From 5ba1b8f2c14b17c745d37dd6fb6029c1312e64ab Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Wed, 4 May 2022 12:34:22 +0200 Subject: [PATCH] Remove "glauth" service The "glauth" service is no longer used. After we switched to libregraph/idm. --- .drone.star | 3 +- .vscode/launch.json | 2 +- Makefile | 1 - .../oc10_ocis_parallel/docker-compose.yml | 2 +- .../docker-compose-additions.yml | 8 - docs/extensions/glauth/.gitignore | 1 - docs/extensions/glauth/_index.md | 13 - docs/extensions/glauth/configuration-hints.md | 16 - docs/extensions/glauth/configuration.md | 15 - docs/extensions/port-ranges.md | 4 +- docs/extensions/storage/storagedrivers.md | 1 - docs/ocis/_index.md | 2 +- .../static/architecture-overview.drawio.svg | 3 +- docs/ocis/static/runtime.drawio.svg | 2 +- extensions/glauth/.dockerignore | 2 - extensions/glauth/.gitignore | 1 - extensions/glauth/Makefile | 37 -- extensions/glauth/cmd/glauth/main.go | 14 - .../glauth/docker/Dockerfile.linux.amd64 | 19 - extensions/glauth/docker/Dockerfile.linux.arm | 19 - .../glauth/docker/Dockerfile.linux.arm64 | 19 - extensions/glauth/docker/manifest.tmpl | 22 - extensions/glauth/pkg/command/health.go | 57 -- extensions/glauth/pkg/command/root.go | 64 -- extensions/glauth/pkg/command/server.go | 192 ------ extensions/glauth/pkg/command/version.go | 50 -- extensions/glauth/pkg/config/config.go | 52 -- extensions/glauth/pkg/config/debug.go | 9 - .../pkg/config/defaults/defaultconfig.go | 88 --- extensions/glauth/pkg/config/ldap.go | 8 - extensions/glauth/pkg/config/ldaps.go | 10 - extensions/glauth/pkg/config/log.go | 9 - extensions/glauth/pkg/config/parser/parse.go | 37 -- extensions/glauth/pkg/config/service.go | 6 - extensions/glauth/pkg/config/tracing.go | 9 - extensions/glauth/pkg/logging/logging.go | 17 - extensions/glauth/pkg/metrics/metrics.go | 41 -- extensions/glauth/pkg/mlogr/mlogr.go | 130 ---- extensions/glauth/pkg/server/debug/option.go | 50 -- extensions/glauth/pkg/server/debug/server.go | 59 -- extensions/glauth/pkg/server/glauth/chain.go | 121 ---- extensions/glauth/pkg/server/glauth/ocis.go | 555 ------------------ extensions/glauth/pkg/server/glauth/option.go | 124 ---- extensions/glauth/pkg/server/glauth/server.go | 155 ----- extensions/glauth/pkg/tracing/tracing.go | 23 - extensions/glauth/reflex.conf | 2 - go.mod | 11 +- go.sum | 34 -- ocis-pkg/config/config.go | 2 - ocis-pkg/config/defaultconfig.go | 2 - ocis/pkg/command/glauth.go | 33 -- ocis/pkg/runtime/service/service.go | 6 - 52 files changed, 10 insertions(+), 2152 deletions(-) delete mode 100644 docs/extensions/glauth/.gitignore delete mode 100644 docs/extensions/glauth/_index.md delete mode 100644 docs/extensions/glauth/configuration-hints.md delete mode 100644 docs/extensions/glauth/configuration.md delete mode 100644 extensions/glauth/.dockerignore delete mode 100644 extensions/glauth/.gitignore delete mode 100644 extensions/glauth/Makefile delete mode 100644 extensions/glauth/cmd/glauth/main.go delete mode 100644 extensions/glauth/docker/Dockerfile.linux.amd64 delete mode 100644 extensions/glauth/docker/Dockerfile.linux.arm delete mode 100644 extensions/glauth/docker/Dockerfile.linux.arm64 delete mode 100644 extensions/glauth/docker/manifest.tmpl delete mode 100644 extensions/glauth/pkg/command/health.go delete mode 100644 extensions/glauth/pkg/command/root.go delete mode 100644 extensions/glauth/pkg/command/server.go delete mode 100644 extensions/glauth/pkg/command/version.go delete mode 100644 extensions/glauth/pkg/config/config.go delete mode 100644 extensions/glauth/pkg/config/debug.go delete mode 100644 extensions/glauth/pkg/config/defaults/defaultconfig.go delete mode 100644 extensions/glauth/pkg/config/ldap.go delete mode 100644 extensions/glauth/pkg/config/ldaps.go delete mode 100644 extensions/glauth/pkg/config/log.go delete mode 100644 extensions/glauth/pkg/config/parser/parse.go delete mode 100644 extensions/glauth/pkg/config/service.go delete mode 100644 extensions/glauth/pkg/config/tracing.go delete mode 100644 extensions/glauth/pkg/logging/logging.go delete mode 100644 extensions/glauth/pkg/metrics/metrics.go delete mode 100644 extensions/glauth/pkg/mlogr/mlogr.go delete mode 100644 extensions/glauth/pkg/server/debug/option.go delete mode 100644 extensions/glauth/pkg/server/debug/server.go delete mode 100644 extensions/glauth/pkg/server/glauth/chain.go delete mode 100644 extensions/glauth/pkg/server/glauth/ocis.go delete mode 100644 extensions/glauth/pkg/server/glauth/option.go delete mode 100644 extensions/glauth/pkg/server/glauth/server.go delete mode 100644 extensions/glauth/pkg/tracing/tracing.go delete mode 100644 extensions/glauth/reflex.conf delete mode 100644 ocis/pkg/command/glauth.go diff --git a/.drone.star b/.drone.star index 38c11db87d..86dc453ace 100644 --- a/.drone.star +++ b/.drone.star @@ -52,7 +52,6 @@ config = { "extensions/auth-machine", "extensions/frontend", "extensions/gateway", - "extensions/glauth", "extensions/graph-explorer", "extensions/graph", "extensions/groups", @@ -1717,7 +1716,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "SHARING_USER_OWNCLOUDSQL_DB_PORT": 3306, "SHARING_USER_OWNCLOUDSQL_DB_NAME": "owncloud", # General oCIS config - # OCIS_RUN_EXTENSIONS specifies to start all extensions except glauth, idp and accounts. These are replaced by external services + # OCIS_RUN_EXTENSIONS specifies to start all extensions except idm, idp and accounts. These are replaced by external services "OCIS_RUN_EXTENSIONS": "app-registry,app-provider,audit,auth-basic,auth-bearer,auth-machine,frontend,gateway,graph,graph-explorer,groups,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav", "OCIS_LOG_LEVEL": "info", "OCIS_URL": OCIS_URL, diff --git a/.vscode/launch.json b/.vscode/launch.json index 602fcae57f..3acb2b2c94 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -22,7 +22,7 @@ // demo users "IDM_CREATE_DEMO_USERS": "true", // OCIS_RUN_EXTENSIONS allows to start a subset of extensions even in the supervised mode - //"OCIS_RUN_EXTENSIONS": "settings,storage-system,glauth,graph,graph-explorer,idp,ocs,store,thumbnails,web,webdav,frontend,gateway,users,groups,auth-basic,auth-bearer,storage-authmachine,storage-users,storage-shares,storage-publiclink,app-provider,sharing,accounts,proxy,ocdav", + //"OCIS_RUN_EXTENSIONS": "settings,storage-system,graph,graph-explorer,idp,idm,ocs,store,thumbnails,web,webdav,frontend,gateway,users,groups,auth-basic,auth-bearer,storage-authmachine,storage-users,storage-shares,storage-publiclink,app-provider,sharing,accounts,proxy,ocdav", /* * Keep secrets and passwords in one block to allow easy uncommenting diff --git a/Makefile b/Makefile index 545323156b..04635c9126 100644 --- a/Makefile +++ b/Makefile @@ -25,7 +25,6 @@ OCIS_MODULES = \ extensions/auth-machine \ extensions/frontend \ extensions/gateway \ - extensions/glauth \ extensions/graph \ extensions/graph-explorer \ extensions/groups \ diff --git a/deployments/examples/oc10_ocis_parallel/docker-compose.yml b/deployments/examples/oc10_ocis_parallel/docker-compose.yml index 7a74976a49..b3a368a496 100644 --- a/deployments/examples/oc10_ocis_parallel/docker-compose.yml +++ b/deployments/examples/oc10_ocis_parallel/docker-compose.yml @@ -119,7 +119,7 @@ services: # ownCloud storage readonly OCIS_STORAGE_READ_ONLY: "false" # TODO: conflict with OWNCLOUDSQL -> https://github.com/owncloud/ocis/issues/2303 # General oCIS config - # OCIS_RUN_EXTENSIONS specifies to start all extensions except glauth, idp and accounts. These are replaced by external services + # OCIS_RUN_EXTENSIONS specifies to start all extensions except idm, idp and accounts. These are replaced by external services OCIS_RUN_EXTENSIONS: app-registry,app-provider,audit,auth-basic,auth-bearer,auth-machine,frontend,gateway,graph,graph-explorer,groups,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-error} # make oCIS less verbose OCIS_URL: https://${CLOUD_DOMAIN:-cloud.owncloud.test} diff --git a/deployments/examples/ocis_individual_services/monitoring_tracing/docker-compose-additions.yml b/deployments/examples/ocis_individual_services/monitoring_tracing/docker-compose-additions.yml index 915d7e0483..f71de80a20 100644 --- a/deployments/examples/ocis_individual_services/monitoring_tracing/docker-compose-additions.yml +++ b/deployments/examples/ocis_individual_services/monitoring_tracing/docker-compose-additions.yml @@ -19,14 +19,6 @@ services: OCIS_TRACING_ENDPOINT: jaeger-agent:6831 # metrics - glauth: - environment: - # tracing - OCIS_TRACING_ENABLED: "true" - OCIS_TRACING_TYPE: jaeger - OCIS_TRACING_ENDPOINT: jaeger-agent:6831 - # metrics - GLAUTH_DEBUG_ADDR: 0.0.0.0:9129 idp: environment: # tracing diff --git a/docs/extensions/glauth/.gitignore b/docs/extensions/glauth/.gitignore deleted file mode 100644 index 63536ebfa2..0000000000 --- a/docs/extensions/glauth/.gitignore +++ /dev/null @@ -1 +0,0 @@ -grpc.md diff --git a/docs/extensions/glauth/_index.md b/docs/extensions/glauth/_index.md deleted file mode 100644 index 2359429dc0..0000000000 --- a/docs/extensions/glauth/_index.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -title: "GLAuth" -date: 2018-05-02T00:00:00+00:00 -weight: 20 -geekdocRepo: https://github.com/owncloud/ocis -geekdocEditPath: edit/master/docs/extensions/glauth -geekdocFilePath: _index.md -geekdocCollapseSection: true ---- - -This service provides a [glauth](https://github.com/glauth/glauth) based LDAP proxy for oCIS which can be used by clients or other extensions. It allows applications relying on LDAP to access the accounts stored in the oCIS accounts service. It can be used to make firewalls or identity providers aware of all users, including guest accounts. - -We are using it to make eos aware of all accounts so the native ACLs can be used to persist share information in the storage. diff --git a/docs/extensions/glauth/configuration-hints.md b/docs/extensions/glauth/configuration-hints.md deleted file mode 100644 index 8f03b72153..0000000000 --- a/docs/extensions/glauth/configuration-hints.md +++ /dev/null @@ -1,16 +0,0 @@ ---- -title: "Configuration Hints" -date: 2018-05-02T00:00:00+00:00 -weight: 20 -geekdocRepo: https://github.com/owncloud/ocis -geekdocEditPath: edit/master/docs/extensions/glauth -geekdocFilePath: configuration-hints.md ---- - -{{< toc >}} - -## Configuration hints - -The default setup does not use a fallback backend. It can be enabled by setting the `GLAUTH_FALLBACK_DATASTORE` environment variable. - -When using `owncloud` make sure to use the full URL to the [ownCloud 10 graph api app](https://github.com/owncloud/graphapi) endpoint, e.g.: `GLAUTH_FALLBACK_SERVERS="https://demo.owncloud.com/apps/graphapi/v1.0"` diff --git a/docs/extensions/glauth/configuration.md b/docs/extensions/glauth/configuration.md deleted file mode 100644 index e45a0c0aa9..0000000000 --- a/docs/extensions/glauth/configuration.md +++ /dev/null @@ -1,15 +0,0 @@ ---- -title: Service Configuration -date: 2018-05-02T00:00:00+00:00 -weight: 20 -geekdocRepo: https://github.com/owncloud/ocis -geekdocEditPath: edit/master/docs/extensions/glauth -geekdocFilePath: configuration.md -geekdocCollapseSection: true ---- - -## Example YAML Config - -{{< include file="extensions/_includes/glauth-config-example.yaml" language="yaml" >}} - -{{< include file="extensions/_includes/glauth_configvars.md" >}} \ No newline at end of file diff --git a/docs/extensions/port-ranges.md b/docs/extensions/port-ranges.md index 7aa428f9cd..f1ea28025d 100644 --- a/docs/extensions/port-ranges.md +++ b/docs/extensions/port-ranges.md @@ -30,7 +30,7 @@ We also suggest to use the last port in your extensions' range