Add api for identity provider login (#5534)

* add api for ldap login * update ldap login to identity provider login for more flexible login type Signed-off-by: wenhaozhou <wenhaozhou@yunify.com> * update PasswordAuthenticate Signed-off-by: wenhaozhou <wenhaozhou@yunify.com> * add test case Signed-off-by: wenhaozhou <wenhaozhou@yunify.com> * update api path Signed-off-by: wenhaozhou <wenhaozhou@yunify.com> * make goimports and add annotations Signed-off-by: wenhaozhou <wenhaozhou@yunify.com> * update func names & add annotations Signed-off-by: wenhaozhou <wenhaozhou@yunify.com> --------- Signed-off-by: wenhaozhou <wenhaozhou@yunify.com>
2023-02-27 18:35:35 +08:00
parent 9dad732860
commit dc28a0917a
7 changed files with 153 additions and 83 deletions
--- a/pkg/apiserver/authentication/authenticators/basic/basic.go
+++ b/pkg/apiserver/authentication/authenticators/basic/basic.go
@@ -49,7 +49,7 @@ func NewBasicAuthenticator(authenticator auth.PasswordAuthenticator, loginRecord
 }

 func (t *basicAuthenticator) AuthenticatePassword(ctx context.Context, username, password string) (*authenticator.Response, bool, error) {
-	authenticated, provider, err := t.authenticator.Authenticate(ctx, username, password)
+	authenticated, provider, err := t.authenticator.Authenticate(ctx, "", username, password)
 	if err != nil {
 		if t.loginRecorder != nil && err == auth.IncorrectPasswordError {
 			var sourceIP, userAgent string
@@ -57,7 +57,7 @@ func (t *basicAuthenticator) AuthenticatePassword(ctx context.Context, username,
 				sourceIP = requestInfo.SourceIP
 				userAgent = requestInfo.UserAgent
 			}
-			if err := t.loginRecorder.RecordLogin(username, iamv1alpha2.BasicAuth, provider, sourceIP, userAgent, err); err != nil {
+			if err := t.loginRecorder.RecordLogin(username, iamv1alpha2.Password, provider, sourceIP, userAgent, err); err != nil {
 				klog.Errorf("Failed to record unsuccessful login attempt for user %s, error: %v", username, err)
 			}
 		}