Rename konnectd to IDP

.codacy.yml

@@ -8,8 +8,8 @@ exclude_paths:
   - 'docs/**'
   - '**/docs/**'
   - '**/pkg/proto/**'
-  - 'konnectd/ui_config/**'
-  - 'konnectd/scripts/**'
+  - 'idp/ui_config/**'
+  - 'idp/scripts/**'
   - 'settings/rollup.config.js'
   - 'accounts/rollup.config.js'
   - 'ocis/docker/eos-ocis/Dockerfile'

.drone.star

@@ -2,7 +2,7 @@ config = {
   'modules': {
     'accounts': 'frontend',
     'glauth':'',
-    'konnectd':'',
+    'idp':'',
     'ocis': '',
     'web':'',
     'ocis-pkg':'',
@@ -1370,8 +1370,8 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes=[]):
     'STORAGE_SHARING_USER_JSON_FILE': '/srv/app/tmp/ocis/shares.json',
     'PROXY_ENABLE_BASIC_AUTH': True,
     'WEB_UI_CONFIG': '/drone/src/tests/config/drone/ocis-config.json',
-    'KONNECTD_IDENTIFIER_REGISTRATION_CONF': '/drone/src/tests/config/drone/identifier-registration.yml',
-    'KONNECTD_TLS': 'true',
+    'IDP_IDENTIFIER_REGISTRATION_CONF': '/drone/src/tests/config/drone/identifier-registration.yml',
+    'IDP_TLS': 'true',
     'OCIS_LOG_LEVEL': 'warn',
   }
 

.gitignore

@@ -14,7 +14,7 @@ node_modules/
 yarn-error.log
 
 # Konnectd
-konnectd/assets/identifier
+idp/assets/identifier
 
 # Composer - used for API acceptance tests
 composer.lock

Makefile

@@ -15,7 +15,7 @@ RESET := $(shell tput -Txterm sgr0)
 OCIS_MODULES = \
 	accounts \
 	glauth \
-	konnectd \
+	idp \
 	ocis \
 	ocis-pkg \
 	ocs \

accounts/pkg/proto/v0/accounts.pb.micro_test.go

@@ -126,7 +126,7 @@ func getGroup(group string) *proto.Group {
 	switch group {
 	case "sysusers":
 		return &proto.Group{Id: "34f38767-c937-4eb6-b847-1c175829a2a0", GidNumber: 15000, OnPremisesSamAccountName: "sysusers", DisplayName: "Technical users", Description: "A group for technical users. They should not show up in sharing dialogs.", Members: []*proto.Account{
-			{Id: "820ba2a1-3f54-4538-80a4-2d73007e30bf"}, // konnectd
+			{Id: "820ba2a1-3f54-4538-80a4-2d73007e30bf"}, // idp
 			{Id: "bc596f3c-c955-4328-80a0-60d018b4ad57"}, // reva
 		}}
 	case "users":

accounts/pkg/service/v0/service.go

@@ -236,14 +236,14 @@ func (s Service) createDefaultAccounts() (err error) {
 		// technical users for kopano and reva
 		{
 			Id:                       "820ba2a1-3f54-4538-80a4-2d73007e30bf",
-			PreferredName:            "konnectd",
-			OnPremisesSamAccountName: "konnectd",
+			PreferredName:            "idp",
+			OnPremisesSamAccountName: "idp",
 			Mail:                     "idp@example.org",
-			DisplayName:              "Kopano Konnectd",
+			DisplayName:              "Kopano IDP",
 			UidNumber:                10000,
 			GidNumber:                15000,
 			PasswordProfile: &proto.PasswordProfile{
-				Password: "$2a$11$ntoTP2W/kyQIuoYpH5mRBuNzaEERYWSwn/zCsY5rtffen4d41y9.6",
+				Password: "$2y$12$ywfGLDPsSlBTVZU0g.2GZOPO8Wap3rVOpm8e3192VlytNdGWH7x72",
 			},
 			AccountEnabled: true,
 			MemberOf: []*proto.Group{
@@ -309,7 +309,7 @@ func (s Service) createDefaultAccounts() (err error) {
 	for _, accountID := range []string{
 		"058bff95-6708-4fe5-91e4-9ea3d377588b", //moss
 		"ddc2004c-0977-11eb-9d3f-a793888cd0f8", //admin
-		"820ba2a1-3f54-4538-80a4-2d73007e30bf", //konnectd
+		"820ba2a1-3f54-4538-80a4-2d73007e30bf", //idp
 		"bc596f3c-c955-4328-80a0-60d018b4ad57", //reva
 	} {
 		assignRoleToUser(accountID, settings_svc.BundleUUIDRoleAdmin, s.RoleService, s.log)
@@ -327,7 +327,7 @@ func (s Service) createDefaultAccounts() (err error) {
 func (s Service) createDefaultGroups() (err error) {
 	groups := []proto.Group{
 		{Id: "34f38767-c937-4eb6-b847-1c175829a2a0", GidNumber: 15000, OnPremisesSamAccountName: "sysusers", DisplayName: "Technical users", Description: "A group for technical users. They should not show up in sharing dialogs.", Members: []*proto.Account{
-			{Id: "820ba2a1-3f54-4538-80a4-2d73007e30bf"}, // konnectd
+			{Id: "820ba2a1-3f54-4538-80a4-2d73007e30bf"}, // idp
 			{Id: "bc596f3c-c955-4328-80a0-60d018b4ad57"}, // reva
 		}},
 		{Id: "509a9dcd-bb37-4f4f-a01a-19dca27d9cfa", GidNumber: 30000, OnPremisesSamAccountName: "users", DisplayName: "Users", Description: "A group every normal user belongs to.", Members: []*proto.Account{

accounts/ui/tests/acceptance/features/accounts.feature

@@ -4,7 +4,7 @@ Feature: Accounts
 		Given user "Moss" has logged in using the webUI
 		When the user browses to the accounts page
 		Then user "einstein" should be displayed in the accounts list on the WebUI
-		And user "konnectd" should be displayed in the accounts list on the WebUI
+		And user "idp" should be displayed in the accounts list on the WebUI
 		And user "marie" should be displayed in the accounts list on the WebUI
 		And user "reva" should be displayed in the accounts list on the WebUI
 		And user "richard" should be displayed in the accounts list on the WebUI
@@ -72,4 +72,4 @@ Feature: Accounts
 		Given user "Moss" has logged in using the webUI
 		And the user browses to the accounts page
 		When the user deletes user "bob" using the WebUI
-		Then user "bob" should not be displayed in the accounts list on the WebUI
+		Then user "bob" should not be displayed in the accounts list on the WebUI

deployments/examples/owncloud10_with_oc_web/docker-compose.yml

@@ -74,11 +74,11 @@ services:
       PROXY_CONFIG_FILE: "/config/proxy-config.json"
       PROXY_ENABLE_PRESIGNEDURLS: "false"
       PROXY_TLS: "false"
-      # konnectd - binddn must exist as oc10 admin user
-      KONNECTD_IDENTIFIER_REGISTRATION_CONF: "/config/identifier-registration.yaml"
-      KONNECTD_INSECURE: "${INSECURE:-false}"
-      KONNECTD_SIGNING_KID: super
-      KONNECTD_TLS: 0
+      # idp - binddn must exist as oc10 admin user
+      IDP_IDENTIFIER_REGISTRATION_CONF: "/config/identifier-registration.yaml"
+      IDP_INSECURE: "${INSECURE:-false}"
+      IDP_SIGNING_KID: super
+      IDP_TLS: 0
       LDAP_BASEDN: "dc=example,dc=org"
       LDAP_BINDDN: "cn=admin,dc=example,dc=org"
       LDAP_BINDPW: "admin"

docs/Makefile

@@ -3,7 +3,7 @@ SHELL := bash
 OCIS_MODULES = \
 	accounts \
 	glauth \
-	konnectd \
+	idp \
 	ocis \
 	ocs \
 	ocis-pkg \

docs/extensions/idp/_index.md

@@ -2,7 +2,7 @@
 title: Konnectd
 weight: 20
 geekdocRepo: https://github.com/owncloud/ocis
-geekdocEditPath: edit/master/docs/extensions/konnectd
+geekdocEditPath: edit/master/docs/extensions/idp
 geekdocFilePath: _index.md
 geekdocCollapseSection: true
 ---

docs/ocis/_index.md

@@ -24,9 +24,9 @@ We run a huge [test suite](https://github.com/owncloud/core/tree/master/tests),
 {{< mermaid class="text-center">}}
 graph TD
 proxy -->
-    konnectd & web & thumbnails & ocs & webdav & storage & accounts & store & settings
+    idp & web & thumbnails & ocs & webdav & storage & accounts & store & settings
 