as a debug/metric | 9110-9114 | [ocs](https://github.com/owncloud/ocis/tree/master/ocs) | | 9115-9119 | [webdav](https://github.com/owncloud/ocis/tree/master/webdav) | | 9120-9124 | [graph](https://github.com/owncloud/ocis/tree/master/graph) | -| 9125-9129 | [glauth](https://github.com/owncloud/ocis/tree/master/devldap) | +| 9125-9129 | FREE (formerly used by glauth) | | 9130-9134 | [konnectd](https://github.com/owncloud/ocis/tree/master/konnectd) | | 9135-9139 | [graph-explorer](https://github.com/owncloud/ocis/tree/master/graph-explorer) | | 9140-9179 | [reva/storage](https://github.com/owncloud/ocis/tree/master/storage) | @@ -45,7 +45,7 @@ We also suggest to use the last port in your extensions' range as a debug/metric | 9220-9224 | search | | 9225-9229 | photoprism (state: PoC) | | 9230-9234 | [nats](https://github.com/owncloud/ocis/tree/master/nats) | -| 9235-9239 | idm TBD | +| 9235-9239 | [idm](https://github.com/owncloud/ocis/tree/master/proxy) | | 9240-9244 | [app-registry](https://github.com/owncloud/ocis/tree/master/extensions/app-registry) | | 9245-9249 | FREE | | 9250-9254 | oCIS Runtime | diff --git a/docs/extensions/storage/storagedrivers.md b/docs/extensions/storage/storagedrivers.md index b879a4e8ea..40d664db6f 100644 --- a/docs/extensions/storage/storagedrivers.md +++ b/docs/extensions/storage/storagedrivers.md @@ -118,7 +118,6 @@ The *minimal* storage driver for a POSIX based filesystem. It literally supports - grant persistence - using POSIX ACLs - requires an LDAP server to make guest accounts available in the OS - - oCIS has glauth which contains all users - an existing LDAP could be used if guests ar provisioned in another way - using extended attributes to implement expiry or sharing that does not require OS level integration - fuse filesystem overlay diff --git a/docs/ocis/_index.md b/docs/ocis/_index.md index 87d7407d46..f9d15ba815 100644 --- a/docs/ocis/_index.md +++ b/docs/ocis/_index.md @@ -54,7 +54,7 @@ We use [ocis-pkg](https://github.com/owncloud/ocis/tree/master/ocis-pkg) to conf A lot of embedded services in oCIS are built upon the [REVA](https://reva.link/) runtime. We decided to bundle some of the [CS3 services](https://github.com/cs3org/cs3apis) to logically group them. A [home storage provider](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/storagehome.go#L93-L108), which is dealing with [metadata](https://cs3org.github.io/cs3apis/#cs3.storage.provider.v1beta1.ProviderAPI), and the corresponding [data provider](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/storagehome.go#L109-L123), which is dealing with [up and download](https://cs3org.github.io/cs3apis/#cs3.gateway.v1beta1.FileUploadProtocol), are one example. The [frontend](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go) with the [oc flavoured webdav](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go#L132-L138), [ocs handlers](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go#L139-L148) and a [data-gateway](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go#L126-L131) are another. ### Protocol driven development -Interacting with oCIS involves a multitude af APIs. The server and all clients rely on [OpenID Connect](https://openid.net/connect/) for authentication. The [embedded LibreGraph Connect](https://github.com/owncloud/ocis/tree/master/idp) can be replaced with any other OpenID Connect Identity Provider. Clients use the [WebDAV](http://webdav.org/) based [oc sync protocol](https://github.com/cernbox/smashbox/blob/master/protocol/protocol.md) to manage files and folders, [ocs to manage shares](https://doc.owncloud.com/server/developer_manual/core/apis/ocs-share-api.html) and [TUS](https://tus.io/protocols/resumable-upload.html) to upload files in a resumable way. On the server side [REVA](https://reva.link/) is the reference implementation of the [CS3 apis](https://github.com/cs3org/cs3apis) which is defined using [protobuf](https://developers.google.com/protocol-buffers/). By embedding [glauth](https://github.com/glauth/glauth/), oCIS provides a read-only [LDAP](https://tools.ietf.org/html/rfc2849) interface to make accounts, including guests available to firewalls and other systems. In the future, we are looking into [the Microsoft Graph API](https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-1.0), which is based on [odata](http://docs.oasis-open.org/odata/odata/v4.0/odata-v4.0-part1-protocol.html), as a well-defined REST/JSON dialect for the existing endpoints. +Interacting with oCIS involves a multitude af APIs. The server and all clients rely on [OpenID Connect](https://openid.net/connect/) for authentication. The [embedded LibreGraph Connect](https://github.com/owncloud/ocis/tree/master/idp) can be replaced with any other OpenID Connect Identity Provider. Clients use the [WebDAV](http://webdav.org/) based [oc sync protocol](https://github.com/cernbox/smashbox/blob/master/protocol/protocol.md) to manage files and folders, [ocs to manage shares](https://doc.owncloud.com/server/developer_manual/core/apis/ocs-share-api.html) and [TUS](https://tus.io/protocols/resumable-upload.html) to upload files in a resumable way. On the server side [REVA](https://reva.link/) is the reference implementation of the [CS3 apis](https://github.com/cs3org/cs3apis) which is defined using [protobuf](https://developers.google.com/protocol-buffers/). By embedding [libregraph/idm](https://github.com/libregraph/idm), oCIS provides a [LDAP](https://tools.ietf.org/html/rfc2849) interface to make accounts, including guests available to firewalls and other systems. In the future, we are looking into [the Microsoft Graph API](https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-1.0), which is based on [odata](http://docs.oasis-open.org/odata/odata/v4.0/odata-v4.0-part1-protocol.html), as a well-defined REST/JSON dialect for the existing endpoints. ### Acceptance test suite We run a huge [test suite](https://github.com/owncloud/core/tree/master/tests), which originated in ownCloud 10 and continues to grow. A detailed description can be found in the developer docs for [testing]({{< ref "development/testing" >}}). diff --git a/docs/ocis/static/architecture-overview.drawio.svg b/docs/ocis/static/architecture-overview.drawio.svg index cb0b5f1be0..19102f8110 100644 --- a/docs/ocis/static/architecture-overview.drawio.svg +++ b/docs/ocis/static/architecture-overview.drawio.svg @@ -1,3 +1,4 @@ + -
Storage
Storage
ocis
ocis
example extension
example extension
hello
hello
backend
backend
staticweb ui
staticweb ui
identity management
identity management
accounts
accounts
glauth (ldap)
glauth (ldap)
proxy

part
reverse proxy
 
part
api gateway
proxy...
Persistency Layer
Persistency Layer
Stateless
Stateless
API Gateway / BFF
API Gateway / BFF
Edge / Static
Edge / St...
storage-users
storage-users
userprovider
(ldap)
userprovider...
storage-users
storage-users
storageprovider
storageprovider
dataprovider
dataprovider
storage-authbearer
storage-authbearer
authprovider
(oidc)
authprovider...
storage-gateway
storage-gateway
gateway
gateway
authregistry
authregistry
storageregistry
storageregistry
web
(aka phoenix)
web...
storage-authbasic
storage-authbasic
authprovider
(basic)
authprovider...
settings
settings
store
store
Consumers
Consumers
load balancer
load balancer
CDN
CDN
storage-frontend
storage-frontend
ocs
ocs
ocdav
ocdav
ocm
ocm
datagateway
datagateway
graph
graph
graph-explorer
graph-explorer
ocs
ocs
webdav
webdav
onlyoffice
onlyoffice
registry
mdns / etcd
registry...
Stateful
Stateful
JSON
files
JSON...
bleve
index
bleve...
ocis
driver
ocis...
ocis
driver
ocis...
single
JSON
file
single...
single
JSON
file
single...
DNS
DNS
thumbnails
thumbnails
storage-publiclink
storage-publiclink
publicstorageprovider
publicstorageprovider
authprovider
(publicshares)
authprovider...
idp
idp
konnectd
konnectd
login ui
login ui
storage-meta
storage-meta
storageprovider
storageprovider
dataprovider
dataprovider
storage-home
storage-home
storageprovider
storageprovider
dataprovider
dataprovider
storage-sharing
storage-sharing
usershareprovider
usershareprovider
publicshareprovider
publicshareprovider
ocis
ocis
reva
reva
konnectd
konnectd
storage
storage
glauth
glauth
glauth
glauth
provided by
provided byViewer does not support full SVG 1.1 \ No newline at end of file +
Storage
Storage
identity management
identity management
reva
reva
proxy
reverse proxy
+ api gateway
proxy...
users
users
idp
konnectd / keycloak
idp...
ldap
AD, openldap, idm
ldap...
web
(aka phoenix)
web...
graph
graph
graph-explorer
graph-explorer
hello
hello
onlyoffice
onlyoffice
settings
settings
store
store
idm
idm
OCIS
OCIS
ocs
ocs
webdav
webdav
registry
registry
authbasic
authbasic
authbearer
authbearer
authprovider
(basic)
authprovider...
authprovider
(oidc)
authprovider...
userprovider
userprovider
gateway
gateway
gateway
gateway
authregistry
authregistry
storageregistry
storageregistry
frontend
frontend
ocs
ocs
ocdav
ocdav
ocm
ocm
datagateway
datagateway
storagehome
storagehome
storageprovider
storageprovider
dataprovider
dataprovider
storageusers
storageusers
storageprovider
storageprovider
dataprovider
dataprovider
storagemeta
storagemeta
storageprovider
storageprovider
dataprovider
dataprovider
storagepubliclink
storagepubliclink
publicstorageprovider
publicstorageprovider
authprovider
(publicshares)
authprovider...
sharing
sharing
usershareprovider
usershareprovider
publicshareprovider
publicshareprovider

single host

- all services run on a single host
- no redundancy
- minimize resource usage
- home setup
single host...Text is not SVG - cannot display \ No newline at end of file diff --git a/docs/ocis/static/runtime.drawio.svg b/docs/ocis/static/runtime.drawio.svg index bbaa9ba620..754593d792 100644 --- a/docs/ocis/static/runtime.drawio.svg +++ b/docs/ocis/static/runtime.drawio.svg @@ -1,4 +1,4 @@ -
Runtime
Runtime
ocs
ocs
graph
graph
glauth
glauth
accounts
accounts
storage
storage
proxy
proxy
idp
idp
thumbnails
thumbnails
webdav
webdav
suture
suture
$ ocis server
$ ocis kill proxy
$ ocis start proxy
$ ocis list
$ ocis server...
the runtime component starts services
and suture then takes over, keeping
track of every started service, restarting
it when needed if an error occurred.
the runtime component starts services...
each service is implemented as a sub-command. The binary essentially calls itself with the right arguments and the side effect is that a
service is started. The service will then be monitored by Suture.
each service is implemented as a sub-command. The binary essentially calls itself with the right arguments and the side e...
the runtime is a service in itself. Starting an
oCIS instance will start a runtime service.
the runtime is a service in itself. Star...Text is not SVG - cannot display \ No newline at end of file +
Runtime
Runtime
ocs
ocs
graph
graph
idm
idm
storage
storage
proxy
proxy
idp
idp
thumbnails
thumbnails
webdav
webdav
suture
suture
$ ocis server
$ ocis kill proxy
$ ocis start proxy
$ ocis list
$ ocis server...
the runtime component starts services
and suture then takes over, keeping
track of every started service, restarting
it when needed if an error occurred.
the runtime component starts services...
each service is implemented as a sub-command. The binary essentially calls itself with the right arguments and the side effect is that a
service is started. The service will then be monitored by Suture.
each service is implemented as a sub-command. The binary essentially calls itself with the right arguments and the side e...
the runtime is a service in itself. Starting an
oCIS instance will start a runtime service.
