
+    "static/js/122.4b3ddf32.chunk.js.map": "./static/js/122.4b3ddf32.chunk.js.map",
+    "static/js/123.08efc9be.chunk.js": "./static/js/123.08efc9be.chunk.js",
+    "static/js/123.08efc9be.chunk.js.map": "./static/js/123.08efc9be.chunk.js.map",
+    "static/js/124.2f83a712.chunk.js": "./static/js/124.2f83a712.chunk.js",
+    "static/js/124.2f83a712.chunk.js.map": "./static/js/124.2f83a712.chunk.js.map",
+    "static/js/125.dcfd4065.chunk.js": "./static/js/125.dcfd4065.chunk.js",
+    "static/js/125.dcfd4065.chunk.js.map": "./static/js/125.dcfd4065.chunk.js.map",
+    "static/js/126.5bcb865e.chunk.js": "./static/js/126.5bcb865e.chunk.js",
+    "static/js/126.5bcb865e.chunk.js.map": "./static/js/126.5bcb865e.chunk.js.map",
+    "static/js/127.ae5e9990.chunk.js": "./static/js/127.ae5e9990.chunk.js",
+    "static/js/127.ae5e9990.chunk.js.map": "./static/js/127.ae5e9990.chunk.js.map",
+    "static/js/128.6afe7a76.chunk.js": "./static/js/128.6afe7a76.chunk.js",
+    "static/js/128.6afe7a76.chunk.js.map": "./static/js/128.6afe7a76.chunk.js.map",
+    "static/js/129.61986730.chunk.js": "./static/js/129.61986730.chunk.js",
+    "static/js/129.61986730.chunk.js.map": "./static/js/129.61986730.chunk.js.map",
+    "static/js/130.32acdcfb.chunk.js": "./static/js/130.32acdcfb.chunk.js",
+    "static/js/130.32acdcfb.chunk.js.map": "./static/js/130.32acdcfb.chunk.js.map",
+    "static/js/131.ca51e12b.chunk.js": "./static/js/131.ca51e12b.chunk.js",
+    "static/js/131.ca51e12b.chunk.js.map": "./static/js/131.ca51e12b.chunk.js.map",
+    "static/js/132.94dd3bbc.chunk.js": "./static/js/132.94dd3bbc.chunk.js",
+    "static/js/132.94dd3bbc.chunk.js.map": "./static/js/132.94dd3bbc.chunk.js.map",
+    "static/js/133.09602f6f.chunk.js": "./static/js/133.09602f6f.chunk.js",
+    "static/js/133.09602f6f.chunk.js.map": "./static/js/133.09602f6f.chunk.js.map",
+    "static/js/134.235c197b.chunk.js": "./static/js/134.235c197b.chunk.js",
+    "static/js/134.235c197b.chunk.js.map": "./static/js/134.235c197b.chunk.js.map",
+    "static/js/135.5427150b.chunk.js": "./static/js/135.5427150b.chunk.js",
+    "static/js/135.5427150b.chunk.js.map": "./static/js/135.5427150b.chunk.js.map",
+    "static/js/136.1cb7085a.chunk.js": "./static/js/136.1cb7085a.chunk.js",
+    "static/js/136.1cb7085a.chunk.js.map": "./static/js/136.1cb7085a.chunk.js.map",
+    "static/js/137.a3b25a1d.chunk.js": "./static/js/137.a3b25a1d.chunk.js",
+    "static/js/137.a3b25a1d.chunk.js.map": "./static/js/137.a3b25a1d.chunk.js.map",
+    "static/js/138.fb408e3e.chunk.js": "./static/js/138.fb408e3e.chunk.js",
+    "static/js/138.fb408e3e.chunk.js.map": "./static/js/138.fb408e3e.chunk.js.map",
+    "static/js/139.512881f0.chunk.js": "./static/js/139.512881f0.chunk.js",
+    "static/js/139.512881f0.chunk.js.map": "./static/js/139.512881f0.chunk.js.map",
+    "static/js/140.690cf61f.chunk.js": "./static/js/140.690cf61f.chunk.js",
+    "static/js/140.690cf61f.chunk.js.map": "./static/js/140.690cf61f.chunk.js.map",
+    "static/js/141.90cf5efa.chunk.js": "./static/js/141.90cf5efa.chunk.js",
+    "static/js/141.90cf5efa.chunk.js.map": "./static/js/141.90cf5efa.chunk.js.map",
