Move struct DynamicOptions to package pkg/server (#5625)
* move struct DynamicOptions to package pkg/server/dynamic_options.go Signed-off-by: wenhaozhou <wenhaozhou@yunify.com> * update test types Signed-off-by: wenhaozhou <wenhaozhou@yunify.com> --------- Signed-off-by: wenhaozhou <wenhaozhou@yunify.com>
This commit is contained in:
Wenhao Zhou
@@ -27,7 +27,7 @@ import (
|
||||
"golang.org/x/oauth2"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/identityprovider"
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
)
|
||||
|
||||
func init() {
|
||||
@@ -89,9 +89,9 @@ func (f *idaasProviderFactory) Type() string {
|
||||
return "AliyunIDaaSProvider"
|
||||
}
|
||||
|
||||
func (f *idaasProviderFactory) Create(options oauth.DynamicOptions) (identityprovider.OAuthProvider, error) {
|
||||
func (f *idaasProviderFactory) Create(opts options.DynamicOptions) (identityprovider.OAuthProvider, error) {
|
||||
var idaas aliyunIDaaS
|
||||
if err := mapstructure.Decode(options, &idaas); err != nil {
|
||||
if err := mapstructure.Decode(opts, &idaas); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
idaas.Config = &oauth2.Config{
|
||||
|
||||
@@ -24,16 +24,16 @@ import (
|
||||
"gopkg.in/yaml.v3"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/identityprovider"
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
)
|
||||
|
||||
func Test_idaasProviderFactory_Create(t *testing.T) {
|
||||
type args struct {
|
||||
options oauth.DynamicOptions
|
||||
options options.DynamicOptions
|
||||
}
|
||||
|
||||
mustUnmarshalYAML := func(data string) oauth.DynamicOptions {
|
||||
var dynamicOptions oauth.DynamicOptions
|
||||
mustUnmarshalYAML := func(data string) options.DynamicOptions {
|
||||
var dynamicOptions options.DynamicOptions
|
||||
_ = yaml.Unmarshal([]byte(data), &dynamicOptions)
|
||||
return dynamicOptions
|
||||
}
|
||||
|
||||
@@ -26,7 +26,7 @@ import (
|
||||
gocas "gopkg.in/cas.v2"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/identityprovider"
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
)
|
||||
|
||||
func init() {
|
||||
@@ -63,9 +63,9 @@ func (f casProviderFactory) Type() string {
|
||||
return "CASIdentityProvider"
|
||||
}
|
||||
|
||||
func (f casProviderFactory) Create(options oauth.DynamicOptions) (identityprovider.OAuthProvider, error) {
|
||||
func (f casProviderFactory) Create(opts options.DynamicOptions) (identityprovider.OAuthProvider, error) {
|
||||
var cas cas
|
||||
if err := mapstructure.Decode(options, &cas); err != nil {
|
||||
if err := mapstructure.Decode(opts, &cas); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
casURL, err := url.Parse(cas.CASServerURL)
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
package identityprovider
|
||||
|
||||
import (
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
)
|
||||
|
||||
type GenericProvider interface {
|
||||
@@ -31,5 +31,5 @@ type GenericProviderFactory interface {
|
||||
// Type unique type of the provider
|
||||
Type() string
|
||||
// Apply the dynamic options from kubesphere-config
|
||||
Create(options oauth.DynamicOptions) (GenericProvider, error)
|
||||
Create(options options.DynamicOptions) (GenericProvider, error)
|
||||
}
|
||||
|
||||
@@ -28,7 +28,7 @@ import (
|
||||
"golang.org/x/oauth2"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/identityprovider"
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -121,9 +121,9 @@ func (g *ldapProviderFactory) Type() string {
|
||||
return "GitHubIdentityProvider"
|
||||
}
|
||||
|
||||
func (g *ldapProviderFactory) Create(options oauth.DynamicOptions) (identityprovider.OAuthProvider, error) {