the runtime is a service in itself. Star...Text is not SVG - cannot display \ No newline at end of file diff --git a/extensions/glauth/.dockerignore b/extensions/glauth/.dockerignore deleted file mode 100644 index 4ec85b5e4f..0000000000 --- a/extensions/glauth/.dockerignore +++ /dev/null @@ -1,2 +0,0 @@ -* -!bin/ diff --git a/extensions/glauth/.gitignore b/extensions/glauth/.gitignore deleted file mode 100644 index adbb97d2d3..0000000000 --- a/extensions/glauth/.gitignore +++ /dev/null @@ -1 +0,0 @@ -data/ \ No newline at end of file diff --git a/extensions/glauth/Makefile b/extensions/glauth/Makefile deleted file mode 100644 index d950964251..0000000000 --- a/extensions/glauth/Makefile +++ /dev/null @@ -1,37 +0,0 @@ -SHELL := bash -NAME := glauth - -include ../../.make/recursion.mk - -############ tooling ############ -ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI -include ../../.bingo/Variables.mk -endif - -############ go tooling ############ -include ../../.make/go.mk - -############ release ############ -include ../../.make/release.mk - -############ docs generate ############ -include ../../.make/docs.mk - -.PHONY: docs-generate -docs-generate: config-docs-generate - -############ generate ############ -include ../../.make/generate.mk - -.PHONY: ci-go-generate -ci-go-generate: # CI runs ci-node-generate automatically before this target - -.PHONY: ci-node-generate -ci-node-generate: - -############ licenses ############ -.PHONY: ci-node-check-licenses -ci-node-check-licenses: - -.PHONY: ci-node-save-licenses -ci-node-save-licenses: diff --git a/extensions/glauth/cmd/glauth/main.go b/extensions/glauth/cmd/glauth/main.go deleted file mode 100644 index 8ea187a7f0..0000000000 --- a/extensions/glauth/cmd/glauth/main.go +++ /dev/null @@ -1,14 +0,0 @@ -package main - -import ( - "os" - - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/command" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config/defaults" -) - -func main() { - if err := command.Execute(defaults.DefaultConfig()); err != nil { - os.Exit(1) - } -} diff --git a/extensions/glauth/docker/Dockerfile.linux.amd64 b/extensions/glauth/docker/Dockerfile.linux.amd64 deleted file mode 100644 index b2f44521c5..0000000000 --- a/extensions/glauth/docker/Dockerfile.linux.amd64 +++ /dev/null @@ -1,19 +0,0 @@ -FROM amd64/alpine:latest - -RUN apk update && \ - apk upgrade && \ - apk add ca-certificates mailcap && \ - rm -rf /var/cache/apk/* && \ - echo 'hosts: files dns' >| /etc/nsswitch.conf - -LABEL maintainer="ownCloud GmbH " \ - org.label-schema.name="oCIS GLAuth" \ - org.label-schema.vendor="ownCloud GmbH" \ - org.label-schema.schema-version="1.0" - -EXPOSE 9120 9124 - -ENTRYPOINT ["/usr/bin/ocis-glauth"] -CMD ["server"] - -COPY bin/ocis-glauth /usr/bin/ocis-glauth diff --git a/extensions/glauth/docker/Dockerfile.linux.arm b/extensions/glauth/docker/Dockerfile.linux.arm deleted file mode 100644 index da4532a125..0000000000 --- a/extensions/glauth/docker/Dockerfile.linux.arm +++ /dev/null @@ -1,19 +0,0 @@ -FROM arm32v6/alpine:latest - -RUN apk update && \ - apk upgrade && \ - apk add ca-certificates mailcap && \ - rm -rf /var/cache/apk/* && \ - echo 'hosts: files dns' >| /etc/nsswitch.conf - -LABEL maintainer="ownCloud GmbH " \ - org.label-schema.name="oCIS GLAuth" \ - org.label-schema.vendor="ownCloud GmbH" \ - org.label-schema.schema-version="1.0" - -EXPOSE 9120 9124 - -ENTRYPOINT ["/usr/bin/ocis-glauth"] -CMD ["server"] - -COPY bin/ocis-glauth /usr/bin/ocis-glauth diff --git a/extensions/glauth/docker/Dockerfile.linux.arm64 b/extensions/glauth/docker/Dockerfile.linux.arm64 deleted file mode 100644 index 4a46f8af9c..0000000000 --- a/extensions/glauth/docker/Dockerfile.linux.arm64 +++ /dev/null @@ -1,19 +0,0 @@ -FROM arm64v8/alpine:latest - -RUN apk update && \ - apk upgrade && \ - apk add ca-certificates mailcap && \ - rm -rf /var/cache/apk/* && \ - echo 'hosts: files dns' >| /etc/nsswitch.conf - -LABEL maintainer="ownCloud GmbH " \ - org.label-schema.name="oCIS GLAuth" \ - org.label-schema.vendor="ownCloud GmbH" \ - org.label-schema.schema-version="1.0" - -EXPOSE 9120 9124 - -ENTRYPOINT ["/usr/bin/ocis-glauth"] -CMD ["server"] - -COPY bin/ocis-glauth /usr/bin/ocis-glauth diff --git a/extensions/glauth/docker/manifest.tmpl b/extensions/glauth/docker/manifest.tmpl deleted file mode 100644 index 2925b250ca..0000000000 --- a/extensions/glauth/docker/manifest.tmpl +++ /dev/null @@ -1,22 +0,0 @@ -image: owncloud/ocis-glauth:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} -{{#if build.tags}} -tags: -{{#each build.tags}} - - {{this}} -{{/each}} -{{/if}} -manifests: - - image: owncloud/ocis-glauth:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64 - platform: - architecture: amd64 - os: linux - - image: owncloud/ocis-glauth:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64 - platform: - architecture: arm64 - variant: v8 - os: linux - - image: owncloud/ocis-glauth:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm - platform: - architecture: arm - variant: v6 - os: linux diff --git a/extensions/glauth/pkg/command/health.go b/extensions/glauth/pkg/command/health.go deleted file mode 100644 index dc60208916..0000000000 --- a/extensions/glauth/pkg/command/health.go +++ /dev/null @@ -1,57 +0,0 @@ -package command - -import ( - "fmt" - "net/http" - - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config/parser" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/logging" - "github.com/urfave/cli/v2" -) - -// Health is the entrypoint for the health command. -func Health(cfg *config.Config) *cli.Command { - return &cli.Command{ - Name: "health", - Usage: "check health status", - Category: "info", - Before: func(c *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { - fmt.Printf("%v", err) - } - return err - }, - Action: func(c *cli.Context) error { - logger := logging.Configure(cfg.Service.Name, cfg.Log) - - resp, err := http.Get( - fmt.Sprintf( - "http://%s/healthz", - cfg.Debug.Addr, - ), - ) - - if err != nil { - logger.Fatal(). - Err(err). - Msg("Failed to request health check") - } - - defer resp.Body.Close() - - if resp.StatusCode != http.StatusOK { - logger.Fatal(). - Int("code", resp.StatusCode). - Msg("Health seems to be in bad state") - } - - logger.Debug(). - Int("code", resp.StatusCode). - Msg("Health got a good state") - - return nil - }, - } -} diff --git a/extensions/glauth/pkg/command/root.go b/extensions/glauth/pkg/command/root.go deleted file mode 100644 index e358307215..0000000000 --- a/extensions/glauth/pkg/command/root.go +++ /dev/null @@ -1,64 +0,0 @@ -package command - -import ( - "context" - "os" - - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" - "github.com/owncloud/ocis/v2/ocis-pkg/clihelper" - ociscfg "github.com/owncloud/ocis/v2/ocis-pkg/config" - "github.com/thejerf/suture/v4" - "github.com/urfave/cli/v2" -) - -// GetCommands provides all commands for this service -func GetCommands(cfg *config.Config) cli.Commands { - return []*cli.Command{ - // start this service - Server(cfg), - - // interaction with this service - - // infos about this service - Health(cfg), - Version(cfg), - } -} - -// Execute is the entry point for the ocis-glauth command. -func Execute(cfg *config.Config) error { - app := clihelper.DefaultApp(&cli.App{ - Name: "glauth", - Usage: "Serve GLAuth API for oCIS", - Commands: GetCommands(cfg), - }) - - cli.HelpFlag = &cli.BoolFlag{ - Name: "help,h", - Usage: "Show the help", - } - - return app.Run(os.Args) -} - -// SutureService allows for the glauth command to be embedded and supervised by a suture supervisor tree. -type SutureService struct { - cfg *config.Config -} - -// NewSutureService creates a new glauth.SutureService -func NewSutureService(cfg *ociscfg.Config) suture.Service { - cfg.GLAuth.Commons = cfg.Commons - return SutureService{ - cfg: cfg.GLAuth, - } -} - -func (s SutureService) Serve(ctx context.Context) error { - s.cfg.Context = ctx - if err := Execute(s.cfg); err != nil { - return err - } - - return nil -} diff --git a/extensions/glauth/pkg/command/server.go b/extensions/glauth/pkg/command/server.go deleted file mode 100644 index 7aab9e7b5b..0000000000 --- a/extensions/glauth/pkg/command/server.go +++ /dev/null @@ -1,192 +0,0 @@ -package command - -import ( - "context" - "fmt" - "os" - - accountssvc "github.com/owncloud/ocis/v2/protogen/gen/ocis/services/accounts/v0" - - glauthcfg "github.com/glauth/glauth/v2/pkg/config" - "github.com/oklog/run" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config/parser" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/logging" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/metrics" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/server/debug" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/server/glauth" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/tracing" - pkgcrypto "github.com/owncloud/ocis/v2/ocis-pkg/crypto" - "github.com/owncloud/ocis/v2/ocis-pkg/service/grpc" - "github.com/owncloud/ocis/v2/ocis-pkg/version" - "github.com/urfave/cli/v2" -) - -// Server is the entrypoint for the server command. -func Server(cfg *config.Config) *cli.Command { - return &cli.Command{ - Name: "server", - Usage: fmt.Sprintf("start %s extension without runtime (unsupervised mode)", cfg.Service.Name), - Category: "server", - Before: func(c *cli.Context) error { - err := parser.ParseConfig(cfg) - if err != nil { - fmt.Printf("%v", err) - os.Exit(1) - } - return err - }, - Action: func(c *cli.Context) error { - logger := logging.Configure(cfg.Service.Name, cfg.Log) - err := tracing.Configure(cfg) - if err != nil { - return err - } - - gr := run.Group{} - ctx, cancel := func() (context.Context, context.CancelFunc) { - if cfg.Context == nil { - return context.WithCancel(context.Background()) - } - return context.WithCancel(cfg.Context) - }() - metrics := metrics.New() - - defer cancel() - - metrics.BuildInfo.WithLabelValues(version.String).Set(1) - - { - - lcfg := glauthcfg.LDAP{ - Enabled: cfg.Ldap.Enabled, - Listen: cfg.Ldap.Addr, - } - lscfg := glauthcfg.LDAPS{ - Enabled: cfg.Ldaps.Enabled, - Listen: cfg.Ldaps.Addr, - Cert: cfg.Ldaps.Cert, - Key: cfg.Ldaps.Key, - } - bcfg := glauthcfg.Config{ - LDAP: lcfg, // TODO remove LDAP from the backend config upstream - LDAPS: lscfg, // TODO remove LDAP from the backend config upstream - Backend: glauthcfg.Backend{ - Datastore: cfg.Backend.Datastore, - BaseDN: cfg.Backend.BaseDN, - Insecure: cfg.Backend.Insecure, - NameFormat: cfg.Backend.NameFormat, - GroupFormat: cfg.Backend.GroupFormat, - Servers: cfg.Backend.Servers, - SSHKeyAttr: cfg.Backend.SSHKeyAttr, - UseGraphAPI: cfg.Backend.UseGraphAPI, - }, - } - fcfg := glauthcfg.Config{ - LDAP: lcfg, // TODO remove LDAP from the backend config upstream - LDAPS: lscfg, // TODO remove LDAP from the backend config upstream - Backend: glauthcfg.Backend{ - Datastore: cfg.Fallback.Datastore, - BaseDN: cfg.Fallback.BaseDN, - Insecure: cfg.Fallback.Insecure, - NameFormat: cfg.Fallback.NameFormat, - GroupFormat: cfg.Fallback.GroupFormat, - Servers: cfg.Fallback.Servers, - SSHKeyAttr: cfg.Fallback.SSHKeyAttr, - UseGraphAPI: cfg.Fallback.UseGraphAPI, - }, - } - - if lscfg.Enabled { - if err := pkgcrypto.GenCert(cfg.Ldaps.Cert, cfg.Ldaps.Key, logger); err != nil { - logger.Fatal().Err(err).Msgf("Could not generate test-certificate") - } - } - - as, gs := getAccountsServices() - server, err := glauth.Server( - glauth.AccountsService(as), - glauth.GroupsService(gs), - glauth.Logger(logger), - glauth.LDAP(&lcfg), - glauth.LDAPS(&lscfg), - glauth.Backend(&bcfg), - glauth.Fallback(&fcfg), - glauth.RoleBundleUUID(cfg.RoleBundleUUID), - ) - - if err != nil { - logger.Info(). - Err(err). - Str("transport", "ldap"). - Msg("Failed to initialize server") - - return err - } - - gr.Add(func() error { - err := make(chan error) - select { - case <-ctx.Done(): - return nil - case err <- server.ListenAndServe(): - return <-err - } - - }, func(_ error) { - logger.Info(). - Str("transport", "ldap"). - Msg("Shutting down server") - - server.Shutdown() - cancel() - }) - - gr.Add(func() error { - err := make(chan error) - select { - case <-ctx.Done(): - return nil - case err <- server.ListenAndServeTLS(): - return <-err - } - - }, func(_ error) { - logger.Info(). - Str("transport", "ldaps"). - Msg("Shutting down server") - - server.Shutdown() - cancel() - }) - - } - - { - server, err := debug.Server( - debug.Logger(logger), - debug.Context(ctx), - debug.Config(cfg), - ) - - if err != nil { - logger.Info().Err(err).Str("transport", "debug").Msg("Failed to initialize server") - return err - } - - gr.Add(server.ListenAndServe, func(_ error) { - _ = server.Shutdown(ctx) - cancel() - }) - } - - return gr.Run() - }, - } -} - -// getAccountsServices returns an ocis-accounts service -func getAccountsServices() (accountssvc.AccountsService, accountssvc.GroupsService) { - return accountssvc.NewAccountsService("com.owncloud.api.accounts", grpc.DefaultClient), - accountssvc.NewGroupsService("com.owncloud.api.accounts", grpc.DefaultClient) -} diff --git a/extensions/glauth/pkg/command/version.go b/extensions/glauth/pkg/command/version.go deleted file mode 100644 index 326749250d..0000000000 --- a/extensions/glauth/pkg/command/version.go +++ /dev/null @@ -1,50 +0,0 @@ -package command - -import ( - "fmt" - "os" - - "github.com/owncloud/ocis/v2/ocis-pkg/registry" - "github.com/owncloud/ocis/v2/ocis-pkg/version" - - tw "github.com/olekukonko/tablewriter" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" - "github.com/urfave/cli/v2" -) - -// Version prints the service versions of all running instances. -func Version(cfg *config.Config) *cli.Command { - return &cli.Command{ - Name: "version", - Usage: "print the version of this binary and the running extension instances", - Category: "info", - Action: func(c *cli.Context) error { - fmt.Println("Version: " + version.String) - fmt.Printf("Compiled: %s\n", version.Compiled()) - fmt.Println("") - - reg := registry.GetRegistry() - services, err := reg.GetService(cfg.Ldap.Namespace + "." + cfg.Service.Name) - if err != nil { - fmt.Println(fmt.Errorf("could not get %s services from the registry: %v", cfg.Service.Name, err)) - return err - } - - if len(services) == 0 { - fmt.Println("No running " + cfg.Service.Name + " service found.") - return nil - } - - table := tw.NewWriter(os.Stdout) - table.SetHeader([]string{"Version", "Address", "Id"}) - table.SetAutoFormatHeaders(false) - for _, s := range services { - for _, n := range s.Nodes { - table.Append([]string{s.Version, n.Address, n.Id}) - } - } - table.Render() - return nil - }, - } -} diff --git a/extensions/glauth/pkg/config/config.go b/extensions/glauth/pkg/config/config.go deleted file mode 100644 index 5d0265764e..0000000000 --- a/extensions/glauth/pkg/config/config.go +++ /dev/null @@ -1,52 +0,0 @@ -package config - -import ( - "context" - - "github.com/owncloud/ocis/v2/ocis-pkg/shared" -) - -// Config combines all available configuration parts. -type Config struct { - *shared.Commons `yaml:"-"` - - Service Service `yaml:"-"` - - Tracing *Tracing `yaml:"tracing"` - Log *Log `yaml:"log"` - Debug Debug `yaml:"debug"` - - Ldap Ldap `yaml:"ldap"` - Ldaps Ldaps `yaml:"ldaps"` - - Backend Backend `yaml:"backend"` - Fallback FallbackBackend `yaml:"fallback"` - - RoleBundleUUID string `yaml:"role_bundle_uuid" env:"GLAUTH_ROLE_BUNDLE_ID"` - - Context context.Context `yaml:"-"` -} - -// Backend defined the available backend configuration. -type Backend struct { - Datastore string `yaml:"datastore"` - BaseDN string `yaml:"base_dn"` - Insecure bool `yaml:"insecure"` - NameFormat string `yaml:"name_format"` - GroupFormat string `yaml:"group_format"` - Servers []string `yaml:"servers"` - SSHKeyAttr string `yaml:"ssh_key_attr"` - UseGraphAPI bool `yaml:"use_graph_api"` -} - -// FallbackBackend defined the available fallback backend configuration. -type FallbackBackend struct { - Datastore string `yaml:"datastore"` - BaseDN string `yaml:"base_dn"` - Insecure bool `yaml:"insecure"` - NameFormat string `yaml:"name_format"` - GroupFormat string `yaml:"group_format"` - Servers []string `yaml:"servers"` - SSHKeyAttr string `yaml:"ssh_key_attr"` - UseGraphAPI bool `yaml:"use_graph_api"` -} diff --git a/extensions/glauth/pkg/config/debug.go b/extensions/glauth/pkg/config/debug.go deleted file mode 100644 index aebfd92b42..0000000000 --- a/extensions/glauth/pkg/config/debug.go +++ /dev/null @@ -1,9 +0,0 @@ -package config - -// Debug defines the available debug configuration. -type Debug struct { - Addr string `yaml:"addr" env:"GLAUTH_DEBUG_ADDR"` - Token string `yaml:"token" env:"GLAUTH_DEBUG_TOKEN"` - Pprof bool `yaml:"pprof" env:"GLAUTH_DEBUG_PPROF"` - Zpages bool `yaml:"zpages" env:"GLAUTH_DEBUG_ZPAGES"` -} diff --git a/extensions/glauth/pkg/config/defaults/defaultconfig.go b/extensions/glauth/pkg/config/defaults/defaultconfig.go deleted file mode 100644 index 4dd3c907d4..0000000000 --- a/extensions/glauth/pkg/config/defaults/defaultconfig.go +++ /dev/null @@ -1,88 +0,0 @@ -package defaults - -import ( - "path" - - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" - "github.com/owncloud/ocis/v2/ocis-pkg/config/defaults" -) - -func FullDefaultConfig() *config.Config { - cfg := DefaultConfig() - EnsureDefaults(cfg) - Sanitize(cfg) - return cfg -} - -func DefaultConfig() *config.Config { - return &config.Config{ - Debug: config.Debug{ - Addr: "127.0.0.1:9129", - }, - Service: config.Service{ - Name: "glauth", - }, - Ldap: config.Ldap{ - Enabled: true, - Addr: "127.0.0.1:9125", - Namespace: "com.owncloud.ldap", - }, - Ldaps: config.Ldaps{ - Enabled: true, - Addr: "127.0.0.1:9126", - Namespace: "com.owncloud.ldaps", - Cert: path.Join(defaults.BaseDataPath(), "ldap", "ldap.crt"), - Key: path.Join(defaults.BaseDataPath(), "ldap", "ldap.key"), - }, - Backend: config.Backend{ - Datastore: "accounts", - BaseDN: "dc=ocis,dc=test", - Insecure: false, - NameFormat: "cn", - GroupFormat: "ou", - Servers: nil, - SSHKeyAttr: "sshPublicKey", - UseGraphAPI: true, - }, - Fallback: config.FallbackBackend{ - Datastore: "", - BaseDN: "dc=ocis,dc=test", - Insecure: false, - NameFormat: "cn", - GroupFormat: "ou", - Servers: nil, - SSHKeyAttr: "sshPublicKey", - UseGraphAPI: true, - }, - RoleBundleUUID: "71881883-1768-46bd-a24d-a356a2afdf7f", // BundleUUIDRoleAdmin - } -} - -func EnsureDefaults(cfg *config.Config) { - // provide with defaults for shared logging, since we need a valid destination address for BindEnv. - if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil { - cfg.Log = &config.Log{ - Level: cfg.Commons.Log.Level, - Pretty: cfg.Commons.Log.Pretty, - Color: cfg.Commons.Log.Color, - File: cfg.Commons.Log.File, - } - } else if cfg.Log == nil { - cfg.Log = &config.Log{} - } - // provide with defaults for shared tracing, since we need a valid destination address for BindEnv. - if cfg.Tracing == nil && cfg.Commons != nil && cfg.Commons.Tracing != nil { - cfg.Tracing = &config.Tracing{ - Enabled: cfg.Commons.Tracing.Enabled, - Type: cfg.Commons.Tracing.Type, - Endpoint: cfg.Commons.Tracing.Endpoint, - Collector: cfg.Commons.Tracing.Collector, - } - } else if cfg.Tracing == nil { - cfg.Tracing = &config.Tracing{} - } -} - -func Sanitize(cfg *config.Config) { - // nothing to sanitize here atm -} diff --git a/extensions/glauth/pkg/config/ldap.go b/extensions/glauth/pkg/config/ldap.go deleted file mode 100644 index 2e9dbacc6d..0000000000 --- a/extensions/glauth/pkg/config/ldap.go +++ /dev/null @@ -1,8 +0,0 @@ -package config - -// Ldap defines the available LDAP configuration. -type Ldap struct { - Enabled bool `yaml:"enabled" env:"GLAUTH_LDAP_ENABLED"` - Addr string `yaml:"addr" env:"GLAUTH_LDAP_ADDR"` - Namespace string `yaml:"-"` -} diff --git a/extensions/glauth/pkg/config/ldaps.go b/extensions/glauth/pkg/config/ldaps.go deleted file mode 100644 index 19bc03acbf..0000000000 --- a/extensions/glauth/pkg/config/ldaps.go +++ /dev/null @@ -1,10 +0,0 @@ -package config - -// Ldaps defined the available LDAPS configuration. -type Ldaps struct { - Enabled bool `yaml:"enabled" env:"GLAUTH_LDAPS_ENABLED"` - Addr string `yaml:"addr" env:"GLAUTH_LDAPS_ADDR"` - Namespace string `yaml:"-"` - Cert string `yaml:"cert" env:"GLAUTH_LDAPS_CERT"` - Key string `yaml:"key" env:"GLAUTH_LDAPS_KEY"` -} diff --git a/extensions/glauth/pkg/config/log.go b/extensions/glauth/pkg/config/log.go deleted file mode 100644 index 2ce88369b2..0000000000 --- a/extensions/glauth/pkg/config/log.go +++ /dev/null @@ -1,9 +0,0 @@ -package config - -// Log defines the available log configuration. -type Log struct { - Level string `mapstructure:"level" env:"OCIS_LOG_LEVEL;GLAUTH_LOG_LEVEL"` - Pretty bool `mapstructure:"pretty" env:"OCIS_LOG_PRETTY;GLAUTH_LOG_PRETTY"` - Color bool `mapstructure:"color" env:"OCIS_LOG_COLOR;GLAUTH_LOG_COLOR"` - File string `mapstructure:"file" env:"OCIS_LOG_FILE;GLAUTH_LOG_FILE"` -} diff --git a/extensions/glauth/pkg/config/parser/parse.go b/extensions/glauth/pkg/config/parser/parse.go deleted file mode 100644 index 575363e246..0000000000 --- a/extensions/glauth/pkg/config/parser/parse.go +++ /dev/null @@ -1,37 +0,0 @@ -package parser - -import ( - "errors" - - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config/defaults" - ociscfg "github.com/owncloud/ocis/v2/ocis-pkg/config" - - "github.com/owncloud/ocis/v2/ocis-pkg/config/envdecode" -) - -// ParseConfig loads configuration from known paths. -func ParseConfig(cfg *config.Config) error { - _, err := ociscfg.BindSourcesToStructs(cfg.Service.Name, cfg) - if err != nil { - return err - } - - defaults.EnsureDefaults(cfg) - // load all env variables relevant to the config in the current context. - if err := envdecode.Decode(cfg); err != nil { - // no environment variable set for this config is an expected "error" - if !errors.Is(err, envdecode.ErrNoTargetFieldsAreSet) { - return err - } - } - - // sanitize config - defaults.Sanitize(cfg) - - return Validate(cfg) -} - -func Validate(cfg *config.Config) error { - return nil -} diff --git a/extensions/glauth/pkg/config/service.go b/extensions/glauth/pkg/config/service.go deleted file mode 100644 index d1eac383f0..0000000000 --- a/extensions/glauth/pkg/config/service.go +++ /dev/null @@ -1,6 +0,0 @@ -package config - -// Service defines the available service configuration. -type Service struct { - Name string `yaml:"-"` -} diff --git a/extensions/glauth/pkg/config/tracing.go b/extensions/glauth/pkg/config/tracing.go deleted file mode 100644 index 593e3b0ceb..0000000000 --- a/extensions/glauth/pkg/config/tracing.go +++ /dev/null @@ -1,9 +0,0 @@ -package config - -// Tracing defines the available tracing configuration. -type Tracing struct { - Enabled bool `yaml:"enabled" env:"OCIS_TRACING_ENABLED;GLAUTH_TRACING_ENABLED"` - Type string `yaml:"type" env:"OCIS_TRACING_TYPE;GLAUTH_TRACING_TYPE"` - Endpoint string `yaml:"endpoint" env:"OCIS_TRACING_ENDPOINT;GLAUTH_TRACING_ENDPOINT"` - Collector string `yaml:"collector" env:"OCIS_TRACING_COLLECTOR;GLAUTH_TRACING_COLLECTOR"` -} diff --git a/extensions/glauth/pkg/logging/logging.go b/extensions/glauth/pkg/logging/logging.go deleted file mode 100644 index c60357106b..0000000000 --- a/extensions/glauth/pkg/logging/logging.go +++ /dev/null @@ -1,17 +0,0 @@ -package logging - -import ( - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" - "github.com/owncloud/ocis/v2/ocis-pkg/log" -) - -// LoggerFromConfig initializes a service-specific logger instance. -func Configure(name string, cfg *config.Log) log.Logger { - return log.NewLogger( - log.Name(name), - log.Level(cfg.Level), - log.Pretty(cfg.Pretty), - log.Color(cfg.Color), - log.File(cfg.File), - ) -} diff --git a/extensions/glauth/pkg/metrics/metrics.go b/extensions/glauth/pkg/metrics/metrics.go deleted file mode 100644 index 51e0708e78..0000000000 --- a/extensions/glauth/pkg/metrics/metrics.go +++ /dev/null @@ -1,41 +0,0 @@ -package metrics - -import "github.com/prometheus/client_golang/prometheus" - -var ( - // Namespace defines the namespace for the defines metrics. - Namespace = "ocis" - - // Subsystem defines the subsystem for the defines metrics. - Subsystem = "glauth" -) - -// Metrics defines the available metrics of this service. -type Metrics struct { - // Counter *prometheus.CounterVec - BuildInfo *prometheus.GaugeVec -} - -// New initializes the available metrics. -func New() *Metrics { - m := &Metrics{ - // Counter: prometheus.NewCounterVec(prometheus.CounterOpts{ - // Namespace: Namespace, - // Subsystem: Subsystem, - // Name: "greet_total", - // Help: "How many greeting requests processed", - // }, []string{}), - BuildInfo: prometheus.NewGaugeVec(prometheus.GaugeOpts{ - Namespace: Namespace, - Subsystem: Subsystem, - Name: "build_info", - Help: "Build Information", - }, []string{"version"}), - } - - // prometheus.Register( - // m.Counter, - // ) - - return m -} diff --git a/extensions/glauth/pkg/mlogr/mlogr.go b/extensions/glauth/pkg/mlogr/mlogr.go deleted file mode 100644 index 642e399ffb..0000000000 --- a/extensions/glauth/pkg/mlogr/mlogr.go +++ /dev/null @@ -1,130 +0,0 @@ -package mlogr - -import ( - "errors" - - "github.com/go-logr/logr" - plog "github.com/owncloud/ocis/v2/ocis-pkg/log" - - "github.com/rs/zerolog" -) - -const debugVerbosity = 6 -const traceVerbosity = 8 - -// New returns a logr.Logger which is implemented by the log. -func New(l *plog.Logger) logr.Logger { - sink := logSink{ - l: l, - verbosity: 0, - prefix: "glauth", - values: nil, - } - - return logr.New(sink) -} - -func (l logSink) Init(info logr.RuntimeInfo) { -} - -// logSink is a logr.LogSink that uses the ocis-pkg log. -type logSink struct { - l *plog.Logger - verbosity int - prefix string - values []interface{} -} - -func (l logSink) clone() logSink { - out := l - out.values = copySlice(l.values) - return out -} - -func copySlice(in []interface{}) []interface{} { - out := make([]interface{}, len(in)) - copy(out, in) - return out -} - -// add converts a bunch of arbitrary key-value pairs into zerolog fields. -func add(e *zerolog.Event, keysAndVals []interface{}) { - - // make sure we got an even number of arguments - if len(keysAndVals)%2 != 0 { - e.Interface("args", keysAndVals). - AnErr("zerologr-err", errors.New("odd number of arguments passed as key-value pairs for logging")). - Stack() - return - } - - for i := 0; i < len(keysAndVals); { - // process a key-value pair, - // ensuring that the key is a string - key, val := keysAndVals[i], keysAndVals[i+1] - keyStr, isString := key.