add FreeIpa and OpenLdap Config

2025-09-18 16:10:58 +00:00 · 2018-06-18 11:25:01 -07:00
parent e7c256fb66
commit 7ecc8144fc
4 changed files with 136 additions and 2 deletions
--- a/apis/management.cattle.io/v3/authn_types.go
+++ b/apis/management.cattle.io/v3/authn_types.go
@@ -175,3 +175,54 @@ type ActiveDirectoryTestAndApplyInput struct {
 	Password              string                `json:"password"`
 	Enabled               bool                  `json:"enabled,omitempty"`
 }
+
+type LdapConfig struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+	AuthConfig        `json:",inline" mapstructure:",squash"`
+
+	Servers                         []string `json:"servers,omitempty"                     norman:"type=array[string],notnullable,required"`
+	Port                            int64    `json:"port,omitempty"                        norman:"default=389,notnullable,required"`
+	TLS                             bool     `json:"tls,omitempty"                         norman:"default=false,notnullable,required"`
+	Certificate                     string   `json:"certificate,omitempty"`
+	ServiceAccountDistinguishedName string   `json:"serviceAccountDistinguishedName,omitempty"      norman:"required"`
+	ServiceAccountPassword          string   `json:"serviceAccountPassword,omitempty"      norman:"type=password,required"`
+	UserDisabledBitMask             int64    `json:"userDisabledBitMask,omitempty"`
+	UserSearchBase                  string   `json:"userSearchBase,omitempty"              norman:"notnullable,required"`
+	UserSearchAttribute             string   `json:"userSearchAttribute,omitempty"         norman:"default=uid|sn|givenName,notnullable,required"`
+	UserLoginAttribute              string   `json:"userLoginAttribute,omitempty"          norman:"default=uid,notnullable,required"`
+	UserObjectClass                 string   `json:"userObjectClass,omitempty"             norman:"default=inetOrgPerson,notnullable,required"`
+	UserNameAttribute               string   `json:"userNameAttribute,omitempty"           norman:"default=cn,notnullable,required"`
+	UserMemberAttribute             string   `json:"userMemberAttribute,omitempty"           norman:"default=memberOf,notnullable,required"`
+	UserEnabledAttribute            string   `json:"userEnabledAttribute,omitempty"`
+	GroupSearchBase                 string   `json:"groupSearchBase,omitempty"`
+	GroupSearchAttribute            string   `json:"groupSearchAttribute,omitempty"        norman:"default=cn,notnullable,required"`
+	GroupObjectClass                string   `json:"groupObjectClass,omitempty"            norman:"default=groupOfNames,notnullable,required"`
+	GroupNameAttribute              string   `json:"groupNameAttribute,omitempty"          norman:"default=cn,notnullable,required"`
+	GroupDNAttribute                string   `json:"groupDNAttribute,omitempty"            norman:"default=entryDN,notnullable"`
+	GroupMemberUserAttribute        string   `json:"groupMemberUserAttribute,omitempty"    norman:"default=entryDN,notnullable"`
+	GroupMemberMappingAttribute     string   `json:"groupMemberMappingAttribute,omitempty" norman:"default=member,notnullable,required"`
+	ConnectionTimeout               int64    `json:"connectionTimeout,omitempty"           norman:"default=1000,notnullable,required"`
+}
+
+type LdapTestAndApplyInput struct {
+	LdapConfig `json:"ldapConfig,omitempty"`
+	Username   string `json:"username"`
+	Password   string `json:"password" norman:"type=password,required"`
+}
+
+type OpenLdapConfig struct {
+	LdapConfig `json:",inline" mapstructure:",squash"`
+}
+
+type OpenLdapTestAndApplyInput struct {
+	LdapTestAndApplyInput `json:",inline" mapstructure:",squash"`
+}
+
+type FreeIpaConfig struct {
+	LdapConfig `json:",inline" mapstructure:",squash"`
+}
+
+type FreeIpaTestAndApplyInput struct {
+	LdapTestAndApplyInput `json:",inline" mapstructure:",squash"`
+}
--- a/apis/management.cattle.io/v3/schema/schema.go
+++ b/apis/management.cattle.io/v3/schema/schema.go
@@ -356,7 +356,53 @@ func authnTypes(schemas *types.Schemas) *types.Schemas {
 			schema.CollectionMethods = []string{}
 			schema.ResourceMethods = []string{http.MethodGet, http.MethodPut}
 		}).
