Fixes issue with multi-tenancy and default route to use corresponding default route for the selected tenant (#1820)

* Include saved tenant in login request for basic auth

Signed-off-by: Craig Perkins <cwperx@amazon.com>

* Add tests for including security_tenant in login

Signed-off-by: Craig Perkins <cwperx@amazon.com>

* Simplify test

Signed-off-by: Craig Perkins <cwperx@amazon.com>

---------

Signed-off-by: Craig Perkins <cwperx@amazon.com>
Co-authored-by: Darshit Chanpura <35282393+DarshitChanpura@users.noreply.github.com>
Co-authored-by: Peter Nied <petern@amazon.com>

Author: 3 people

public/apps/login/login-page.tsx

@@ -35,6 +35,7 @@ import {
   OPENID_AUTH_LOGIN_WITH_FRAGMENT,
   SAML_AUTH_LOGIN_WITH_FRAGMENT,
 } from '../../../common';
+import { getSavedTenant } from '../../utils/storage-utils';
 
 interface LoginPageDeps {
   http: CoreStart['http'];
@@ -49,16 +50,34 @@ interface LoginButtonConfig {
   buttonstyle: string;
 }
 
-function redirect(serverBasePath: string) {
-  // navigate to nextUrl
+export function getNextPath(serverBasePath: string) {
   const urlParams = new URLSearchParams(window.location.search);
   let nextUrl = urlParams.get('nextUrl');
   if (!nextUrl || nextUrl.toLowerCase().includes('//')) {
     // Appending the next url with trailing slash. We do so because in case the serverBasePath is empty, we can simply
     // redirect to '/'.
     nextUrl = serverBasePath + '/';
   }
-  window.location.href = nextUrl + window.location.hash;
+  const savedTenant = getSavedTenant();
+  const url = new URL(
+    window.location.protocol + '//' + window.location.host + nextUrl + window.location.hash
+  );
+  if (
+    !!savedTenant &&
+    !(
+      url.searchParams.has('security_tenant') ||
+      url.searchParams.has('securitytenant') ||
+      url.searchParams.has('securityTenant_')
+    )
+  ) {
+    url.searchParams.append('security_tenant', savedTenant);
+  }
+  return url.pathname + url.search + url.hash;
+}
+
+function redirect(serverBasePath: string) {
+  // navigate to nextUrl
+  window.location.href = getNextPath(serverBasePath);
 }
 
 export function extractNextUrlFromWindowLocation(): string {

public/apps/login/test/login-page.test.tsx

@@ -16,11 +16,12 @@
 import { shallow } from 'enzyme';
 import React from 'react';
 import { ClientConfigType } from '../../../types';
-import { LoginPage, extractNextUrlFromWindowLocation } from '../login-page';
+import { LoginPage, extractNextUrlFromWindowLocation, getNextPath } from '../login-page';
 import { validateCurrentPassword } from '../../../utils/login-utils';
 import { API_AUTH_LOGOUT } from '../../../../common';
 import { chromeServiceMock } from '../../../../../../src/core/public/mocks';
 import { AuthType } from '../../../../common';
+import { setSavedTenant } from '../../../utils/storage-utils';
 
 jest.mock('../../../utils/login-utils', () => ({
   validateCurrentPassword: jest.fn(),
@@ -85,6 +86,45 @@ describe('test extractNextUrlFromWindowLocation', () => {
   });
 });
 
+describe('test redirect', () => {
+  test('extract redirect excludes security_tenant when no tenant in local storage', () => {
+    // Trick to mock window.location
+    const originalLocation = window.location;
+    delete window.location;
+    window.location = new URL('http://localhost:5601/app/login?nextUrl=%2Fapp%2Fdashboards') as any;
+    setSavedTenant(null);
+    const nextPath = getNextPath('');
+    expect(nextPath).toEqual('/app/dashboards');
+    window.location = originalLocation;
+  });
+
+  test('extract redirect includes security_tenant when tenant in local storage', () => {
+    const originalLocation = window.location;
+    delete window.location;
+    window.location = new URL('http://localhost:5601/app/login?nextUrl=%2Fapp%2Fdashboards');
+    setSavedTenant('custom');
+    const nextPath = getNextPath('');
+    expect(nextPath).toEqual('/app/dashboards?security_tenant=custom');
+    setSavedTenant(null);
+    window.location = originalLocation;
+  });
+
+  test('extract redirect includes security_tenant when tenant in local storage, existing url params and hash', () => {
+    const originalLocation = window.location;
+    delete window.location;
+    window.location = new URL(
+      "http://localhost:5601/app/login?nextUrl=%2Fapp%2Fdashboards?param1=value1#/view/7adfa750-4c81-11e8-b3d7-01146121b73d?_g=(filters:!(),refreshInterval:(pause:!f,value:900000),time:(from:now-24h,to:now))&_a=(description:'Analyze%20mock%20flight%20data%20for%20OpenSearch-Air,%20Logstash%20Airways,%20OpenSearch%20Dashboards%20Airlines%20and%20BeatsWest',filters:!(),fullScreenMode:!f,options:(hidePanelTitles:!f,useMargins:!t),query:(language:kuery,query:''),timeRestore:!t,title:'%5BFlights%5D%20Global%20Flight%20Dashboard',viewMode:view)"
+    );
+    setSavedTenant('custom');
+    const nextPath = getNextPath('');
+    expect(nextPath).toEqual(
+      "/app/dashboards?param1=value1&security_tenant=custom#/view/7adfa750-4c81-11e8-b3d7-01146121b73d?_g=(filters:!(),refreshInterval:(pause:!f,value:900000),time:(from:now-24h,to:now))&_a=(description:'Analyze%20mock%20flight%20data%20for%20OpenSearch-Air,%20Logstash%20Airways,%20OpenSearch%20Dashboards%20Airlines%20and%20BeatsWest',filters:!(),fullScreenMode:!f,options:(hidePanelTitles:!f,useMargins:!t),query:(language:kuery,query:''),timeRestore:!t,title:'%5BFlights%5D%20Global%20Flight%20Dashboard',viewMode:view)"
+    );
+    setSavedTenant(null);
+    window.location = originalLocation;
+  });
+});
+
 describe('Login page', () => {
   let chrome: ReturnType<typeof chromeServiceMock.createStartContract>;
   const mockHttpStart = {