feat: added role authentication trigger

charts/digital-product-pass/Chart.yaml

@@ -40,10 +40,10 @@ type: application
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
 
-version: 1.4.0
+version: 1.5.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.4.0"
+appVersion: "1.5.0"

charts/digital-product-pass/templates/deployment-frontend.yaml

@@ -69,8 +69,11 @@ spec:
             - name: "KEYCLOAK_ONLOAD"
               value: "{{ .Values.oauth.onLoad }}"
 
+            - name: "AUTH_ROLE_CHECK"
+              value: "{{ .Values.oauth.roleCheck.enabled | default false }}"
+
             - name: "AUTH_BPN_CHECK"
-              value: "{{ .Values.oauth.bpnCheck.enabled }}"
+              value: "{{ .Values.oauth.bpnCheck.enabled | default false }}"
 
             - name: "AUTH_BPN_NUMBER"
               value: "{{ .Values.oauth.bpnCheck.bpn }}"

charts/digital-product-pass/values-beta.yaml

@@ -42,7 +42,7 @@ backend:
 
   edc:
     xApiKey: <path:material-pass/data/beta/edc/oauth#api.key>
-    participantId:  <path:material-pass/data/beta/edc/participant#bpnNumber>
+    participantId: &bpn <path:material-pass/data/beta/edc/participant#bpnNumber>
     endpoint: "materialpass.beta.demo.catena-x.net/consumer"
 
   hostname: *hostname
@@ -89,11 +89,22 @@ frontend:
   # Product Passport UI Configuration
   backend:
     hostname: "materialpass.beta.demo.catena-x.net"
+
+  supportContact:
+    adminEmail: "[email protected]"
 
+  portal:
+    hostname: "portal.beta.demo.catena-x.net"
+
 oauth:
-  hostname: "centralidp.int.demo.catena-x.net"
+  hostname: "centralidp.data.demo.catena-x.net"
   techUser:
-    clientId: <path:material-pass/data/int/backend#clientId>
-    clientSecret: <path:material-pass/data/int/backend#clientSecret>
-  realm: <path:material-pass/data/int/oauth#realm>
-  appId: <path:material-pass/data/int/oauth#appId>
+    clientId: <path:material-pass/data/data/backend#clientId>
+    clientSecret: <path:material-pass/data/data/backend#clientSecret>
+  realm: <path:material-pass/data/data/oauth#realm>
+  appId: <path:material-pass/data/data/oauth#appId>
+  bpnCheck:
+    enabled: true
+    bpn: *bpn
+  roleCheck:
+    enabled: true  

charts/digital-product-pass/values-dev.yaml

@@ -42,7 +42,7 @@ backend:
 
   edc:
     xApiKey: <path:material-pass/data/dev/edc/oauth#api.key>
-    participantId:  <path:material-pass/data/dev/edc/participant#bpnNumber>
+    participantId: &bpn <path:material-pass/data/dev/edc/participant#bpnNumber>
     endpoint: "materialpass.dev.demo.catena-x.net/consumer"
 
   hostname: *hostname   
@@ -91,10 +91,21 @@ frontend:
   backend:
     hostname: *hostname
 
+  supportContact:
+    adminEmail: "[email protected]"
+
+  portal:
+    hostname: "portal.dev.demo.catena-x.net"
+
 oauth:
   hostname: "centralidp.dev.demo.catena-x.net"
   techUser:
-    clientId: <path:material-pass/data/int/backend#clientId>
-    clientSecret: <path:material-pass/data/int/backend#clientSecret>
-  realm: <path:material-pass/data/int/oauth#realm>
-  appId: <path:material-pass/data/int/oauth#appId>
+    clientId: <path:material-pass/data/dev/backend#clientId>
+    clientSecret: <path:material-pass/data/dev/backend#clientSecret>
+  realm: <path:material-pass/data/dev/oauth#realm>
+  appId: <path:material-pass/data/dev/oauth#appId>
+  bpnCheck:
+    enabled: true
+    bpn: *bpn
+  roleCheck:
+    enabled: true  

charts/digital-product-pass/values-int.yaml

@@ -41,7 +41,7 @@ backend:
           - *hostname
   edc:
     xApiKey: <path:material-pass/data/int/edc/oauth#api.key>
-    participantId:  <path:material-pass/data/int/edc/participant#bpnNumber>
+    participantId: &bpn <path:material-pass/data/int/edc/participant#bpnNumber>
     endpoint: "materialpass.int.demo.catena-x.net/consumer"
 
   hostname: *hostname
@@ -88,10 +88,22 @@ frontend:
   backend:
     hostname: *hostname
 