|
||||
func (g *ldapProviderFactory) Create(opts options.DynamicOptions) (identityprovider.OAuthProvider, error) {
|
||||
var github github
|
||||
if err := mapstructure.Decode(options, &github); err != nil {
|
||||
if err := mapstructure.Decode(opts, &github); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@@ -137,7 +137,7 @@ func (g *ldapProviderFactory) Create(options oauth.DynamicOptions) (identityprov
|
||||
github.Endpoint.UserInfoURL = userInfoURL
|
||||
}
|
||||
// fixed options
|
||||
options["endpoint"] = oauth.DynamicOptions{
|
||||
opts["endpoint"] = options.DynamicOptions{
|
||||
"authURL": github.Endpoint.AuthURL,
|
||||
"tokenURL": github.Endpoint.TokenURL,
|
||||
"userInfoURL": github.Endpoint.UserInfoURL,
|
||||
|
||||
@@ -27,6 +27,8 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
"github.com/onsi/gomega/gexec"
|
||||
@@ -34,7 +36,6 @@ import (
|
||||
"gopkg.in/yaml.v3"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/identityprovider"
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
)
|
||||
|
||||
var githubServer *httptest.Server
|
||||
@@ -119,12 +120,12 @@ scopes:
|
||||
Expect(provider).Should(Equal(expected))
|
||||
})
|
||||
It("should configure successfully", func() {
|
||||
config := oauth.DynamicOptions{
|
||||
config := options.DynamicOptions{
|
||||
"clientID": "de6ff8bed0304e487b6e",
|
||||
"clientSecret": "2b70536f79ec8d2939863509d05e2a71c268b9af",
|
||||
"redirectURL": "https://ks-console.kubesphere-system.svc/oauth/redirect/github",
|
||||
"insecureSkipVerify": true,
|
||||
"endpoint": oauth.DynamicOptions{
|
||||
"endpoint": options.DynamicOptions{
|
||||
"authURL": fmt.Sprintf("%s/login/oauth/authorize", githubServer.URL),
|
||||
"tokenURL": fmt.Sprintf("%s/login/oauth/access_token", githubServer.URL),
|
||||
"userInfoURL": fmt.Sprintf("%s/user", githubServer.URL),
|
||||
@@ -133,12 +134,12 @@ scopes:
|
||||
factory := ldapProviderFactory{}
|
||||
provider, err = factory.Create(config)
|
||||
Expect(err).Should(BeNil())
|
||||
expected := oauth.DynamicOptions{
|
||||
expected := options.DynamicOptions{
|
||||
"clientID": "de6ff8bed0304e487b6e",
|
||||
"clientSecret": "2b70536f79ec8d2939863509d05e2a71c268b9af",
|
||||
"redirectURL": "https://ks-console.kubesphere-system.svc/oauth/redirect/github",
|
||||
"insecureSkipVerify": true,
|
||||
"endpoint": oauth.DynamicOptions{
|
||||
"endpoint": options.DynamicOptions{
|
||||
"authURL": fmt.Sprintf("%s/login/oauth/authorize", githubServer.URL),
|
||||
"tokenURL": fmt.Sprintf("%s/login/oauth/access_token", githubServer.URL),
|
||||
"userInfoURL": fmt.Sprintf("%s/user", githubServer.URL),
|
||||
@@ -158,8 +159,8 @@ scopes:
|
||||
})
|
||||
})
|
||||
|
||||
func mustUnmarshalYAML(data string) oauth.DynamicOptions {
|
||||
var dynamicOptions oauth.DynamicOptions
|
||||
func mustUnmarshalYAML(data string) options.DynamicOptions {
|
||||
var dynamicOptions options.DynamicOptions
|
||||
_ = yaml.Unmarshal([]byte(data), &dynamicOptions)
|
||||
return dynamicOptions
|
||||
}
|
||||
|
||||
@@ -22,6 +22,8 @@ import (
|
||||
"net/http"
|
||||
"testing"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
)
|
||||
|
||||
@@ -55,7 +57,7 @@ func (e emptyOAuthProvider) IdentityExchangeCallback(req *http.Request) (Identit
|
||||
return emptyIdentity{}, nil
|
||||
}
|
||||
|
||||
func (e emptyOAuthProviderFactory) Create(options oauth.DynamicOptions) (OAuthProvider, error) {
|
||||
func (e emptyOAuthProviderFactory) Create(options options.DynamicOptions) (OAuthProvider, error) {
|
||||
