improve IAM module

Signed-off-by: hongming <talonwan@yunify.com>
2020-05-22 09:35:05 +08:00
parent 0d12529051
commit 8f93266ec0
640 changed files with 50221 additions and 18179 deletions
--- a/pkg/apiserver/authentication/identityprovider/identity_provider.go
+++ b/pkg/apiserver/authentication/identityprovider/identity_provider.go
@@ -20,44 +20,31 @@ package identityprovider

 import (
 	"errors"
-	"k8s.io/apiserver/pkg/authentication/user"
 	"kubesphere.io/kubesphere/pkg/apiserver/authentication/oauth"
 )

 var (
 	ErrorIdentityProviderNotFound = errors.New("the identity provider was not found")
-	ErrorAlreadyRegistered        = errors.New("the identity provider was not found")
-	oauthProviderCodecs           = map[string]OAuthProviderCodec{}
+	oauthProviders                = make(map[string]OAuthProvider, 0)
 )

 type OAuthProvider interface {
-	IdentityExchange(code string) (user.Info, error)
-}
-
-type OAuthProviderCodec interface {
 	Type() string
-	Decode(options *oauth.DynamicOptions) (OAuthProvider, error)
-	Encode(provider OAuthProvider) (*oauth.DynamicOptions, error)
+	Setup(options *oauth.DynamicOptions) (OAuthProvider, error)
+	IdentityExchange(code string) (Identity, error)
+}
+type Identity interface {
+	GetName() string
+	GetEmail() string
 }

-func ResolveOAuthProvider(providerType string, options *oauth.DynamicOptions) (OAuthProvider, error) {
-	if codec, ok := oauthProviderCodecs[providerType]; ok {
-		return codec.Decode(options)
+func GetOAuthProvider(providerType string, options *oauth.DynamicOptions) (OAuthProvider, error) {
+	if provider, ok := oauthProviders[providerType]; ok {
+		return provider.Setup(options)
 	}
 	return nil, ErrorIdentityProviderNotFound
 }

-func ResolveOAuthOptions(providerType string, provider OAuthProvider) (*oauth.DynamicOptions, error) {
-	if codec, ok := oauthProviderCodecs[providerType]; ok {
-		return codec.Encode(provider)
-	}
-	return nil, ErrorIdentityProviderNotFound
-}
-
-func RegisterOAuthProviderCodec(codec OAuthProviderCodec) error {
-	if _, ok := oauthProviderCodecs[codec.Type()]; ok {
-		return ErrorAlreadyRegistered
-	}
-	oauthProviderCodecs[codec.Type()] = codec
-	return nil
+func RegisterOAuthProviderCodec(provider OAuthProvider) {
+	oauthProviders[provider.Type()] = provider
 }