feat: support resource owner password credentials grant

Signed-off-by: hongming <talonwan@yunify.com>

cmd/ks-iam/app/options/options.go

@@ -27,6 +27,7 @@ import (
 	"kubesphere.io/kubesphere/pkg/simple/client/mysql"
 	"kubesphere.io/kubesphere/pkg/simple/client/redis"
 	"strings"
+	"time"
 )
 
 type ServerRunOptions struct {
@@ -37,7 +38,7 @@ type ServerRunOptions struct {
 	MySQLOptions            *mysql.MySQLOptions
 	AdminEmail              string
 	AdminPassword           string
-	TokenIdleTimeout        string
+	TokenIdleTimeout        time.Duration
 	JWTSecret               string
 	AuthRateLimit           string
 	EnableMultiLogin        bool
@@ -61,7 +62,7 @@ func (s *ServerRunOptions) Flags() (fss cliflag.NamedFlagSets) {
 	s.GenericServerRunOptions.AddFlags(fs)
 	fs.StringVar(&s.AdminEmail, "admin-email", "admin@kubesphere.io", "default administrator's email")
 	fs.StringVar(&s.AdminPassword, "admin-password", "passw0rd", "default administrator's password")
-	fs.StringVar(&s.TokenIdleTimeout, "token-idle-timeout", "30m", "tokens that are idle beyond that time will expire,0s means the token has no expiration time. valid time units are \"ns\",\"us\",\"ms\",\"s\",\"m\",\"h\"")
+	fs.DurationVar(&s.TokenIdleTimeout, "token-idle-timeout", 30*time.Minute, "tokens that are idle beyond that time will expire,0s means the token has no expiration time. valid time units are \"ns\",\"us\",\"ms\",\"s\",\"m\",\"h\"")
 	fs.StringVar(&s.JWTSecret, "jwt-secret", "", "jwt secret")
 	fs.StringVar(&s.AuthRateLimit, "auth-rate-limit", "5/30m", "specifies the maximum number of authentication attempts permitted and time interval,valid time units are \"s\",\"m\",\"h\"")
 	fs.BoolVar(&s.EnableMultiLogin, "enable-multi-login", false, "allow one account to have multiple sessions")