return emptyOAuthProvider{}, nil
|
||||
}
|
||||
|
||||
@@ -74,7 +76,7 @@ func (e emptyGenericProvider) Authenticate(username string, password string) (Id
|
||||
return emptyIdentity{}, nil
|
||||
}
|
||||
|
||||
func (e emptyGenericProviderFactory) Create(options oauth.DynamicOptions) (GenericProvider, error) {
|
||||
func (e emptyGenericProviderFactory) Create(options options.DynamicOptions) (GenericProvider, error) {
|
||||
return emptyGenericProvider{}, nil
|
||||
}
|
||||
|
||||
@@ -97,7 +99,7 @@ func TestSetupWith(t *testing.T) {
|
||||
Name: "ldap",
|
||||
MappingMethod: "auto",
|
||||
Type: "LDAPIdentityProvider",
|
||||
Provider: oauth.DynamicOptions{},
|
||||
Provider: options.DynamicOptions{},
|
||||
},
|
||||
}},
|
||||
wantErr: false,
|
||||
@@ -109,7 +111,7 @@ func TestSetupWith(t *testing.T) {
|
||||
Name: "ldap",
|
||||
MappingMethod: "auto",
|
||||
Type: "LDAPIdentityProvider",
|
||||
Provider: oauth.DynamicOptions{},
|
||||
Provider: options.DynamicOptions{},
|
||||
},
|
||||
}},
|
||||
wantErr: true,
|
||||
@@ -121,7 +123,7 @@ func TestSetupWith(t *testing.T) {
|
||||
Name: "test",
|
||||
MappingMethod: "auto",
|
||||
Type: "NotSupported",
|
||||
Provider: oauth.DynamicOptions{},
|
||||
Provider: options.DynamicOptions{},
|
||||
},
|
||||
}},
|
||||
wantErr: true,
|
||||
|
||||
@@ -30,7 +30,7 @@ import (
|
||||
"k8s.io/klog/v2"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/identityprovider"
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -85,9 +85,9 @@ func (l *ldapProviderFactory) Type() string {
|
||||
return ldapIdentityProvider
|
||||
}
|
||||
|
||||
func (l *ldapProviderFactory) Create(options oauth.DynamicOptions) (identityprovider.GenericProvider, error) {
|
||||
func (l *ldapProviderFactory) Create(opts options.DynamicOptions) (identityprovider.GenericProvider, error) {
|
||||
var ldapProvider ldapProvider
|
||||
if err := mapstructure.Decode(options, &ldapProvider); err != nil {
|
||||
if err := mapstructure.Decode(opts, &ldapProvider); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if ldapProvider.ReadTimeout <= 0 {
|
||||
|
||||
@@ -20,14 +20,14 @@ import (
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"gopkg.in/yaml.v3"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
)
|
||||
|
||||
func TestNewLdapProvider(t *testing.T) {
|
||||
options := `
|
||||
opts := `
|
||||
host: test.sn.mynetname.net:389
|
||||
managerDN: uid=root,cn=users,dc=test,dc=sn,dc=mynetname,dc=net
|
||||
managerPassword: test
|
||||
@@ -36,8 +36,8 @@ userSearchBase: dc=test,dc=sn,dc=mynetname,dc=net
|
||||
loginAttribute: uid
|
||||
mailAttribute: mail
|
||||
`
|
||||
var dynamicOptions oauth.DynamicOptions
|
||||
err := yaml.Unmarshal([]byte(options), &dynamicOptions)
|
||||
var dynamicOptions options.DynamicOptions
|
||||
err := yaml.Unmarshal([]byte(opts), &dynamicOptions)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
@@ -73,12 +73,12 @@ func TestLdapProvider_Authenticate(t *testing.T) {
|
||||
if configFile == "" {
|
||||
t.Skip("Skipped")
|
||||
}
|
||||
options, err := os.ReadFile(configFile)
|
||||
opts, err := os.ReadFile(configFile)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
var dynamicOptions oauth.DynamicOptions
|
||||
if err = yaml.Unmarshal(options, &dynamicOptions); err != nil {
|
||||
var dynamicOptions options.DynamicOptions
|
||||
if err = yaml.Unmarshal(opts, &dynamicOptions); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
ldapProvider, err := new(ldapProviderFactory).Create(dynamicOptions)
|
||||
|
||||
@@ -19,7 +19,7 @@ package identityprovider