+    "static/js/142.4d3a57fc.chunk.js": "./static/js/142.4d3a57fc.chunk.js",
+    "static/js/142.4d3a57fc.chunk.js.map": "./static/js/142.4d3a57fc.chunk.js.map",
+    "static/js/143.9d7e93d9.chunk.js": "./static/js/143.9d7e93d9.chunk.js",
+    "static/js/143.9d7e93d9.chunk.js.map": "./static/js/143.9d7e93d9.chunk.js.map",
+    "static/js/144.ec6bfcc3.chunk.js": "./static/js/144.ec6bfcc3.chunk.js",
+    "static/js/144.ec6bfcc3.chunk.js.map": "./static/js/144.ec6bfcc3.chunk.js.map",
+    "static/js/145.97ae5ed3.chunk.js": "./static/js/145.97ae5ed3.chunk.js",
+    "static/js/145.97ae5ed3.chunk.js.map": "./static/js/145.97ae5ed3.chunk.js.map",
+    "static/js/146.75adf17c.chunk.js": "./static/js/146.75adf17c.chunk.js",
+    "static/js/146.75adf17c.chunk.js.map": "./static/js/146.75adf17c.chunk.js.map",
+    "static/js/147.be66fa6a.chunk.js": "./static/js/147.be66fa6a.chunk.js",
+    "static/js/147.be66fa6a.chunk.js.map": "./static/js/147.be66fa6a.chunk.js.map",
+    "static/js/148.048d98a0.chunk.js": "./static/js/148.048d98a0.chunk.js",
+    "static/js/148.048d98a0.chunk.js.map": "./static/js/148.048d98a0.chunk.js.map",
+    "static/js/149.2a526f35.chunk.js": "./static/js/149.2a526f35.chunk.js",
+    "static/js/149.2a526f35.chunk.js.map": "./static/js/149.2a526f35.chunk.js.map",
+    "static/js/150.a4ae1f3e.chunk.js": "./static/js/150.a4ae1f3e.chunk.js",
+    "static/js/150.a4ae1f3e.chunk.js.map": "./static/js/150.a4ae1f3e.chunk.js.map",
     "index.html": "./index.html",
-    "static/css/2.71021f35.chunk.css.map": "./static/css/2.71021f35.chunk.css.map",
+    "static/css/17.f324abd6.chunk.css.map": "./static/css/17.f324abd6.chunk.css.map",
+    "static/css/20.6b194dc9.chunk.css.map": "./static/css/20.6b194dc9.chunk.css.map",
+    "static/css/25.6b194dc9.chunk.css.map": "./static/css/25.6b194dc9.chunk.css.map",
+    "static/css/6.6b194dc9.chunk.css.map": "./static/css/6.6b194dc9.chunk.css.map",
     "static/css/main.ed78990a.chunk.css.map": "./static/css/main.ed78990a.chunk.css.map",
-    "static/js/2.fe356bb7.chunk.js.LICENSE.txt": "./static/js/2.fe356bb7.chunk.js.LICENSE.txt"
+    "static/js/115.d2c2a999.chunk.js.LICENSE.txt": "./static/js/115.d2c2a999.chunk.js.LICENSE.txt",
+    "static/js/14.f3490e05.chunk.js.LICENSE.txt": "./static/js/14.f3490e05.chunk.js.LICENSE.txt",
+    "static/js/15.00c253c4.chunk.js.LICENSE.txt": "./static/js/15.00c253c4.chunk.js.LICENSE.txt",
+    "static/js/16.18cdc9c7.chunk.js.LICENSE.txt": "./static/js/16.18cdc9c7.chunk.js.LICENSE.txt",
+    "static/js/17.7e4557ae.chunk.js.LICENSE.txt": "./static/js/17.7e4557ae.chunk.js.LICENSE.txt",
+    "static/js/18.71f69284.chunk.js.LICENSE.txt": "./static/js/18.71f69284.chunk.js.LICENSE.txt",
+    "static/js/19.79ee63d3.chunk.js.LICENSE.txt": "./static/js/19.79ee63d3.chunk.js.LICENSE.txt",
+    "static/js/23.03fea2c8.chunk.js.LICENSE.txt": "./static/js/23.03fea2c8.chunk.js.LICENSE.txt",
+    "static/js/24.cf0242e2.chunk.js.LICENSE.txt": "./static/js/24.cf0242e2.chunk.js.LICENSE.txt",
+    "static/js/28.a1a209c4.chunk.js.LICENSE.txt": "./static/js/28.a1a209c4.chunk.js.LICENSE.txt",
+    "static/js/3.c0ebfa31.chunk.js.LICENSE.txt": "./static/js/3.c0ebfa31.chunk.js.LICENSE.txt",
