// Copyright 2019 Yunion // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package identity import ( "fmt" "yunion.io/x/jsonutils" "yunion.io/x/pkg/errors" "yunion.io/x/pkg/util/shellutils" api "yunion.io/x/onecloud/pkg/apis/identity" "yunion.io/x/onecloud/pkg/httperrors" "yunion.io/x/onecloud/pkg/mcclient" modules "yunion.io/x/onecloud/pkg/mcclient/modules/identity" "yunion.io/x/onecloud/pkg/mcclient/options" "yunion.io/x/onecloud/pkg/util/fileutils2" ) func init() { type IdentityProviderListOptions struct { options.BaseListOptions SsoDomain string `help:"Filter SSO IDP by domain" json:"sso_domain"` } R(&IdentityProviderListOptions{}, "idp-list", "List all identity provider", func(s *mcclient.ClientSession, args *IdentityProviderListOptions) error { params, err := options.ListStructToParams(args) if err != nil { return err } results, err := modules.IdentityProviders.List(s, params) if err != nil { return err } printList(results, modules.IdentityProviders.GetColumns(s)) return nil }) type IdentityProviderDetailOptions struct { ID string `help:"Id or name of identity provider to show"` } R(&IdentityProviderDetailOptions{}, "idp-show", "Show details of idp", func(s *mcclient.ClientSession, args *IdentityProviderDetailOptions) error { detail, err := modules.IdentityProviders.Get(s, args.ID, nil) if err != nil { return err } printObject(detail) return nil }) type IdentityProviderUpdateOptions struct { ID string `help:"Id or name of identity provider to update" json:"-"` api.IdentityProviderUpdateInput } R(&IdentityProviderUpdateOptions{}, "idp-update", "Update a identity provider", func(s *mcclient.ClientSession, args *IdentityProviderUpdateOptions) error { resp, err := modules.IdentityProviders.Update(s, args.ID, jsonutils.Marshal(args)) if err != nil { return err } printObject(resp) return nil }) R(&IdentityProviderDetailOptions{}, "idp-config-show", "Show detail of a domain config", func(s *mcclient.ClientSession, args *IdentityProviderDetailOptions) error { conf, err := modules.IdentityProviders.GetSpecific(s, args.ID, "config", nil) if err != nil { return err } fmt.Println(conf.PrettyString()) return nil }) R(&IdentityProviderDetailOptions{}, "idp-enable", "Enable an identity provider", func(s *mcclient.ClientSession, args *IdentityProviderDetailOptions) error { idp, err := modules.IdentityProviders.PerformAction(s, args.ID, "enable", nil) if err != nil { return err } printObject(idp) return nil }) R(&IdentityProviderDetailOptions{}, "idp-disable", "Disable an identity provider", func(s *mcclient.ClientSession, args *IdentityProviderDetailOptions) error { idp, err := modules.IdentityProviders.PerformAction(s, args.ID, "disable", nil) if err != nil { return err } printObject(idp) return nil }) R(&IdentityProviderDetailOptions{}, "idp-delete", "Delete an identity provider", func(s *mcclient.ClientSession, args *IdentityProviderDetailOptions) error { idp, err := modules.IdentityProviders.Delete(s, args.ID, nil) if err != nil { return err } printObject(idp) return nil }) R(&IdentityProviderDetailOptions{}, "idp-sync", "Sync an identity provider", func(s *mcclient.ClientSession, args *IdentityProviderDetailOptions) error { idp, err := modules.IdentityProviders.PerformAction(s, args.ID, "sync", nil) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderConfigLDAPOptions struct { ID string `help:"ID of idp to config" json:"-"` api.SLDAPIdpConfigOptions } R(&IdentityProviderConfigLDAPOptions{}, "idp-config-ldap", "Config an Identity provider with LDAP driver", func(s *mcclient.ClientSession, args *IdentityProviderConfigLDAPOptions) error { config := jsonutils.NewDict() config.Add(jsonutils.Marshal(args), "config", "ldap") nconf, err := modules.IdentityProviders.PerformAction(s, args.ID, "config", config) if err != nil { return err } fmt.Println(nconf.PrettyString()) return nil }) type IdentityProviderCreateLDAPOptions struct { NAME string `help:"name of identity provider" json:"-"` AutoCreateProject bool `help:"automatically create a default project when importing domain" json:"-"` NoAutoCreateProject bool `help:"do not create default project when importing