+  supportContact:
+    adminEmail: "[email protected]"
+
+  portal:
+    hostname: "portal.int.demo.catena-x.net"
+
+
 oauth:
   hostname: "centralidp.int.demo.catena-x.net"
   techUser:
     clientId: <path:material-pass/data/int/backend#clientId>
     clientSecret: <path:material-pass/data/int/backend#clientSecret>
   realm: <path:material-pass/data/int/oauth#realm>
   appId: <path:material-pass/data/int/oauth#appId>
+  bpnCheck:
+    enabled: true
+    bpn: *bpn
+  roleCheck:
+    enabled: true  

charts/digital-product-pass/values.yaml

@@ -28,61 +28,6 @@ name: "digital-product-pass"
 replicaCount: 1
 namespace: ""
 
-frontend:
-  name: "dpp-frontend"
-  image:
-    repository: docker.io/tractusx/digital-product-pass-frontend
-    pullPolicy: Always
-  # -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry)
-  imagePullSecrets: []
-
-  service:
-    # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service
-    type: ClusterIP
-    port: 8080
-
-  # -- ingress declaration to expose the dpp-frontend service
-  ingress:
-    enabled: false
-    hosts: []
-
-  # -- product passport UI configuration
-
-  # -- url of the digital product pass backend service
-  backend:
-    hostname: ""
-
-  # -- api timeouts
-  api:
-    # -- max retries for getting status
-    max_retries: 30
-    # -- default timeout  - 90 seconds in milliseconds
-    timeout: 90000
-    # -- delay from getting status
-    delay: 1000
-
-  # -- irs api timeouts
-  irs:
-    # -- request timeout delay
-    requestDelay: 30000
-    # -- maximum waiting time to get the irs job status
-    maxWaitingTime: 30
-
-# -- oauth configuration
-oauth:
-  # -- url of the identity provider service
-  hostname: ""
-  # -- technical user keycloak central id credentials
-  # -- note: this credentials need to have access to the Discovery Finder, BPN Discovery and EDC Discovery
-  techUser:
-    clientId: "<Add client id here>"
-    clientSecret: "<Add client secret here>"
-  realm: ""
-  appId: ""
-  onLoad: "login-required"
-
-
-
 # -- Backend configuration
 backend:
   name: "dpp-backend"
@@ -112,7 +57,7 @@ backend:
     # -- the secret for assesing the edc management API
     xApiKey: "<Add API key here>"
     # -- BPN Number
-    participantId: "<Add participant id here>"
+    participantId: &bpn "<Add participant id here>"
     # -- edc consumer connection configuration
     endpoint: ""
     apis:
@@ -189,6 +134,73 @@ backend:
     edcDiscovery:
       key: "bpn"
 
+frontend:
+  name: "dpp-frontend"
+  image:
+    repository: docker.io/tractusx/digital-product-pass-frontend
+    pullPolicy: Always
+  # -- Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry)
+  imagePullSecrets: []
+
+  service:
+    # -- [Service type](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) to expose the running application on a set of Pods as a network service
+    type: ClusterIP
+    port: 8080
+
+  # -- ingress declaration to expose the dpp-frontend service
+  ingress:
+    enabled: false
+    hosts: []
+
+  # -- product passport UI configuration
+
+  # -- url of the digital product pass backend service
+  backend:
+    hostname: ""
+
+  supportContact:
+    adminEmail: "[email protected]"
+
+  portal:
+    hostname: ""
+
+  # -- api timeouts
+  api:
+    # -- max retries for getting status
+    max_retries: 30
+    # -- default timeout  - 90 seconds in milliseconds
+    timeout: 90000
+    # -- delay from getting status
+    delay: 1000
+
+  # -- irs api timeouts
+  irs:
+    # -- request timeout delay
+    requestDelay: 30000
+    # -- maximum waiting time to get the irs job status
+    maxWaitingTime: 30
+
+# -- oauth configuration
+oauth:
+  # -- url of the identity provider service
+  hostname: ""
+  # -- technical user keycloak central id credentials
+  # -- note: this credentials need to have access to the Discovery Finder, BPN Discovery and EDC Discovery
+  techUser:
+    clientId: "<Add client id here>"
+    clientSecret: "<Add client secret here>"
+  realm: ""
+  appId: ""
+  onLoad: "login-required"
+  # -- configure here the bpn check for the application
+  bpnCheck:
+    enabled: false
+    # -- this bpn needs to be included in the user login information when the check is enabled
+    bpn: *bpn
+  # -- the role check checks if the user has access roles for the appId  
+  roleCheck:
+    enabled: false  
+
 # Following Catena-X Helm Best Practices @url: https://catenax-ng.github.io/docs/kubernetes-basics/helm
 # @url: https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
 resources:
@@ -206,4 +218,4 @@ nodeSelector: {}
 tolerations: []
 
