update dependencies to address cves

src/frontend/packages/core/src/app.module.ts

@@ -138,7 +138,8 @@ export class AppModule {
     private store: Store<GeneralEntityAppState>,
     eventService: GlobalEventService,
     private userFavoriteManager: UserFavoriteManager,
-    ech: EntityCatalogHelper
+    ech: EntityCatalogHelper,
+    customizationService: CustomizationService,
   ) {
     EntityCatalogHelpers.SetEntityCatalogHelper(ech);
 
@@ -254,6 +255,9 @@ export class AppModule {
         });
       }
     );
+
+    customizationService.setAppNameFromTitle();
+    customizationService.get().appName = 'Zuun';
   }
 
   private syncFavorite(favorite: UserFavorite<IFavoriteMetadata>, entities: GeneralRequestDataState) {

src/frontend/packages/core/src/core/customizations.types.ts

@@ -7,6 +7,7 @@ export interface CustomizationsMetadata {
   hasEula?: boolean;
   copyright?: string;
   logoText?: string;
+  appName?: string;
   aboutInfoComponent?: any;
   supportInfoComponent?: any;
   noEndpointsComponent?: any;
@@ -22,4 +23,10 @@ export class CustomizationService {
 
   set = (cm: CustomizationsMetadata) => this.customizationMetadata = cm;
   get = () => this.customizationMetadata;
+
+  setAppNameFromTitle() {
+    if (!this.customizationMetadata.appName) {
+      this.customizationMetadata.appName = document.title || 'Stratos';
+    }
+  }
 }

src/frontend/packages/core/src/features/about/about-page/about-page.component.html

@@ -3,7 +3,7 @@
   <app-stratos-title></app-stratos-title>
   <div class="about-page">
     <div class="about-page__version">{{ (versionNumber$ | async) }}</div>
-    <div class="about-page__title">Stratos provides an easy-to-use web-based UI that allows developers and administrators to manage their applications and Cloud Foundry deployments</div>
+    <div class="about-page__title"><app-product-name></app-product-name> provides an easy-to-use web-based UI that allows developers and administrators to manage their applications and Cloud Foundry deployments</div>
   </div>
 </mat-card>
 <ng-template #aboutInfoContainer></ng-template>

src/frontend/packages/core/src/features/api-keys/api-keys-page/api-keys-page.component.html

@@ -14,7 +14,7 @@ <h1>API Keys</h1>
       <mat-icon>vpn_key</mat-icon>New API Key
     </mat-card-header>
     <mat-card-content>
-      <p>Your API Key has been successfully created. Use the following information to connect to Stratos.</p>
+      <p>Your API Key has been successfully created. Use the following information to connect to <app-product-name></app-product-name>.</p>
       <p><i>Please safely record these details, there is no later way to view them</i></p>
       <ul>
         <li id="apikey-secret">Secret: {{keyDetails.secret}}</li>

src/frontend/packages/core/src/features/endpoints/backup-restore/restore-endpoints/restore-endpoints.component.html

@@ -18,7 +18,7 @@ <h1>Restore Endpoints</h1>
         <div *ngIf="!!service.unparsableFileContent || !(service.validDb$ | async)" class="file-step__error">
           <div *ngIf="!service.unparsableFileContent && !(service.validDb$ | async)" class="file-step__chunk">
             <p>
-              <mat-icon>warning</mat-icon> The database version of Stratos
+              <mat-icon>warning</mat-icon> The database version of <app-product-name></app-product-name>
               (<code>{{service.currentDbVersion$ | async}}</code>) and the backup
               (<code>{{file.content.dbVersion}}</code>) are different. Restoring this file may have adverse affects.
             </p>

src/frontend/packages/core/src/features/endpoints/connect-endpoint-dialog/auth-forms/sso-auth-form.component.html

@@ -1,5 +1,5 @@
 <div [formGroup]="formGroup">
   <div formGroupName="authValues" class="sso-auth__form">
-    <p>You will be redirected to the Single Sign-On UI for this endpoint and returned to Stratos upon completion.</p>
+    <p>You will be redirected to the Single Sign-On UI for this endpoint and returned to <app-product-name></app-product-name> upon completion.</p>
   </div>
 </div>

src/frontend/packages/core/src/features/endpoints/create-endpoint/create-endpoint-cf-step-1/create-endpoint-cf-step-1.component.html