+    "static/js/30.24a0fc1f.chunk.js.LICENSE.txt": "./static/js/30.24a0fc1f.chunk.js.LICENSE.txt",
+    "static/js/4.8cfd9458.chunk.js.LICENSE.txt": "./static/js/4.8cfd9458.chunk.js.LICENSE.txt",
+    "static/js/41.a9eb0e10.chunk.js.LICENSE.txt": "./static/js/41.a9eb0e10.chunk.js.LICENSE.txt",
+    "static/js/44.c6a32e7d.chunk.js.LICENSE.txt": "./static/js/44.c6a32e7d.chunk.js.LICENSE.txt",
+    "static/js/46.9d3dcbab.chunk.js.LICENSE.txt": "./static/js/46.9d3dcbab.chunk.js.LICENSE.txt",
+    "static/js/47.af12a257.chunk.js.LICENSE.txt": "./static/js/47.af12a257.chunk.js.LICENSE.txt",
+    "static/js/57.e0f68bd3.chunk.js.LICENSE.txt": "./static/js/57.e0f68bd3.chunk.js.LICENSE.txt",
+    "static/js/7.9ccae3d0.chunk.js.LICENSE.txt": "./static/js/7.9ccae3d0.chunk.js.LICENSE.txt",
+    "static/js/75.6805412c.chunk.js.LICENSE.txt": "./static/js/75.6805412c.chunk.js.LICENSE.txt",
+    "static/js/76.515a4452.chunk.js.LICENSE.txt": "./static/js/76.515a4452.chunk.js.LICENSE.txt",
+    "static/js/8.bc8a93a2.chunk.js.LICENSE.txt": "./static/js/8.bc8a93a2.chunk.js.LICENSE.txt",
+    "static/js/83.3e43c769.chunk.js.LICENSE.txt": "./static/js/83.3e43c769.chunk.js.LICENSE.txt",
+    "static/js/86.f1012815.chunk.js.LICENSE.txt": "./static/js/86.f1012815.chunk.js.LICENSE.txt",
+    "static/js/87.8f592d81.chunk.js.LICENSE.txt": "./static/js/87.8f592d81.chunk.js.LICENSE.txt",
+    "static/js/88.04fa3796.chunk.js.LICENSE.txt": "./static/js/88.04fa3796.chunk.js.LICENSE.txt",
+    "static/js/97.5169517e.chunk.js.LICENSE.txt": "./static/js/97.5169517e.chunk.js.LICENSE.txt",
+    "static/js/99.b6b6ba6b.chunk.js.LICENSE.txt": "./static/js/99.b6b6ba6b.chunk.js.LICENSE.txt"
   },
   "entrypoints": [
-    "static/js/runtime-main.30f8243a.js",
-    "static/css/2.71021f35.chunk.css",
-    "static/js/2.fe356bb7.chunk.js",
+    "static/js/runtime-main.ee8f7324.js",
+    "static/css/17.f324abd6.chunk.css",
+    "static/js/17.7e4557ae.chunk.js",
     "static/css/main.ed78990a.chunk.css",
-    "static/js/main.a67784b5.chunk.js"
+    "static/js/main.e40b054c.chunk.js"
   ]
 }

portal-ui/build/static/css/17.f324abd6.chunk.css

@@ -0,0 +1,2 @@
+.ReactVirtualized__Table__headerRow{font-weight:700;text-transform:uppercase}.ReactVirtualized__Table__headerRow,.ReactVirtualized__Table__row{display:flex;flex-direction:row;align-items:center}.ReactVirtualized__Table__headerTruncatedText{display:inline-block;max-width:100%;white-space:nowrap;text-overflow:ellipsis;overflow:hidden}.ReactVirtualized__Table__headerColumn,.ReactVirtualized__Table__rowColumn{margin-right:10px;min-width:0}.ReactVirtualized__Table__rowColumn{text-overflow:ellipsis;white-space:nowrap}.ReactVirtualized__Table__headerColumn:first-of-type,.ReactVirtualized__Table__rowColumn:first-of-type{margin-left:10px}.ReactVirtualized__Table__sortableHeaderColumn{cursor:pointer}.ReactVirtualized__Table__sortableHeaderIconContainer{display:flex;align-items:center}.ReactVirtualized__Table__sortableHeaderIcon{flex:0 0 24px;height:1em;width:1em;fill:currentColor}.react-grid-layout{position:relative;transition:height .2s ease}.react-grid-item{transition:all .2s ease;transition-property:left,top}.react-grid-item