-		MustImport(&Version, v3.ActiveDirectoryTestAndApplyInput{})
+		MustImport(&Version, v3.ActiveDirectoryTestAndApplyInput{}).
+		// OpenLdap Config
+		MustImportAndCustomize(&Version, v3.OpenLdapConfig{}, func(schema *types.Schema) {
+			schema.BaseType = "authConfig"
+			schema.ResourceActions = map[string]types.Action{
+				"disable": {},
+				"testAndApply": {
+					Input: "openLdapTestAndApplyInput",
+				},
+			}
+			schema.CollectionMethods = []string{}
+			schema.ResourceMethods = []string{http.MethodGet, http.MethodPut}
+		}).
+		MustImport(&Version, v3.OpenLdapTestAndApplyInput{}).
+		// FreeIpa Config
+		MustImportAndCustomize(&Version, v3.FreeIpaConfig{}, func(schema *types.Schema) {
+			schema.BaseType = "authConfig"
+			schema.ResourceActions = map[string]types.Action{
+				"disable": {},
+				"testAndApply": {
+					Input: "freeIpaTestAndApplyInput",
+				},
+			}
+			schema.CollectionMethods = []string{}
+			schema.ResourceMethods = []string{http.MethodGet, http.MethodPut}
+			schema.MustCustomizeField("groupObjectClass", func(f types.Field) types.Field {
+				f.Default = "groupofnames"
+				return f
+			})
+			schema.MustCustomizeField("userNameAttribute", func(f types.Field) types.Field {
+				f.Default = "givenName"
+				return f
+			})
+			schema.MustCustomizeField("userObjectClass", func(f types.Field) types.Field {
+				f.Default = "inetorgperson"
+				return f
+			})
+			schema.MustCustomizeField("groupDNAttribute", func(f types.Field) types.Field {
+				f.Default = "entrydn"
+				return f
+			})
+			schema.MustCustomizeField("groupMemberUserAttribute", func(f types.Field) types.Field {
+				f.Default = "entrydn"
+				return f
+			})
+		}).
+		MustImport(&Version, v3.FreeIpaTestAndApplyInput{})
 }

 func userTypes(schema *types.Schemas) *types.Schemas {
--- a/apis/management.cattle.io/v3public/authn_types.go
+++ b/apis/management.cattle.io/v3public/authn_types.go
@@ -62,3 +62,15 @@ type AzureADLogin struct {
 	GenericLogin `json:",inline"`
 	Code         string `json:"code" norman:"type=string,required"`
 }
+
+type OpenLdapProvider struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+	AuthProvider      `json:",inline"`
+}
+
+type FreeIpaProvider struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+	AuthProvider      `json:",inline"`
+}
--- a/apis/management.cattle.io/v3public/schema/public_schema.go
+++ b/apis/management.cattle.io/v3public/schema/public_schema.go
@@ -80,5 +80,30 @@ func authProvidersTypes(schemas *types.Schemas) *types.Schemas {
 			schema.CollectionMethods = []string{}
 			schema.ResourceMethods = []string{http.MethodGet}
 		}).
-		MustImport(&PublicVersion, v3public.AzureADLogin{})
+		MustImport(&PublicVersion, v3public.AzureADLogin{}).
+		// OpenLdap provider
+		MustImportAndCustomize(&PublicVersion, v3public.OpenLdapProvider{}, func(schema *types.Schema) {
+			schema.BaseType = "authProvider"
+			schema.ResourceActions = map[string]types.Action{
+				"login": {
+					Input:  "basicLogin",
+					Output: "token",
+				},
+			}
+			schema.CollectionMethods = []string{}
+			schema.ResourceMethods = []string{http.MethodGet}
+		}).
+		// FreeIpa provider
+		MustImportAndCustomize(&PublicVersion, v3public.FreeIpaProvider{}, func(schema *types.Schema) {
+			schema.BaseType = "authProvider"
+			schema.ResourceActions = map[string]types.Action{
+				"login": {
+					Input:  "basicLogin",
+					Output: "token",
+				},
+			}
+			schema.CollectionMethods = []string{}
+			schema.ResourceMethods = []string{http.MethodGet}
+		})
+
 }