@@ -18,10 +18,12 @@ <h1 class="create-endpoint__section-title">{{endpoint.definition.label}} Informa
     formControlName="createSystemEndpointField" (change)="toggleCreateSystemEndpoint()"
     [ngClass]="{'hide': fixedUrl, 'show': !fixedUrl}">Create a system endpoint (visible to all users)
   </mat-checkbox>
-  <mat-checkbox matInput name="skipSll" formControlName="skipSllField"
-    [ngClass]="{'hide': fixedUrl, 'show': !fixedUrl}">Skip SSL validation for the
-    endpoint
-  </mat-checkbox>
+  <mat-checkbox [disabled]="showCACertField" matInput name="skipSSL" formControlName="skipSSLField">Skip SSL validation for the endpoint</mat-checkbox>
+  <mat-checkbox matInput (change)="toggleCACertField()">Use a CA Certificate for the endpoint</mat-checkbox>
+  <div [ngClass]="{'create-endpoint__shown': showCACertField}" class="create-endpoint__advanced" spellcheck=false>
+    <span class="create-endpoint__cacert-title">Specify CA Certificate:</span>
+    <textarea rows="10" class="create-endpoint__cacert" matInput formControlName="caCertField" name="caCert"></textarea>
+  </div>
   <div [ngClass]="{'hide': !showAdvancedFields, 'show': showAdvancedFields}" class="create-endpoint__section">
     <mat-checkbox matInput (change)="toggleAdvancedOptions()">Show Advanced Options</mat-checkbox>
     <div [ngClass]="{'create-endpoint__shown': showAdvancedOptions}" class="create-endpoint__advanced">
@@ -47,7 +49,7 @@ <h1>Advanced Options</h1>
     </mat-checkbox>
     <div *ngIf="!!registerForm.controls.ssoAllowedField.value">
       <p>
-        Please ensure that you have added the Stratos SSO Callback URL shown below to the client's 'redirect_uri'.
+        Please ensure that you have added the <app-product-name></app-product-name> SSO Callback URL shown below to the client's 'redirect_uri'.
       </p>
       <pre>{{clientRedirectURI}}</pre>
     </div>

src/frontend/packages/core/src/features/endpoints/create-endpoint/create-endpoint-cf-step-1/create-endpoint-cf-step-1.component.scss

@@ -1,10 +1,12 @@
+$checkbox-margin: 30px;
+
 :host {
   height: 100%;
   width: 100%;
 }
 
 mat-checkbox {
-  padding-top: 40px;
+  padding-top: $checkbox-margin;
 }
 
 form.stepper-form {
@@ -20,14 +22,14 @@ form.stepper-form {
 
 .create-endpoint {
   &__section {
-    margin-top: 40px;
+    margin-top: $checkbox-margin;
 
     &-title {
       font-size: 16px;
     }
   }
   &__sso {
-    margin-top: 40px;
+    margin-top: $checkbox-margin;
   }
   &__advanced {
     display: flex;
@@ -46,6 +48,16 @@ form.stepper-form {
   &__shown {
     height: auto;
   }
+  &__cacert-title {
+    font-size: 14px;
+    margin: 10px 0;
+  }
+  &__cacert {
+    font-family: "Source Code Pro";
+    font-size: 14px;
+    line-break: anywhere;
+    max-width: 580px;
+  } 
 }
 
 .hide {

src/frontend/packages/core/src/features/endpoints/create-endpoint/create-endpoint-cf-step-1/create-endpoint-cf-step-1.component.ts

@@ -56,7 +56,9 @@ export class CreateEndpointCfStep1Component extends CreateEndpointHelperComponen
   endpoint: StratosCatalogEndpointEntity;
   show = false;
 
+  showCACertField = false;
   showAdvancedOptions = false;
+  lastSkipSSLValue = false;
 
   constructor(
     private fb: UntypedFormBuilder,
@@ -71,12 +73,13 @@ export class CreateEndpointCfStep1Component extends CreateEndpointHelperComponen
     this.registerForm = this.fb.group({
       nameField: ['', [Validators.required]],
       urlField: ['', [Validators.required]],
-      skipSllField: [false, []],
+      skipSSLField: [false, []],
       ssoAllowedField: [false, []],
       // Optional Client ID and Client Secret
       clientIDField: ['', []],
       clientSecretField: ['', []],
       createSystemEndpointField: [true, []],
+      caCertField: ['', []],
     });
 
     const epType = getIdFromRoute(activatedRoute, 'type');
@@ -90,16 +93,24 @@ export class CreateEndpointCfStep1Component extends CreateEndpointHelperComponen
 
   onNext: StepOnNextFunction = () => {
     const { subType, type } = this.endpoint.getTypeAndSubtype();
+
+    // SSL Setttings
+    let sslAllow = this.registerForm.value.skipSSLField;
+    if (this.showCACertField) {
+      sslAllow = false;
+    }
+
     return stratosEntityCatalog.endpoint.api.register<ActionState>(
       type,
       subType,
       this.registerForm.value.nameField,
       this.registerForm.value.urlField,
-      this.registerForm.value.skipSllField,
+      sslAllow,
       this.registerForm.value.clientIDField,
       this.registerForm.value.clientSecretField,
       this.registerForm.value.ssoAllowedField,
       this.registerForm.value.createSystemEndpointField,
+      this.registerForm.value.caCertField,
     ).pipe(
       pairwise(),
       filter(([oldVal, newVal]) => (oldVal.busy && !newVal.busy)),
@@ -150,6 +161,16 @@ export class CreateEndpointCfStep1Component extends CreateEndpointHelperComponen
     this.showAdvancedOptions = !this.showAdvancedOptions;
   }
 