-konnectd --> glauth
+idp --> glauth
 
 storage --> REVA
 

docs/ocis/deployment/basic-remote-setup.md

@@ -62,6 +62,9 @@ This snippet will start the oCIS server with auto generated self signed certific
 PROXY_HTTP_ADDR=0.0.0.0:9200 \
 OCIS_URL=https://your-server:9200 \
 KONNECTD_TLS=0 \
+PROXY_TRANSPORT_TLS_KEY=./certs/your-host.key \
+PROXY_TRANSPORT_TLS_CERT=./certs/your-host.crt \
+IDP_TLS=0 \
 ./bin/ocis server
 ```
 

docs/ocis/deployment/bridge.md

@@ -101,7 +101,7 @@ Groups should work as well:
 $ ldapsearch -x -H ldap://localhost:9125 -b dc=example,dc=com -D "cn=admin,dc=example,dc=com" -W '(objectclass=posixgroup)'
 ```
 
-> Note: This is currently a readonly implementation and minimal to the usecase of authenticating users with konnectd.
+> Note: This is currently a readonly implementation and minimal to the usecase of authenticating users with idp.
 
 ### Start ocis-web
 
@@ -124,21 +124,21 @@ $ bin/web server --web-config-server https://cloud.example.com --oidc-authority
 
 `ocis-web` needs to know
 - `--web-config-server https://cloud.example.com` is ownCloud url with webdav and ocs endpoints (oc10 or ocis)
-- `--oidc-authority https://192.168.1.100:9130` the openid connect issuing authority, in our case `oidc-konnectd`, running on port 9130
+- `--oidc-authority https://192.168.1.100:9130` the openid connect issuing authority, in our case `oidc-idp`, running on port 9130
 - `--oidc-metadata-url https://192.168.1.100:9130/.well-known/openid-configuration` the openid connect configuration endpoint, typically the issuer host with `.well-known/openid-configuration`, but there are cases when another endpoint is used, eg. ping identity provides multiple endpoints to separate domains
-- `--oidc-client-id ocis` the client id we will register later with `ocis-konnectd` in the `identifier-registration.yaml`
+- `--oidc-client-id ocis` the client id we will register later with `ocis-idp` in the `identifier-registration.yaml`
 
-### Start ocis-konnectd
+### Start ocis-idp
 
 #### Get it!
 
 In an `ocis` folder
 ```
-$ git clone git@github.com:owncloud/ocis-konnectd.git
-$ cd ocis-konnectd
+$ git clone git@github.com:owncloud/ocis-idp.git
+$ cd ocis-idp
 $ make
 ```
-This should give you a `bin/ocis-konnectd` binary. Try listing the help with `bin/ocis-konnectd --help`.
+This should give you a `bin/ocis-idp` binary. Try listing the help with `bin/ocis-idp --help`.
 
 #### Set environment variables
 
@@ -183,12 +183,12 @@ Replace `localhost:9100` in the redirect URIs with your `ocis-web` host and port
 
 #### Run it!
 
-You can now bring up `ocis-konnectd` with:
+You can now bring up `ocis-idp` with:
 ```console
-$ bin/ocis-konnectd server --iss https://192.168.1.100:9130 --identifier-registration-conf assets/identifier-registration.yaml --signing-kid gen1-2020-02-27
+$ bin/ocis-idp server --iss https://192.168.1.100:9130 --identifier-registration-conf assets/identifier-registration.yaml --signing-kid gen1-2020-02-27
 ```
 
-`ocis-konnectd` needs to know
+`ocis-idp` needs to know
 - `--iss https://192.168.1.100:9130` the issuer, which must be a reachable https endpoint. For testing an ip works. HTTPS is NOT optional. This url is exposed in the `https://192.168.1.100:9130/.well-known/openid-configuration` endpoint and clients need to be able to connect to it
 - `--identifier-registration-conf assets/identifier-registration.yaml` the identifier-registration.yaml you created
 - `--signing-kid gen1-2020-02-27` a signature key id, otherwise the jwks key has no name, which might cause problems with clients. a random key is ok, but it should change when the actual signing key changes.
@@ -203,7 +203,7 @@ $ curl https://192.168.1.100:9130/.well-known/openid-configuration
 
 2. Check if the login works at https://192.168.1.100:9130/signin/v1/identifier
 
-> Note: If you later get a `Unable to find a key for (algorithm, kid):PS256, )` Error make sure you did set a `--signing-kid` when starting `ocis-konnectd` by checking it is present in https://192.168.1.100:9130/konnect/v1/jwks.json
+> Note: If you later get a `Unable to find a key for (algorithm, kid):PS256, )` Error make sure you did set a `--signing-kid` when starting `ocis-idp` by checking it is present in https://192.168.1.100:9130/konnect/v1/jwks.json
 