 # [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) to configure which nodes the pods can be scheduled on
-affinity: {}
+affinity: {}

entrypoint.sh

@@ -39,6 +39,7 @@ do
 	sed -i 's|KEYCLOAK_ONLOAD|'${KEYCLOAK_ONLOAD}'|g' $file
 	sed -i 's|REPO_COMMIT_ID|'${REPO_COMMIT_ID}'|g' $file
 	sed -i 's|REPO_ENDPOINT_URL|'${REPO_ENDPOINT_URL}'|g' $file
+	sed -i 's|AUTH_ROLE_CHECK|'${AUTH_BPN_CHECK}'|g' $file
 	sed -i 's|AUTH_BPN_CHECK|'${AUTH_BPN_CHECK}'|g' $file
 	sed -i 's|AUTH_BPN_NUMBER|'${AUTH_BPN_NUMBER}'|g' $file
 	sed -i 's|APP_PORTAL_URL|'${APP_PORTAL_URL}'|g' $file

src/components/general/Footer.vue

@@ -30,55 +30,55 @@
           <a
             id="lnkHelp"
             target="_blank"
-            href="https://portal.int.demo.catena-x.net/documentation/?path=docs"
+            :href="portalUrl+'/documentation/?path=docs'"
             >Help</a
           >
         </div>
         <div>
           <a
             id="lnkHelp"
             target="_blank"
-            href="https://portal.int.demo.catena-x.net/contact"
+            :href="portalUrl+'/contact'"
             >Contact</a
           >
         </div>
         <div>
           <a
             id="lnkHelp"
             target="_blank"
-            href="https://portal.int.demo.catena-x.net/imprint"
+            :href="portalUrl+'/imprint'"
             >Imprint</a
           >
         </div>
         <div>
           <a
             id="lnkHelp"
             target="_blank"
-            href="https://portal.int.demo.catena-x.net/privacy"
+            :href="portalUrl+'/privacy'"
             >Privacy</a
           >
         </div>
         <div>
           <a
             id="lnkHelp"
             target="_blank"
-            href="https://portal.int.demo.catena-x.net/terms"
+            :href="portalUrl+'/terms'"
             >Terms of Service</a
           >
         </div>
         <div>
           <a
             id="lnkHelp"
             target="_blank"
-            href="https://portal.int.demo.catena-x.net/cookiepolicy"
+            :href="portalUrl+'/cookiepolicy'"
             >Cookies</a
           >
         </div>
         <div>
           <a
             id="lnkHelp"
             target="_blank"
-            href="https://portal.int.demo.catena-x.net/thirdpartylicenses"
+            :href="portalUrl+'/thirdpartylicenses'"
             >Third Party Licenses</a
           >
         </div>
@@ -147,7 +147,7 @@
 </template>
 
 <script>
-import { VERSION, REPO_ENDPOINT, COMMIT_ID } from "@/services/service.const";
+import { VERSION, REPO_ENDPOINT, COMMIT_ID, PORTAL_URL } from "@/services/service.const";
 import DialogComponent from "../general/Dialog.vue";
 export default {
   name: "FooterComponent",
@@ -157,6 +157,7 @@ export default {
   data() {
     return {
       baseCommitUrl: REPO_ENDPOINT+'/blob/'+COMMIT_ID,
+      portalUrl: PORTAL_URL
     };
   },
   computed: {