+  toggleCACertField() {
+    this.showCACertField = !this.showCACertField;
+    if (this.showCACertField) {
+      this.lastSkipSSLValue = this.registerForm.value.skipSSLField;
+      this.registerForm.controls.skipSSLField.setValue(false);
+    } else {
+      this.registerForm.controls.skipSSLField.setValue(this.lastSkipSSLValue);
+    }
+  }
+
   toggleCreateSystemEndpoint() {
     // wait a tick for validators to adjust to new data in the directive
     setTimeout(() => {

src/frontend/packages/core/src/features/endpoints/edit-endpoint/edit-endpoint-step/edit-endpoint-step.component.html

@@ -12,12 +12,15 @@ <h1 class="edit-endpoint__section-title">{{definition.label}} Information</h1>
     </mat-form-field>
     <mat-checkbox matInput name="skipSSL" formControlName="skipSSL">Skip SSL validation for the endpoint
     </mat-checkbox>
+    <mat-checkbox checked="showCACertField" matInput (change)="toggleCACertField()">Use a CA Certificate for the endpoint</mat-checkbox>
+    <div [ngClass]="{'edit-endpoint__shown': showCACertField}" class="edit-endpoint__advanced" spellcheck=false>
+      <span class="edit-endpoint__cacert-title">Specify CA Certificate:</span>
+      <textarea rows="10" class="edit-endpoint__cacert" matInput formControlName="caCert" name="caCert"></textarea>
+    </div>
     <div *ngIf="showAdvancedFields" class="edit-endpoint__section">
       <h1 class="edit-endpoint__section-title">Advanced Information (Optional)</h1>
-
       <mat-checkbox matInput name="setClientInfo" formControlName="setClientInfo">Update Client ID and Client Secret
       </mat-checkbox>
-
       <mat-form-field>
         <input matInput id="client_id" name="client_id" formControlName="clientID" placeholder="Client ID" required>
         <mat-error *ngIf="clientID.errors && clientID.errors.required">Client ID is required</mat-error>
@@ -36,7 +39,7 @@ <h1 class="edit-endpoint__section-title">Advanced Information (Optional)</h1>
       </mat-checkbox>
       <div *ngIf="editEndpoint.value.allowSSO">
         <p>
-          Please ensure that you have added the Stratos SSO Callback URL shown below to the client's 'redirect_uri'.
+          Please ensure that you have added the <app-product-name></app-product-name> SSO Callback URL shown below to the client's 'redirect_uri'.
         </p>
         <pre>{{clientRedirectURI}}</pre>
       </div>

src/frontend/packages/core/src/features/endpoints/edit-endpoint/edit-endpoint-step/edit-endpoint-step.component.scss

@@ -1,20 +1,53 @@
+$checkbox-margin: 30px;
+
 :host {
   flex: 1;
 }
 
 mat-checkbox {
-  padding-top: 40px;
+  padding-top: $checkbox-margin;
+}
+
+form.stepper-form {
+  max-width: unset;
+  mat-form-field,
+  mat-checkbox {
+    max-width: 450px;
+  }
+  P {
+    max-width: unset;
+  }
 }
 
 .edit-endpoint {
   &__section {
-    margin-top: 40px;
+    margin-top: $checkbox-margin;
 
     &-title {
       font-size: 16px;
     }
   }
   &__sso {
-    margin-top: 40px;
+    margin-top: $checkbox-margin;
+  }
+  &__advanced {
+    display: flex;
+    flex-direction: column;
+    height: 0;
+    margin-left: 24px;
+    overflow: hidden;
+  }
+  &__cacert-title {
+    font-size: 14px;
+    margin: 10px 0;
+  }
+  &__cacert {
+    font-family: "Source Code Pro";
+    font-size: 14px;
+    line-break: anywhere;
+    max-width: 580px;
+  }  
+  &__shown {
+    height: auto;
   }
 }

src/frontend/packages/core/src/features/endpoints/edit-endpoint/edit-endpoint-step/edit-endpoint-step.component.ts

