add configurable preferred_username key

Signed-off-by: Rui Yang <ruiya@vmware.com>
This commit is contained in:
Rui Yang 2020-08-04 11:00:40 -04:00
parent fdf19e8014
commit 9952851cc4
3 changed files with 52 additions and 44 deletions

View file

@ -21,18 +21,19 @@ import (
) )
type oauthConnector struct { type oauthConnector struct {
clientID string clientID string
clientSecret string clientSecret string
redirectURI string redirectURI string
tokenURL string tokenURL string
authorizationURL string authorizationURL string
userInfoURL string userInfoURL string
scopes []string scopes []string
groupsKey string groupsKey string
userIDKey string userIDKey string
userNameKey string userNameKey string
httpClient *http.Client preferredUsernameKey string
logger log.Logger httpClient *http.Client
logger log.Logger
} }
type connectorData struct { type connectorData struct {
@ -40,18 +41,19 @@ type connectorData struct {
} }
type Config struct { type Config struct {
ClientID string `json:"clientID"` ClientID string `json:"clientID"`
ClientSecret string `json:"clientSecret"` ClientSecret string `json:"clientSecret"`
RedirectURI string `json:"redirectURI"` RedirectURI string `json:"redirectURI"`
TokenURL string `json:"tokenURL"` TokenURL string `json:"tokenURL"`
AuthorizationURL string `json:"authorizationURL"` AuthorizationURL string `json:"authorizationURL"`
UserInfoURL string `json:"userInfoURL"` UserInfoURL string `json:"userInfoURL"`
Scopes []string `json:"scopes"` Scopes []string `json:"scopes"`
GroupsKey string `json:"groupsKey"` GroupsKey string `json:"groupsKey"`
UserIDKey string `json:"userIDKey"` UserIDKey string `json:"userIDKey"`
UserNameKey string `json:"userNameKey"` UserNameKey string `json:"userNameKey"`
RootCAs []string `json:"rootCAs"` PreferredUsernameKey string `json:"preferredUsernameKey"`
InsecureSkipVerify bool `json:"insecureSkipVerify"` RootCAs []string `json:"rootCAs"`
InsecureSkipVerify bool `json:"insecureSkipVerify"`
} }
func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error) { func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error) {
@ -182,9 +184,13 @@ func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (id
c.groupsKey = "groups" c.groupsKey = "groups"
} }
if c.preferredUsernameKey == "" {
c.preferredUsernameKey = "preferred_username"
}
identity.UserID, _ = userInfoResult[c.userIDKey].(string) identity.UserID, _ = userInfoResult[c.userIDKey].(string)
identity.Username, _ = userInfoResult[c.userNameKey].(string) identity.Username, _ = userInfoResult[c.userNameKey].(string)
identity.PreferredUsername, _ = userInfoResult["name"].(string) identity.PreferredUsername, _ = userInfoResult[c.preferredUsernameKey].(string)
identity.Email, _ = userInfoResult["email"].(string) identity.Email, _ = userInfoResult["email"].(string)
identity.EmailVerified, _ = userInfoResult["email_verified"].(bool) identity.EmailVerified, _ = userInfoResult["email_verified"].(bool)

View file

@ -71,12 +71,13 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) {
tokenClaims := map[string]interface{}{} tokenClaims := map[string]interface{}{}
userInfoClaims := map[string]interface{}{ userInfoClaims := map[string]interface{}{
"name": "test-name", "name": "test-name",
"user_id_key": "test-user-id", "user_id_key": "test-user-id",
"user_name_key": "test-username", "user_name_key": "test-username",
"email": "test-email", "preferred_username": "test-preferred-username",
"email_verified": true, "email": "test-email",
"groups_key": []string{"admin-group", "user-group"}, "email_verified": true,
"groups_key": []string{"admin-group", "user-group"},
} }
testServer := testSetup(t, tokenClaims, userInfoClaims) testServer := testSetup(t, tokenClaims, userInfoClaims)
@ -92,9 +93,9 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) {
expectEqual(t, len(identity.Groups), 2) expectEqual(t, len(identity.Groups), 2)
expectEqual(t, identity.Groups[0], "admin-group") expectEqual(t, identity.Groups[0], "admin-group")
expectEqual(t, identity.Groups[1], "user-group") expectEqual(t, identity.Groups[1], "user-group")
expectEqual(t, identity.PreferredUsername, "test-name")
expectEqual(t, identity.UserID, "test-user-id") expectEqual(t, identity.UserID, "test-user-id")
expectEqual(t, identity.Username, "test-username") expectEqual(t, identity.Username, "test-username")
expectEqual(t, identity.PreferredUsername, "test-preferred-username")
expectEqual(t, identity.Email, "test-email") expectEqual(t, identity.Email, "test-email")
expectEqual(t, identity.EmailVerified, true) expectEqual(t, identity.EmailVerified, true)
} }
@ -105,11 +106,12 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) {
} }
userInfoClaims := map[string]interface{}{ userInfoClaims := map[string]interface{}{
"name": "test-name", "name": "test-name",
"user_id_key": "test-user-id", "user_id_key": "test-user-id",
"user_name_key": "test-username", "user_name_key": "test-username",
"email": "test-email", "preferred_username": "test-preferred-username",
"email_verified": true, "email": "test-email",
"email_verified": true,
} }
testServer := testSetup(t, tokenClaims, userInfoClaims) testServer := testSetup(t, tokenClaims, userInfoClaims)
@ -123,7 +125,7 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) {
expectEqual(t, len(identity.Groups), 1) expectEqual(t, len(identity.Groups), 1)
expectEqual(t, identity.Groups[0], "test-group") expectEqual(t, identity.Groups[0], "test-group")
expectEqual(t, identity.PreferredUsername, "test-name") expectEqual(t, identity.PreferredUsername, "test-preferred-username")
expectEqual(t, identity.UserID, "test-user-id") expectEqual(t, identity.UserID, "test-user-id")
expectEqual(t, identity.Username, "test-username") expectEqual(t, identity.Username, "test-username")
expectEqual(t, identity.Email, "test-email") expectEqual(t, identity.Email, "test-email")

View file

@ -35,15 +35,15 @@ connectors:
# scopes: # scopes:
# - identity # - identity
# Optional: Configurable keys for user id field look up # Optional: Configurable keys for groups claim look up
# Default: groups # Default: groups
# groupsKey: # groupsKey:
# Optional: Configurable keys for name field look up # Optional: Configurable keys for user ID claim look up
# Default: user_id # Default: user_id
# userIDKey: # userIDKey:
# Optional: Configurable keys for username field look up # Optional: Configurable keys for preferred username claim look up
# Default: user_name # Default: preferred_username
# userNameKey: # preferredUsernameKey:
``` ```