(string) - if !isString { - // if the key isn't a string, log additional error - e.Interface("invalid key", key). - AnErr("zerologr-err", errors.New("non-string key argument passed to logging, ignoring all later arguments")). - Stack() - return - } - e.Interface(keyStr, val) - - i += 2 - } -} - -func (l logSink) Info(level int, msg string, kvList ...interface{}) { - if l.Enabled(level) { - var e *zerolog.Event - if l.verbosity < debugVerbosity { - e = l.l.Info() - } else if l.verbosity < traceVerbosity { - e = l.l.Debug() - } else { - e = l.l.Trace() - } - e.Int("verbosity", l.verbosity) - if l.prefix != "" { - e.Str("name", l.prefix) - } - add(e, l.values) - add(e, kvList) - e.Msg(msg) - } -} - -func (l logSink) Enabled(level int) bool { - return true -} - -func (l logSink) Error(err error, msg string, keysAndVals ...interface{}) { - e := l.l.Error().Err(err) - if l.prefix != "" { - e.Str("name", l.prefix) - } - add(e, l.values) - add(e, keysAndVals) - e.Msg(msg) -} - -// WithName returns a new logr.LogSink with the specified name appended. zerologr -// uses '/' characters to separate name elements. Callers should not pass '/' -// in the provided name string, but this library does not actually enforce that. -func (l logSink) WithName(name string) logr.LogSink { - nl := l.clone() - if len(l.prefix) > 0 { - nl.prefix = l.prefix + "/" - } - nl.prefix += name - return nl -} -func (l logSink) WithValues(kvList ...interface{}) logr.LogSink { - nl := l.clone() - nl.values = append(nl.values, kvList...) - return nl -} - -var _ logr.LogSink = logSink{} diff --git a/extensions/glauth/pkg/server/debug/option.go b/extensions/glauth/pkg/server/debug/option.go deleted file mode 100644 index 9d9496ca46..0000000000 --- a/extensions/glauth/pkg/server/debug/option.go +++ /dev/null @@ -1,50 +0,0 @@ -package debug - -import ( - "context" - - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" - "github.com/owncloud/ocis/v2/ocis-pkg/log" -) - -// Option defines a single option function. -type Option func(o *Options) - -// Options defines the available options for this package. -type Options struct { - Logger log.Logger - Context context.Context - Config *config.Config -} - -// newOptions initializes the available default options. -func newOptions(opts ...Option) Options { - opt := Options{} - - for _, o := range opts { - o(&opt) - } - - return opt -} - -// Logger provides a function to set the logger option. -func Logger(val log.Logger) Option { - return func(o *Options) { - o.Logger = val - } -} - -// Context provides a function to set the context option. -func Context(val context.Context) Option { - return func(o *Options) { - o.Context = val - } -} - -// Config provides a function to set the config option. -func Config(val *config.Config) Option { - return func(o *Options) { - o.Config = val - } -} diff --git a/extensions/glauth/pkg/server/debug/server.go b/extensions/glauth/pkg/server/debug/server.go deleted file mode 100644 index 6dd2d539c9..0000000000 --- a/extensions/glauth/pkg/server/debug/server.go +++ /dev/null @@ -1,59 +0,0 @@ -package debug - -import ( - "io" - "net/http" - - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" - "github.com/owncloud/ocis/v2/ocis-pkg/service/debug" - "github.com/owncloud/ocis/v2/ocis-pkg/version" -) - -// Server initializes the debug service and server. -func Server(opts ...Option) (*http.Server, error) { - options := newOptions(opts...) - - return debug.NewService( - debug.Logger(options.Logger), - debug.Name(options.Config.Service.Name), - debug.Version(version.String), - debug.Address(options.Config.Debug.Addr), - debug.Token(options.Config.Debug.Token), - debug.Pprof(options.Config.Debug.Pprof), - debug.Zpages(options.Config.Debug.Zpages), - debug.Health(health(options.Config)), - debug.Ready(ready(options.Config)), - ), nil -} - -// health implements the health check. -func health(cfg *config.Config) func(http.ResponseWriter, *http.Request) { - return func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "text/plain") - w.WriteHeader(http.StatusOK) - - // TODO: check if services are up and running - - _, err := io.WriteString(w, http.StatusText(http.StatusOK)) - // io.WriteString should not fail but if it does we want to know. - if err != nil { - panic(err) - } - } -} - -// ready implements the ready check. -func ready(cfg *config.Config) func(http.ResponseWriter, *http.Request) { - return func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "text/plain") - w.WriteHeader(http.StatusOK) - - // TODO: check if services are up and running - - _, err := io.WriteString(w, http.StatusText(http.StatusOK)) - // io.WriteString should not fail but if it does we want to know. - if err != nil { - panic(err) - } - } -} diff --git a/extensions/glauth/pkg/server/glauth/chain.go b/extensions/glauth/pkg/server/glauth/chain.go deleted file mode 100644 index d511d62f9a..0000000000 --- a/extensions/glauth/pkg/server/glauth/chain.go +++ /dev/null @@ -1,121 +0,0 @@ -package glauth - -import ( - "net" - - "github.com/glauth/glauth/v2/pkg/config" - "github.com/glauth/glauth/v2/pkg/handler" - "github.com/nmcclain/ldap" - "github.com/owncloud/ocis/v2/ocis-pkg/log" -) - -type chainHandler struct { - log log.Logger - b handler.Handler - f handler.Handler -} - -func (h chainHandler) Bind(bindDN, bindSimplePw string, conn net.Conn) (res ldap.LDAPResultCode, err error) { - h.log.Debug(). - Str("binddn", bindDN). - Interface("src", conn.RemoteAddr()). - Str("handler", "chain"). - Msg("Bind request") - res, err = h.b.Bind(bindDN, bindSimplePw, conn) - switch { - case err != nil: - h.log.Error(). - Err(err). - Str("binddn", bindDN). - Interface("src", conn.RemoteAddr()). - Str("handler", "chain"). - Msg("Bind request") - return h.f.Bind(bindDN, bindSimplePw, conn) - case res == ldap.LDAPResultInvalidCredentials: - return h.f.Bind(bindDN, bindSimplePw, conn) - } - return -} - -func (h chainHandler) Search(bindDN string, searchReq ldap.SearchRequest, conn net.Conn) (res ldap.ServerSearchResult, err error) { - h.log.Debug(). - Str("binddn", bindDN). - Interface("src", conn.RemoteAddr()). - Str("handler", "chain"). - Msg("Search request") - res, err = h.b.Search(bindDN, searchReq, conn) - switch { - case err != nil: - h.log.Error(). - Err(err). - Str("binddn", bindDN). - Interface("src", conn.RemoteAddr()). - Str("handler", "chain"). - Msg("Search request") - return h.f.Search(bindDN, searchReq, conn) - case len(res.Entries) == 0: - // yes, we only fall back if there are no results in the first backend - // this is not supposed to work for searching lots of users, only to look up a single user - // searching multiple users would require merging result sets. out of scope for now. - return h.f.Search(bindDN, searchReq, conn) - } - return -} -func (h chainHandler) Close(boundDN string, conn net.Conn) error { - h.log.Debug(). - Str("boundDN", boundDN). - Interface("src", conn.RemoteAddr()). - Str("handler", "chain"). - Msg("Close request") - if err := h.b.Close(boundDN, conn); err != nil { - h.log.Error(). - Err(err). - Str("boundDN", boundDN). - Interface("src", conn.RemoteAddr()). - Str("handler", "chain"). - Msg("Close request") - } - if err := h.f.Close(boundDN, conn); err != nil { - h.log.Error(). - Err(err). - Str("boundDN", boundDN). - Interface("src", conn.RemoteAddr()). - Str("handler", "chain"). - Msg("Close request") - } - return nil -} - -// Add is not yet supported for the chain backend -func (h chainHandler) Add(boundDN string, req ldap.AddRequest, conn net.Conn) (result ldap.LDAPResultCode, err error) { - return ldap.LDAPResultInsufficientAccessRights, nil -} - -// Modify is not yet supported for the chain backend -func (h chainHandler) Modify(boundDN string, req ldap.ModifyRequest, conn net.Conn) (result ldap.LDAPResultCode, err error) { - return ldap.LDAPResultInsufficientAccessRights, nil -} - -// Delete is not yet supported for the chain backend -func (h chainHandler) Delete(boundDN string, deleteDN string, conn net.Conn) (result ldap.LDAPResultCode, err error) { - return ldap.LDAPResultInsufficientAccessRights, nil -} - -// FindUser with the given username. Called by the ldap backend to authenticate the bind. Optional -func (h chainHandler) FindUser(userName string, searchByUPN bool) (bool, config.User, error) { - return false, config.User{}, nil -} - -// FindGroup is not yet supported for the chain backend -func (h chainHandler) FindGroup(groupName string) (bool, config.Group, error) { - return false, config.Group{}, nil -} - -// NewChainHandler implements a chain backend with two backends -func NewChainHandler(log log.Logger, bh handler.Handler, fh handler.Handler) handler.Handler { - return chainHandler{ - log: log, - b: bh, - f: fh, - } -} diff --git a/extensions/glauth/pkg/server/glauth/ocis.go b/extensions/glauth/pkg/server/glauth/ocis.go deleted file mode 100644 index 29dd70b89f..0000000000 --- a/extensions/glauth/pkg/server/glauth/ocis.go +++ /dev/null @@ -1,555 +0,0 @@ -package glauth - -import ( - "context" - "encoding/json" - "fmt" - "net" - "strconv" - "strings" - - accountsmsg "github.com/owncloud/ocis/v2/protogen/gen/ocis/messages/accounts/v0" - accountssvc "github.com/owncloud/ocis/v2/protogen/gen/ocis/services/accounts/v0" - - "github.com/glauth/glauth/v2/pkg/config" - "github.com/glauth/glauth/v2/pkg/handler" - "github.com/glauth/glauth/v2/pkg/stats" - ber "github.com/nmcclain/asn1-ber" - "github.com/nmcclain/ldap" - "github.com/owncloud/ocis/v2/ocis-pkg/log" - "github.com/owncloud/ocis/v2/ocis-pkg/middleware" - "go-micro.dev/v4/metadata" -) - -type queryType string - -const ( - usersQuery queryType = "users" - groupsQuery queryType = "groups" -) - -type ocisHandler struct { - as accountssvc.AccountsService - gs accountssvc.GroupsService - log log.Logger - basedn string - nameFormat string - groupFormat string - rbid string -} - -func (h ocisHandler) Bind(bindDN, bindSimplePw string, conn net.Conn) (ldap.LDAPResultCode, error) { - bindDN = strings.ToLower(bindDN) - baseDN := strings.ToLower("," + h.basedn) - - h.log.Debug(). - Str("handler", "ocis"). - Str("binddn", bindDN). - Str("basedn", h.basedn). - Interface("src", conn.RemoteAddr()). - Msg("Bind request") - - stats.Frontend.Add("bind_reqs", 1) - - // parse the bindDN - ensure that the bindDN ends with the BaseDN - if !strings.HasSuffix(bindDN, baseDN) { - h.log.Error(). - Str("handler", "ocis"). - Str("binddn", bindDN). - Str("basedn", h.basedn). - Interface("src", conn.RemoteAddr()). - Msg("BindDN not part of our BaseDN") - return ldap.LDAPResultInvalidCredentials, nil - } - parts := strings.Split(strings.TrimSuffix(bindDN, baseDN), ",") - if len(parts) > 2 { - h.log.Error(). - Str("handler", "ocis"). - Str("binddn", bindDN). - Int("numparts", len(parts)). - Interface("src", conn.RemoteAddr()). - Msg("BindDN should have only one or two parts") - return ldap.LDAPResultInvalidCredentials, nil - } - userName := strings.TrimPrefix(parts[0], "cn=") - - // TODO make glauth context aware - ctx := context.Background() - - // use a session with the bound user? - roleIDs, err := json.Marshal([]string{h.rbid}) - if err != nil { - h.log.Error(). - Err(err). - Str("handler", "ocis"). - Msg("could not marshal roleid json") - return ldap.LDAPResultOperationsError, nil - } - ctx = metadata.Set(ctx, middleware.RoleIDs, string(roleIDs)) - - // check password - res, err := h.as.ListAccounts(ctx, &accountssvc.ListAccountsRequest{ - //Query: fmt.Sprintf("username eq '%s'", username), - // TODO this allows looking up users when you know the username using basic auth - // adding the password to the query is an option but sending this over the wire a la scim seems ugly - // but to set passwords our accounts need it anyway - Query: fmt.Sprintf("login eq '%s' and password eq '%s'", userName, bindSimplePw), - }) - if err != nil || len(res.Accounts) == 0 { - h.log.Error(). - Err(err). - Str("handler", "ocis"). - Str("username", userName). - Str("binddn", bindDN). - Interface("src", conn.RemoteAddr()). - Msg("Login failed") - return ldap.LDAPResultInvalidCredentials, nil - } - - stats.Frontend.Add("bind_successes", 1) - h.log.Debug(). - Str("handler", "ocis"). - Str("binddn", bindDN). - Interface("src", conn.RemoteAddr()). - Msg("Bind success") - return ldap.LDAPResultSuccess, nil -} - -func (h ocisHandler) Search(bindDN string, searchReq ldap.SearchRequest, conn net.Conn) (ldap.ServerSearchResult, error) { - bindDN = strings.ToLower(bindDN) - baseDN := strings.ToLower("," + h.basedn) - searchBaseDN := strings.ToLower(searchReq.BaseDN) - h.log.Debug(). - Str("handler", "ocis"). - Str("binddn", bindDN). - Str("basedn", h.basedn). - Str("filter", searchReq.Filter). - Interface("src", conn.RemoteAddr()). - Msg("Search request") - stats.Frontend.Add("search_reqs", 1) - - // validate the user is authenticated and has appropriate access - if len(bindDN) < 1 { - return ldap.ServerSearchResult{ - ResultCode: ldap.LDAPResultInsufficientAccessRights, - }, fmt.Errorf("search error: Anonymous BindDN not allowed %s", bindDN) - } - if !strings.HasSuffix(bindDN, baseDN) { - return ldap.ServerSearchResult{ - ResultCode: ldap.LDAPResultInsufficientAccessRights, - }, fmt.Errorf("search error: BindDN %s not in our BaseDN %s", bindDN, h.basedn) - } - if !strings.HasSuffix(searchBaseDN, h.basedn) { - return ldap.ServerSearchResult{ - ResultCode: ldap.LDAPResultInsufficientAccessRights, - }, fmt.Errorf("search error: search BaseDN %s