From 7ecc8144fc1a1d36242421599a68af2186ef4d27 Mon Sep 17 00:00:00 2001 From: carolyn Date: Mon, 18 Jun 2018 11:25:01 -0700 Subject: [PATCH] add FreeIpa and OpenLdap Config --- apis/management.cattle.io/v3/authn_types.go | 51 +++++++++++++++++++ apis/management.cattle.io/v3/schema/schema.go | 48 ++++++++++++++++- .../v3public/authn_types.go | 12 +++++ .../v3public/schema/public_schema.go | 27 +++++++++- 4 files changed, 136 insertions(+), 2 deletions(-) diff --git a/apis/management.cattle.io/v3/authn_types.go b/apis/management.cattle.io/v3/authn_types.go index c1a85c58..6fd4a476 100644 --- a/apis/management.cattle.io/v3/authn_types.go +++ b/apis/management.cattle.io/v3/authn_types.go @@ -175,3 +175,54 @@ type ActiveDirectoryTestAndApplyInput struct { Password string `json:"password"` Enabled bool `json:"enabled,omitempty"` } + +type LdapConfig struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + AuthConfig `json:",inline" mapstructure:",squash"` + + Servers []string `json:"servers,omitempty" norman:"type=array[string],notnullable,required"` + Port int64 `json:"port,omitempty" norman:"default=389,notnullable,required"` + TLS bool `json:"tls,omitempty" norman:"default=false,notnullable,required"` + Certificate string `json:"certificate,omitempty"` + ServiceAccountDistinguishedName string `json:"serviceAccountDistinguishedName,omitempty" norman:"required"` + ServiceAccountPassword string `json:"serviceAccountPassword,omitempty" norman:"type=password,required"` + UserDisabledBitMask int64 `json:"userDisabledBitMask,omitempty"` + UserSearchBase string `json:"userSearchBase,omitempty" norman:"notnullable,required"` + UserSearchAttribute string `json:"userSearchAttribute,omitempty" norman:"default=uid|sn|givenName,notnullable,required"` + UserLoginAttribute string `json:"userLoginAttribute,omitempty" norman:"default=uid,notnullable,required"` + UserObjectClass string `json:"userObjectClass,omitempty" norman:"default=inetOrgPerson,notnullable,required"` + UserNameAttribute string `json:"userNameAttribute,omitempty" norman:"default=cn,notnullable,required"` + UserMemberAttribute string `json:"userMemberAttribute,omitempty" norman:"default=memberOf,notnullable,required"` + UserEnabledAttribute string `json:"userEnabledAttribute,omitempty"` + GroupSearchBase string `json:"groupSearchBase,omitempty"` + GroupSearchAttribute string `json:"groupSearchAttribute,omitempty" norman:"default=cn,notnullable,required"` + GroupObjectClass string `json:"groupObjectClass,omitempty" norman:"default=groupOfNames,notnullable,required"` + GroupNameAttribute string `json:"groupNameAttribute,omitempty" norman:"default=cn,notnullable,required"` + GroupDNAttribute string `json:"groupDNAttribute,omitempty" norman:"default=entryDN,notnullable"` + GroupMemberUserAttribute string `json:"groupMemberUserAttribute,omitempty" norman:"default=entryDN,notnullable"` + GroupMemberMappingAttribute string `json:"groupMemberMappingAttribute,omitempty" norman:"default=member,notnullable,required"` + ConnectionTimeout int64 `json:"connectionTimeout,omitempty" norman:"default=1000,notnullable,required"` +} + +type LdapTestAndApplyInput struct { + LdapConfig `json:"ldapConfig,omitempty"` + Username string `json:"username"` + Password string `json:"password" norman:"type=password,required"` +} + +type OpenLdapConfig struct { + LdapConfig `json:",inline" mapstructure:",squash"` +} + +type OpenLdapTestAndApplyInput struct { + LdapTestAndApplyInput `json:",inline" mapstructure:",squash"` +} + +type FreeIpaConfig struct { + LdapConfig `json:",inline" mapstructure:",squash"` +} + +type FreeIpaTestAndApplyInput struct { + LdapTestAndApplyInput `json:",inline" mapstructure:",squash"` +} diff --git a/apis/management.cattle.io/v3/schema/schema.go b/apis/management.cattle.io/v3/schema/schema.go index 19a2da49..75b1f51c 100644 --- a/apis/management.cattle.io/v3/schema/schema.go +++ b/apis/management.cattle.io/v3/schema/schema.go @@ -356,7 +356,53 @@ func authnTypes(schemas *types.Schemas) *types.Schemas { schema.CollectionMethods = []string{} schema.ResourceMethods = []string{http.MethodGet, http.MethodPut} }). - MustImport(&Version, v3.ActiveDirectoryTestAndApplyInput{}) + MustImport(&Version, v3.ActiveDirectoryTestAndApplyInput{}). + // OpenLdap Config + MustImportAndCustomize(&Version, v3.OpenLdapConfig{}, func(schema *types.Schema) { + schema.BaseType = "authConfig" + schema.ResourceActions = map[string]types.Action{ + "disable": {}, + "testAndApply": { + Input: "openLdapTestAndApplyInput", + }, + } + schema.CollectionMethods = []string{} + schema.ResourceMethods = []string{http.MethodGet, http.MethodPut} + }). + MustImport(&Version, v3.OpenLdapTestAndApplyInput{}). + // FreeIpa Config + MustImportAndCustomize(&Version, v3.FreeIpaConfig{}, func(schema *types.Schema) { + schema.BaseType = "authConfig" + schema.ResourceActions = map[string]types.Action{ + "disable": {}, + "testAndApply": { + Input: "freeIpaTestAndApplyInput", + }, + } + schema.CollectionMethods = []string{} + schema.ResourceMethods = []string{http.MethodGet, http.MethodPut} + schema.MustCustomizeField("groupObjectClass", func(f types.Field) types.Field { + f.Default = "groupofnames" + return f + }) + schema.MustCustomizeField("userNameAttribute", func(f types.Field) types.Field { + f.Default = "givenName" + return f + }) + schema.MustCustomizeField("userObjectClass", func(f types.Field) types.Field { + f.Default = "inetorgperson" + return f + }) + schema.MustCustomizeField("groupDNAttribute", func(f types.Field) types.Field { + f.Default = "entrydn" + return f + }) + schema.MustCustomizeField("groupMemberUserAttribute", func(f types.Field) types.Field { + f.Default = "entrydn" + return f + }) + }). + MustImport(&Version, v3.FreeIpaTestAndApplyInput{}) } func userTypes(schema *types.Schemas) *types.Schemas { diff --git a/apis/management.cattle.io/v3public/authn_types.go b/apis/management.cattle.io/v3public/authn_types.go index 2fac12da..0f277414 100644 --- a/apis/management.cattle.io/v3public/authn_types.go +++ b/apis/management.cattle.io/v3public/authn_types.go @@ -62,3 +62,15 @@ type AzureADLogin struct { GenericLogin `json:",inline"` Code string `json:"code" norman:"type=string,required"` } + +type OpenLdapProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + AuthProvider `json:",inline"` +} + +type FreeIpaProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + AuthProvider `json:",inline"` +} diff --git a/apis/management.cattle.io/v3public/schema/public_schema.go b/apis/management.cattle.io/v3public/schema/public_schema.go index 0ae97853..5ccd098c 100644 --- a/apis/management.cattle.io/v3public/schema/public_schema.go +++ b/apis/management.cattle.io/v3public/schema/public_schema.go @@ -80,5 +80,30 @@ func authProvidersTypes(schemas *types.Schemas) *types.Schemas { schema.CollectionMethods = []string{} schema.ResourceMethods = []string{http.MethodGet} }). - MustImport(&PublicVersion, v3public.AzureADLogin{}) + MustImport(&PublicVersion, v3public.AzureADLogin{}). + // OpenLdap provider + MustImportAndCustomize(&PublicVersion, v3public.OpenLdapProvider{}, func(schema *types.Schema) { + schema.BaseType = "authProvider" + schema.ResourceActions = map[string]types.Action{ + "login": { + Input: "basicLogin", + Output: "token", + }, + } + schema.CollectionMethods = []string{} + schema.ResourceMethods = []string{http.MethodGet} + }). + // FreeIpa provider + MustImportAndCustomize(&PublicVersion, v3public.FreeIpaProvider{}, func(schema *types.Schema) { + schema.BaseType = "authProvider" + schema.ResourceActions = map[string]types.Action{ + "login": { + Input: "basicLogin", + Output: "token", + }, + } + schema.CollectionMethods = []string{} + schema.ResourceMethods = []string{http.MethodGet} + }) + }