 ### Patch owncloud
 
@@ -241,7 +241,7 @@ $CONFIG = [
 ```
 
 In the above configuration replace
-- `provider-url` with the URL to your `ocis-konnectd` issuer
+- `provider-url` with the URL to your `ocis-idp` issuer
 - `https://cloud.example.com` with the URL to your ownCloud 10 instance
 - `http://localhost:9100` with the URL to your ownCloud Web instance
 
@@ -251,4 +251,4 @@ In the above configuration replace
 
 Aside from the above todos these are the next steps
 - tie it all together behind `ocis-proxy`
-- create an `ocis bridge` command that runs all the ocis services in one step with a properly preconfigured `ocis-konnectd` `identifier-registration.yaml` file for `ownCloud Web` and the owncloud 10 `openidconnect` app, as well as a randomized `--signing-kid`.
+- create an `ocis bridge` command that runs all the ocis services in one step with a properly preconfigured `ocis-idp` `identifier-registration.yaml` file for `ownCloud Web` and the owncloud 10 `openidconnect` app, as well as a randomized `--signing-kid`.

docs/ocis/deployment/ocis_keycloak.md

@@ -19,7 +19,7 @@ geekdocFilePath: ocis_keycloak.md
 
 The docker stack consists 4 containers. One of them is Traefik, a proxy which is terminating ssl and forwards the requests to oCIS in the internal docker network.
 
-Keykloak add two containers: Keycloak itself and a PostgreSQL as database. Keycloak will be configured as oCIS' IDP instead of the internal IDP [Konnectd]({{< ref "../../extensions/konnectd/_index.md" >}})
+Keykloak add two containers: Keycloak itself and a PostgreSQL as database. Keycloak will be configured as oCIS' IDP instead of the internal IDP [Konnectd]({{< ref "../../extensions/idp/_index.md" >}})
 
 The other container is oCIS itself running all extensions in one container. In this example oCIS uses [oCIS storage driver]({{< ref "../../extensions/storage/storages.md#storage-drivers" >}})
 

docs/ocis/deployment/ocis_traefik.md

@@ -18,7 +18,7 @@ geekdocFilePath: ocis_traefik.md
 
 The docker stack consists of two containers. One of them is Traefik, a proxy which is terminating ssl and forwards the requests to oCIS in the internal docker network.
 
-The other one is oCIS itself running all extensions in one container. In this example oCIS uses its internal IDP [Konnectd]({{< ref "../../extensions/konnectd/_index.md" >}}) and the [oCIS storage driver]({{< ref "../../extensions/storage/storages.md#storage-drivers" >}})
+The other one is oCIS itself running all extensions in one container. In this example oCIS uses its internal IDP [Konnectd]({{< ref "../../extensions/idp/_index.md" >}}) and the [oCIS storage driver]({{< ref "../../extensions/storage/storages.md#storage-drivers" >}})
 
 ## Server Deployment
 

docs/ocis/development/debugging.md

@@ -39,7 +39,7 @@ Run the debug binary with `OCIS_LOG_LEVEL=debug bin/ocis-debug server` and then
 12920 pts/1    Sl     0:00 bin/ocis-debug reva-users
 12929 pts/1    Sl     0:00 bin/ocis-debug glauth
 12940 pts/1    Sl     0:00 bin/ocis-debug reva-storage-home-data
-12948 pts/1    Sl     0:00 bin/ocis-debug konnectd
+12948 pts/1    Sl     0:00 bin/ocis-debug idp
 12952 pts/1    Sl     0:00 bin/ocis-debug proxy
 12961 pts/1    Sl     0:00 bin/ocis-debug thumbnails
 12971 pts/1    Sl     0:00 bin/ocis-debug reva-storage-oc
@@ -81,7 +81,7 @@ bin/ocis --log-level=$LOG_LEVEL glauth &
 bin/ocis --log-level=$LOG_LEVEL graph-explorer &
 bin/ocis --log-level=$LOG_LEVEL graph &
 #bin/ocis --log-level=$LOG_LEVEL hello &
-bin/ocis --log-level=$LOG_LEVEL konnectd &
+bin/ocis --log-level=$LOG_LEVEL idp &
 #bin/ocis --log-level=$LOG_LEVEL ocs &
 bin/ocis --log-level=$LOG_LEVEL web &
 bin/ocis --log-level=$LOG_LEVEL reva-auth-basic &
@@ -118,7 +118,7 @@ bin/ocis --log-level=$LOG_LEVEL proxy &
 12920 pts/1    Sl     0:00 bin/ocis-debug reva-users
 12929 pts/1    Sl     0:00 bin/ocis-debug glauth
 12940 pts/1    Sl     0:00 bin/ocis-debug reva-storage-home-data
-12948 pts/1    Sl     0:00 bin/ocis-debug konnectd
+12948 pts/1    Sl     0:00 bin/ocis-debug idp
 12952 pts/1    Sl     0:00 bin/ocis-debug proxy
 12961 pts/1    Sl     0:00 bin/ocis-debug thumbnails
 12971 pts/1    Sl     0:00 bin/ocis-debug reva-storage-oc

docs/ocis/flow-docs/login-flow.md

@@ -44,7 +44,7 @@ sequenceDiagram
         Note over client, idp: GET /authorize?<br>response_type=code<br>&scope=openid%20profile%20email<br>&client_id=s6BhdRkqt3<br>&state=af0ifjsldkj<br>&redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb HTTP/1.1<br>Host: server.example.com
         Note over user, idp: 3. Authorization Server Authenticates the End-User.
         Note over idp,ldap: Either an IdP already exists or a new one is introduced. Since we are not yet using oidc discovery we can only use one IdP.
-        alt all users managed by konnectd/ocis
+        alt all users managed by idp/ocis
             idp->>+glauth: LDAP query/bind
             glauth->>+graph: GET user with Basic Auth<br>GraphAPI
             graph->>+accounts: internal GRPC

docs/ocis/flow-docs/request-flow.md

@@ -28,7 +28,7 @@ sequenceDiagram
         Note over client,proxy: What is in a bearer token? <br> The spec recommends opaque tokens. <br> Treat it as random byte noise.
         Note over client,proxy: the proxy MUST authenticate users <br> using ocis-accounts because it needs <br> to decide where to send the request
         %% Mention introspection endpoint for opaque tokens
-        %% konnectd uses jwt, so we can save a request
+        %% idp uses jwt, so we can save a request
         %% either way the token can be used to look up the sub and iss of the user
 
             %% or is token check enough?

glauth/go.sum

@@ -224,6 +224,8 @@ github.com/cs3org/reva v1.2.2-0.20200924071957-e6676516e61e h1:khITGSnfDXtByQsLe
 github.com/cs3org/reva v1.2.2-0.20200924071957-e6676516e61e/go.mod h1:DOV5SjpOBKN+aWfOHLdA4KiLQkpyC786PQaXEdRAZ0M=
 github.com/cs3org/reva v1.4.1-0.20210111080247-f2b63bfd6825 h1:U6pAVGTjesstz+EXd8+YpIG1xwKH1ovOXdWrMCvnopw=
 github.com/cs3org/reva v1.4.1-0.20210111080247-f2b63bfd6825/go.mod h1:abC1Lo0ZKwkKloomTPZWunV/lUJvewkty1pI41zn2Ic=
+github.com/cs3org/reva v1.5.1 h1:GebunCjhHfA3lFLXjQT+3jOUjEXUubk9sr3otOIDGac=
+github.com/cs3org/reva v1.5.1/go.mod h1:abC1Lo0ZKwkKloomTPZWunV/lUJvewkty1pI41zn2Ic=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=

idp/Makefile

@@ -1,5 +1,5 @@
 SHELL := bash
-NAME := konnectd
+NAME := idp
 IMPORT := github.com/owncloud/ocis/$(NAME)
 BIN := bin
 DIST := dist

idp/cmd/konnectd/main.go

@@ -3,7 +3,7 @@ package main
 import (
 	"os"
 
-	"github.com/owncloud/ocis/konnectd/pkg/command"
+	"github.com/owncloud/ocis/idp/pkg/command"
 )
 
 func main() {

idp/config/example.json

@@ -15,6 +15,6 @@
     "type": "jaeger",
     "endpoint": "localhost:6831",
     "collector": "http://localhost:14268/api/traces",
-    "service": "konnectd"
+    "service": "idp"
   }
 }

idp/config/example.yml

@@ -14,6 +14,6 @@ tracing:
   type: jaeger
   endpoint: localhost:6831
   collector: http://localhost:14268/api/traces
-  service: konnectd
+  service: idp
 
 ...

idp/docker/Dockerfile.linux.amd64

@@ -13,7 +13,7 @@ LABEL maintainer="ownCloud GmbH <devops@owncloud.com>" \
 
 EXPOSE 9130 9134
 
-ENTRYPOINT ["/usr/bin/ocis-konnectd"]
+ENTRYPOINT ["/usr/bin/ocis-idp"]
 CMD ["server"]
 
-COPY bin/ocis-konnectd /usr/bin/ocis-konnectd
+COPY bin/ocis-idp /usr/bin/ocis-idp

idp/docker/Dockerfile.linux.arm

