Accueil Explorer Aide
S'inscrire Connexion
zhouyuhuan
/
Cloudpods
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: 4e53efd173
Branches Tags
Cloudpods
/
backend
/
pkg
/
cloudid
/
saml
/
doc.go

doc.go 5.4 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121 
  1. // Copyright 2019 Yunion
    2. 

  2. //
    3. 

  3. // Licensed under the Apache License, Version 2.0 (the "License");
    4. 

  4. // you may not use this file except in compliance with the License.
    5. 

  5. // You may obtain a copy of the License at
    6. 

  6. //
    7. 

  7. //     http://www.apache.org/licenses/LICENSE-2.0
    8. 

  8. //
    9. 

  9. // Unless required by applicable law or agreed to in writing, software
    10. 

  10. // distributed under the License is distributed on an "AS IS" BASIS,
    11. 

  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12. 

  12. // See the License for the specific language governing permissions and
    13. 

  13. // limitations under the License.
    14. 

  14. 

  15. package saml // import "yunion.io/x/onecloud/pkg/cloudid/saml"
    16. 

  16. 

  17. /*
    18. 

  18. 

  19.                  +-----------------+                                                                                             +----------------+
    20. 

  20.                  | CloudId Service |                                                                                             | Region Service |
    21. 

  21.                  +-----------------+                                                                                             +----------------+
    22. 

  22. 

  23. 

  24.                                                                                                                                                        +----------+
    25. 

  25.                                                                                                                                                        |EnableSaml|
    26. 

  26.                 +-------------------+                                                                                            +------------+        +----------+
    27. 

  27.                 | Cloudaccount      |                                                                                            |Cloudaccount|
    28. 

  28.                 | (enabled|disable) |                                                                                            +------------+        +-----------+
    29. 

  29.                 +----________-------+                                                                                                                  |DisableSaml|
    30. 

  30.              _______/        \_______                                                                                                                  +-----------+
    31. 

  31.          ___/                        \____
    32. 

  32.    +--------------+                 +--------------+
    33. 

  33.    | SamlProvider |                 | SamlProvider |
    34. 

  34.    | (available)  |                 | (not match)  |
    35. 

  35.    +--------------+                 +--------------+
    36. 

  36. 

  37. 

  38. 

  39. 

  40. 

  41. 

  42.              Saml Check CronJob Task
    43. 

  43. 

  44.                      +-------+
    45. 

  45.                      | Start |
    46. 

  46.                      +---|---+
    47. 

  47.                          |
    48. 

  48.                          |
    49. 

  49.                          v
    50. 

  50.               +------------------------+       Yes         +----------------------------------------+      No          +---------------------+
    51. 

  51.               | Is account enable saml | ----------------> | Is account has available saml provider |----------------> | Create saml provider|
    52. 

  52.               +------------------------+                   +----------------------------------------+                  +---------------------+
    53. 

  53.                          |                                                     |                                                  |
    54. 

  54.                          | No                                                  | Yes                                              |
    55. 

  55.                          |                                                     |                                                  |
    56. 

  56.                          v                                                     |                                                  |
    57. 

  57.                      +------+                                                  |                                                  |
    58. 

  58.                      | End  | <-----------------------------------------------<----------------------------------------------------
    59. 

  59.                      +------+
    60. 

  60. 

  61. 

  62. 

  63. 

  64. 

  65.             Saml Auth Login
    66. 

  66. 

  67.                      +-------+
    68. 

  68.                      | Start |
    69. 

  69.                      +-------+
    70. 

  70.                          |
    71. 

  71.                          |
    72. 

  72.                          v
    73. 

  73.                +-----------------------+       Yes     +-----------------------------------------------+
    74. 

  74.                |Is account enable saml |-------------> |Prepare tmp Role and set expired time for user |
    75. 

  75.                +-----------------------+               +-----------------------------------------------+
    76. 

  76.                          | No                                               |
    77. 

  77.                          |                                                  |
    78. 

  78.                          |                                                  |
    79. 

  79.                          |                                                  v
    80. 

  80.                          |                                         +------------------+
    81. 

  81.                          |                                         | Auth for console |
    82. 

  82.                          |                                         +------------------+
    83. 

  83.                          |                                                  |
    84. 

  84.                          |                                                  |
    85. 

  85.                          v                                                  |
    86. 

  86.                       +------+                                              |
    87. 

  87.                       | End  |<----------------------------------------------
    88. 

  88.                       +------+
    89. 

  89. 

  90. 

  91. 

  92. 

  93. 

  94. 

  95. 

  96. 

  97. 

  98. 

  99. 

  100. 

  101. 

  102. 

  103. 

  104. 

  105. 

  106. 

  107. 

  108. 

  109. 

  110. 

  111. 

  112. 

  113. 

  114. 

  115. 

  116. 

  117. 

  118. 

  119. 

  120. 

  121. */
    122.