is not in our BaseDN %s", searchBaseDN, h.basedn) - } - - var qtype queryType = "" - query := "" - var code ldap.LDAPResultCode - var err error - if searchReq.Filter == "(&)" { // see Absolute True and False Filters in https://tools.ietf.org/html/rfc4526#section-2 - query = "" - } else { - var cf *ber.Packet - cf, err = ldap.CompileFilter(searchReq.Filter) - if err != nil { - h.log.Error(). - Err(err). - Str("handler", "ocis"). - Str("binddn", bindDN). - Str("basedn", h.basedn). - Str("filter", searchReq.Filter). - Interface("src", conn.RemoteAddr()). - Msg("could not compile filter") - return ldap.ServerSearchResult{ - ResultCode: ldap.LDAPResultOperationsError, - }, fmt.Errorf("Search Error: error compiling filter: %s, error: %s", searchReq.Filter, err.Error()) - } - qtype, query, code, err = parseFilter(cf) - if err != nil { - return ldap.ServerSearchResult{ - ResultCode: code, - }, fmt.Errorf("Search Error: error parsing filter: %s, error: %s", searchReq.Filter, err.Error()) - } - - // check if the searchBaseDN already has a username and add it to the query - parts := strings.Split(strings.TrimSuffix(searchBaseDN, baseDN), ",") - if len(parts) > 0 && strings.HasPrefix(parts[0], "cn=") { - if len(query) > 0 { - query += " AND " - } - query += fmt.Sprintf("on_premises_sam_account_name eq '%s'", escapeValue(strings.TrimPrefix(parts[0], "cn="))) - } - } - - // TODO make glauth context aware - ctx := context.Background() - - // use a session with the bound user? - roleIDs, err := json.Marshal([]string{h.rbid}) - if err != nil { - h.log.Error(). - Err(err). - Str("handler", "ocis"). - Msg("could not marshal roleid json") - return ldap.ServerSearchResult{ - ResultCode: ldap.LDAPResultOperationsError, - }, nil - } - ctx = metadata.Set(ctx, middleware.RoleIDs, string(roleIDs)) - - entries := []*ldap.Entry{} - h.log.Debug(). - Str("handler", "ocis"). - Str("binddn", bindDN). - Str("basedn", h.basedn). - Str("filter", searchReq.Filter). - Str("qtype", string(qtype)). - Str("query", query). - Msg("parsed query") - switch qtype { - case usersQuery: - accounts, err := h.as.ListAccounts(ctx, &accountssvc.ListAccountsRequest{ - Query: query, - }) - if err != nil { - h.log.Error(). - Err(err). - Str("handler", "ocis"). - Str("binddn", bindDN). - Str("basedn", h.basedn). - Str("filter", searchReq.Filter). - Str("query", query). - Interface("src", conn.RemoteAddr()). - Msg("Could not list accounts") - - return ldap.ServerSearchResult{ - ResultCode: ldap.LDAPResultOperationsError, - }, fmt.Errorf("search error: error listing users") - } - entries = append(entries, h.mapAccounts(accounts.Accounts)...) - case groupsQuery: - groups, err := h.gs.ListGroups(ctx, &accountssvc.ListGroupsRequest{ - Query: query, - }) - if err != nil { - h.log.Error(). - Err(err). - Str("handler", "ocis"). - Str("binddn", bindDN). - Str("basedn", h.basedn). - Str("filter", searchReq.Filter). - Str("query", query). - Interface("src", conn.RemoteAddr()). - Msg("Could not list groups") - - return ldap.ServerSearchResult{ - ResultCode: ldap.LDAPResultOperationsError, - }, fmt.Errorf("search error: error listing groups") - } - entries = append(entries, h.mapGroups(groups.Groups)...) - } - - stats.Frontend.Add("search_successes", 1) - h.log.Debug(). - Str("handler", "ocis"). - Int("num_entries", len(entries)). - Str("binddn", bindDN). - Str("basedn", h.basedn). - Str("filter", searchReq.Filter). - Interface("src", conn.RemoteAddr()). - Msg("AP: Search OK") - - return ldap.ServerSearchResult{ - Entries: entries, - Referrals: []string{}, - Controls: []ldap.Control{}, - ResultCode: ldap.LDAPResultSuccess, - }, nil -} - -func attribute(name string, values ...string) *ldap.EntryAttribute { - return &ldap.EntryAttribute{ - Name: name, - Values: values, - } -} - -func (h ocisHandler) mapAccounts(accounts []*accountsmsg.Account) []*ldap.Entry { - entries := make([]*ldap.Entry, 0, len(accounts)) - for i := range accounts { - attrs := []*ldap.EntryAttribute{ - attribute("objectClass", "posixAccount", "inetOrgPerson", "organizationalPerson", "Person", "top"), - attribute("cn", accounts[i].PreferredName), - attribute("uid", accounts[i].PreferredName), - attribute("sn", accounts[i].PreferredName), - attribute("homeDirectory", ""), - attribute("ownCloudUUID", accounts[i].Id), // see https://github.com/butonic/owncloud-ldap-schema/blob/master/owncloud.schema#L28-L34 - } - if accounts[i].DisplayName != "" { - attrs = append(attrs, attribute("displayName", accounts[i].DisplayName)) - } - if accounts[i].Mail != "" { - attrs = append(attrs, attribute("mail", accounts[i].Mail)) - } - if accounts[i].UidNumber != 0 { // TODO no root? - attrs = append(attrs, attribute("uidnumber", strconv.FormatInt(accounts[i].UidNumber, 10))) - } - if accounts[i].GidNumber != 0 { - attrs = append(attrs, attribute("gidnumber", strconv.FormatInt(accounts[i].GidNumber, 10))) - } - if accounts[i].Description != "" { - attrs = append(attrs, attribute("description", accounts[i].Description)) - } - - dn := fmt.Sprintf("%s=%s,%s=%s,%s", - h.nameFormat, - accounts[i].PreferredName, - h.groupFormat, - "users", - h.basedn, - ) - entries = append(entries, &ldap.Entry{DN: dn, Attributes: attrs}) - } - return entries -} - -func (h ocisHandler) mapGroups(groups []*accountsmsg.Group) []*ldap.Entry { - entries := make([]*ldap.Entry, 0, len(groups)) - for i := range groups { - attrs := []*ldap.EntryAttribute{ - attribute("objectClass", "posixGroup", "groupOfNames", "top"), - attribute("cn", groups[i].OnPremisesSamAccountName), - attribute("ownCloudUUID", groups[i].Id), // see https://github.com/butonic/owncloud-ldap-schema/blob/master/owncloud.schema#L28-L34 - } - if groups[i].DisplayName != "" { - attrs = append(attrs, attribute("displayName", groups[i].DisplayName)) - } - if groups[i].GidNumber != 0 { - attrs = append(attrs, attribute("gidnumber", strconv.FormatInt(groups[i].GidNumber, 10))) - } - if groups[i].Description != "" { - attrs = append(attrs, attribute("description", groups[i].Description)) - } - - dn := fmt.Sprintf("%s=%s,%s=%s,%s", - h.nameFormat, - groups[i].OnPremisesSamAccountName, - h.groupFormat, - "groups", - h.basedn, - ) - - memberUids := make([]string, len(groups[i].Members)) - for j := range groups[i].Members { - memberUids[j] = groups[i].Members[j].PreferredName - } - attrs = append(attrs, attribute("memberuid", memberUids...)) - entries = append(entries, &ldap.Entry{DN: dn, Attributes: attrs}) - } - return entries -} - -// LDAP filters might ask for groups and users at the same time, eg. -// (| -// (&(objectClass=posixaccount)(cn=einstein)) -// (&(objectClass=posixgroup)(cn=users)) -// ) - -// (&(objectClass=posixaccount)(objectClass=posixgroup)) -// qtype is one of -// "" not determined -// "users" -// "groups" -func parseFilter(f *ber.Packet) (queryType, string, ldap.LDAPResultCode, error) { - var qtype queryType - var q string - var code ldap.LDAPResultCode - var err error - switch ldap.FilterMap[f.Tag] { - case "Present": - if len(f.Children) != 0 { - return "", "", ldap.LDAPResultOperationsError, fmt.Errorf("equality match must have no children, got %+v", f) - } - attribute := strings.ToLower(f.Data.String()) - - if attribute == "objectclass" { - // TODO implement proper present odata query, for now fall back to listing users - return "users", q, code, err - } - return qtype, q, ldap.LDAPResultUnwillingToPerform, fmt.Errorf("%s filter match for %s not implemented", ldap.FilterMap[f.Tag], attribute) - case "Equality Match": - if len(f.Children) != 2 { - return "", "", ldap.LDAPResultOperationsError, fmt.Errorf("equality match must have exactly two children") - } - attribute := strings.ToLower(f.Children[0].Value.(string)) - value := f.Children[1].Value.(string) - - // replace attributes - switch attribute { - case "objectclass": - switch strings.ToLower(value) { - case "posixaccount", "shadowaccount", "users", "person", "inetorgperson", "organizationalperson": - qtype = usersQuery - case "posixgroup", "groups": - qtype = groupsQuery - case "*": - // TODO not implemented yet - qtype = usersQuery - default: - qtype = "" - } - case "ownclouduuid": - q = fmt.Sprintf("id eq '%s'", escapeValue(value)) - case "cn", "uid": - // on_premises_sam_account_name is indexed using the lowercase analyzer in ocis-accounts - // TODO use "tolower(on_premises_sam_account_name) eq '%s'" to be clear about the case insensitive comparison - q = fmt.Sprintf("on_premises_sam_account_name eq '%s'", escapeValue(value)) - case "mail": - q = fmt.Sprintf("mail eq '%s'", escapeValue(value)) - case "displayname": - q = fmt.Sprintf("display_name eq '%s'", escapeValue(value)) - case "uidnumber": - if i, err := strconv.ParseUint(value, 10, 64); err != nil { - code = ldap.LDAPResultInvalidAttributeSyntax - } else { - q = fmt.Sprintf("uid_number eq %d", i) - } - case "gidnumber": - if i, err := strconv.ParseUint(value, 10, 64); err != nil { - code = ldap.LDAPResultInvalidAttributeSyntax - } else { - q = fmt.Sprintf("gid_number eq %d", i) - } - case "description": - q = fmt.Sprintf("description eq '%s'", escapeValue(value)) - default: - code = ldap.LDAPResultUndefinedAttributeType - err = fmt.Errorf("unrecognized assertion type '%s' in filter item", attribute) - } - return qtype, q, code, err - case "Substrings": - if len(f.Children) != 2 { - return "", "", ldap.LDAPResultOperationsError, fmt.Errorf("substrings filter must have exactly two children") - } - attribute := strings.ToLower(f.Children[0].Value.(string)) - if len(f.Children[1].Children) != 1 { - return "", "", ldap.LDAPResultUnwillingToPerform, fmt.Errorf("substrings filter only supports prefix match") - } - value := f.Children[1].Children[0].Value.(string) - - // replace attributes - switch attribute { - case "objectclass": - switch strings.ToLower(value) { - case "posixaccount", "shadowaccount", "users", "person", "inetorgperson", "organizationalperson": - qtype = usersQuery - case "posixgroup", "groups": - qtype = groupsQuery - default: - qtype = "" - } - case "ownclouduuid": - q = fmt.Sprintf("startswith(id,'%s')", escapeValue(value)) - case "cn", "uid": - // on_premises_sam_account_name is indexed using the lowercase analyzer in ocis-accounts - // TODO use "tolower(on_premises_sam_account_name) eq '%s'" to be clear about the case insensitive comparison - q = fmt.Sprintf("startswith(on_premises_sam_account_name,'%s')", escapeValue(value)) - case "mail": - q = fmt.Sprintf("startswith(mail,'%s')", escapeValue(value)) - case "displayname": - q = fmt.Sprintf("startswith(display_name,'%s')", escapeValue(value)) - case "description": - q = fmt.Sprintf("startswith(description,'%s')", escapeValue(value)) - default: - code = ldap.LDAPResultUndefinedAttributeType - err = fmt.Errorf("unrecognized assertion type '%s' in filter item", attribute) - } - return qtype, q, code, err - case "And", "Or": - subQueries := []string{} - for i := range f.Children { - var subQuery string - var qt queryType - qt, subQuery, code, err = parseFilter(f.Children[i]) - if err != nil { - return "", "", code, err - } - if qtype == "" { - qtype = qt - } else if qt != "" && qt != qtype { - return "", "", ldap.LDAPResultUnwillingToPerform, fmt.Errorf("mixing user and group filters not supported") - } - if subQuery != "" { - subQueries = append(subQueries, subQuery) - } - } - return qtype, strings.Join(subQueries, " "+strings.ToLower(ldap.FilterMap[f.Tag])+" "), ldap.LDAPResultSuccess, nil - case "Not": - if len(f.Children) != 1 { - return "", "", ldap.LDAPResultOperationsError, fmt.Errorf("not filter match must have exactly one child") - } - qtype, subQuery, code, err := parseFilter(f.Children[0]) - if err != nil { - return "", "", code, err - } - if subQuery != "" { - q = fmt.Sprintf("not %s", subQuery) - } - return qtype, q, code, nil - } - return qtype, q, ldap.LDAPResultUnwillingToPerform, fmt.Errorf("%s filter not implemented", ldap.FilterMap[f.Tag]) -} - -// escapeValue escapes all special characters in the value -func escapeValue(value string) string { - return strings.ReplaceAll(value, "'", "''") -} - -func (h ocisHandler) Close(boundDN string, conn net.Conn) error { - stats.Frontend.Add("closes", 1) - return nil -} - -// Add is not yet supported for the ocis backend -func (h ocisHandler) Add(boundDN string, req ldap.AddRequest, conn net.Conn) (result ldap.LDAPResultCode, err error) { - return ldap.LDAPResultInsufficientAccessRights, nil -} - -// Modify is not yet supported for the ocis backend -func (h ocisHandler) Modify(boundDN string, req ldap.ModifyRequest, conn net.Conn) (result ldap.LDAPResultCode, err error) { - return ldap.LDAPResultInsufficientAccessRights, nil -} - -// Delete is not yet supported for the ocis backend -func (h ocisHandler) Delete(boundDN string, deleteDN string, conn net.Conn) (result ldap.LDAPResultCode, err error) { - return ldap.LDAPResultInsufficientAccessRights, nil -} - -// FindUser with the given username -func (h ocisHandler) FindUser(userName string, searchByUPN bool) (found bool, user config.User, err error) { - return false, config.User{}, nil -} - -// FindGroup with the given groupname -func (h ocisHandler) FindGroup(groupName string) (found bool, user config.Group, err error) { - return false, config.Group{}, nil -} - -// NewOCISHandler implements a glauth backend with ocis-accounts as the