@@ -43,6 +43,8 @@ export class EditEndpointStepComponent implements OnDestroy, IStepperStep {
   formChangeSub: Subscription;
   setClientInfo = false;
   show = false;
+  showCACertField = false;
+  lastSkipSSLValue = false;
 
   constructor(
     activatedRoute: ActivatedRoute,
@@ -90,6 +92,9 @@ export class EditEndpointStepComponent implements OnDestroy, IStepperStep {
       first()
     ).subscribe(endpoint => {
       this.setAdvancedFields(endpoint);
+      this.lastSkipSSLValue = endpoint.skip_ssl_validation;
+      this.showCACertField = !!endpoint.caCert;
+      this.updateSSLFieldCheckbox();
       this.editEndpoint.setValue({
         name: endpoint.name,
         url: getFullEndpointApiUrl(endpoint),
@@ -130,17 +135,20 @@ export class EditEndpointStepComponent implements OnDestroy, IStepperStep {
     return this.endpoint$.pipe(
       first(),
       switchMap(endpoint => {
+        const caCert = this.showCACertField ? this.editEndpoint.value.caCert : undefined;
+        const skipSSL = this.showCACertField ? false : this.editEndpoint.value.skipSSL;
         return stratosEntityCatalog.endpoint.api.update<ActionState>(
           this.endpointID,
           this.endpointID, {
           endpointType: endpoint.cnsi_type,
           id: this.endpointID,
           name: this.editEndpoint.value.name,
-          skipSSL: this.editEndpoint.value.skipSSL,
+          skipSSL,
           setClientInfo: this.editEndpoint.value.setClientInfo,
           clientID: this.editEndpoint.value.clientID,
           clientSecret: this.editEndpoint.value.clientSecret,
           allowSSO: this.editEndpoint.value.allowSSO,
+          caCert,
         }
         ).pipe(
           pairwise(),
@@ -170,4 +178,22 @@ export class EditEndpointStepComponent implements OnDestroy, IStepperStep {
     this.endpointTypeSupportsSSO = isCloudFoundry;
   }
 
+  toggleCACertField() {
+    this.showCACertField = !this.showCACertField;
+    if (this.showCACertField) {
+      this.lastSkipSSLValue = this.editEndpoint.value.skipSSL;
+      this.editEndpoint.controls.skipSSL.setValue(false);
+    } else {
+      this.editEndpoint.controls.skipSSL.setValue(this.lastSkipSSLValue);
+    }
+    this.updateSSLFieldCheckbox();
+  }
+
+  private updateSSLFieldCheckbox() {
+    if (this.showCACertField) {
+      this.editEndpoint.controls.skipSSL.disable();
+    } else {
+      this.editEndpoint.controls.skipSSL.enable();
+    }
+  }
 }

src/frontend/packages/core/src/features/metrics/metrics/metrics.component.html

@@ -11,7 +11,7 @@ <h2 class="metrics-url">
             <a target="metrics" href="{{ ep.provider.token_endpoint }}">{{ ep.provider.token_endpoint }}</a>
           </h2>
           <div *ngIf="error">
-            <p>This metrics endpoint does not provide a Stratos metadata file</p>
+            <p>This metrics endpoint does not provide a <app-product-name></app-product-name> metadata file</p>
           </div>
         </div>
       </div>
@@ -61,10 +61,10 @@ <h2 class="metrics-url">
                     <div class="metrics-unknown">
                       <mat-icon class="text-warning">warning</mat-icon>
                       <div>The metrics endpoint reports that it provides data for this endpoint which is not registered
-                        with Stratos</div>
+                        with <app-product-name></app-product-name></div>
                     </div>
                     <div class="metrics-unknown__detail">This could be intentional or there may be a mismatch in the
-                      endpoint address used by this Metrics endpoint and that which is registered with Stratos.</div>
+                      endpoint address used by this Metrics endpoint and that which is registered with <app-product-name></app-product-name>.</div>
                   </div>
                 </div>
               </div>

src/frontend/packages/core/src/features/no-endpoints-non-admin/no-endpoints-non-admin.component.html

@@ -1,10 +1,10 @@
 <app-page-header [logoutOnly]="true">
-  Stratos
+  <app-product-name></app-product-name>
 </app-page-header>
 
 <app-show-page-header></app-show-page-header>
 
 <app-no-content-message class="full-screen-centered" [icon]="'device_hub'"
   [firstLine]="'There are no registered endpoints'" [secondLine]="{
-  text: 'In order to use Stratos, you must connect to a registered endpoint. Registered endpoints are provided by your system administrator. Please contact your administrator about registering endpoints.'
+  text: 'At least one registered endpoint is required to continue. Registered endpoints are provided by your system administrator. Please contact your administrator.'
 }"></app-no-content-message>