add configurable preferred_username key
Signed-off-by: Rui Yang <ruiya@vmware.com>
This commit is contained in:
parent
fdf19e8014
commit
9952851cc4
3 changed files with 52 additions and 44 deletions
|
@ -21,18 +21,19 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
type oauthConnector struct {
|
type oauthConnector struct {
|
||||||
clientID string
|
clientID string
|
||||||
clientSecret string
|
clientSecret string
|
||||||
redirectURI string
|
redirectURI string
|
||||||
tokenURL string
|
tokenURL string
|
||||||
authorizationURL string
|
authorizationURL string
|
||||||
userInfoURL string
|
userInfoURL string
|
||||||
scopes []string
|
scopes []string
|
||||||
groupsKey string
|
groupsKey string
|
||||||
userIDKey string
|
userIDKey string
|
||||||
userNameKey string
|
userNameKey string
|
||||||
httpClient *http.Client
|
preferredUsernameKey string
|
||||||
logger log.Logger
|
httpClient *http.Client
|
||||||
|
logger log.Logger
|
||||||
}
|
}
|
||||||
|
|
||||||
type connectorData struct {
|
type connectorData struct {
|
||||||
|
@ -40,18 +41,19 @@ type connectorData struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
type Config struct {
|
type Config struct {
|
||||||
ClientID string `json:"clientID"`
|
ClientID string `json:"clientID"`
|
||||||
ClientSecret string `json:"clientSecret"`
|
ClientSecret string `json:"clientSecret"`
|
||||||
RedirectURI string `json:"redirectURI"`
|
RedirectURI string `json:"redirectURI"`
|
||||||
TokenURL string `json:"tokenURL"`
|
TokenURL string `json:"tokenURL"`
|
||||||
AuthorizationURL string `json:"authorizationURL"`
|
AuthorizationURL string `json:"authorizationURL"`
|
||||||
UserInfoURL string `json:"userInfoURL"`
|
UserInfoURL string `json:"userInfoURL"`
|
||||||
Scopes []string `json:"scopes"`
|
Scopes []string `json:"scopes"`
|
||||||
GroupsKey string `json:"groupsKey"`
|
GroupsKey string `json:"groupsKey"`
|
||||||
UserIDKey string `json:"userIDKey"`
|
UserIDKey string `json:"userIDKey"`
|
||||||
UserNameKey string `json:"userNameKey"`
|
UserNameKey string `json:"userNameKey"`
|
||||||
RootCAs []string `json:"rootCAs"`
|
PreferredUsernameKey string `json:"preferredUsernameKey"`
|
||||||
InsecureSkipVerify bool `json:"insecureSkipVerify"`
|
RootCAs []string `json:"rootCAs"`
|
||||||
|
InsecureSkipVerify bool `json:"insecureSkipVerify"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error) {
|
func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error) {
|
||||||
|
@ -182,9 +184,13 @@ func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (id
|
||||||
c.groupsKey = "groups"
|
c.groupsKey = "groups"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if c.preferredUsernameKey == "" {
|
||||||
|
c.preferredUsernameKey = "preferred_username"
|
||||||
|
}
|
||||||
|
|
||||||
identity.UserID, _ = userInfoResult[c.userIDKey].(string)
|
identity.UserID, _ = userInfoResult[c.userIDKey].(string)
|
||||||
identity.Username, _ = userInfoResult[c.userNameKey].(string)
|
identity.Username, _ = userInfoResult[c.userNameKey].(string)
|
||||||
identity.PreferredUsername, _ = userInfoResult["name"].(string)
|
identity.PreferredUsername, _ = userInfoResult[c.preferredUsernameKey].(string)
|
||||||
identity.Email, _ = userInfoResult["email"].(string)
|
identity.Email, _ = userInfoResult["email"].(string)
|
||||||
identity.EmailVerified, _ = userInfoResult["email_verified"].(bool)
|
identity.EmailVerified, _ = userInfoResult["email_verified"].(bool)
|
||||||
|
|
||||||
|
|
|
@ -71,12 +71,13 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) {
|
||||||
tokenClaims := map[string]interface{}{}
|
tokenClaims := map[string]interface{}{}
|
||||||
|
|
||||||
userInfoClaims := map[string]interface{}{
|
userInfoClaims := map[string]interface{}{
|
||||||
"name": "test-name",
|
"name": "test-name",
|
||||||
"user_id_key": "test-user-id",