datasource -func NewOCISHandler(opts ...Option) handler.Handler { - options := newOptions(opts...) - - handler := ocisHandler{ - log: options.Logger, - as: options.AccountsService, - gs: options.GroupsService, - basedn: options.BaseDN, - nameFormat: options.NameFormat, - groupFormat: options.GroupFormat, - rbid: options.RoleBundleUUID, - } - return handler -} diff --git a/extensions/glauth/pkg/server/glauth/option.go b/extensions/glauth/pkg/server/glauth/option.go deleted file mode 100644 index f4303ec3df..0000000000 --- a/extensions/glauth/pkg/server/glauth/option.go +++ /dev/null @@ -1,124 +0,0 @@ -package glauth - -import ( - "context" - - accountssvc "github.com/owncloud/ocis/v2/protogen/gen/ocis/services/accounts/v0" - - "github.com/glauth/glauth/v2/pkg/config" - "github.com/owncloud/ocis/v2/ocis-pkg/log" -) - -// Option defines a single option function. -type Option func(o *Options) - -// Options defines the available options for this package. -type Options struct { - Logger log.Logger - Context context.Context - LDAP *config.LDAP - LDAPS *config.LDAPS - Backend *config.Config - Fallback *config.Config - BaseDN string - NameFormat string - GroupFormat string - RoleBundleUUID string - AccountsService accountssvc.AccountsService - GroupsService accountssvc.GroupsService -} - -// newOptions initializes the available default options. -func newOptions(opts ...Option) Options { - opt := Options{} - - for _, o := range opts { - o(&opt) - } - - return opt -} - -// Logger provides a function to set the logger option. -func Logger(val log.Logger) Option { - return func(o *Options) { - o.Logger = val - } -} - -// Context provides a function to set the context option. -func Context(val context.Context) Option { - return func(o *Options) { - o.Context = val - } -} - -// LDAP provides a function to set the LDAP option. -func LDAP(val *config.LDAP) Option { - return func(o *Options) { - o.LDAP = val - } -} - -// LDAPS provides a function to set the LDAPS option. -func LDAPS(val *config.LDAPS) Option { - return func(o *Options) { - o.LDAPS = val - } -} - -// Backend provides a function to set the backend option. -func Backend(val *config.Config) Option { - return func(o *Options) { - o.Backend = val - } -} - -// Fallback provides a string to set the fallback option. -func Fallback(val *config.Config) Option { - return func(o *Options) { - o.Fallback = val - } -} - -// BaseDN provides a string to set the BaseDN option. -func BaseDN(val string) Option { - return func(o *Options) { - o.BaseDN = val - } -} - -// NameFormat provides a string to set the NameFormat option. -func NameFormat(val string) Option { - return func(o *Options) { - o.NameFormat = val - } -} - -// GroupFormat provides a string to set the GroupFormat option. -func GroupFormat(val string) Option { - return func(o *Options) { - o.GroupFormat = val - } -} - -// AccountsService provides an AccountsService client to set the AccountsService option. -func AccountsService(val accountssvc.AccountsService) Option { - return func(o *Options) { - o.AccountsService = val - } -} - -// GroupsService provides an GroupsService client to set the GroupsService option. -func GroupsService(val accountssvc.GroupsService) Option { - return func(o *Options) { - o.GroupsService = val - } -} - -// RoleBundleUUID provides a role bundle UUID to make internal grpc requests. -func RoleBundleUUID(val string) Option { - return func(o *Options) { - o.RoleBundleUUID = val - } -} diff --git a/extensions/glauth/pkg/server/glauth/server.go b/extensions/glauth/pkg/server/glauth/server.go deleted file mode 100644 index 4ebae251ff..0000000000 --- a/extensions/glauth/pkg/server/glauth/server.go +++ /dev/null @@ -1,155 +0,0 @@ -package glauth - -import ( - "errors" - "fmt" - - "github.com/GeertJohan/yubigo" - "github.com/glauth/glauth/v2/pkg/config" - "github.com/glauth/glauth/v2/pkg/handler" - "github.com/go-logr/logr" - "github.com/nmcclain/ldap" - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/mlogr" -) - -// LdapSvc holds the ldap server struct -type LdapSvc struct { - log logr.Logger - ldap *config.LDAP - ldaps *config.LDAPS - backend *config.Config - fallback *config.Config - yubiAuth *yubigo.YubiAuth - l *ldap.Server -} - -// Server initializes the ldap server. -// It is a fork github.com/glauth/pkg/server because it would introduce a go-micro dependency upstream. -func Server(opts ...Option) (*LdapSvc, error) { - options := newOptions(opts...) - - s := LdapSvc{ - log: mlogr.New(&options.Logger), - backend: options.Backend, - fallback: options.Fallback, - ldap: options.LDAP, - ldaps: options.LDAPS, - } - - var err error - - if len(s.backend.YubikeyClientID) > 0 && len(s.backend.YubikeySecret) > 0 { - s.yubiAuth, err = yubigo.NewYubiAuth(s.backend.YubikeyClientID, s.backend.YubikeySecret) - - if err != nil { - return nil, errors.New("yubikey auth failed") - } - } - - // configure the backend - s.l = ldap.NewServer() - s.l.EnforceLDAP = true - var bh handler.Handler - - switch s.backend.Backend.Datastore { - /* TODO bring back file config - case "config": - bh = handler.NewConfigHandler( - handler.Logger(s.log), - handler.Config(s.c), - handler.YubiAuth(s.yubiAuth), - ) - */ - case "ldap": - bh = handler.NewLdapHandler( - handler.Logger(s.log), - handler.Backend(s.backend.Backend), - ) - case "owncloud": - bh = handler.NewOwnCloudHandler( - handler.Logger(s.log), - handler.Backend(s.backend.Backend), - ) - case "accounts": - bh = NewOCISHandler( - AccountsService(options.AccountsService), - GroupsService(options.GroupsService), - Logger(options.Logger), - BaseDN(s.backend.Backend.BaseDN), - NameFormat(s.backend.Backend.NameFormat), - GroupFormat(s.backend.Backend.GroupFormat), - RoleBundleUUID(options.RoleBundleUUID), - ) - default: - return nil, fmt.Errorf("unsupported backend %s - must be 'ldap', 'owncloud' or 'accounts'", s.backend.Backend.Datastore) - } - s.log.V(3).Info("Using backend", "backend", s.backend.Backend) - - if s.fallback != nil && s.fallback.Backend.Datastore != "" { - - var fh handler.Handler - - switch s.fallback.Backend.Datastore { - /* TODO bring back file config - case "config": - fh = handler.NewConfigHandler( - handler.Logger(s.log), - handler.Config(s.c), - handler.YubiAuth(s.yubiAuth), - ) - */ - case "ldap": - fh = handler.NewLdapHandler( - handler.Logger(s.log), - handler.Backend(s.fallback.Backend), - ) - case "owncloud": - fh = handler.NewOwnCloudHandler( - handler.Logger(s.log), - handler.Backend(s.fallback.Backend), - ) - case "accounts": - fh = NewOCISHandler( - AccountsService(options.AccountsService), - GroupsService(options.GroupsService), - Logger(options.Logger), - BaseDN(s.fallback.Backend.BaseDN), - NameFormat(s.fallback.Backend.NameFormat), - GroupFormat(s.fallback.Backend.GroupFormat), - RoleBundleUUID(options.RoleBundleUUID), - ) - default: - return nil, fmt.Errorf("unsupported fallback %s - must be 'ldap', 'owncloud' or 'accounts'", s.fallback.Backend.Datastore) - } - s.log.V(3).Info("Using fallback", "backend", s.fallback.Backend) - - bh = NewChainHandler(options.Logger, bh, fh) - } - - s.l.BindFunc(s.backend.Backend.BaseDN, bh) - s.l.SearchFunc(s.backend.Backend.BaseDN, bh) - s.l.CloseFunc(s.backend.Backend.BaseDN, bh) - - return &s, nil -} - -// ListenAndServe listens on the TCP network address s.c.LDAP.Listen -func (s *LdapSvc) ListenAndServe() error { - s.log.V(3).Info("ldap server listening", "address", s.ldap.Listen) - return s.l.ListenAndServe(s.ldap.Listen) -} - -// ListenAndServeTLS listens on the TCP network address s.c.LDAPS.Listen -func (s *LdapSvc) ListenAndServeTLS() error { - s.log.V(3).Info("ldaps server listening", "address", s.ldaps.Listen) - return s.l.ListenAndServeTLS( - s.ldaps.Listen, - s.ldaps.Cert, - s.ldaps.Key, - ) -} - -// Shutdown ends listeners by sending true to the ldap serves quit channel -func (s *LdapSvc) Shutdown() { - s.l.Quit <- true -} diff --git a/extensions/glauth/pkg/tracing/tracing.go b/extensions/glauth/pkg/tracing/tracing.go deleted file mode 100644 index ce531006e9..0000000000 --- a/extensions/glauth/pkg/tracing/tracing.go +++ /dev/null @@ -1,23 +0,0 @@ -package tracing - -import ( - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" - pkgtrace "github.com/owncloud/ocis/v2/ocis-pkg/tracing" - "go.opentelemetry.io/otel/trace" -) - -var ( - // TraceProvider is the global trace provider for the glauth service. - TraceProvider = trace.NewNoopTracerProvider() -) - -func Configure(cfg *config.Config) error { - var err error - if cfg.Tracing.Enabled { - if TraceProvider, err = pkgtrace.GetTraceProvider(cfg.Tracing.Endpoint, cfg.Tracing.Collector, cfg.Service.Name, cfg.Tracing.Type); err != nil { - return err - } - } - - return nil -} diff --git a/extensions/glauth/reflex.conf b/extensions/glauth/reflex.conf deleted file mode 100644 index a82062f1ba..0000000000 --- a/extensions/glauth/reflex.conf +++ /dev/null @@ -1,2 +0,0 @@ -# backend --r '^(cmd|pkg)/.*\.go$' -R '^node_modules/' -s -- sh -c 'make bin/ocis-glauth-debug && bin/ocis-glauth-debug --log-level debug server --debug-pprof --debug-zpages' diff --git a/go.mod b/go.mod index a663ad33cd..f4aa9f1842 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,6 @@ go 1.17 require ( github.com/CiscoM31/godata v1.0.5 - github.com/GeertJohan/yubigo v0.0.0-20190917122436-175bc097e60e github.com/Masterminds/semver v1.5.0 github.com/ReneKroon/ttlcache/v2 v2.11.0 github.com/blevesearch/bleve/v2 v2.3.2 @@ -13,13 +12,11 @@ require ( github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde github.com/cs3org/reva/v2 v2.3.2-0.20220511062620-573cbbef3917 github.com/disintegration/imaging v1.6.2 - github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733 github.com/go-chi/chi/v5 v5.0.7 github.com/go-chi/cors v1.2.1 github.com/go-chi/render v1.0.1 github.com/go-ldap/ldap/v3 v3.4.3 github.com/go-ldap/ldif v0.0.0-20200320164324-fd88d9b715b3 - github.com/go-logr/logr v1.2.3 github.com/go-micro/plugins/v4/client/grpc v1.0.0 github.com/go-micro/plugins/v4/events/natsjs v1.0.1 github.com/go-micro/plugins/v4/logger/zerolog v1.0.0 @@ -49,8 +46,6 @@ require ( github.com/mitchellh/mapstructure v1.5.0 github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 github.com/nats-io/nats-server/v2 v2.8.2 - github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484 - github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba github.com/oklog/run v1.1.0 github.com/olekukonko/tablewriter v0.0.5 github.com/onsi/ginkgo v1.16.5 @@ -120,7 +115,6 @@ require ( github.com/blevesearch/zapx/v15 v15.3.3 // indirect github.com/bluele/gcache v0.0.2 // indirect github.com/bmizerany/pat v0.0.0-20210406213842-e4b6760bdd6f // indirect - github.com/boombuler/barcode v1.0.1 // indirect github.com/cenkalti/backoff v2.2.1+incompatible // indirect github.com/ceph/go-ceph v0.15.0 // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect @@ -150,6 +144,7 @@ require ( github.com/go-git/go-git/v5 v5.4.2 // indirect github.com/go-kit/log v0.2.0 // indirect github.com/go-logfmt/logfmt v0.5.1 // indirect + github.com/go-logr/logr v1.2.3 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-sql-driver/mysql v1.6.0 // indirect github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 // indirect @@ -220,14 +215,11 @@ require ( github.com/pkg/xattr v0.4.5 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/pquerna/cachecontrol v0.1.0 // indirect - github.com/pquerna/otp v1.3.0 // indirect github.com/prometheus/alertmanager v0.24.0 // indirect github.com/prometheus/client_model v0.2.0 // indirect github.com/prometheus/common v0.32.1 // indirect github.com/prometheus/procfs v0.7.3 // indirect github.com/prometheus/statsd_exporter v0.22.4 // indirect - github.com/rickb777/date v1.17.0 // indirect - github.com/rickb777/plural v1.4.1 // indirect github.com/rivo/uniseg v0.2.0 // indirect github.com/rs/cors v1.8.2 // indirect github.com/rs/xid v1.3.0 // indirect @@ -246,7 +238,6 @@ require ( github.com/tus/tusd v1.8.0 // indirect github.com/wk8/go-ordered-map v0.2.0 // indirect github.com/xanzy/ssh-agent v0.3.1 // indirect - github.com/yaegashi/msgraph.go v0.1.4 // indirect go.etcd.io/bbolt v1.3.6 // indirect go.etcd.io/etcd/api/v3 v3.5.2 // indirect go.etcd.io/etcd/client/pkg/v3 v3.5.2 // indirect diff --git a/go.sum b/go.sum index 7aa504a5bc..b982ad6ab6 100644 --- a/go.sum +++ b/go.sum @@ -87,8 +87,6 @@ github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym github.com/CiscoM31/godata v1.0.5 h1:AITXpa/5ybXEq59A0nqUGiS7ZXVJnQtFw5o09tyN/UA= github.com/CiscoM31/godata v1.0.5/go.mod h1:wcmFm66GMdOE316TgwFO1wo5ainCvTK26omd93oZf2M= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= -github.com/GeertJohan/yubigo v0.0.0-20190917122436-175bc097e60e h1:Bqtt5C+uVk+vH/t5dmB47uDCTwxw16EYHqvJnmY2aQc= -github.com/GeertJohan/yubigo v0.0.0-20190917122436-175bc097e60e/go.mod h1:njRCDrl+1RQ/A/+KVU8Ho2EWAxUSkohOWczdW3dzDG0= github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= @@ -140,7 +138,6 @@ github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= -github.com/arl/statsviz v0.4.0/go.mod h1:+5inUy/dxy11x/KSmicG3ZrEEy0Yr81AFm3dn4QC04M= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= @@ -221,8 +218,6 @@ github.com/bmizerany/pat v0.0.0-20170815010413-6226ea591a40/go.mod h1:8rLXio+Wji github.com/bmizerany/pat v0.0.0-20210406213842-e4b6760bdd6f h1:gOO/tNZMjjvTKZWpY7YnXC72ULNLErRtp94LountVE8= github.com/bmizerany/pat v0.0.0-20210406213842-e4b6760bdd6f/go.mod h1:8rLXio+WjiTceGBHIoTvn60HIbs7Hm7bcHjyrSqYB9c= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= -github.com/boombuler/barcode v1.0.1 h1:NDBbPmhS+EqABEs5Kg3n/5ZNjy73Pz7SIV+KCeqyXcs= -github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/c-bata/go-prompt v0.2.5/go.mod h1:vFnjEGDIIA/Lib7giyE4E9c50Lvl8j0S+7FVlAwDAVw= github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4= github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= @@ -331,7 +326,6 @@ github.com/dnsimple/dnsimple-go v0.63.0/go.mod h1:O5TJ0/U6r7AfT8niYNlmohpLbCSG+c github.com/docker/docker v20.10.