@@ -13,7 +13,7 @@ LABEL maintainer="ownCloud GmbH <devops@owncloud.com>" \
 
 EXPOSE 9130 9134
 
-ENTRYPOINT ["/usr/bin/ocis-konnectd"]
+ENTRYPOINT ["/usr/bin/ocis-idp"]
 CMD ["server"]
 
-COPY bin/ocis-konnectd /usr/bin/ocis-konnectd
+COPY bin/ocis-idp /usr/bin/ocis-idp

idp/docker/Dockerfile.linux.arm64

@@ -13,7 +13,7 @@ LABEL maintainer="ownCloud GmbH <devops@owncloud.com>" \
 
 EXPOSE 9130 9134
 
-ENTRYPOINT ["/usr/bin/ocis-konnectd"]
+ENTRYPOINT ["/usr/bin/ocis-idp"]
 CMD ["server"]
 
-COPY bin/ocis-konnectd /usr/bin/ocis-konnectd
+COPY bin/ocis-idp /usr/bin/ocis-idp

idp/docker/manifest.tmpl

@@ -0,0 +1,22 @@
+image: owncloud/ocis-idp:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
+{{#if build.tags}}
+tags:
+{{#each build.tags}}
+  - {{this}}
+{{/each}}
+{{/if}}
+manifests:
+  - image: owncloud/ocis-idp:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
+    platform:
+      architecture: amd64
+      os: linux
+  - image: owncloud/ocis-idp:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
+    platform:
+      architecture: arm64
+      variant: v8
+      os: linux
+  - image: owncloud/ocis-idp:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
+    platform:
+      architecture: arm
+      variant: v6
+      os: linux

idp/go.mod

@@ -1,4 +1,4 @@
-module github.com/owncloud/ocis/konnectd
+module github.com/owncloud/ocis/idp
 
 go 1.15
 

idp/pkg/assets/assets.go

@@ -5,7 +5,7 @@ import (
 	"os"
 	"path"
 
-	"github.com/owncloud/ocis/konnectd/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/config"
 	"github.com/owncloud/ocis/ocis-pkg/log"
 )
 

idp/pkg/assets/option.go

@@ -1,7 +1,7 @@
 package assets
 
 import (
-	"github.com/owncloud/ocis/konnectd/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/config"
 	"github.com/owncloud/ocis/ocis-pkg/log"
 )
 

idp/pkg/command/health.go

@@ -5,8 +5,8 @@ import (
 	"net/http"
 
 	"github.com/micro/cli/v2"
-	"github.com/owncloud/ocis/konnectd/pkg/config"
-	"github.com/owncloud/ocis/konnectd/pkg/flagset"
+	"github.com/owncloud/ocis/idp/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/flagset"
 )
 
 // Health is the entrypoint for the health command.

idp/pkg/command/root.go

@@ -5,21 +5,21 @@ import (
 	"strings"
 
 	"github.com/micro/cli/v2"
-	"github.com/owncloud/ocis/konnectd/pkg/config"
-	"github.com/owncloud/ocis/konnectd/pkg/flagset"
-	"github.com/owncloud/ocis/konnectd/pkg/version"
+	"github.com/owncloud/ocis/idp/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/flagset"
+	"github.com/owncloud/ocis/idp/pkg/version"
 	"github.com/owncloud/ocis/ocis-pkg/log"
 	"github.com/spf13/viper"
 )
 
-// Execute is the entry point for the ocis-konnectd command.
+// Execute is the entry point for the ocis-idp command.
 func Execute() error {
 	cfg := config.New()
 
 	app := &cli.App{
-		Name:     "ocis-konnectd",
+		Name:     "ocis-idp",
 		Version:  version.String,
-		Usage:    "Serve Konnectd API for oCIS",
+		Usage:    "Serve IDP API for oCIS",
 		Compiled: version.Compiled(),
 
 		Authors: []*cli.Author{
@@ -59,7 +59,7 @@ func Execute() error {
 // NewLogger initializes a service-specific logger instance.
 func NewLogger(cfg *config.Config) log.Logger {
 	return log.NewLogger(
-		log.Name("konnectd"),
+		log.Name("idp"),
 		log.Level(cfg.Log.Level),
 		log.Pretty(cfg.Log.Pretty),
 		log.Color(cfg.Log.Color),
@@ -71,13 +71,13 @@ func ParseConfig(c *cli.Context, cfg *config.Config) error {
 	logger := NewLogger(cfg)
 
 	viper.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
-	viper.SetEnvPrefix("KONNECTD")
+	viper.SetEnvPrefix("IDP")
 	viper.AutomaticEnv()
 
 	if c.IsSet("config-file") {
 		viper.SetConfigFile(c.String("config-file"))
 	} else {
-		viper.SetConfigName("konnectd")
+		viper.SetConfigName("idp")
 
 		viper.AddConfigPath("/etc/ocis")
 		viper.AddConfigPath("$HOME/.ocis")

idp/pkg/command/server.go

@@ -14,11 +14,11 @@ import (
 	"github.com/oklog/run"
 	openzipkin "github.com/openzipkin/zipkin-go"
 	zipkinhttp "github.com/openzipkin/zipkin-go/reporter/http"
-	"github.com/owncloud/ocis/konnectd/pkg/config"
-	"github.com/owncloud/ocis/konnectd/pkg/flagset"
-	"github.com/owncloud/ocis/konnectd/pkg/metrics"
-	"github.com/owncloud/ocis/konnectd/pkg/server/debug"
-	"github.com/owncloud/ocis/konnectd/pkg/server/http"
+	"github.com/owncloud/ocis/idp/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/flagset"
+	"github.com/owncloud/ocis/idp/pkg/metrics"
+	"github.com/owncloud/ocis/idp/pkg/server/debug"
+	"github.com/owncloud/ocis/idp/pkg/server/http"
 	"go.opencensus.io/stats/view"
 	"go.opencensus.io/trace"
 )
@@ -38,15 +38,15 @@ func Server(cfg *config.Config) *cli.Command {
 			// StringSliceFlag doesn't support Destination
 			// UPDATE Destination on string flags supported. Wait for https://github.com/urfave/cli/pull/1078 to get to micro/cli
 			if len(c.StringSlice("trusted-proxy")) > 0 {
-				cfg.Konnectd.TrustedProxy = c.StringSlice("trusted-proxy")
+				cfg.IDP.TrustedProxy = c.StringSlice("trusted-proxy")
 			}
 
 			if len(c.StringSlice("allow-scope")) > 0 {
-				cfg.Konnectd.AllowScope = c.StringSlice("allow-scope")
+				cfg.IDP.AllowScope = c.StringSlice("allow-scope")
 			}
 
 			if len(c.StringSlice("signing-private-key")) > 0 {
-				cfg.Konnectd.SigningPrivateKeyFiles = c.StringSlice("signing-private-key")
+				cfg.IDP.SigningPrivateKeyFiles = c.StringSlice("signing-private-key")
 			}
 
 			return ParseConfig(c, cfg)

idp/pkg/command/version.go

@@ -8,8 +8,8 @@ import (
 
 	"github.com/micro/cli/v2"
 	tw "github.com/olekukonko/tablewriter"
-	"github.com/owncloud/ocis/konnectd/pkg/config"
-	"github.com/owncloud/ocis/konnectd/pkg/flagset"
+	"github.com/owncloud/ocis/idp/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/flagset"
 )
 
 // PrintVersion prints the service versions of all running instances.
@@ -17,17 +17,17 @@ func PrintVersion(cfg *config.Config) *cli.Command {
 	return &cli.Command{
 		Name:  "version",
 		Usage: "Print the versions of the running instances",
-		Flags: flagset.ListKonnectdWithConfig(cfg),
+		Flags: flagset.ListIDPWithConfig(cfg),
 		Action: func(c *cli.Context) error {
 			reg := *registry.GetRegistry()
 			services, err := reg.GetService(cfg.Service.Namespace + "." + cfg.Service.Name)
 			if err != nil {
-				fmt.Println(fmt.Errorf("could not get konnectd services from the registry: %v", err))
+				fmt.Println(fmt.Errorf("could not get idp services from the registry: %v", err))
 				return err
 			}
 
 			if len(services) == 0 {
-				fmt.Println("No running konnectd service found.")
+				fmt.Println("No running idp service found.")
 				return nil
 			}
 

idp/pkg/config/config.go

@@ -57,7 +57,7 @@ type Config struct {
 	HTTP     HTTP
 	Tracing  Tracing
 	Asset    Asset
-	Konnectd bootstrap.Config
+	IDP bootstrap.Config
 	Service  Service
 }
 

idp/pkg/flagset/flagset.go

@@ -2,7 +2,7 @@ package flagset
 
 import (
 	"github.com/micro/cli/v2"
-	"github.com/owncloud/ocis/konnectd/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/config"
 )
 
 // RootWithConfig applies cfg to the root flagset
@@ -12,21 +12,21 @@ func RootWithConfig(cfg *config.Config) []cli.Flag {
 			Name:        "log-level",
 			Value:       "info",
 			Usage:       "Set logging level",
-			EnvVars:     []string{"KONNECTD_LOG_LEVEL"},
+			EnvVars:     []string{"IDP_LOG_LEVEL"},
 			Destination: &cfg.Log.Level,
 		},
 		&cli.BoolFlag{
 			Value:       true,