img{pointer-events:none;-webkit-user-select:none;-ms-user-select:none;user-select:none}.react-grid-item.cssTransforms{transition-property:transform}.react-grid-item.resizing{z-index:1;will-change:width,height}.react-grid-item.react-draggable-dragging{transition:none;z-index:3;will-change:transform}.react-grid-item.dropping{visibility:hidden}.react-grid-item.react-grid-placeholder{background:red;opacity:.2;transition-duration:.1s;z-index:2;-webkit-user-select:none;-ms-user-select:none;-o-user-select:none;user-select:none}.react-grid-item>.react-resizable-handle{position:absolute;width:20px;height:20px}.react-grid-item>.react-resizable-handle:after{content:"";position:absolute;right:3px;bottom:3px;width:5px;height:5px;border-right:2px solid rgba(0,0,0,.4);border-bottom:2px solid rgba(0,0,0,.4)}.react-resizable-hide>.react-resizable-handle{display:none}.react-grid-item>.react-resizable-handle.react-resizable-handle-sw{bottom:0;left:0;cursor:sw-resize;transform:rotate(90deg)}.react-grid-item>.react-resizable-handle.react-resizable-handle-se{bottom:0;right:0;cursor:se-resize}.react-grid-item>.react-resizable-handle.react-resizable-handle-nw{top:0;left:0;cursor:nw-resize;transform:rotate(180deg)}.react-grid-item>.react-resizable-handle.react-resizable-handle-ne{top:0;right:0;cursor:ne-resize;transform:rotate(270deg)}.react-grid-item>.react-resizable-handle.react-resizable-handle-e,.react-grid-item>.react-resizable-handle.react-resizable-handle-w{top:50%;margin-top:-10px;cursor:ew-resize}.react-grid-item>.react-resizable-handle.react-resizable-handle-w{left:0;transform:rotate(135deg)}.react-grid-item>.react-resizable-handle.react-resizable-handle-e{right:0;transform:rotate(315deg)}.react-grid-item>.react-resizable-handle.react-resizable-handle-n,.react-grid-item>.react-resizable-handle.react-resizable-handle-s{left:50%;margin-left:-10px;cursor:ns-resize}.react-grid-item>.react-resizable-handle.react-resizable-handle-n{top:0;transform:rotate(225deg)}.react-grid-item>.react-resizable-handle.react-resizable-handle-s{bottom:0;transform:rotate(45deg)}.react-resizable{position:relative}.react-resizable-handle{position:absolute;width:20px;height:20px;background-repeat:no-repeat;background-origin:content-box;box-sizing:border-box;background-image:url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHN0eWxlPSJiYWNrZ3JvdW5kLWNvbG9yOiNmZmZmZmYwMCIgd2lkdGg9IjYiIGhlaWdodD0iNiI+PHBhdGggZD0iTTYgNkgwVjQuMmg0LjJWMEg2djZ6IiBvcGFjaXR5PSIuMzAyIi8+PC9zdmc+");background-position:100% 100%;padding:0 3px 3px 0}.react-resizable-handle-sw{bottom:0;left:0;cursor:sw-resize;transform:rotate(90deg)}.react-resizable-handle-se{bottom:0;right:0;cursor:se-resize}.react-resizable-handle-nw{top:0;left:0;cursor:nw-resize;transform:rotate(180deg)}.react-resizable-handle-ne{top:0;right:0;cursor:ne-resize;transform:rotate(270deg)}.react-resizable-handle-e,.react-resizable-handle-w{top:50%;margin-top:-10px;cursor:ew-resize}.react-resizable-handle-w{left:0;transform:rotate(135deg)}.react-resizable-handle-e{right:0;transform:rotate(315deg)}.react-resizable-handle-n,.react-resizable-handle-s{left:50%;margin-left:-10px;cursor:ns-resize}.react-resizable-handle-n{top:0;transform:rotate(225deg)}.react-resizable-handle-s{bottom:0;transform:rotate(45deg)}