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
)
|
||||
|
||||
type OAuthProvider interface {
|
||||
@@ -31,5 +31,5 @@ type OAuthProviderFactory interface {
|
||||
// Type unique type of the provider
|
||||
Type() string
|
||||
// Create Apply the dynamic options
|
||||
Create(options oauth.DynamicOptions) (OAuthProvider, error)
|
||||
Create(options options.DynamicOptions) (OAuthProvider, error)
|
||||
}
|
||||
|
||||
@@ -25,15 +25,14 @@ import (
|
||||
"io"
|
||||
"net/http"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/utils/sliceutil"
|
||||
|
||||
"github.com/coreos/go-oidc"
|
||||
"github.com/golang-jwt/jwt/v4"
|
||||
"github.com/mitchellh/mapstructure"
|
||||
"golang.org/x/oauth2"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/identityprovider"
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
"kubesphere.io/kubesphere/pkg/utils/sliceutil"
|
||||
)
|
||||
|
||||
func init() {
|
||||
@@ -133,9 +132,9 @@ func (f *oidcProviderFactory) Type() string {
|
||||
return "OIDCIdentityProvider"
|
||||
}
|
||||
|
||||
func (f *oidcProviderFactory) Create(options oauth.DynamicOptions) (identityprovider.OAuthProvider, error) {
|
||||
func (f *oidcProviderFactory) Create(opts options.DynamicOptions) (identityprovider.OAuthProvider, error) {
|
||||
var oidcProvider oidcProvider
|
||||
if err := mapstructure.Decode(options, &oidcProvider); err != nil {
|
||||
if err := mapstructure.Decode(opts, &oidcProvider); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// dynamically discover
|
||||
@@ -169,7 +168,7 @@ func (f *oidcProviderFactory) Create(options oauth.DynamicOptions) (identityprov
|
||||
// TODO: support HS256
|
||||
ClientID: oidcProvider.ClientID,
|
||||
})
|
||||
options["endpoint"] = oauth.DynamicOptions{
|
||||
opts["endpoint"] = options.DynamicOptions{
|
||||
"authURL": oidcProvider.Endpoint.AuthURL,
|
||||
"tokenURL": oidcProvider.Endpoint.TokenURL,
|
||||
"userInfoURL": oidcProvider.Endpoint.UserInfoURL,
|
||||
|
||||
@@ -33,6 +33,8 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/server/options"
|
||||
|
||||
"github.com/golang-jwt/jwt/v4"
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
@@ -40,7 +42,6 @@ import (
|
||||
"gopkg.in/square/go-jose.v2"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/identityprovider"
|
||||
"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
|
||||
)
|
||||
|
||||
var (
|
||||
@@ -167,7 +168,7 @@ var _ = Describe("OIDC", func() {
|
||||
err error
|
||||
)
|
||||
It("should configure successfully", func() {
|
||||
config := oauth.DynamicOptions{
|
||||
config := options.DynamicOptions{
|
||||
"issuer": oidcServer.URL,
|
||||
"clientID": "kubesphere",
|
||||
"clientSecret": "c53e80ab92d48ab12f4e7f1f6976d1bdc996e0d7",
|
||||
@@ -177,13 +178,13 @@ var _ = Describe("OIDC", func() {
|
||||
factory := oidcProviderFactory{}
|
||||
provider, err = factory.Create(config)
|
||||
Expect(err).Should(BeNil())
|
||||
expected := oauth.DynamicOptions{
|
||||
expected := options.DynamicOptions{
|
||||
"issuer": oidcServer.URL,
|
||||
"clientID": "kubesphere",
|
||||
"clientSecret": "c53e80ab92d48ab12f4e7f1f6976d1bdc996e0d7",
|
||||
"redirectURL": "https://ks-console.kubesphere-system.svc/oauth/redirect/oidc",
|
||||
"insecureSkipVerify": true,
|
||||
"endpoint": oauth.DynamicOptions{
|
||||
"endpoint": options.DynamicOptions{
|
||||
"authURL": fmt.Sprintf("%s/authorize", oidcServer.URL),
|
||||
"tokenURL": fmt.Sprintf("%s/token", oidcServer.URL),
|
||||
"userInfoURL": fmt.Sprintf("%s/userinfo", oidcServer.URL),
|
||||
|
||||
Reference in New Issue
Block a user