From 1faabfe6d409b2d821e46f4985f117dfbd478e5f Mon Sep 17 00:00:00 2001 From: Craig Jellick Date: Thu, 15 Feb 2018 17:05:54 -0700 Subject: [PATCH] activedirectory types --- apis/management.cattle.io/v3/authn_types.go | 66 ++++++++++++++----- apis/management.cattle.io/v3/schema/schema.go | 25 +++++-- .../v3public/authn_types.go | 34 ++++++---- .../v3public/schema/public_schema.go | 32 ++++++--- 4 files changed, 113 insertions(+), 44 deletions(-) diff --git a/apis/management.cattle.io/v3/authn_types.go b/apis/management.cattle.io/v3/authn_types.go index fae9765f..2dc5479b 100644 --- a/apis/management.cattle.io/v3/authn_types.go +++ b/apis/management.cattle.io/v3/authn_types.go @@ -77,43 +77,75 @@ type SetPasswordInput struct { NewPassword string `json:"newPassword" norman:"type=string,required"` } -//AuthConfig structure contains the AuthConfig definition type AuthConfig struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Type string `json:"type"` - Enabled bool `json:"enabled,omitempty"` + Type string `json:"type" norman:"noupdate"` + Enabled bool `json:"enabled,omitempty" norman:"noupdate"` AccessMode string `json:"accessMode,omitempty" norman:"required,notnullable,type=enum,options=required|restricted|unrestricted"` AllowedPrincipalIDs []string `json:"allowedPrincipalIds,omitempty" norman:"type=array[reference[principal]]"` } -//GithubConfig structure contains the github config definition -type GithubConfig struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - AuthConfig `json:",inline" mapstructure:",squash"` - - Hostname string `json:"hostname,omitempty" norman:"default=github.com"` - TLS bool `json:"tls,omitempty" norman:"notnullable,default=true"` - ClientID string `json:"clientId,omitempty"` - ClientSecret string `json:"clientSecret,omitempty"` -} - -//LocalConfig structure contains the local config definition type LocalConfig struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` AuthConfig `json:",inline" mapstructure:",squash"` } +type GithubConfig struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + AuthConfig `json:",inline" mapstructure:",squash"` + + Hostname string `json:"hostname,omitempty" norman:"default=github.com" norman:"noupdate"` + TLS bool `json:"tls,omitempty" norman:"notnullable,default=true" norman:"noupdate"` + ClientID string `json:"clientId,omitempty" norman:"noupdate"` + ClientSecret string `json:"clientSecret,omitempty" norman:"noupdate,type=password"` +} + type GithubConfigTestOutput struct { RedirectURL string `json:"redirectUrl"` } -//GithubConfigApplyInput structure defines all properties that can be sent by client to configure github type GithubConfigApplyInput struct { GithubConfig GithubConfig `json:"githubConfig, omitempty"` Code string `json:"code,omitempty"` Enabled bool `json:"enabled,omitempty"` } + +type ActiveDirectoryConfig struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + AuthConfig `json:",inline" mapstructure:",squash"` + + Servers []string `json:"servers,omitempty" norman:"noupdate"` + Port int64 `json:"port,omitempty" norman:"noupdate"` + TLS bool `json:"tls,omitempty" norman:"noupdate"` + Certificate string `json:"certificate,omitempty" norman:"noupdate"` + DefaultLoginDomain string `json:"defaultLoginDomain,omitempty" norman:"noupdate"` + ServiceAccountUsername string `json:"serviceAccountUsername,omitempty" norman:"noupdate"` + ServiceAccountPassword string `json:"serviceAccountPassword,omitempty" norman:"noupdate,type=password"` + UserDisabledBitMask int64 `json:"userDisabledBitMask,omitempty" norman:"noupdate"` + UserSearchBase string `json:"userSearchBase,omitempty" norman:"noupdate"` + UserSearchAttribute string `json:"userSearchAttribute,omitempty" norman:"noupdate"` + UserLoginAttribute string `json:"userLoginAttribute,omitempty" norman:"noupdate"` + UserObjectClass string `json:"userObjectClass,omitempty" norman:"noupdate"` + UserNameAttribute string `json:"userNameAttribute,omitempty" norman:"noupdate"` + UserEnabledAttribute string `json:"userEnabledAttribute,omitempty" norman:"noupdate"` + GroupSearchBase string `json:"groupSearchBase,omitempty" norman:"noupdate"` + GroupSearchAttribute string `json:"groupSearchAttribute,omitempty" norman:"noupdate"` + GroupObjectClass string `json:"groupObjectClass,omitempty" norman:"noupdate"` + GroupNameAttribute string `json:"groupNameAttribute,omitempty" norman:"noupdate"` + GroupDNAttribute string `json:"groupDNAttribute,omitempty" norman:"noupdate"` + GroupMemberUserAttribute string `json:"groupMemberUserAttribute,omitempty" norman:"noupdate"` + GroupMemberMappingAttribute string `json:"groupMemberMappingAttribute,omitempty" norman:"noupdate"` + ConnectionTimeout int64 `json:"connectionTimeout,omitempty" norman:"noupdate"` +} + +type ActiveDirectoryTestAndApplyInput struct { + ActiveDirectoryConfig ActiveDirectoryConfig `json:"activeDirectoryConfig, omitempty"` + Username string `json:"username"` + Password string `json:"password"` + Enabled bool `json:"enabled,omitempty"` +} diff --git a/apis/management.cattle.io/v3/schema/schema.go b/apis/management.cattle.io/v3/schema/schema.go index a33a5091..80de78c1 100644 --- a/apis/management.cattle.io/v3/schema/schema.go +++ b/apis/management.cattle.io/v3/schema/schema.go @@ -197,7 +197,7 @@ func authnTypes(schemas *types.Schemas) *types.Schemas { AddMapperForType(&Version, v3.Group{}, m.DisplayName{}). MustImport(&Version, v3.Group{}). MustImport(&Version, v3.GroupMember{}). - MustImport(&Version, v3.Principal{}). + AddMapperForType(&Version, v3.Principal{}, m.DisplayName{}). MustImportAndCustomize(&Version, v3.Principal{}, func(schema *types.Schema) { schema.CollectionMethods = []string{http.MethodGet} schema.ResourceMethods = []string{} @@ -227,6 +227,13 @@ func authnTypes(schemas *types.Schemas) *types.Schemas { MustImportAndCustomize(&Version, v3.AuthConfig{}, func(schema *types.Schema) { schema.CollectionMethods = []string{http.MethodGet} }). + // Local Config + MustImportAndCustomize(&Version, v3.LocalConfig{}, func(schema *types.Schema) { + schema.BaseType = "authConfig" + schema.CollectionMethods = []string{} + schema.ResourceMethods = []string{http.MethodGet} + }). + //Github Config MustImportAndCustomize(&Version, v3.GithubConfig{}, func(schema *types.Schema) { schema.BaseType = "authConfig" schema.ResourceActions = map[string]types.Action{ @@ -240,15 +247,23 @@ func authnTypes(schemas *types.Schemas) *types.Schemas { }, } schema.CollectionMethods = []string{} - schema.ResourceMethods = []string{http.MethodGet} + schema.ResourceMethods = []string{http.MethodGet, http.MethodPut} }). MustImport(&Version, v3.GithubConfigTestOutput{}). MustImport(&Version, v3.GithubConfigApplyInput{}). - MustImportAndCustomize(&Version, v3.LocalConfig{}, func(schema *types.Schema) { + // Active Directory Config + MustImportAndCustomize(&Version, v3.ActiveDirectoryConfig{}, func(schema *types.Schema) { schema.BaseType = "authConfig" + schema.ResourceActions = map[string]types.Action{ + "testAndApply": { + Input: "activeDirectoryTestAndApplyInput", + }, + } schema.CollectionMethods = []string{} - schema.ResourceMethods = []string{http.MethodGet} - }) + schema.ResourceMethods = []string{http.MethodGet, http.MethodPut} + }). + MustImport(&Version, v3.ActiveDirectoryTestAndApplyInput{}) + } func userTypes(schema *types.Schemas) *types.Schemas { diff --git a/apis/management.cattle.io/v3public/authn_types.go b/apis/management.cattle.io/v3public/authn_types.go index 0435fa08..9b6c881d 100644 --- a/apis/management.cattle.io/v3public/authn_types.go +++ b/apis/management.cattle.io/v3public/authn_types.go @@ -11,12 +11,16 @@ type AuthProvider struct { Type string `json:"type"` } -type GithubProvider struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - AuthProvider `json:",inline"` +type GenericLogin struct { + TTLMillis