This repository has been archived by the owner on Apr 29, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 9
/
auth.go
91 lines (79 loc) · 3.52 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
package auth
import (
"github.com/caos/orbos/internal/operator/boom/api/v1beta2/reconciling"
"strings"
"github.com/caos/orbos/mntr"
"github.com/pkg/errors"
)
type Connectors struct {
Connectors []*connector `yaml:"connectors,omitempty"`
}
type connector struct {
Type string
Name string
ID string
Config interface{}
}
func GetDexConfigFromSpec(monitor mntr.Monitor, spec *reconciling.Reconciling) *Connectors {
logFields := map[string]interface{}{
"application": "argocd",
}
connectors := make([]*connector, 0)
if spec.Auth == nil ||
((spec.Auth.OIDC == nil || (spec.Auth.OIDC.ClientSecret == nil || spec.Auth.OIDC.ClientSecret.Value == "") && (spec.Auth.OIDC.ExistingClientSecretSecret == nil || spec.Auth.OIDC.ExistingClientSecretSecret.Name == "")) &&
(spec.Auth.GithubConnector == nil || (spec.Auth.GithubConnector.Config.ClientSecret == nil || spec.Auth.GithubConnector.Config.ClientSecret.Value == "") && (spec.Auth.GithubConnector.Config.ExistingClientSecretSecret == nil || spec.Auth.GithubConnector.Config.ExistingClientSecretSecret.Name == "")) &&
(spec.Auth.GitlabConnector == nil || (spec.Auth.GitlabConnector.Config.ClientSecret == nil || spec.Auth.GitlabConnector.Config.ClientSecret.Value == "") && (spec.Auth.GitlabConnector.Config.ExistingClientSecretSecret == nil || spec.Auth.GitlabConnector.Config.ExistingClientSecretSecret.Name == "")) &&
(spec.Auth.GoogleConnector == nil || (spec.Auth.GoogleConnector.Config.ClientSecret == nil || spec.Auth.GoogleConnector.Config.ClientSecret.Value == "") && (spec.Auth.GoogleConnector.Config.ExistingClientSecretSecret == nil || spec.Auth.GoogleConnector.Config.ExistingClientSecretSecret.Name == ""))) {
return &Connectors{Connectors: connectors}
}
if spec.Network == nil || spec.Network.Domain == "" {
monitor.WithFields(logFields).Info("No auth connectors configured as no rootUrl is defined")
return &Connectors{Connectors: connectors}
}
redirect := strings.Join([]string{"https://", spec.Network.Domain, "/api/dex/callback"}, "")
if spec.Auth.GithubConnector != nil {
github, err := getGithub(spec.Auth.GithubConnector, redirect)
if err == nil && github != nil {
connectors = append(connectors, &connector{
Name: spec.Auth.GithubConnector.Name,
ID: spec.Auth.GithubConnector.ID,
Type: "github",
Config: github,
})
} else {
monitor.WithFields(logFields).Error(errors.Wrap(err, "Error while creating configuration for github connector"))
}
}
if spec.Auth.GitlabConnector != nil {
gitlab, err := getGitlab(spec.Auth.GitlabConnector, redirect)
if err == nil && gitlab != nil {
connectors = append(connectors, &connector{
Name: spec.Auth.GitlabConnector.Name,
ID: spec.Auth.GitlabConnector.ID,
Type: "gitlab",
Config: gitlab,
})
} else {
monitor.WithFields(logFields).Error(errors.Wrap(err, "Error while creating configuration for gitlab connector"))
}
}
if spec.Auth.GoogleConnector != nil {
google, err := getGoogle(spec.Auth.GoogleConnector, redirect)
if err == nil && google != nil {
connectors = append(connectors, &connector{
Name: spec.Auth.GoogleConnector.Name,
ID: spec.Auth.GoogleConnector.ID,
Type: "oidc",
Config: google,
})
} else {
monitor.WithFields(logFields).Error(errors.Wrap(err, "Error while creating configuration for google connector"))
}
}
if len(connectors) > 0 {
logFields["connectors"] = len(connectors)
monitor.WithFields(logFields).Debug("Created dex configuration")
return &Connectors{Connectors: connectors}
}
return nil
}