admin/kubesphere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor authenticator

Browse Source 
Signed-off-by: hongming <hongming@kubesphere.io>
This commit is contained in:
hongming
2021-08-17 11:34:51 +08:00
parent 83df7d1ffd
commit 4b5b1c64bc
41 changed files with 1923 additions and 758 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/apiserver/authentication/identityprovider/aliyunidaas/idaas.go
View File

@@ -17,10 +17,10 @@ limitations under the License.
package aliyunidaas
import (
"context"
"encoding/json"
"errors"
"io/ioutil"
"net/http"
"github.com/mitchellh/mapstructure"
@@ -120,13 +120,16 @@ func (a idaasIdentity) GetEmail() string {
return a.Email
}
func (a *aliyunIDaaS) IdentityExchange(code string) (identityprovider.Identity, error) {
token, err := a.Config.Exchange(context.TODO(), code)
func (a *aliyunIDaaS) IdentityExchangeCallback(req *http.Request) (identityprovider.Identity, error) {
// OAuth2 callback, see also https://tools.ietf.org/html/rfc6749#section-4.1.2
code := req.URL.Query().Get("code")
ctx := req.Context()
token, err := a.Config.Exchange(ctx, code)
if err != nil {
return nil, err
}
resp, err := oauth2.NewClient(context.TODO(), oauth2.StaticTokenSource(token)).Get(a.Endpoint.UserInfoURL)
resp, err := oauth2.NewClient(ctx, oauth2.StaticTokenSource(token)).Get(a.Endpoint.UserInfoURL)
if err != nil {
return nil, err
}

6
pkg/apiserver/authentication/identityprovider/aliyunidaas/idaas_test.go
View File

@@ -53,7 +53,7 @@ endpoint:
userInfoUrl: "https://xxxxx.login.aliyunidaas.com/api/bff/v1.2/oauth2/userinfo"
authURL: "https://xxxx.login.aliyunidaas.com/oauth/authorize"
tokenURL: "https://xxxx.login.aliyunidaas.com/oauth/token"
redirectURL: "http://ks-console/oauth/redirect"
redirectURL: "https://console.kubesphere.io/oauth/redirect/idaas"
scopes:
- read
`)},
@@ -65,7 +65,7 @@ scopes:
TokenURL: "https://xxxx.login.aliyunidaas.com/oauth/token",
UserInfoURL: "https://xxxxx.login.aliyunidaas.com/api/bff/v1.2/oauth2/userinfo",
},
RedirectURL: "http://ks-console/oauth/redirect",
RedirectURL: "https://console.kubesphere.io/oauth/redirect/idaas",
Scopes: []string{"read"},
Config: &oauth2.Config{
ClientID: "xxxx",
@@ -75,7 +75,7 @@ scopes:
TokenURL: "https://xxxx.login.aliyunidaas.com/oauth/token",
AuthStyle: oauth2.AuthStyleAutoDetect,
},
RedirectURL: "http://ks-console/oauth/redirect",
RedirectURL: "https://console.kubesphere.io/oauth/redirect/idaas",
Scopes: []string{"read"},
},
},