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs= @@ -376,8 +370,6 @@ github.com/gdexlab/go-render v1.0.1 h1:rxqB3vo5s4n1kF0ySmoNeSPRYkEsyHgln4jFIQY7v github.com/gdexlab/go-render v1.0.1/go.mod h1:wRi5nW2qfjiGj4mPukH4UV0IknS1cHD4VgFTmJX5JzM= github.com/getkin/kin-openapi v0.13.0/go.mod h1:WGRs2ZMM1Q8LR1QBEwUxC6RJEfaBcD0s+pcEVXFuAjw= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733 h1:MK+W6dk4GV3g8ofk7+H/T9zBlNdgG55jJeb5+LsBKVo= -github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733/go.mod h1:JvR27X1t1ODMyV5HoPlS7U4K3MIMqC93FkowSrOEZcw= github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0= github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= github.com/go-acme/lego/v4 v4.4.0/go.mod h1:l3+tFUFZb590dWcqhWZegynUthtaHJbG2fevUpoOOE0= @@ -425,7 +417,6 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logfmt/logfmt v0.5.1 h1:otpy5pqBCBZ1ng9RQ0dPu4PN7ba75Y/aA+UpowDyNVA= github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= -github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -484,7 +475,6 @@ github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTM github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= github.com/go-resty/resty/v2 v2.1.1-0.20191201195748-d7b97669fe48/go.mod h1:dZGr0i9PLlaaTD4H/hoZIDjQ+r6xq8mgbRzHZf7f2J8= -github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= @@ -742,7 +732,6 @@ github.com/hashicorp/yamux v0.0.0-20211028200310-0bc27b27de87/go.mod h1:CtWFDAQg github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw= github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= -github.com/hydronica/toml v0.4.2/go.mod h1:c7QhbYq3Wp9SlOWuG7MAieKUyXP2P/hXhy/YqWfbS/4= github.com/iancoleman/strcase v0.2.0 h1:05I4QRnGpI0m37iZQRuskXh+w77mr6Z41lwQzuHLwW0= github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= @@ -761,7 +750,6 @@ github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJS github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= -github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= @@ -834,7 +822,6 @@ github.com/labbsr0x/goh v1.0.1/go.mod h1:8K2UhVoaWXcCU7Lxoa2omWnC8gyW8px7/lmO61c github.com/labstack/echo/v4 v4.1.11/go.mod h1:i541M3Fj6f76NZtHSj7TXnyM8n2gaodfvfxNnFqi74g= github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k= github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII= -github.com/lib/pq v1.10.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/libregraph/idm v0.3.1-0.20220315094434-e9a5cff3dd05 h1:/I4f6c7ZGw16oTBAyhCD9Tf+arBHGvmxL9Drs/KRkRc= github.com/libregraph/idm v0.3.1-0.20220315094434-e9a5cff3dd05/go.mod h1:YQ21AOfZPcCZWX1uJYULZ8hNdrmxStg6egvXaS+ZvOM= github.com/libregraph/lico v0.54.1-0.20220325072321-31efc3995d63 h1:oPqyRePmq+59YF1tAur7WXuM/z/epRd+HGGyPPx2Vv8= @@ -885,7 +872,6 @@ github.com/mattn/go-runewidth v0.0.6/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU= github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= -github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= github.com/mattn/go-sqlite3 v1.14.10/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= github.com/mattn/go-sqlite3 v2.0.3+incompatible h1:gXHsfypPkaMZrKbD5209QV9jbUTJKjyR5WD3HYQSd+U= github.com/mattn/go-sqlite3 v2.0.3+incompatible/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= @@ -990,10 +976,6 @@ github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw= github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= github.com/nbio/st v0.0.0-20140626010706-e9e8d9816f32/go.mod h1:9wM+0iRr9ahx58uYLpLIr5fm8diHn0JbqRycJi6w0Ms= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484 h1:D9EvfGQvlkKaDr2CRKN++7HbSXbefUNDrPq60T+g24s= -github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484/go.mod h1:O1EljZ+oHprtxDDPHiMWVo/5dBT6PlvWX5PSwj80aBA= -github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba h1:DO8NFYdcRv1dnyAINJIBm6Bw2XibtLvQniNFGzf2W8E= -github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba/go.mod h1:4S0XndRL8HNOaQBfdViJ2F/GPCgL524xlXRuXFH12/U= github.com/nrdcg/auroradns v1.0.1/go.mod h1:y4pc0i9QXYlFCWrhWrUSIETnZgrf4KuwjDIWmmXo3JI= github.com/nrdcg/desec v0.5.0/go.mod h1:2ejvMazkav1VdDbv2HeQO7w+Ta1CGHqzQr27ZBYTuEQ= github.com/nrdcg/dnspod-go v0.4.0/go.mod h1:vZSoFSFeQVm2gWLMkyX61LZ8HI3BaqtHZWgPTGKr6KQ= @@ -1025,7 +1007,6 @@ github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1y github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.19.0 h1:4ieX6qQjPP/BfC3mpsAtIGGlxTWPeA3Inl/7DtXw1tw= github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= @@ -1066,7 +1047,6 @@ github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSg github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/pquerna/cachecontrol v0.1.0 h1:yJMy84ti9h/+OEWa752kBTKv4XC30OtVVHYv/8cTqKc= github.com/pquerna/cachecontrol v0.1.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= -github.com/pquerna/otp v1.3.0 h1:oJV/SkzR33anKXwQU3Of42rL4wbrffP4uvUf1SvS5Xs= github.com/pquerna/otp v1.3.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= github.com/prometheus/alertmanager v0.24.0 h1:HBWR3lk4uy3ys+naDZthDdV7yEsxpaNeZuUS+hJgrOw= github.com/prometheus/alertmanager v0.24.0/go.mod h1:r6fy/D7FRuZh5YbnX6J3MBY0eI4Pb5yPYS7/bPSXXqI= @@ -1123,12 +1103,6 @@ github.com/prometheus/statsd_exporter v0.22.4/go.mod h1:N4Z1+iSqc9rnxlT1N8Qn3l65 github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/rainycape/memcache v0.0.0-20150622160815-1031fa0ce2f2/go.mod h1:7tZKcyumwBO6qip7RNQ5r77yrssm9bfCowcLEBcU5IA= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= -github.com/rickb777/date v1.12.4/go.mod h1:xP0eo/I5qmUt97yRGClHZfyLZ3ikMw6v6SU5MOGZTE0= -github.com/rickb777/date v1.17.0 h1:Qk1MUtTLFfIWYhRaNRyk1t7LmjfkjOEELacQPsoh7Nw= -github.com/rickb777/date v1.17.0/go.mod h1:b3AnLwjEdg1YWLUFnAd/lUq3JDJmMRXi/Onm8q0zlQg= -github.com/rickb777/plural v1.2.0/go.mod h1:UdpyWFCGbo3mvK3f/PfZOAOrkjzJlYN/sD46XNWJ+Es= -github.com/rickb777/plural v1.4.1 h1:5MMLcbIaapLFmvDGRT5iPk8877hpTPt8Y9cdSKRw9sU= -github.com/rickb777/plural v1.4.1/go.mod h1:kdmXUpmKBJTS0FtG/TFumd//VBWsNTD7zOw7x4umxNw= github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= @@ -1286,10 +1260,6 @@ github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778 h1:QldyIu/L63oPpyvQmHgvgickp1Yw510KJOqX7H24mg8= github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778/go.mod h1:2MuV+tbUrU1zIOPMxZ5EncGwgmMJsa+9ucAQZXxsObs= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -github.com/yaegashi/msgraph.go v0.1.1-0.20200221123608-2d438cf2a7cc/go.mod h1:tso14hwzqX4VbnWTNsxiL0DvMb2OwbGISFA7jDibdWc= -github.com/yaegashi/msgraph.go v0.1.4 h1:leDXSczAbwBpYFSmmZrdByTiPoUw8dbTfNMetAjJvbw= -github.com/yaegashi/msgraph.go v0.1.4/go.mod h1:vgeYhHa5skJt/3lTyjGXThTZhwbhRnGo6uUxzoJIGME= -github.com/yaegashi/wtz.go v0.0.2/go.mod h1:nOLA5QXsmdkRxBkP5tljhua13ADHCKirLBrzPf4PEJc= github.com/yosuke-furukawa/json5 v0.1.1/go.mod h1:sw49aWDqNdRJ6DYUtIQiaA3xyj2IL9tjeNYmX2ixwcU= github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -1516,7 +1486,6 @@ golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211020060615-d418f374d309/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f h1:oA4XRj0qtSt8Yo1Zms0CUlsT3KG69V2UGQWPBxujDmc= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= @@ -1746,11 +1715,9 @@ golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWc golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200529172331-a64b76657301/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200731060945-b5fad4ed8dd6/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= @@ -1946,7 +1913,6 @@ google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/Acconut/lockfile.v1 v1.1.0/go.mod h1:6UCz3wJ8tSFUsPR6uP/j8uegEtDuEEqFxlpi0JI4Umw= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= -gopkg.in/amz.v3 v3.0.0-20201001071545-24fc1eceb27b/go.mod h1:cE0dCGx2UfBTjLFlzEx4EXJUmoX6BXBoX9GjKOvqha4= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index ff3a4aaad5..cacb1f4d59 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -12,7 +12,6 @@ import ( authmachine "github.com/owncloud/ocis/v2/extensions/auth-machine/pkg/config" frontend "github.com/owncloud/ocis/v2/extensions/frontend/pkg/config" gateway "github.com/owncloud/ocis/v2/extensions/gateway/pkg/config" - glauth "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config" graphExplorer "github.com/owncloud/ocis/v2/extensions/graph-explorer/pkg/config" graph "github.com/owncloud/ocis/v2/extensions/graph/pkg/config" groups "github.com/owncloud/ocis/v2/extensions/groups/pkg/config" @@ -83,7 +82,6 @@ type Config struct { AuthMachine *authmachine.Config `yaml:"auth_machine"` Frontend *frontend.Config `yaml:"frontend"` Gateway *gateway.Config `yaml:"gateway"` - GLAuth *glauth.Config `yaml:"glauth"` Graph *graph.Config `yaml:"graph"` GraphExplorer *graphExplorer.Config `yaml:"graph_explorer"` Groups *groups.Config `yaml:"groups"` diff --git a/ocis-pkg/config/defaultconfig.go b/ocis-pkg/config/defaultconfig.go index 6108b3a6bf..15f92c1e30 100644 --- a/ocis-pkg/config/defaultconfig.go +++ b/ocis-pkg/config/defaultconfig.go @@ -10,7 +10,6 @@ import ( authmachine "github.com/owncloud/ocis/v2/extensions/auth-machine/pkg/config/defaults" frontend "github.com/owncloud/ocis/v2/extensions/frontend/pkg/config/defaults" gateway "github.com/owncloud/ocis/v2/extensions/gateway/pkg/config/defaults" - glauth "github.com/owncloud/ocis/v2/extensions/glauth/pkg/config/defaults" graphExplorer "github.com/owncloud/ocis/v2/extensions/graph-explorer/pkg/config/defaults" graph "github.com/owncloud/ocis/v2/extensions/graph/pkg/config/defaults" groups "github.com/owncloud/ocis/v2/extensions/groups/pkg/config/defaults" @@ -51,7 +50,6 @@ func DefaultConfig() *Config { AuthMachine: authmachine.DefaultConfig(), Frontend: frontend.DefaultConfig(), Gateway: gateway.DefaultConfig(), - GLAuth: glauth.DefaultConfig(), Graph: graph.DefaultConfig(), GraphExplorer: graphExplorer.DefaultConfig(), Groups: groups.DefaultConfig(), diff --git a/ocis/pkg/command/glauth.go b/ocis/pkg/command/glauth.go deleted file mode 100644 index ddcff0b693..0000000000 --- a/ocis/pkg/command/glauth.go +++ /dev/null @@ -1,33 +0,0 @@ -package command - -import ( - "fmt" - - "github.com/owncloud/ocis/v2/extensions/glauth/pkg/command" - "github.com/owncloud/ocis/v2/ocis-pkg/config" - "github.com/owncloud/ocis/v2/ocis-pkg/config/parser" - "github.com/owncloud/ocis/v2/ocis/pkg/register" - "github.com/urfave/cli/v2" -) - -// GLAuthCommand is the entrypoint for the glauth command. -func GLAuthCommand(cfg *config.Config) *cli.Command { - return &cli.Command{ - Name: cfg.GLAuth.Service.Name, - Usage: subcommandDescription(cfg.GLAuth.Service.Name), - Category: "extensions", - Before: func(c *cli.Context) error { - if err := parser.ParseConfig(cfg); err != nil { - fmt.Printf("%v", err) - return err - } - cfg.GLAuth.Commons = cfg.Commons - return nil - }, - Subcommands: command.GetCommands(cfg.GLAuth), - } -} - -func init() { - register.AddCommand(GLAuthCommand) -} diff --git a/ocis/pkg/runtime/service/service.go b/ocis/pkg/runtime/service/service.go index 5d07f08afe..c6844f2b00 100644 --- a/ocis/pkg/runtime/service/service.go +++ b/ocis/pkg/runtime/service/service.go @@ -27,7 +27,6 @@ import ( authmachine "github.com/owncloud/ocis/v2/extensions/auth-machine/pkg/command" frontend "github.com/owncloud/ocis/v2/extensions/frontend/pkg/command" gateway "github.com/owncloud/ocis/v2/extensions/gateway/pkg/command" - glauth "github.com/owncloud/ocis/v2/extensions/glauth/pkg/command" graphExplorer "github.com/owncloud/ocis/v2/extensions/graph-explorer/pkg/command" graph "github.com/owncloud/ocis/v2/extensions/graph/pkg/command" groups "github.com/owncloud/ocis/v2/extensions/groups/pkg/command" @@ -111,7 +110,6 @@ func NewService(options ...Option) (*Service, error) { s.ServicesRegistry[opts.Config.Settings.Service.Name] = settings.NewSutureService s.ServicesRegistry[opts.Config.Nats.Service.Name] = nats.NewSutureService s.ServicesRegistry[opts.Config.StorageSystem.Service.Name] = storageSystem.NewSutureService - s.ServicesRegistry[opts.Config.GLAuth.Service.Name] = glauth.NewSutureService s.ServicesRegistry[opts.Config.Graph.Service.Name] = graph.NewSutureService s.ServicesRegistry[opts.Config.GraphExplorer.Service.Name] = graphExplorer.NewSutureService s.ServicesRegistry[opts.Config.IDM.Service.Name] = idm.NewSutureService @@ -258,10 +256,6 @@ func (s *Service) generateRunSet(cfg *ociscfg.Config) { } for name := range s.ServicesRegistry { - // don't run glauth by default but keep the possibility to start it via cfg.Runtime.Extensions for now - if name == "glauth" { - continue - } runset = append(runset, name) }