|
"user_id_key": "test-user-id",
|
||||||
"user_name_key": "test-username",
|
"user_name_key": "test-username",
|
||||||
"email": "test-email",
|
"preferred_username": "test-preferred-username",
|
||||||
"email_verified": true,
|
"email": "test-email",
|
||||||
"groups_key": []string{"admin-group", "user-group"},
|
"email_verified": true,
|
||||||
|
"groups_key": []string{"admin-group", "user-group"},
|
||||||
}
|
}
|
||||||
|
|
||||||
testServer := testSetup(t, tokenClaims, userInfoClaims)
|
testServer := testSetup(t, tokenClaims, userInfoClaims)
|
||||||
|
@ -92,9 +93,9 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) {
|
||||||
expectEqual(t, len(identity.Groups), 2)
|
expectEqual(t, len(identity.Groups), 2)
|
||||||
expectEqual(t, identity.Groups[0], "admin-group")
|
expectEqual(t, identity.Groups[0], "admin-group")
|
||||||
expectEqual(t, identity.Groups[1], "user-group")
|
expectEqual(t, identity.Groups[1], "user-group")
|
||||||
expectEqual(t, identity.PreferredUsername, "test-name")
|
|
||||||
expectEqual(t, identity.UserID, "test-user-id")
|
expectEqual(t, identity.UserID, "test-user-id")
|
||||||
expectEqual(t, identity.Username, "test-username")
|
expectEqual(t, identity.Username, "test-username")
|
||||||
|
expectEqual(t, identity.PreferredUsername, "test-preferred-username")
|
||||||
expectEqual(t, identity.Email, "test-email")
|
expectEqual(t, identity.Email, "test-email")
|
||||||
expectEqual(t, identity.EmailVerified, true)
|
expectEqual(t, identity.EmailVerified, true)
|
||||||
}
|
}
|
||||||
|
@ -105,11 +106,12 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
userInfoClaims := map[string]interface{}{
|
userInfoClaims := map[string]interface{}{
|
||||||
"name": "test-name",
|
"name": "test-name",
|
||||||
"user_id_key": "test-user-id",
|
"user_id_key": "test-user-id",
|
||||||
"user_name_key": "test-username",
|
"user_name_key": "test-username",
|
||||||
"email": "test-email",
|
"preferred_username": "test-preferred-username",
|
||||||
"email_verified": true,
|
"email": "test-email",
|
||||||
|
"email_verified": true,
|
||||||
}
|
}
|
||||||
|
|
||||||
testServer := testSetup(t, tokenClaims, userInfoClaims)
|
testServer := testSetup(t, tokenClaims, userInfoClaims)
|
||||||
|
@ -123,7 +125,7 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) {
|
||||||
|
|
||||||
expectEqual(t, len(identity.Groups), 1)
|
expectEqual(t, len(identity.Groups), 1)
|
||||||
expectEqual(t, identity.Groups[0], "test-group")
|
expectEqual(t, identity.Groups[0], "test-group")
|
||||||
expectEqual(t, identity.PreferredUsername, "test-name")
|
expectEqual(t, identity.PreferredUsername, "test-preferred-username")
|
||||||
expectEqual(t, identity.UserID, "test-user-id")
|
expectEqual(t, identity.UserID, "test-user-id")
|
||||||
expectEqual(t, identity.Username, "test-username")
|
expectEqual(t, identity.Username, "test-username")
|
||||||
expectEqual(t, identity.Email, "test-email")
|
expectEqual(t, identity.Email, "test-email")
|
||||||
|
|
|
@ -35,15 +35,15 @@ connectors:
|
||||||
# scopes:
|
# scopes:
|
||||||
# - identity
|
# - identity
|
||||||
|
|
||||||
# Optional: Configurable keys for user id field look up
|
# Optional: Configurable keys for groups claim look up
|
||||||
# Default: groups
|
# Default: groups
|
||||||
# groupsKey:
|
# groupsKey:
|
||||||
|
|
||||||
# Optional: Configurable keys for name field look up
|
# Optional: Configurable keys for user ID claim look up
|
||||||
# Default: user_id
|
# Default: user_id
|
||||||
# userIDKey:
|
# userIDKey:
|
||||||
|
|
||||||
# Optional: Configurable keys for username field look up
|
# Optional: Configurable keys for preferred username claim look up
|
||||||
# Default: user_name
|
# Default: preferred_username
|
||||||
# userNameKey:
|
# preferredUsernameKey:
|
||||||
```
|
```
|
||||||
|
|
Reference in a new issue