Forward port changes from main

Merge branch 'main' into pre-merge-fwport

CHANGELOG.md

@@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [0.9.0-dev] - Unreleased
+### Added
+- Allow generating admin JWT using `gen-edgehog-jwt`.
+### Changed
+- Change logo and brand images with the latest brand revision.
 
 ## [0.8.0] - 2024-03-29
 ### Changed

doc/pages/admin/deploying_with_kubernetes.md

@@ -789,7 +789,7 @@ repo](https://github.com/edgehog-device-manager/edgehog/tree/main/tools).
 
 ```bash
 $ pip3 install pyjwt
-$ ./gen-edgehog-jwt -k <PATH-TO-TENANT-PRIVATE-KEY>
+$ ./gen-edgehog-jwt -t tenant -k <PATH-TO-TENANT-PRIVATE-KEY>
 ```
 
 Values to be replaced

doc/pages/tutorials/edgehog_in_5_minutes.md

@@ -130,13 +130,13 @@ $ cd tools && pip install -r requirements.txt
 Now you can generate the login token with
 
 ```sh
-$ ./gen-edgehog-jwt -k ../acme_private.pem
+$ ./gen-edgehog-jwt -t tenant -k ../acme_private.pem
 ```
 
 > If in the previous section you had decided not to use a custom key, use this command instead
 >
 > ```sh
-> $ ./gen-edgehog-jwt -k ../backend/priv/repo/seeds/keys/tenant_private.pem
+> $ ./gen-edgehog-jwt -t tenant -k ../backend/priv/repo/seeds/keys/tenant_private.pem
 > ```
 
 You can finally navigate to `http://edgehog.localhost` in your browser and login to the

frontend/index.html

@@ -29,7 +29,7 @@
     <meta name="viewport" content="width=device-width, initial-scale=1" />
     <meta name="theme-color" content="#000000" />
     <meta name="description" content="Edgehog" />
-    <link rel="apple-touch-icon" href="/logo192.png" />
+    <link rel="apple-touch-icon" href="/logo.png" />
     <link rel="manifest" href="/manifest.json" />
     <link
       rel="stylesheet"

frontend/public/logo.png.license

@@ -0,0 +1,3 @@
+SPDX-FileCopyrightText: 2024 SECO Mind Srl
+
+SPDX-License-Identifier: Apache-2.0

frontend/public/manifest.json

@@ -3,9 +3,9 @@
   "name": "Edgehog",
   "icons": [
     {
-      "src": "logo192.png",
+      "src": "logo.png",
       "type": "image/png",
-      "sizes": "192x192"
+      "sizes": "554x554"
     }
   ],
   "start_url": ".",

frontend/src/assets/images/logo.png.license

@@ -0,0 +1,3 @@
+SPDX-FileCopyrightText: 2024 SECO Mind Srl
+
+SPDX-License-Identifier: Apache-2.0

frontend/src/assets/index.ts

@@ -19,10 +19,12 @@
 */
 
 import brand from "assets/images/brand.png";
+import logo from "assets/images/logo.png";
 
 const assets = {
   images: {
     brand,
+    logo,
   },
 };
 

frontend/src/components/AuthPage.tsx

@@ -47,7 +47,11 @@ const AuthPage = ({ children }: AuthPageProps) => {
             className="d-flex flex-column justify-content-center p-4"
           >
             <Card.Body>
-              <h1 className="d-lg-none text-center mb-4">Edgehog</h1>
+              <Card.Img
+                className="d-lg-none text-center mb-4"
+                src={assets.images.brand}
+                alt="Edgehog"
+              />
               {children}
             </Card.Body>
           </Col>

frontend/src/components/Footer.tsx

@@ -43,7 +43,7 @@ const Footer = ({
 }: FooterProps) => {
   const intl = useIntl();
   return (
-    <footer className="pt-2 pb-1 border-top">
+    <footer className="py-2 border-top">
       <Center>
         <div>
           <Stack gap={2} direction="horizontal">
@@ -59,7 +59,8 @@ const Footer = ({
                   id: "components.Footer.logo",
                   defaultMessage: "Logo",
                 })}
-                src={assets.images.brand}
+                className="py-1"
+                src={assets.images.logo}
               />
             </a>
             <span>

tools/gen-edgehog-jwt

@@ -2,7 +2,7 @@
 #
 # This file is part of Edgehog.
 #
-# Copyright 2021 SECO Mind Srl
+# Copyright 2021-2024 SECO Mind Srl
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -23,25 +23,30 @@ import argparse
 import datetime
 import jwt
 
-default_auth_paths = [".*::.*"]
+default_claim_payload = "*"
 
 if __name__ == "__main__":
     parser = argparse.ArgumentParser(description="Generate a valid JWT for Edgehog")
     parser.add_argument("-k", "--private-key", type=str, required=True, help="Path to the private key file for signing "\
         "the Authorization token.")
     parser.add_argument("-e", "--expiry", type=int, required=False, default=86400, help="Expiry of the token in seconds. "\
         "If 0, the token never expires. Defaults to 24 hours.")
-    parser.add_argument("-a", "--auth-paths", type=str, required=False, nargs='+', default=default_auth_paths,
-        help="Defines a series of regular expressions for path-based authorization.")
+    parser.add_argument("-t", "--token-type", required=True, choices=["tenant", "admin"], help="The type of token to "\
+        "generate. `tenant` generates a token for the Tenant GraphQL API, `admin` generates a token for the Admin REST API.")
     args = parser.parse_args()
     args_map = vars(args)
 
     with open(args_map["private_key"], "r") as pk:
         private_key_pem = pk.read()
 
-        auth_paths = args_map["auth_paths"]
         now = datetime.datetime.utcnow()
-        claims = {"e_tga": auth_paths, "iat": now}
+        claims = {"iat": now}
+        if args_map["token_type"] == "tenant":
+            # Currently claims can have any payload, we just pass "*"
+            claims["e_tga"] = default_claim_payload
+        else:
+            # Currently claims can have any payload, we just pass "*"
+            claims["e_ara"] = default_claim_payload
         expiry = args_map["expiry"]
         if expiry > 0:
             claims["exp"] = now + datetime.timedelta(seconds=expiry)