Google Git
Sign in
apache / knox / 4179fee8f6567fa66478be3fa7556937fe090cf3 / . / gateway-admin-ui / admin-ui / app / provider-config-wizard / webappsec-wizard.ts
blob: b6d337bf195e199bc848e5bad35bfc6f2171619d [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import {CategoryWizard} from './category-wizard';
import {ProviderConfig} from '../resource-detail/provider-config';
import {ProviderContributorWizard} from './provider-contributor-wizard';
import {DisplayBindingProviderConfig} from './display-binding-provider-config';
import {WebAppSecurityProviderConfig} from './webappsec-provider-config';
import {CSRFProviderConfig} from './csrf-provider-config';
import {CORSProviderConfig} from './cors-provider-config';
import {WebAppSecurityContributor} from './webappsec-contributor';
import {STSProviderConfig} from './sts-provider-config';
import {XFrameOptionsProviderConfig} from './xframeoptions-provider-config';
import {XContentTypeOptionsProviderConfig} from './xcontent-type-options-provider-config';
import {XSSProviderConfig} from './xss-provider-config';
export class WebAppSecurityWizard extends CategoryWizard implements ProviderContributorWizard {
// WebAppSec provider types
private static CSRF = 'Cross-Site Request Forgery';
private static CORS = 'Cross-Origin Resource Sharing';
private static XFRAME = 'X-Frame-Options';
private static XCONTENT_TYPE = 'X-Content-Type-Options';
private static STS = 'Strict Transport Security';
private static XSS = 'X-XSS-Protection';
private static webAppSecTypes: string[] = [WebAppSecurityWizard.CSRF,
WebAppSecurityWizard.CORS,
WebAppSecurityWizard.XFRAME,
WebAppSecurityWizard.XCONTENT_TYPE,
WebAppSecurityWizard.STS,
WebAppSecurityWizard.XSS
];
private static typeConfigMap: Map<string, typeof WebAppSecurityContributor> =
new Map([
[WebAppSecurityWizard.CSRF, CSRFProviderConfig],
[WebAppSecurityWizard.CORS, CORSProviderConfig],
[WebAppSecurityWizard.XFRAME, XFrameOptionsProviderConfig],
[WebAppSecurityWizard.XCONTENT_TYPE, XContentTypeOptionsProviderConfig],
[WebAppSecurityWizard.STS, STSProviderConfig],
[WebAppSecurityWizard.XSS, XSSProviderConfig]
] as [string, typeof WebAppSecurityContributor][]);
private stepCount = 4;
getTypes(): string[] {
return WebAppSecurityWizard.webAppSecTypes;
}
getSteps(): number {
return this.stepCount;
}
onChange() {
let configType = WebAppSecurityWizard.typeConfigMap.get(this.selectedType);
if (configType) {
this.providerConfig = Object.create(configType.prototype) as WebAppSecurityContributor;
this.providerConfig.constructor.apply(this.providerConfig);
(this.providerConfig as WebAppSecurityContributor).setType(this.selectedType);
} else {
console.debug('WebAppSecurityWizard --> No provider configuration type mapped for ' + this.selectedType);
this.providerConfig = null;
}
}
getProviderConfig(): ProviderConfig {
return (this.providerConfig as WebAppSecurityProviderConfig);
}
getProviderRole(): string {
return 'webappsec';
}
createNewProviderConfig(): ProviderConfig {
return new WebAppSecurityProviderConfig();
}
contribute(target: ProviderConfig) {
for (const paramName of Object.keys(this.providerConfig.params)) {
(target as DisplayBindingProviderConfig).setParam(paramName,
(this.providerConfig as DisplayBindingProviderConfig).getParam(paramName));
}
}
}