int `json:"ttl,omitempty"` + Description string `json:"description,omitempty" norman:"type=string,required"` + ResponseType string `json:"responseType,omitempty" norman:"type=string,required"` //json or cookie +} - RedirectURL string `json:"redirectUrl"` +type BasicLogin struct { + GenericLogin `json:",inline"` + Username string `json:"username" norman:"type=string,required"` + Password string `json:"password" norman:"type=string,required"` } type LocalProvider struct { @@ -25,10 +29,12 @@ type LocalProvider struct { AuthProvider `json:",inline"` } -type GenericLogin struct { - TTLMillis int `json:"ttl,omitempty"` - Description string `json:"description,omitempty" norman:"type=string,required"` - ResponseType string `json:"responseType,omitempty" norman:"type=string,required"` //json or cookie +type GithubProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + AuthProvider `json:",inline"` + + RedirectURL string `json:"redirectUrl"` } type GithubLogin struct { @@ -36,8 +42,10 @@ type GithubLogin struct { Code string `json:"code" norman:"type=string,required"` } -type LocalLogin struct { - GenericLogin `json:",inline"` - Username string `json:"username" norman:"type=string,required"` - Password string `json:"password" norman:"type=string,required"` +type ActiveDirectoryProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + AuthProvider `json:",inline"` + + DefaultLoginDomain string `json:"defaultLoginDomain,omitempty"` } diff --git a/apis/management.cattle.io/v3public/schema/public_schema.go b/apis/management.cattle.io/v3public/schema/public_schema.go index 3ca9e9d3..00d4050a 100644 --- a/apis/management.cattle.io/v3public/schema/public_schema.go +++ b/apis/management.cattle.io/v3public/schema/public_schema.go @@ -22,9 +22,28 @@ var ( func authProvidersTypes(schemas *types.Schemas) *types.Schemas { return schemas. + MustImportAndCustomize(&PublicVersion, v3.Token{}, func(schema *types.Schema) { + // No collection methods causes the store to not create a CRD for it + schema.CollectionMethods = []string{} + schema.ResourceMethods = []string{} + }). MustImportAndCustomize(&PublicVersion, v3public.AuthProvider{}, func(schema *types.Schema) { schema.CollectionMethods = []string{http.MethodGet} }). + // Local provider + MustImportAndCustomize(&PublicVersion, v3public.LocalProvider{}, func(schema *types.Schema) { + schema.BaseType = "authProvider" + schema.ResourceActions = map[string]types.Action{ + "login": { + Input: "basicLogin", + Output: "token", + }, + } + schema.CollectionMethods = []string{} + schema.ResourceMethods = []string{http.MethodGet} + }). + MustImport(&PublicVersion, v3public.BasicLogin{}). + // Github provider MustImportAndCustomize(&PublicVersion, v3public.GithubProvider{}, func(schema *types.Schema) { schema.BaseType = "authProvider" schema.ResourceActions = map[string]types.Action{ @@ -36,22 +55,17 @@ func authProvidersTypes(schemas *types.Schemas) *types.Schemas { schema.CollectionMethods = []string{} schema.ResourceMethods = []string{http.MethodGet} }). - MustImportAndCustomize(&PublicVersion, v3public.LocalProvider{}, func(schema *types.Schema) { + MustImport(&PublicVersion, v3public.GithubLogin{}). + // Active Directory provider + MustImportAndCustomize(&PublicVersion, v3public.ActiveDirectoryProvider{}, func(schema *types.Schema) { schema.BaseType = "authProvider" schema.ResourceActions = map[string]types.Action{ "login": { - Input: "localLogin", + Input: "basicLogin", Output: "token", }, } schema.CollectionMethods = []string{} schema.ResourceMethods = []string{http.MethodGet} - }). - MustImport(&PublicVersion, v3public.GithubLogin{}). - MustImport(&PublicVersion, v3public.LocalLogin{}). - MustImportAndCustomize(&PublicVersion, v3.Token{}, func(schema *types.Schema) { - // No collection methods causes the store to not create a CRD for it - schema.CollectionMethods = []string{} - schema.ResourceMethods = []string{} }) }