mirror
/
dex
mirror of https://github.com/dexidp/dex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

append role to space guids 

Signed-off-by: Rui Yang <ryang@pivotal.io>
Co-authored-by: Joshua Winters <jwinters@pivotal.io>
pull/1624/head
Rui Yang 6 years ago committed by CI Bot
parent
0cdd860e2e
commit
13e3c24f4b
2 changed files with 23 additions and 14 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 27
      connector/cf/cf.go
  2. 10
      connector/cf/cf_test.go

27
connector/cf/cf.go
Unescape View File

@ -68,6 +68,7 @@ type Space struct {
Name string
Guid string
OrgGuid string
Role string
}
type Org struct {
@ -192,7 +193,7 @@ func (c *cfConnector) LoginURL(scopes connector.Scopes, callbackURL, state strin
return oauth2Config.AuthCodeURL(state), nil
}
func fetchRoleSpaces(baseUrl, path string, client *http.Client) ([]Space, error) {
func fetchRoleSpaces(baseUrl, path, role string, client *http.Client) ([]Space, error) {
var spaces []Space
resources, err := fetchResources(baseUrl, path, client)
@ -205,6 +206,7 @@ func fetchRoleSpaces(baseUrl, path string, client *http.Client) ([]Space, error)
Name: resource.Entity.Name,
Guid: resource.Metadata.Guid,
OrgGuid: resource.Entity.OrganizationGuid,
Role: role,
})
}
@ -268,32 +270,33 @@ func getGroupsClaims(orgs []Org, spaces []Space) []string {
var (
orgMap = map[string]string{}
orgSpaces = map[string][]string{}
orgSpaces = map[string][]Space{}
groupsClaims = map[string]bool{}
)
for _, org := range orgs {
orgMap[org.Guid] = org.Name
orgSpaces[org.Name] = []string{}
orgSpaces[org.Name] = []Space{}
groupsClaims[org.Guid] = true
groupsClaims[org.Name] = true
}
for _, space := range spaces {
orgName := orgMap[space.OrgGuid]
orgSpaces[orgName] = append(orgSpaces[orgName], space.Name)
orgSpaces[orgName] = append(orgSpaces[orgName], space)
groupsClaims[space.Guid] = true
groupsClaims[fmt.Sprintf("%s:%s", space.Guid, space.Role)] = true
}
for orgName, spaceNames := range orgSpaces {
for _, spaceName := range spaceNames {
groupsClaims[fmt.Sprintf("%s:%s", orgName, spaceName)] = true
for orgName, spaces := range orgSpaces {
for _, space := range spaces {
groupsClaims[fmt.Sprintf("%s:%s", orgName, space.Name)] = true
}
}
var groups []string
for k, _ := range groupsClaims {
groups = append(groups, k)
for group, _ := range groupsClaims {
groups = append(groups, group)
}
sort.Strings(groups)
@ -362,17 +365,17 @@ func (c *cfConnector) HandleCallback(s connector.Scopes, r *http.Request) (ident
return identity, fmt.Errorf("failed to fetch organizaitons: %v", err)
}
developerSpaces, err := fetchRoleSpaces(c.apiURL, devPath, client)
developerSpaces, err := fetchRoleSpaces(c.apiURL, devPath, "developer", client)
if err != nil {
return identity, fmt.Errorf("failed to fetch spaces for developer roles: %v", err)
}
auditorSpaces, err := fetchRoleSpaces(c.apiURL, auditorPath, client)
auditorSpaces, err := fetchRoleSpaces(c.apiURL, auditorPath, "auditor", client)
if err != nil {
return identity, fmt.Errorf("failed to fetch spaces for developer roles: %v", err)
}
managerSpaces, err := fetchRoleSpaces(c.apiURL, managerPath, client)
managerSpaces, err := fetchRoleSpaces(c.apiURL, managerPath, "manager", client)
if err != nil {
return identity, fmt.Errorf("failed to fetch spaces for developer roles: %v", err)
}

10
connector/cf/cf_test.go
Unescape View File

@ -48,7 +48,7 @@ func TestHandleCallback(t *testing.T) {
identity, err := cfConn.HandleCallback(connector.Scopes{Groups: true}, req)
expectEqual(t, err, nil)
expectEqual(t, len(identity.Groups), 12)
expectEqual(t, len(identity.Groups), 18)
expectEqual(t, identity.Groups[0], "some-org-guid-1")
expectEqual(t, identity.Groups[1], "some-org-guid-2")
expectEqual(t, identity.Groups[2], "some-org-guid-3")
@ -60,7 +60,13 @@ func TestHandleCallback(t *testing.T) {
expectEqual(t, identity.Groups[8], "some-org-name-3")
expectEqual(t, identity.Groups[9], "some-org-name-4")
expectEqual(t, identity.Groups[10], "some-space-guid-1")
expectEqual(t, identity.Groups[11], "some-space-guid-2")
expectEqual(t, identity.Groups[11], "some-space-guid-1:auditor")
expectEqual(t, identity.Groups[12], "some-space-guid-1:developer")
expectEqual(t, identity.Groups[13], "some-space-guid-1:manager")
expectEqual(t, identity.Groups[14], "some-space-guid-2")
expectEqual(t, identity.Groups[15], "some-space-guid-2:auditor")
expectEqual(t, identity.Groups[16], "some-space-guid-2:developer")
expectEqual(t, identity.Groups[17], "some-space-guid-2:manager")
})
t.Run("CallbackWithoutGroupsScope", func(t *testing.T) {

Write Preview
Loading…
Cancel
Save