domain" json:"-"` TargetDomain string `help:"target domain without creating new domain" json:"-"` api.SLDAPIdpConfigOptions } R(&IdentityProviderCreateLDAPOptions{}, "idp-create-ldap", "Create an identity provider with LDAP driver", func(s *mcclient.ClientSession, args *IdentityProviderCreateLDAPOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") if len(args.TargetDomain) > 0 { params.Add(jsonutils.NewString(args.TargetDomain), "target_domain") } if args.AutoCreateProject { params.Add(jsonutils.JSONTrue, "auto_create_project") } else if args.NoAutoCreateProject { params.Add(jsonutils.JSONFalse, "auto_create_project") } params.Add(jsonutils.NewString("ldap"), "driver") params.Add(jsonutils.Marshal(args), "config", "ldap") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderConfigLDAPSingleDomainOptions struct { ID string `help:"ID of idp to config" json:"-"` api.SLDAPIdpConfigSingleDomainOptions } R(&IdentityProviderConfigLDAPSingleDomainOptions{}, "idp-config-ldap-single-domain", "Config an Identity provider with LDAP driver/single domain template", func(s *mcclient.ClientSession, args *IdentityProviderConfigLDAPSingleDomainOptions) error { config := jsonutils.NewDict() config.Add(jsonutils.Marshal(args), "config", "ldap") nconf, err := modules.IdentityProviders.PerformAction(s, args.ID, "config", config) if err != nil { return err } fmt.Println(nconf.PrettyString()) return nil }) type IdentityProviderCreateLDAPSingleDomainOptions struct { NAME string `help:"name of identity provider" json:"-"` TEMPLATE string `help:"configuration template name" choices:"msad_one_domain|openldap_one_domain" json:"-"` AutoCreateProject bool `help:"automatically create a default project when importing domain" json:"-"` NoAutoCreateProject bool `help:"do not create default project when importing domain" json:"-"` TargetDomain string `help:"target domain without creating new domain" json:"-"` api.SLDAPIdpConfigSingleDomainOptions } R(&IdentityProviderCreateLDAPSingleDomainOptions{}, "idp-create-ldap-single-domain", "Create an identity provider with LDAP driver/single domain template", func(s *mcclient.ClientSession, args *IdentityProviderCreateLDAPSingleDomainOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("ldap"), "driver") params.Add(jsonutils.NewString(args.TEMPLATE), "template") if len(args.TargetDomain) > 0 { params.Add(jsonutils.NewString(args.TargetDomain), "target_domain") } if args.AutoCreateProject { params.Add(jsonutils.JSONTrue, "auto_create_project") } else if args.NoAutoCreateProject { params.Add(jsonutils.JSONFalse, "auto_create_project") } params.Add(jsonutils.Marshal(args), "config", "ldap") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderConfigLDAPMultiDomainOptions struct { ID string `help:"ID of idp to config" json:"-"` api.SLDAPIdpConfigMultiDomainOptions } R(&IdentityProviderConfigLDAPMultiDomainOptions{}, "idp-config-ldap-multi-domain", "Config an Identity provider with LDAP driver/multi domain template", func(s *mcclient.ClientSession, args *IdentityProviderConfigLDAPMultiDomainOptions) error { config := jsonutils.NewDict() config.Add(jsonutils.Marshal(args), "config", "ldap") nconf, err := modules.IdentityProviders.PerformAction(s, args.ID, "config", config) if err != nil { return err } fmt.Println(nconf.PrettyString()) return nil }) type IdentityProviderCreateLDAPMultiDomainOptions struct { NAME string `help:"name of identity provider" json:"-"` TEMPLATE string `help:"configuration template name" choices:"msad_multi_domain" json:"-"` AutoCreateProject bool `help:"automatically create a default project when importing domain" json:"-"` NoAutoCreateProject bool `help:"do not create default project when importing domain" json:"-"` api.SLDAPIdpConfigMultiDomainOptions } R(&IdentityProviderCreateLDAPMultiDomainOptions{}, "idp-create-ldap-multi-domain", "Create an identity provider with LDAP driver/single domain template", func(s *mcclient.ClientSession, args *IdentityProviderCreateLDAPMultiDomainOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("ldap"), "driver") params.Add(jsonutils.NewString(args.TEMPLATE), "template") if args.AutoCreateProject { params.Add(jsonutils.JSONTrue, "auto_create_project") } else if args.NoAutoCreateProject { params.Add(jsonutils.JSONFalse, "auto_create_project") } params.Add(jsonutils.Marshal(args), "config", "ldap") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateCASOptions struct { NAME string `help:"name of identity provider" json:"-"` AutoCreateProject bool `help:"automatically create a project if the default_project not exists" json:"-"` NoAutoCreateProject bool `help:"do not create default project when importing domain" json:"-"` AutoCreateUser bool `help:"automatically create a user" json:"-"` NoAutoCreateUser bool `help:"do not automatically create a user" json:"-"` TargetDomain string `help:"target domain without creating new domain" json:"-"` api.SCASIdpConfigOptions } R(&IdentityProviderCreateCASOptions{}, "idp-create-cas", "Create an identity provider with CAS driver", func(s *mcclient.ClientSession, args *IdentityProviderCreateCASOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") if len(args.TargetDomain) > 0 { params.Add(jsonutils.NewString(args.TargetDomain), "target_domain") } if args.AutoCreateProject { params.Add(jsonutils.JSONTrue, "auto_create_project") } else if args.NoAutoCreateProject { params.Add(jsonutils.JSONFalse, "auto_create_project") } if args.AutoCreateUser { params.Add(jsonutils.JSONTrue, "auto_create_user") } else if args.NoAutoCreateUser { params.Add(jsonutils.JSONFalse, "auto_create_user") } params.Add(jsonutils.NewString("cas"), "driver") params.Add(jsonutils.Marshal(args), "config", "cas") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderConfigCASOptions struct { ID string `help:"ID of idp to config" json:"-"` api.SCASIdpConfigOptions } R(&IdentityProviderConfigCASOptions{}, "idp-config-cas", "Config an Identity provider with CAS driver", func(s *mcclient.ClientSession, args *IdentityProviderConfigCASOptions) error { config := jsonutils.NewDict() config.Add(jsonutils.Marshal(args), "config", "cas") nconf, err := modules.IdentityProviders.PerformAction(s, args.ID, "config", config) if err != nil { return err } fmt.Println(nconf.PrettyString()) return nil }) type IdentityProviderConfigEditOptions struct { IDP string `help:"identity provider name or ID"` } R(&IdentityProviderConfigEditOptions{}, "idp-config-edit", "Edit config yaml of an identity provider", func(s *mcclient.ClientSession, args *IdentityProviderConfigEditOptions) error { idp, err := modules.IdentityProviders.Get(s, args.IDP, nil) if err != nil { return err } enabled, _ := idp.GetString("enabled") if enabled != "false" { return errors.Wrap(httperrors.ErrInvalidStatus, "idp must be disabled") } params := jsonutils.NewDict() params.Add(jsonutils.JSONTrue, "sensitive") conf, err := modules.IdentityProviders.GetSpecific(s, args.IDP, "config", params) if err != nil { return err } confJson, err := conf.Get("config") if err != nil { return err } content, err := shellutils.Edit(confJson.YAMLString()) if err != nil { return err } yamlJson, err := jsonutils.ParseYAML(content) if err != nil { return err } config := jsonutils.NewDict() config.Add(yamlJson, "config") nconf, err := modules.IdentityProviders.PerformAction(s, args.IDP, "config", config) if err != nil { return err } fmt.Println(nconf.PrettyString()) return nil }) type IdentityProviderCreateSAMLOptions struct { NAME string `help:"name of identity provider" json:"-"` AutoCreateProject bool `help:"automatically create a default project when importing domain" json:"-"` NoAutoCreateProject bool `help:"do not create default project when importing domain" json:"-"` TargetDomain string `help:"target domain without creating new domain" json:"-"` api.SSAMLIdpConfigOptions } R(&IdentityProviderCreateSAMLOptions{}, "idp-create-saml", "Create an identity provider with SAML driver", func(s *mcclient.ClientSession, args *IdentityProviderCreateSAMLOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") if len(args.TargetDomain) > 0 { params.Add(jsonutils.NewString(args.TargetDomain), "target_domain") } if args.AutoCreateProject { params.Add(jsonutils.JSONTrue, "auto_create_project") } else if args.NoAutoCreateProject { params.Add(jsonutils.JSONFalse, "auto_create_project") } params.Add(jsonutils.NewString("saml"), "driver") params.Add(jsonutils.Marshal(args), "config", "saml") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderConfigSAMLOptions struct { ID string `help:"ID of idp to config" json:"-"` api.SSAMLIdpConfigOptions } R(&IdentityProviderConfigSAMLOptions{}, "idp-config-saml", "Config an Identity provider with SAML driver", func(s *mcclient.ClientSession, args *IdentityProviderConfigSAMLOptions) error { config := jsonutils.NewDict() config.Add(jsonutils.Marshal(args), "config", "saml") nconf, err := modules.IdentityProviders.PerformAction(s, args.ID, "config", config) if err != nil { return err } fmt.Println(nconf.PrettyString()) return nil }) type IdentityProviderGetSAMLMetadataOptions struct { ID string `help:"ID of idp to config" json:"-"` api.GetIdpSamlMetadataInput } R(&IdentityProviderGetSAMLMetadataOptions{}, "idp-saml-metadata", "Get SAML service provider metadata", func(s *mcclient.ClientSession, args *IdentityProviderGetSAMLMetadataOptions) error { nconf, err := modules.IdentityProviders.GetSpecific(s, args.ID, "saml-metadata", jsonutils.Marshal(args)) if err != nil { return err } spMeta, _ := nconf.GetString("metadata") fmt.Println(spMeta) return nil }) type IdentityProviderCreateSAMLTestOptions struct { NAME string `help:"name of identity provider" json:"-"` // TEMPLATE string `help:"configuration template name" choices:"msad_multi_domain" json:"-"` api.SSAMLTestIdpConfigOptions } R(&IdentityProviderCreateSAMLTestOptions{}, "idp-create-saml-test", "Create an identity provider with samltest.id (test only)", func(s *mcclient.ClientSession, args *IdentityProviderCreateSAMLTestOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("saml"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateSAMLTest), "template") params.Add(jsonutils.Marshal(args), "config", "saml") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateAzureADSAMLOptions struct { NAME string `help:"name of identity provider" json:"-"` // TEMPLATE string `help:"configuration template name" choices:"msad_multi_domain" json:"-"` api.SSAMLAzureADConfigOptions } R(&IdentityProviderCreateAzureADSAMLOptions{}, "idp-create-azure-ad-saml", "Create an identity provider with Azure AD SAML", func(s *mcclient.ClientSession, args *IdentityProviderCreateAzureADSAMLOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("saml"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateAzureADSAML), "template") params.Add(jsonutils.Marshal(args), "config", "saml") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateOIDCOptions struct { NAME string `help:"name of identity provider" json:"-"` AutoCreateProject bool `help:"automatically create a default project when importing domain" json:"-"` NoAutoCreateProject bool `help:"do not create default project when importing domain" json:"-"` AutoCreateUser bool `help:"automatically create a user" json:"-"` NoAutoCreateUser bool `help:"do not automatically create a user" json:"-"` TargetDomain string `help:"target domain without creating new domain" json:"-"` api.SOIDCIdpConfigOptions } R(&IdentityProviderCreateOIDCOptions{}, "idp-create-oidc", "Create an identity provider with OpenID connect driver", func(s *mcclient.ClientSession, args *IdentityProviderCreateOIDCOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") if len(args.TargetDomain) > 0 { params.Add(jsonutils.NewString(args.TargetDomain), "target_domain") } if args.AutoCreateProject { params.Add(jsonutils.JSONTrue, "auto_create_project") } else if args.NoAutoCreateProject { params.Add(jsonutils.JSONFalse, "auto_create_project") } if args.AutoCreateUser { params.Add(jsonutils.JSONTrue, "auto_create_user") } else if args.NoAutoCreateUser { params.Add(jsonutils.JSONFalse, "auto_create_user") } params.Add(jsonutils.NewString("oidc"), "driver") params.Add(jsonutils.Marshal(args), "config", "oidc") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderConfigOIDCOptions struct { ID string `help:"ID of idp to config" json:"-"` api.SOIDCIdpConfigOptions } R(&IdentityProviderConfigOIDCOptions{}, "idp-config-oidc", "Config an Identity provider with OpenID connect driver", func(s *mcclient.ClientSession, args *IdentityProviderConfigOIDCOptions) error { config := jsonutils.NewDict() config.Add(jsonutils.Marshal(args), "config", "oidc") nconf, err := modules.IdentityProviders.PerformAction(s, args.ID, "config", config) if err != nil { return err } fmt.Println(nconf.PrettyString()) return nil }) type IdentityProviderCreateDexOIDCOptions struct { NAME string `help:"name of identity provider" json:"-"` api.SOIDCDexConfigOptions } R(&IdentityProviderCreateDexOIDCOptions{}, "idp-create-dex-oidc", "Create an identity provider with DEX OpenID Connect", func(s *mcclient.ClientSession, args *IdentityProviderCreateDexOIDCOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("oidc"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateDex), "template") params.Add(jsonutils.Marshal(args), "config", "oidc") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateCommonOptions struct { TargetDomainId string `help:"target domain id"` AutoCreateProject bool `help:"create project if no project presents" negative:"no-auto-create-project"` AutoCreateUser bool `help:"create user if no user presents" negative:"no-auto-create-user"` } type IdentityProviderCreateGithubOIDCOptions struct { NAME string `help:"name of identity provider" json:"name"` api.SOIDCGithubConfigOptions IdentityProviderCreateCommonOptions } R(&IdentityProviderCreateGithubOIDCOptions{}, "idp-create-github-oidc", "Create an identity provider with Github OpenID Connect", func(s *mcclient.ClientSession, args *IdentityProviderCreateGithubOIDCOptions) error { params := jsonutils.NewDict() // params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("oidc"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateGithub), "template") params.Update(jsonutils.Marshal(args)) params.Add(jsonutils.Marshal(args.SOIDCGithubConfigOptions), "config", "oidc") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateGoogleOIDCOptions struct { NAME string `help:"name of identity provider" json:"name"` api.SOIDCGoogleConfigOptions IdentityProviderCreateCommonOptions } R(&IdentityProviderCreateGoogleOIDCOptions{}, "idp-create-google-oidc", "Create an identity provider with Google OpenID Connect", func(s *mcclient.ClientSession, args *IdentityProviderCreateGoogleOIDCOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString("oidc"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateGoogle), "template") params.Update(jsonutils.Marshal(args)) params.Add(jsonutils.Marshal(args.SOIDCGoogleConfigOptions), "config", "oidc") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateAzureOIDCOptions struct { NAME string `help:"name of identity provider" json:"name"` api.SOIDCAzureConfigOptions IdentityProviderCreateCommonOptions } R(&IdentityProviderCreateAzureOIDCOptions{}, "idp-create-azure-oidc", "Create an identity provider with Azure AD OpenID Connect", func(s *mcclient.ClientSession, args *IdentityProviderCreateAzureOIDCOptions) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("oidc"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateAzureOAuth2), "template") params.Update(jsonutils.Marshal(args)) params.Add(jsonutils.Marshal(args.SOIDCAzureConfigOptions), "config", "oidc") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateAlipayOAuth2Options struct { NAME string `help:"name of identity provider"` APPID string `help:"Alipay app_id"` KEYFILE string `json:"Alipay app private key file"` } R(&IdentityProviderCreateAlipayOAuth2Options{}, "idp-create-alipay-oauth2", "Create an identity provider with Alipay OAuth2.0", func(s *mcclient.ClientSession, args *IdentityProviderCreateAlipayOAuth2Options) error { opts := api.SOAuth2IdpConfigOptions{} opts.AppId = args.APPID var err error opts.Secret, err = fileutils2.FileGetContents(args.KEYFILE) if err != nil { return err } params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("oauth2"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateAlipay), "template") params.Add(jsonutils.Marshal(opts), "config", "oauth2") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateFeishuOAuth2Options struct { NAME string `help:"name of identity provider" json:"name"` api.SOAuth2IdpConfigOptions IdentityProviderCreateCommonOptions } R(&IdentityProviderCreateFeishuOAuth2Options{}, "idp-create-feishu-oauth2", "Create an identity provider with Feishu OAuth2.0", func(s *mcclient.ClientSession, args *IdentityProviderCreateFeishuOAuth2Options) error { params := jsonutils.NewDict() // params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("oauth2"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateFeishu), "template") params.Update(jsonutils.Marshal(args)) params.Add(jsonutils.Marshal(args.SOAuth2IdpConfigOptions), "config", "oauth2") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateDingtalkOAuth2Options struct { NAME string `help:"name of identity provider"` api.SOAuth2IdpConfigOptions } R(&IdentityProviderCreateDingtalkOAuth2Options{}, "idp-create-dingtalk-oauth2", "Create an identity provider with Feishu OAuth2.0", func(s *mcclient.ClientSession, args *IdentityProviderCreateDingtalkOAuth2Options) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("oauth2"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateDingtalk), "template") params.Add(jsonutils.Marshal(args), "config", "oauth2") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateWechatOAuth2Options struct { NAME string `help:"name of identity provider"` api.SOAuth2IdpConfigOptions } R(&IdentityProviderCreateWechatOAuth2Options{}, "idp-create-wechat-oauth2", "Create an identity provider with Wechat OAuth2.0", func(s *mcclient.ClientSession, args *IdentityProviderCreateWechatOAuth2Options) error { params := jsonutils.NewDict() params.Add(jsonutils.NewString(args.NAME), "name") params.Add(jsonutils.NewString("oauth2"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateWechat), "template") params.Add(jsonutils.Marshal(args), "config", "oauth2") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdentityProviderCreateQywechatOAuth2Options struct { api.IdentityProviderCreateInput CorpId string `help:"corp id of qywechat"` AgentId string `help:"agent id of app"` Secret string `help:"secret of qywechat"` } R(&IdentityProviderCreateQywechatOAuth2Options{}, "idp-create-qywechat-oauth2", "Create an identity provider with Qiye Wechat OAuth2.0", func(s *mcclient.ClientSession, args *IdentityProviderCreateQywechatOAuth2Options) error { conf := api.SOAuth2IdpConfigOptions{ AppId: fmt.Sprintf("%s/%s", args.CorpId, args.AgentId), Secret: args.Secret, } params := jsonutils.Marshal(args).(*jsonutils.JSONDict) params.Add(jsonutils.NewString("oauth2"), "driver") params.Add(jsonutils.NewString(api.IdpTemplateQywechat), "template") params.Add(jsonutils.Marshal(conf), "config", "oauth2") idp, err := modules.IdentityProviders.Create(s, params) if err != nil { return err } printObject(idp) return nil }) type IdpGetRedirectUriOptions struct { ID string `help:"id or name of idp to query" json:"-"` api.GetIdpSsoRedirectUriInput } R(&IdpGetRedirectUriOptions{}, "idp-sso-url", "Get sso url of a SSO idp", func(s *mcclient.ClientSession, args *IdpGetRedirectUriOptions) error { result, err := modules.IdentityProviders.GetSpecific(s, args.ID, "sso-redirect-uri", jsonutils.Marshal(args)) if err != nil { return err } printObject(result) return nil }) type IdpGetCallbackUriOptions struct { ID string `help:"id or name of idp to query" json:"-"` api.GetIdpSsoCallbackUriInput } R(&IdpGetCallbackUriOptions{}, "idp-sso-callback-url", "Get sso callback url of a SSO idp", func(s *mcclient.ClientSession, args *IdpGetCallbackUriOptions) error { result, err := modules.IdentityProviders.GetSpecific(s, args.ID, "sso-callback-uri", jsonutils.Marshal(args)) if err != nil { return err } printObject(result) return nil }) type IdpSetDefaultSsoOptions struct { ID string `help:"id or name of idp to set default Sso" json:"-"` api.PerformDefaultSsoInput } R(&IdpSetDefaultSsoOptions{}, "idp-default-sso", "Enable/disable default SSO", func(s *mcclient.ClientSession, args *IdpSetDefaultSsoOptions) error { result, err := modules.IdentityProviders.PerformAction(s, args.ID, "default-sso", jsonutils.Marshal(args)) if err != nil { return err } printObject(result) return nil }) }