 			Name:        "log-pretty",
 			Usage:       "Enable pretty logging",
-			EnvVars:     []string{"KONNECTD_LOG_PRETTY"},
+			EnvVars:     []string{"IDP_LOG_PRETTY"},
 			Destination: &cfg.Log.Pretty,
 		},
 		&cli.BoolFlag{
 			Value:       true,
 			Name:        "log-color",
 			Usage:       "Enable colored logging",
-			EnvVars:     []string{"KONNECTD_LOG_COLOR"},
+			EnvVars:     []string{"IDP_LOG_COLOR"},
 			Destination: &cfg.Log.Color,
 		},
 	}
@@ -39,7 +39,7 @@ func HealthWithConfig(cfg *config.Config) []cli.Flag {
 			Name:        "debug-addr",
 			Value:       "0.0.0.0:9134",
 			Usage:       "Address to debug endpoint",
-			EnvVars:     []string{"KONNECTD_DEBUG_ADDR"},
+			EnvVars:     []string{"IDP_DEBUG_ADDR"},
 			Destination: &cfg.Debug.Addr,
 		},
 	}
@@ -52,305 +52,305 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag {
 			Name:        "config-file",
 			Value:       "",
 			Usage:       "Path to config file",
-			EnvVars:     []string{"KONNECTD_CONFIG_FILE"},
+			EnvVars:     []string{"IDP_CONFIG_FILE"},
 			Destination: &cfg.File,
 		},
 		&cli.BoolFlag{
 			Name:        "tracing-enabled",
 			Usage:       "Enable sending traces",
-			EnvVars:     []string{"KONNECTD_TRACING_ENABLED"},
+			EnvVars:     []string{"IDP_TRACING_ENABLED"},
 			Destination: &cfg.Tracing.Enabled,
 		},
 		&cli.StringFlag{
 			Name:        "tracing-type",
 			Value:       "jaeger",
 			Usage:       "Tracing backend type",
-			EnvVars:     []string{"KONNECTD_TRACING_TYPE"},
+			EnvVars:     []string{"IDP_TRACING_TYPE"},
 			Destination: &cfg.Tracing.Type,
 		},
 		&cli.StringFlag{
 			Name:        "tracing-endpoint",
 			Value:       "",
 			Usage:       "Endpoint for the agent",
-			EnvVars:     []string{"KONNECTD_TRACING_ENDPOINT"},
+			EnvVars:     []string{"IDP_TRACING_ENDPOINT"},
 			Destination: &cfg.Tracing.Endpoint,
 		},
 		&cli.StringFlag{
 			Name:        "tracing-collector",
 			Value:       "",
 			Usage:       "Endpoint for the collector",
-			EnvVars:     []string{"KONNECTD_TRACING_COLLECTOR"},
+			EnvVars:     []string{"IDP_TRACING_COLLECTOR"},
 			Destination: &cfg.Tracing.Collector,
 		},
 		&cli.StringFlag{
 			Name:        "tracing-service",
-			Value:       "konnectd",
+			Value:       "idp",
 			Usage:       "Service name for tracing",
-			EnvVars:     []string{"KONNECTD_TRACING_SERVICE"},
+			EnvVars:     []string{"IDP_TRACING_SERVICE"},
 			Destination: &cfg.Tracing.Service,
 		},
 		&cli.StringFlag{
 			Name:        "debug-addr",
 			Value:       "0.0.0.0:9134",
 			Usage:       "Address to bind debug server",
-			EnvVars:     []string{"KONNECTD_DEBUG_ADDR"},
+			EnvVars:     []string{"IDP_DEBUG_ADDR"},
 			Destination: &cfg.Debug.Addr,
 		},
 		&cli.StringFlag{
 			Name:        "debug-token",
 			Value:       "",
 			Usage:       "Token to grant metrics access",
-			EnvVars:     []string{"KONNECTD_DEBUG_TOKEN"},
+			EnvVars:     []string{"IDP_DEBUG_TOKEN"},
 			Destination: &cfg.Debug.Token,
 		},
 		&cli.BoolFlag{
 			Name:        "debug-pprof",
 			Usage:       "Enable pprof debugging",
-			EnvVars:     []string{"KONNECTD_DEBUG_PPROF"},
+			EnvVars:     []string{"IDP_DEBUG_PPROF"},
 			Destination: &cfg.Debug.Pprof,
 		},
 		&cli.BoolFlag{
 			Name:        "debug-zpages",
 			Usage:       "Enable zpages debugging",
-			EnvVars:     []string{"KONNECTD_DEBUG_ZPAGES"},
+			EnvVars:     []string{"IDP_DEBUG_ZPAGES"},
 			Destination: &cfg.Debug.Zpages,
 		},
 		&cli.StringFlag{
 			Name:        "http-addr",
 			Value:       "0.0.0.0:9130",
 			Usage:       "Address to bind http server",
-			EnvVars:     []string{"KONNECTD_HTTP_ADDR"},
+			EnvVars:     []string{"IDP_HTTP_ADDR"},
 			Destination: &cfg.HTTP.Addr,
 		},
 		&cli.StringFlag{
 			Name:        "http-root",
 			Value:       "/",
 			Usage:       "Root path of http server",
-			EnvVars:     []string{"KONNECTD_HTTP_ROOT"},
+			EnvVars:     []string{"IDP_HTTP_ROOT"},
 			Destination: &cfg.HTTP.Root,
 		},
 		&cli.StringFlag{
 			Name:        "http-namespace",
 			Value:       "com.owncloud.web",
 			Usage:       "Set the base namespace for service discovery",
-			EnvVars:     []string{"KONNECTD_HTTP_NAMESPACE"},
+			EnvVars:     []string{"IDP_HTTP_NAMESPACE"},
 			Destination: &cfg.Service.Namespace,
 		},
 		&cli.StringFlag{
 			Name:        "name",
-			Value:       "konnectd",
+			Value:       "idp",
 			Usage:       "Service name",
-			EnvVars:     []string{"KONNECTD_NAME"},
+			EnvVars:     []string{"IDP_NAME"},
 			Destination: &cfg.Service.Name,
 		},
 		&cli.StringFlag{
 			Name:        "identity-manager",
 			Value:       "ldap",
 			Usage:       "Identity manager (one of ldap,kc,cookie,dummy)",
-			EnvVars:     []string{"KONNECTD_IDENTITY_MANAGER"},
-			Destination: &cfg.Konnectd.IdentityManager,
+			EnvVars:     []string{"IDP_IDENTITY_MANAGER"},
+			Destination: &cfg.IDP.IdentityManager,
 		},
 		&cli.StringFlag{
 			Name:        "transport-tls-cert",
 			Value:       "",
 			Usage:       "Certificate file for transport encryption",
-			EnvVars:     []string{"KONNECTD_TRANSPORT_TLS_CERT"},
+			EnvVars:     []string{"IDP_TRANSPORT_TLS_CERT"},
 			Destination: &cfg.HTTP.TLSCert,
 		},
 		&cli.StringFlag{
 			Name:        "transport-tls-key",
 			Value:       "",
 			Usage:       "Secret file for transport encryption",
-			EnvVars:     []string{"KONNECTD_TRANSPORT_TLS_KEY"},
+			EnvVars:     []string{"IDP_TRANSPORT_TLS_KEY"},
 			Destination: &cfg.HTTP.TLSKey,
 		},
 		&cli.StringFlag{
 			Name:        "iss",
 			Usage:       "OIDC issuer URL",
-			EnvVars:     []string{"KONNECTD_ISS", "OCIS_URL"}, // KONNECTD_ISS takes precedence over OCIS_URL
+			EnvVars:     []string{"IDP_ISS", "OCIS_URL"}, // IDP_ISS takes precedence over OCIS_URL
 			Value:       "https://localhost:9200",
-			Destination: &cfg.Konnectd.Iss,
+			Destination: &cfg.IDP.Iss,
 		},
 		&cli.StringSliceFlag{
 			Name:    "signing-private-key",
 			Usage:   "Full path to PEM encoded private key file (must match the --signing-method algorithm)",
-			EnvVars: []string{"KONNECTD_SIGNING_PRIVATE_KEY"},
+			EnvVars: []string{"IDP_SIGNING_PRIVATE_KEY"},
 			Value:   nil,
 		},
 		&cli.StringFlag{
 			Name:        "signing-kid",
 			Usage:       "Value of kid field to use in created tokens (uniquely identifying the signing-private-key)",
-			EnvVars:     []string{"KONNECTD_SIGNING_KID"},
+			EnvVars:     []string{"IDP_SIGNING_KID"},
 			Value:       "",
-			Destination: &cfg.Konnectd.SigningKid,
+			Destination: &cfg.IDP.SigningKid,
 		},
 		&cli.StringFlag{
 			Name:        "validation-keys-path",
 			Usage:       "Full path to a folder containg PEM encoded private or public key files used for token validaton (file name without extension is used as kid)",
-			EnvVars:     []string{"KONNECTD_VALIDATION_KEYS_PATH"},
+			EnvVars:     []string{"IDP_VALIDATION_KEYS_PATH"},
 			Value:       "",
-			Destination: &cfg.Konnectd.ValidationKeysPath,
+			Destination: &cfg.IDP.ValidationKeysPath,
 		},
 		&cli.StringFlag{
 			Name:        "encryption-secret",
 			Usage:       "Full path to a file containing a %d bytes secret key",
-			EnvVars:     []string{"KONNECTD_ENCRYPTION_SECRET"},
+			EnvVars:     []string{"IDP_ENCRYPTION_SECRET"},
 			Value:       "",
-			Destination: &cfg.Konnectd.EncryptionSecretFile,
+			Destination: &cfg.IDP.EncryptionSecretFile,
 		},
 		&cli.StringFlag{
 			Name:        "signing-method",
 			Usage:       "JWT default signing method",
-			EnvVars:     []string{"KONNECTD_SIGNING_METHOD"},
+			EnvVars:     []string{"IDP_SIGNING_METHOD"},
 			Value:       "PS256",
-			Destination: &cfg.Konnectd.SigningMethod,
+			Destination: &cfg.IDP.SigningMethod,
 		},
 		&cli.StringFlag{
 			Name:        "uri-base-path",
 			Usage:       "Custom base path for URI endpoints",
-			EnvVars:     []string{"KONNECTD_URI_BASE_PATH"},
+			EnvVars:     []string{"IDP_URI_BASE_PATH"},
 			Value:       "",
-			Destination: &cfg.Konnectd.URIBasePath,
+			Destination: &cfg.IDP.URIBasePath,
 		},
 		&cli.StringFlag{
 			Name:        "sign-in-uri",
 			Usage:       "Custom redirection URI to sign-in form",
-			EnvVars:     []string{"KONNECTD_SIGN_IN_URI"},
+			EnvVars:     []string{"IDP_SIGN_IN_URI"},
 			Value:       "",
-			Destination: &cfg.Konnectd.SignInURI,
+			Destination: &cfg.IDP.SignInURI,
 		},
 		&cli.StringFlag{
 			Name:        "signed-out-uri",
 			Usage:       "Custom redirection URI to signed-out goodbye page",
-			EnvVars:     []string{"KONNECTD_SIGN_OUT_URI"},
+			EnvVars:     []string{"IDP_SIGN_OUT_URI"},
 			Value:       "",
-			Destination: &cfg.Konnectd.SignedOutURI,
+			Destination: &cfg.IDP.SignedOutURI,
 		},
 		&cli.StringFlag{
 			Name:        "authorization-endpoint-uri",
 			Usage:       "Custom authorization endpoint URI",
-			EnvVars:     []string{"KONNECTD_ENDPOINT_URI"},
+			EnvVars:     []string{"IDP_ENDPOINT_URI"},
 			Value:       "",
-			Destination: &cfg.Konnectd.AuthorizationEndpointURI,
+			Destination: &cfg.IDP.AuthorizationEndpointURI,
 		},
 		&cli.StringFlag{
 			Name:        "endsession-endpoint-uri",
 			Usage:       "Custom endsession endpoint URI",
-			EnvVars:     []string{"KONNECTD_ENDSESSION_ENDPOINT_URI"},
+			EnvVars:     []string{"IDP_ENDSESSION_ENDPOINT_URI"},
 			Value:       "",
-			Destination: &cfg.Konnectd.EndsessionEndpointURI,
+			Destination: &cfg.IDP.EndsessionEndpointURI,
 		},
 		&cli.StringFlag{
 			Name:        "asset-path",
 			Value:       "",
 			Usage:       "Path to custom assets",
-			EnvVars:     []string{"KONNECTD_ASSET_PATH"},
+			EnvVars:     []string{"IDP_ASSET_PATH"},
 			Destination: &cfg.Asset.Path,
 		},
 		&cli.StringFlag{
 			Name:        "identifier-client-path",
 			Usage:       "Path to the identifier web client base folder",
-			EnvVars:     []string{"KONNECTD_IDENTIFIER_CLIENT_PATH"},
-			Value:       "/var/tmp/ocis/konnectd",
-			Destination: &cfg.Konnectd.IdentifierClientPath,
+			EnvVars:     []string{"IDP_IDENTIFIER_CLIENT_PATH"},
+			Value:       "/var/tmp/ocis/idp",
+			Destination: &cfg.IDP.IdentifierClientPath,
 		},
 		&cli.StringFlag{
 			Name:        "identifier-registration-conf",
 			Usage:       "Path to a identifier-registration.yaml configuration file",
-			EnvVars:     []string{"KONNECTD_IDENTIFIER_REGISTRATION_CONF"},
+			EnvVars:     []string{"IDP_IDENTIFIER_REGISTRATION_CONF"},
 			Value:       "./config/identifier-registration.yaml",
-			Destination: &cfg.Konnectd.IdentifierRegistrationConf,
+			Destination: &cfg.IDP.IdentifierRegistrationConf,
 		},
 		&cli.StringFlag{
 			Name:        "identifier-scopes-conf",
 			Usage:       "Path to a scopes.yaml configuration file",
-			EnvVars:     []string{"KONNECTD_IDENTIFIER_SCOPES_CONF"},
+			EnvVars:     []string{"IDP_IDENTIFIER_SCOPES_CONF"},
 			Value:       "",
-			Destination: &cfg.Konnectd.IdentifierScopesConf,
+			Destination: &cfg.IDP.IdentifierScopesConf,
 		},
 		&cli.BoolFlag{
 			Name:        "insecure",
 			Usage:       "Disable TLS certificate and hostname validation",
-			EnvVars:     []string{"KONNECTD_INSECURE"},
-			Destination: &cfg.Konnectd.Insecure,
+			EnvVars:     []string{"IDP_INSECURE"},
+			Destination: &cfg.IDP.Insecure,
 		},
 		&cli.BoolFlag{
 			Name:        "tls",
-			Usage:       "Use TLS (disable only if konnectd is behind a TLS-terminating reverse-proxy).",
-			EnvVars:     []string{"KONNECTD_TLS"},
+			Usage:       "Use TLS (disable only if idp is behind a TLS-terminating reverse-proxy).",
+			EnvVars:     []string{"IDP_TLS"},
 			Value:       false,
 			Destination: &cfg.HTTP.TLS,
 		},
 		&cli.StringSliceFlag{
 			Name:    "trusted-proxy",
 			Usage:   "Trusted proxy IP or IP network (can be used multiple times)",
-			EnvVars: []string{"KONNECTD_TRUSTED_PROXY"},
+			EnvVars: []string{"IDP_TRUSTED_PROXY"},
 			Value:   nil,
 		},
 		&cli.StringSliceFlag{
 			Name:    "allow-scope",
 			Usage:   "Allow OAuth 2 scope (can be used multiple times, if not set default scopes are allowed)",
-			EnvVars: []string{"KONNECTD_ALLOW_SCOPE"},
+			EnvVars: []string{"IDP_ALLOW_SCOPE"},
 			Value:   nil,
 		},
 		&cli.BoolFlag{
 			Name:        "allow-client-guests",
 			Usage:       "Allow sign in of client controlled guest users",
-			EnvVars:     []string{"KONNECTD_ALLOW_CLIENT_GUESTS"},
-			Destination: &cfg.Konnectd.AllowClientGuests,
+			EnvVars:     []string{"IDP_ALLOW_CLIENT_GUESTS"},
+			Destination: &cfg.IDP.AllowClientGuests,
 		},
 		&cli.BoolFlag{
 			Name:        "allow-dynamic-client-registration",
 			Usage:       "Allow dynamic OAuth2 client registration",
-			EnvVars:     []string{"KONNECTD_ALLOW_DYNAMIC_CLIENT_REGISTRATION"},
+			EnvVars:     []string{"IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION"},
 			Value:       true,
-			Destination: &cfg.Konnectd.AllowDynamicClientRegistration,
+			Destination: &cfg.IDP.AllowDynamicClientRegistration,
 		},
 		&cli.BoolFlag{
 			Name:        "disable-identifier-webapp",
 			Usage:       "Disable built-in identifier-webapp to use a frontend hosted elsewhere.",
-			EnvVars:     []string{"KONNECTD_DISABLE_IDENTIFIER_WEBAPP"},
+			EnvVars:     []string{"IDP_DISABLE_IDENTIFIER_WEBAPP"},
 			Value:       true,
-			Destination: &cfg.Konnectd.IdentifierClientDisabled,
+			Destination: &cfg.IDP.IdentifierClientDisabled,
 		},
 		&cli.Uint64Flag{
 			Name:        "access-token-expiration",
 			Usage:       "Expiration time of access tokens in seconds since generated",
-			EnvVars:     []string{"KONNECTD_ACCESS_TOKEN_EXPIRATION"},
-			Destination: &cfg.Konnectd.AccessTokenDurationSeconds,
+			EnvVars:     []string{"IDP_ACCESS_TOKEN_EXPIRATION"},
+			Destination: &cfg.IDP.AccessTokenDurationSeconds,
 			Value:       60 * 10, // 10 Minutes.
 		},
 		&cli.Uint64Flag{
 			Name:        "id-token-expiration",
 			Usage:       "Expiration time of id tokens in seconds since generated",
-			EnvVars:     []string{"KONNECTD_ID_TOKEN_EXPIRATION"},
-			Destination: &cfg.Konnectd.IDTokenDurationSeconds,
+			EnvVars:     []string{"IDP_ID_TOKEN_EXPIRATION"},
+			Destination: &cfg.IDP.IDTokenDurationSeconds,
 			Value:       60 * 60, // 1 Hour
 		},
 		&cli.Uint64Flag{
 			Name:        "refresh-token-expiration",
 			Usage:       "Expiration time of refresh tokens in seconds since generated",
-			EnvVars:     []string{"KONNECTD_REFRESH_TOKEN_EXPIRATION"},
-			Destination: &cfg.Konnectd.RefreshTokenDurationSeconds,
+			EnvVars:     []string{"IDP_REFRESH_TOKEN_EXPIRATION"},
+			Destination: &cfg.IDP.RefreshTokenDurationSeconds,
 			Value:       60 * 60 * 24 * 365 * 3, // 1 year
 		},
 	}
 }
 
-// ListKonnectdWithConfig applies the config to the list commands flags
-func ListKonnectdWithConfig(cfg *config.Config) []cli.Flag {
+// ListIDPWithConfig applies the config to the list commands flags
+func ListIDPWithConfig(cfg *config.Config) []cli.Flag {
 	return []cli.Flag{&cli.StringFlag{
 		Name:        "http-namespace",
 		Value:       "com.owncloud.web",
 		Usage:       "Set the base namespace for service discovery",
-		EnvVars:     []string{"KONNECTD_HTTP_NAMESPACE"},
+		EnvVars:     []string{"IDP_HTTP_NAMESPACE"},
 		Destination: &cfg.Service.Namespace,
 	},
 		&cli.StringFlag{
 			Name:        "name",
-			Value:       "konnectd",
+			Value:       "idp",
 			Usage:       "Service name",
-			EnvVars:     []string{"KONNECTD_NAME"},
+			EnvVars:     []string{"IDP_NAME"},
 			Destination: &cfg.Service.Name,
 		},
 	}

idp/pkg/log/logrus_wrapper.go

@@ -17,7 +17,7 @@ var levelMapping = levelMap{
 	logrus.InfoLevel:  zerolog.InfoLevel,
 }
 
-// LogrusWrapper around zerolog. Required because konnectd uses logrus internally.
+// LogrusWrapper around zerolog. Required because idp uses logrus internally.
 type LogrusWrapper struct {
 	zeroLog  *zerolog.Logger
 	levelMap levelMap

idp/pkg/metrics/metrics.go

@@ -7,7 +7,7 @@ var (
 	Namespace = "ocis"
 
 	// Subsystem defines the subsystem for the defines metrics.
-	Subsystem = "konnectd"
+	Subsystem = "idp"
 )
 
 // Metrics defines the available metrics of this service.

idp/pkg/server/debug/option.go

@@ -3,7 +3,7 @@ package debug
 import (
 	"context"
 
-	"github.com/owncloud/ocis/konnectd/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/config"
 	"github.com/owncloud/ocis/ocis-pkg/log"
 )
 

idp/pkg/server/debug/server.go

@@ -4,7 +4,7 @@ import (
 	"io"
 	"net/http"
 
-	"github.com/owncloud/ocis/konnectd/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/config"
 	"github.com/owncloud/ocis/ocis-pkg/service/debug"
 )
 

idp/pkg/server/http/option.go

@@ -4,8 +4,8 @@ import (
 	"context"
 
 	"github.com/micro/cli/v2"
-	"github.com/owncloud/ocis/konnectd/pkg/config"
-	"github.com/owncloud/ocis/konnectd/pkg/metrics"
+	"github.com/owncloud/ocis/idp/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/metrics"
 	"github.com/owncloud/ocis/ocis-pkg/log"
 )
 

idp/pkg/server/http/server.go

@@ -4,8 +4,8 @@ import (
 	"crypto/tls"
 	"os"
 
-	"github.com/owncloud/ocis/konnectd/pkg/crypto"
-	svc "github.com/owncloud/ocis/konnectd/pkg/service/v0"
+	"github.com/owncloud/ocis/idp/pkg/crypto"
+	svc "github.com/owncloud/ocis/idp/pkg/service/v0"
 	"github.com/owncloud/ocis/ocis-pkg/middleware"
 	"github.com/owncloud/ocis/ocis-pkg/service/http"
 )

idp/pkg/service/v0/instrument.go

@@ -3,7 +3,7 @@ package svc
 import (
 	"net/http"
 
-	"github.com/owncloud/ocis/konnectd/pkg/metrics"
+	"github.com/owncloud/ocis/idp/pkg/metrics"
 )
 
 // NewInstrument returns a service that instruments metrics.

idp/pkg/service/v0/option.go

@@ -3,7 +3,7 @@ package svc
 import (
 	"net/http"
 
-	"github.com/owncloud/ocis/konnectd/pkg/config"
+	"github.com/owncloud/ocis/idp/pkg/config"
 	"github.com/owncloud/ocis/ocis-pkg/log"
 )
 

idp/pkg/service/v0/service.go

@@ -11,10 +11,10 @@ import (
 
 	"github.com/go-chi/chi"
 	"github.com/gorilla/mux"
-	"github.com/owncloud/ocis/konnectd/pkg/assets"
-	"github.com/owncloud/ocis/konnectd/pkg/config"
-	logw "github.com/owncloud/ocis/konnectd/pkg/log"
-	"github.com/owncloud/ocis/konnectd/pkg/middleware"
+	"github.com/owncloud/ocis/idp/pkg/assets"
+	"github.com/owncloud/ocis/idp/pkg/config"
+	logw "github.com/owncloud/ocis/idp/pkg/log"
+	"github.com/owncloud/ocis/idp/pkg/middleware"
 	"github.com/owncloud/ocis/ocis-pkg/log"
 	"stash.kopano.io/kc/konnect/bootstrap"
 	kcconfig "stash.kopano.io/kc/konnect/config"
@@ -42,23 +42,23 @@ func NewService(opts ...Option) Service {
 		logger.Fatal().Err(err).Msg("could not initialize env vars")
 	}
 
-	if err := createConfigsIfNotExist(assetVFS, options.Config.Konnectd.Iss); err != nil {
+	if err := createConfigsIfNotExist(assetVFS, options.Config.IDP.Iss); err != nil {
 		logger.Fatal().Err(err).Msg("could not create default config")
 	}
 
-	bs, err := bootstrap.Boot(ctx, &options.Config.Konnectd, &kcconfig.Config{
+	bs, err := bootstrap.Boot(ctx, &options.Config.IDP, &kcconfig.Config{
 		Logger: logw.Wrap(logger),
 	})
 
 	if err != nil {
-		logger.Fatal().Err(err).Msg("could not bootstrap konnectd")
+		logger.Fatal().Err(err).Msg("could not bootstrap idp")
 	}
 
 	managers := bs.Managers()
 	routes := []server.WithRoutes{managers.Must("identity").(server.WithRoutes)}
 	handlers := managers.Must("handler").(http.Handler)
 
-	svc := Konnectd{
+	svc := IDP{
 		logger: options.Logger,
 		config: options.Config,
 		assets: assetVFS,
@@ -109,12 +109,12 @@ func createConfigsIfNotExist(assets http.FileSystem, ocisURL string) error {
 
 }
 
-// Init vars which are currently not accessible via konnectd api
+// Init vars which are currently not accessible via idp api
 func initKonnectInternalEnvVars() error {
 	var defaults = map[string]string{
 		"LDAP_URI":                 "ldap://localhost:9125",
-		"LDAP_BINDDN":              "cn=konnectd,ou=sysusers,dc=example,dc=org",
-		"LDAP_BINDPW":              "konnectd",
+		"LDAP_BINDDN":              "cn=idp,ou=sysusers,dc=example,dc=org",
+		"LDAP_BINDPW":              "idp",
 		"LDAP_BASEDN":              "ou=users,dc=example,dc=org",
 		"LDAP_SCOPE":               "sub",
 		"LDAP_LOGIN_ATTRIBUTE":     "cn",
@@ -136,16 +136,16 @@ func initKonnectInternalEnvVars() error {
 	return nil
 }
 
-// Konnectd defines implements the business logic for Service.
-type Konnectd struct {
+// IDP defines implements the business logic for Service.
+type IDP struct {
 	logger log.Logger
 	config *config.Config
 	mux    *chi.Mux
 	assets http.FileSystem
 }
 
-// initMux initializes the internal konnectd gorilla mux and mounts it in to a ocis chi-router
-func (k *Konnectd) initMux(ctx context.Context, r []server.WithRoutes, h http.Handler, options Options) {
+// initMux initializes the internal idp gorilla mux and mounts it in to a ocis chi-router
+func (k *IDP) initMux(ctx context.Context, r []server.WithRoutes, h http.Handler, options Options) {
 	gm := mux.NewRouter()
 	for _, route := range r {
 		route.AddRoutes(ctx, gm)
@@ -176,12 +176,12 @@ func (k *Konnectd) initMux(ctx context.Context, r []server.WithRoutes, h http.Ha
 }
 
 // ServeHTTP implements the Service interface.
-func (k Konnectd) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+func (k IDP) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	k.mux.ServeHTTP(w, r)
 }
 
 // Dummy implements the Service interface.
-func (k Konnectd) Dummy(w http.ResponseWriter, r *http.Request) {
+func (k IDP) Dummy(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "text/plain")
 	w.WriteHeader(http.StatusOK)
 
@@ -189,7 +189,7 @@ func (k Konnectd) Dummy(w http.ResponseWriter, r *http.Request) {
 }
 
 // Index renders the static html with the
-func (k Konnectd) Index() http.HandlerFunc {
+func (k IDP) Index() http.HandlerFunc {
 
 	f, err := k.assets.Open("/identifier/index.html")
 	if err != nil {

idp/reflex.conf

@@ -0,0 +1,2 @@
+# backend
+-r '^(cmd|pkg)/.*\.go$' -R '^node_modules/' -s -- sh -c 'make bin/ocis-idp-debug && bin/ocis-idp-debug --log-level debug server --debug-pprof --debug-zpages'

idp/templates/CONFIGURATION.tmpl

@@ -3,7 +3,7 @@ title: "Configuration"
 date: "{{ date "2006-01-02T15:04:05-0700" now }}"
 weight: 20
 geekdocRepo: https://github.com/owncloud/ocis
-geekdocEditPath: edit/master/konnectd/templates
+geekdocEditPath: edit/master/idp/templates
 geekdocFilePath: CONFIGURATION.tmpl
 ---
 {{- define "options"}}
@@ -33,7 +33,7 @@ $HOME/.ocis
 ./config
 ```
 
-For this configuration to be picked up, have a look at your extension `root` command and look for which default config name it has assigned. *i.e: ocis-konnectd reads `konnectd.json | yaml | toml ...`*.
+For this configuration to be picked up, have a look at your extension `root` command and look for which default config name it has assigned. *i.e: ocis-idp reads `idp.json | yaml | toml ...`*.
 
 So far we support the file formats `JSON` and `YAML`, if you want to get a full example configuration just take a look at [our repository](https://github.com/owncloud/ocis/tree/master/konnectd/config), there you can always see the latest configuration format. These example configurations include all available options and the default values. The configuration file will be automatically loaded if it's placed at `/etc/ocis/ocis.yml`, `${HOME}/.ocis/ocis.yml` or `$(pwd)/config/ocis.yml`.
 
@@ -50,12 +50,12 @@ If you prefer to configure the service with commandline flags you can see the av
 {{ $options := .Options -}}
 {{ range $com := .Commands }}{{ with (list $options $com) -}}
 {{ $c := last . -}}
-{{ if eq $c.Name "konnectd" -}}
+{{ if eq $c.Name "idp" -}}
 ## Root Command
 
 {{ $c.Usage }}
 
-Usage: `konnectd [global options] command [command options] [arguments...]`
+Usage: `idp [global options] command [command options] [arguments...]`
 {{ template "options" . -}}
 ## Sub Commands
 
@@ -64,12 +64,12 @@ Usage: `konnectd [global options] command [command options] [arguments...]`
 {{ end -}}
 {{- range $com := .Commands }}{{ with (list $options $com) -}}
 {{- $c := last . }}
-{{- if ne $c.Name "konnectd" -}}
-### konnectd {{ $c.Name }}
+{{- if ne $c.Name "idp" -}}
+### idp {{ $c.Name }}
 
 {{ $c.Usage }}
 
-Usage: `konnectd {{ $c.Name }} [command options] [arguments...]`
+Usage: `idp {{ $c.Name }} [command options] [arguments...]`
 {{ template "options" . }}
 {{- end -}}
 {{- end -}}