+/*# sourceMappingURL=17.f324abd6.chunk.css.map */

portal-ui/build/static/js/11.f6f635a3.chunk.js

@@ -0,0 +1,2 @@
+(this["webpackJsonpportal-ui"]=this["webpackJsonpportal-ui"]||[]).push([[11],{421:function(e,t,n){"use strict";var c=n(1),o=(n(2),n(406)),a=n(407),i=n(408),s=n(454),r=n(380),l=n(489),u=n(378),d=n(123),j=n.n(d),b=n(300),O=n(310),f=n(120),m=n(0);t.a=Object(O.a)((function(e){return Object(b.a)(Object(c.a)({},f.h))}))((function(e){var t=e.isOpen,n=void 0!==t&&t,d=e.onClose,b=e.onCancel,O=e.onConfirm,f=e.classes,p=void 0===f?{}:f,v=e.title,x=void 0===v?"":v,h=e.isLoading,C=e.confirmationContent,k=e.cancelText,y=void 0===k?"Cancel":k,N=e.confirmText,g=void 0===N?"Confirm":N,B=e.confirmButtonProps,P=void 0===B?{}:B,E=e.cancelButtonProps,T=void 0===E?{}:E;return Object(m.jsxs)(o.a,{open:n,onClose:function(e,t){"backdropClick"!==t&&d()},className:p.root,onBackdropClick:function(){return!1},sx:{"& .MuiPaper-root":{padding:"1rem 2rem 2rem 1rem"}},children:[Object(m.jsxs)(a.a,{className:p.title,children:[Object(m.jsx)("div",{className:p.titleText,children:x}),Object(m.jsx)("div",{className:p.closeContainer,children:Object(m.jsx)(u.a,{"aria-label":"close",className:p.closeButton,onClick:d,disableRipple:!0,size:"small",children:Object(m.jsx)(j.a,{})})})]}),Object(m.jsx)(i.a,{className:p.content,children:C}),Object(m.jsxs)(s.a,{className:p.actions,children:[Object(m.jsx)(r.a,Object(c.a)(Object(c.a)({className:p.cancelButton,onClick:b||d,disabled:h,type:"button"},T),{},{variant:"outlined",color:"primary",children:y})),Object(m.jsx)(l.a,Object(c.a)(Object(c.a)({className:p.confirmButton,type:"button",onClick:O,loading:h,disabled:h},P),{},{variant:"outlined",color:"secondary",loadingPosition:"start",startIcon:null,autoFocus:!0,children:g}))]})]})}))},427:function(e,t,n){"use strict";var c=n(15),o=n(2),a=n(52);t.a=function(e,t){var n=Object(o.useState)(!1),i=Object(c.a)(n,2),s=i[0],r=i[1];return[s,function(n,c,o){r(!0),a.a.invoke(n,c,o).then((function(t){r(!1),e(t)})).catch((function(e){r(!1),t(e)}))}]}},805:function(e,t,n){"use strict";n.r(t);var c=n(15),o=(n(2),n(39)),a=n(461),i=n(31),s=n(427),r=n(421),l=n(0),u={setErrorSnackMessage:i.e},d=Object(o.b)(null,u);t.default=d((function(e){var t=e.closeDeleteModalAndRefresh,n=e.deleteOpen,o=e.selectedPolicy,i=e.setErrorSnackMessage,u=Object(s.a)((function(){return t(!0)}),(function(e){return i(e)})),d=Object(c.a)(u,2),j=d[0],b=d[1];if(!o)return null;return Object(l.jsx)(r.a,{title:"Delete Policy",confirmText:"Delete",isOpen:n,isLoading:j,onConfirm:function(){b("DELETE","/api/v1/policy?name=".concat(o))},onClose:function(){return t(!1)},confirmationContent:Object(l.jsxs)(a.a,{children:["Are you sure you want to delete policy ",Object(l.jsx)("br",{}),Object(l.jsx)("b",{children:o}),"?"]})})}))}}]);
+//# sourceMappingURL=11.f6f635a3.chunk.js.map

portal-ui/build/static/js/115.d2c2a999.chunk.js.LICENSE.txt

@@ -0,0 +1,8 @@
+/** @license React v17.0.2
+ * react-is.production.min.js
+ *
+ * Copyright (c) Facebook, Inc. and its affiliates.
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */