mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-05-07 20:15:31 -05:00
make auth machine config similar to other services
This commit is contained in:
David Christofas
+33
-25
@@ -9,11 +9,12 @@ import (
|
||||
"github.com/cs3org/reva/v2/cmd/revad/runtime"
|
||||
"github.com/gofrs/uuid"
|
||||
"github.com/oklog/run"
|
||||
"github.com/owncloud/ocis/extensions/storage/pkg/config"
|
||||
"github.com/owncloud/ocis/extensions/auth-machine/pkg/config"
|
||||
"github.com/owncloud/ocis/extensions/storage/pkg/server/debug"
|
||||
"github.com/owncloud/ocis/extensions/storage/pkg/tracing"
|
||||
ociscfg "github.com/owncloud/ocis/ocis-pkg/config"
|
||||
"github.com/owncloud/ocis/ocis-pkg/log"
|
||||
"github.com/owncloud/ocis/ocis-pkg/sync"
|
||||
"github.com/owncloud/ocis/ocis-pkg/tracing"
|
||||
"github.com/thejerf/suture/v4"
|
||||
"github.com/urfave/cli/v2"
|
||||
)
|
||||
@@ -23,12 +24,18 @@ func AuthMachine(cfg *config.Config) *cli.Command {
|
||||
return &cli.Command{
|
||||
Name: "auth-machine",
|
||||
Usage: "start authprovider for machine auth",
|
||||
Before: func(c *cli.Context) error {
|
||||
return ParseConfig(c, cfg, "storage-auth-machine")
|
||||
},
|
||||
// Before: func(c *cli.Context) error {
|
||||
// return ParseConfig(c, cfg, "storage-auth-machine")
|
||||
// },
|
||||
Action: func(c *cli.Context) error {
|
||||
logger := NewLogger(cfg)
|
||||
tracing.Configure(cfg, logger)
|
||||
logCfg := cfg.Logging
|
||||
logger := log.NewLogger(
|
||||
log.Level(logCfg.Level),
|
||||
log.File(logCfg.File),
|
||||
log.Pretty(logCfg.Pretty),
|
||||
log.Color(logCfg.Color),
|
||||
)
|
||||
tracing.Configure(cfg.Tracing.Enabled, cfg.Tracing.Type, logger)
|
||||
gr := run.Group{}
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
defer cancel()
|
||||
@@ -54,10 +61,12 @@ func AuthMachine(cfg *config.Config) *cli.Command {
|
||||
|
||||
debugServer, err := debug.Server(
|
||||
debug.Name(c.Command.Name+"-debug"),
|
||||
debug.Addr(cfg.Reva.AuthMachine.DebugAddr),
|
||||
debug.Addr(cfg.Debug.Addr),
|
||||
debug.Logger(logger),
|
||||
debug.Context(ctx),
|
||||
debug.Config(cfg),
|
||||
debug.Pprof(cfg.Debug.Pprof),
|
||||
debug.Zpages(cfg.Debug.Zpages),
|
||||
debug.Token(cfg.Debug.Token),
|
||||
)
|
||||
|
||||
if err != nil {
|
||||
@@ -69,7 +78,7 @@ func AuthMachine(cfg *config.Config) *cli.Command {
|
||||
cancel()
|
||||
})
|
||||
|
||||
if !cfg.Reva.AuthMachine.Supervised {
|
||||
if !cfg.Supervised {
|
||||
sync.Trap(&gr, cancel)
|
||||
}
|
||||
|
||||
@@ -82,28 +91,26 @@ func AuthMachine(cfg *config.Config) *cli.Command {
|
||||
func authMachineConfigFromStruct(c *cli.Context, cfg *config.Config) map[string]interface{} {
|
||||
return map[string]interface{}{
|
||||
"core": map[string]interface{}{
|
||||
"max_cpus": cfg.Reva.AuthMachine.MaxCPUs,
|
||||
"tracing_enabled": cfg.Tracing.Enabled,
|
||||
"tracing_endpoint": cfg.Tracing.Endpoint,
|
||||
"tracing_collector": cfg.Tracing.Collector,
|
||||
"tracing_service_name": c.Command.Name,
|
||||
},
|
||||
"shared": map[string]interface{}{
|
||||
"jwt_secret": cfg.Reva.JWTSecret,
|
||||
"gatewaysvc": cfg.Reva.Gateway.Endpoint,
|
||||
"skip_user_groups_in_token": cfg.Reva.SkipUserGroupsInToken,
|
||||
"jwt_secret": cfg.JWTSecret,
|
||||
"gatewaysvc": cfg.GatewayEndpoint,
|
||||
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
|
||||
},
|
||||
"grpc": map[string]interface{}{
|
||||
"network": cfg.Reva.AuthMachine.GRPCNetwork,
|
||||
"address": cfg.Reva.AuthMachine.GRPCAddr,
|
||||
"network": cfg.GRPC.Protocol,
|
||||
"address": cfg.GRPC.Addr,
|
||||
// TODO build services dynamically
|
||||
"services": map[string]interface{}{
|
||||
"authprovider": map[string]interface{}{
|
||||
"auth_manager": "machine",
|
||||
"auth_managers": map[string]interface{}{
|
||||
"machine": map[string]interface{}{
|
||||
"api_key": cfg.Reva.AuthMachineConfig.MachineAuthAPIKey,
|
||||
"gateway_addr": cfg.Reva.Gateway.Endpoint,
|
||||
"api_key": cfg.AuthProviders.Machine.APIKey,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -119,28 +126,29 @@ type AuthMachineSutureService struct {
|
||||
|
||||
// NewAuthMachineSutureService creates a new gateway.AuthMachineSutureService
|
||||
func NewAuthMachine(cfg *ociscfg.Config) suture.Service {
|
||||
cfg.Storage.Commons = cfg.Commons
|
||||
cfg.AuthMachine.Commons = cfg.Commons
|
||||
return AuthMachineSutureService{
|
||||
cfg: cfg.Storage,
|
||||
cfg: cfg.AuthMachine,
|
||||
}
|
||||
}
|
||||
|
||||
func (s AuthMachineSutureService) Serve(ctx context.Context) error {
|
||||
s.cfg.Reva.AuthMachine.Context = ctx
|
||||
// s.cfg.Reva.AuthMachine.Context = ctx
|
||||
cmd := AuthMachine(s.cfg)
|
||||
f := &flag.FlagSet{}
|
||||
cmdFlags := AuthMachine(s.cfg).Flags
|
||||
cmdFlags := cmd.Flags
|
||||
for k := range cmdFlags {
|
||||
if err := cmdFlags[k].Apply(f); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
cliCtx := cli.NewContext(nil, f, nil)
|
||||
if AuthMachine(s.cfg).Before != nil {
|
||||
if err := AuthMachine(s.cfg).Before(cliCtx); err != nil {
|
||||
if cmd.Before != nil {
|
||||
if err := cmd.Before(cliCtx); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
if err := AuthMachine(s.cfg).Action(cliCtx); err != nil {
|
||||
if err := cmd.Action(cliCtx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -0,0 +1,57 @@
|
||||
package config
|
||||
|
||||
import "github.com/owncloud/ocis/ocis-pkg/shared"
|
||||
|
||||
type Config struct {
|
||||
*shared.Commons `yaml:"-"`
|
||||
Service Service `yaml:"-"`
|
||||
Tracing *Tracing `yaml:"tracing"`
|
||||
Logging *Logging `yaml:"log"`
|
||||
Debug Debug `yaml:"debug"`
|
||||
Supervised bool
|
||||
|
||||
GRPC GRPCConfig `yaml:"grpc"`
|
||||
|
||||
JWTSecret string
|
||||
GatewayEndpoint string
|
||||
SkipUserGroupsInToken bool
|
||||
AuthProvider string `yaml:"auth_provider" env:"AUTH_MACHINE_AUTH_PROVIDER" desc:"The auth provider which should be used by the service"`
|
||||
AuthProviders AuthProviders `yaml:"auth_providers"`
|
||||
}
|
||||
type Tracing struct {
|
||||
Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;AUTH_MACHINE_TRACING_ENABLED" desc:"Activates tracing."`
|
||||
Type string `yaml:"type" env:"OCIS_TRACING_TYPE;AUTH_MACHINE_TRACING_TYPE"`
|
||||
Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;AUTH_MACHINE_TRACING_ENDPOINT" desc:"The endpoint to the tracing collector."`
|
||||
Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;AUTH_MACHINE_TRACING_COLLECTOR"`
|
||||
}
|
||||
|
||||
type Logging struct {
|
||||
Level string `yaml:"level" env:"OCIS_LOG_LEVEL;AUTH_MACHINE_LOG_LEVEL" desc:"The log level."`
|
||||
Pretty bool `yaml:"pretty" env:"OCIS_LOG_PRETTY;AUTH_MACHINE_LOG_PRETTY" desc:"Activates pretty log output."`
|
||||
Color bool `yaml:"color" env:"OCIS_LOG_COLOR;AUTH_MACHINE_LOG_COLOR" desc:"Activates colorized log output."`
|
||||
File string `yaml:"file" env:"OCIS_LOG_FILE;AUTH_MACHINE_LOG_FILE" desc:"The target log file."`
|
||||
}
|
||||
|
||||
type Service struct {
|
||||
Name string `yaml:"-"`
|
||||
}
|
||||
|
||||
type Debug struct {
|
||||
Addr string `yaml:"addr" env:"AUTH_MACHINE_DEBUG_ADDR"`
|
||||
Token string `yaml:"token" env:"AUTH_MACHINE_DEBUG_TOKEN"`
|
||||
Pprof bool `yaml:"pprof" env:"AUTH_MACHINE_DEBUG_PPROF"`
|
||||
Zpages bool `yaml:"zpages" env:"AUTH_MACHINE_DEBUG_ZPAGES"`
|
||||
}
|
||||
|
||||
type GRPCConfig struct {
|
||||
Addr string `yaml:"addr" env:"AUTH_MACHINE_GRPC_ADDR" desc:"The address of the grpc service."`
|
||||
Protocol string `yaml:"protocol" env:"AUTH_MACHINE_GRPC_PROTOCOL" desc:"The transport protocol of the grpc service."`
|
||||
}
|
||||
|
||||
type AuthProviders struct {
|
||||
Machine MachineProvider `yaml:"machine"`
|
||||
}
|
||||
|
||||
type MachineProvider struct {
|
||||
APIKey string `yaml:"api_key" env:"AUTH_MACHINE_PROVIDER_API_KEY" desc:"The api key for the machine auth provider."`
|
||||
}
|
||||
@@ -0,0 +1,64 @@
|
||||
package defaults
|
||||
|
||||
import (
|
||||
"github.com/owncloud/ocis/extensions/auth-machine/pkg/config"
|
||||
)
|
||||
|
||||
func FullDefaultConfig() *config.Config {
|
||||
cfg := DefaultConfig()
|
||||
|
||||
EnsureDefaults(cfg)
|
||||
|
||||
return cfg
|
||||
}
|
||||
|
||||
func DefaultConfig() *config.Config {
|
||||
return &config.Config{
|
||||
Debug: config.Debug{
|
||||
Addr: "127.0.0.1:9167",
|
||||
Token: "",
|
||||
Pprof: false,
|
||||
Zpages: false,
|
||||
},
|
||||
GRPC: config.GRPCConfig{
|
||||
Addr: "127.0.0.1:9166",
|
||||
Protocol: "tcp",
|
||||
},
|
||||
Service: config.Service{
|
||||
Name: "auth-machine",
|
||||
},
|
||||
GatewayEndpoint: "127.0.0.1:9142",
|
||||
JWTSecret: "Pive-Fumkiu4",
|
||||
AuthProvider: "ldap",
|
||||
AuthProviders: config.AuthProviders{
|
||||
Machine: config.MachineProvider{
|
||||
APIKey: "change-me-please",
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func EnsureDefaults(cfg *config.Config) {
|
||||
// provide with defaults for shared logging, since we need a valid destination address for BindEnv.
|
||||
if cfg.Logging == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
|
||||
cfg.Logging = &config.Logging{
|
||||
Level: cfg.Commons.Log.Level,
|
||||
Pretty: cfg.Commons.Log.Pretty,
|
||||
Color: cfg.Commons.Log.Color,
|
||||
File: cfg.Commons.Log.File,
|
||||
}
|
||||
} else if cfg.Logging == nil {
|
||||
cfg.Logging = &config.Logging{}
|
||||
}
|
||||
// provide with defaults for shared tracing, since we need a valid destination address for BindEnv.
|
||||
if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil {
|
||||
cfg.Tracing = &config.Tracing{
|
||||
Enabled: cfg.Commons.Tracing.Enabled,
|
||||
Type: cfg.Commons.Tracing.Type,
|
||||
Endpoint: cfg.Commons.Tracing.Endpoint,
|
||||
Collector: cfg.Commons.Tracing.Collector,
|
||||
}
|
||||
} else if cfg.Tracing == nil {
|
||||
cfg.Tracing = &config.Tracing{}
|
||||
}
|
||||
}
|
||||
@@ -19,7 +19,7 @@ func GetCommands(cfg *config.Config) cli.Commands {
|
||||
// AppProvider(cfg),
|
||||
// AuthBasic(cfg),
|
||||
// AuthBearer(cfg),
|
||||
AuthMachine(cfg),
|
||||
// AuthMachine(cfg),
|
||||
// Sharing(cfg),
|
||||
StoragePublicLink(cfg),
|
||||
StorageShares(cfg),
|
||||
|
||||
Reference in New Issue
Block a user