Home Esplora Aiuto
Registrati Accedi
zhouyuhuan
/
Cloudpods
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Ramo (Branch): feature/cloudpods
Rami (Branch) Tag
Cloudpods
/
backend
/
pkg
/
keystone
/
driver
/
oidc
/
template.go

template.go 4.0 KB
Permalink Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990 
  1. // Copyright 2019 Yunion
    2. 

  2. //
    3. 

  3. // Licensed under the Apache License, Version 2.0 (the "License");
    4. 

  4. // you may not use this file except in compliance with the License.
    5. 

  5. // You may obtain a copy of the License at
    6. 

  6. //
    7. 

  7. //     http://www.apache.org/licenses/LICENSE-2.0
    8. 

  8. //
    9. 

  9. // Unless required by applicable law or agreed to in writing, software
    10. 

  10. // distributed under the License is distributed on an "AS IS" BASIS,
    11. 

  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12. 

  12. // See the License for the specific language governing permissions and
    13. 

  13. // limitations under the License.
    14. 

  14. 

  15. package oidc
    16. 

  16. 

  17. import api "yunion.io/x/onecloud/pkg/apis/identity"
    18. 

  18. 

  19. var (
    20. 

  20. 	// map[at_hash:KgtZpGvTuIaud0SVcmmkKQ aud:example-app email:kilgore@kilgore.trout email_verified:true exp:1593434672 groups:["authors"] iat:1593348272 iss:http://127.0.0.1:5556/dex name:Kilgore Trout sub:Cg0wLTM4NS0yODA4OS0wEgRtb2Nr]
    21. 

  21. 	DexOIDCTemplate = api.SOIDCIdpConfigOptions{
    22. 

  22. 		Scopes: []string{
    23. 

  23. 			"openid",
    24. 

  24. 			"email",
    25. 

  25. 			"groups",
    26. 

  26. 			"profile",
    27. 

  27. 		},
    28. 

  28. 		SIdpAttributeOptions: api.SIdpAttributeOptions{
    29. 

  29. 			UserNameAttribute:        "name",
    30. 

  30. 			UserIdAttribute:          "sub",
    31. 

  31. 			UserEmailAttribute:       "email",
    32. 

  32. 			UserDisplaynameAttribtue: "name",
    33. 

  33. 		},
    34. 

  34. 	}
    35. 

  35. 	// https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/
    36. 

  36. 	// map[avatar_url:https://avatars1.githubusercontent.com/u/1121362?v=4 bio: blog:https://yunion.io collaborators:0 company:Yunion.io created_at:2011-10-12T04:18:27Z disk_usage:925302 email: events_url:https://api.github.com/users/swordqiu/events{/privacy} followers:13 followers_url:https://api.github.com/users/swordqiu/followers following:1 following_url:https://api.github.com/users/swordqiu/following{/other_user} gists_url:https://api.github.com/users/swordqiu/gists{/gist_id} gravatar_id: hireable: html_url:https://github.com/swordqiu
    37. 

  37. 	// id:1121362 location:Beijing, China
    38. 

  38. 	// login:swordqiu name:Jian Qiu
    39. 

  39. 	// node_id:MDQ6VXNlcjExMjEzNjI= organizations_url:https://api.github.com/users/swordqiu/orgs owned_private_repos:0 plan:{"name":"free","space":976562499,"collaborators":0,"private_repos":10000} private_gists:0 public_gists:0 public_repos:37 received_events_url:https://api.github.com/users/swordqiu/received_events repos_url:https://api.github.com/users/swordqiu/repos site_admin:false starred_url:https://api.github.com/users/swordqiu/starred{/owner}{/repo} subscriptions_url:https://api.github.com/users/swordqiu/subscriptions total_private_repos:0 twitter_username: two_factor_authentication:false type:User updated_at:2020-06-29T01:39:42Z url:https://api.github.com/users/swordqiu]
    40. 

  40. 	GithubOIDCTemplate = api.SOIDCIdpConfigOptions{
    41. 

  41. 		Scopes: []string{
    42. 

  42. 			"user",
    43. 

  43. 		},
    44. 

  44. 		AuthUrl:     "https://github.com/login/oauth/authorize",
    45. 

  45. 		TokenUrl:    "https://github.com/login/oauth/access_token",
    46. 

  46. 		UserinfoUrl: "https://api.github.com/user",
    47. 

  47. 		TimeoutSecs: 60,
    48. 

  48. 		SIdpAttributeOptions: api.SIdpAttributeOptions{
    49. 

  49. 			UserIdAttribute:          "id",
    50. 

  50. 			UserNameAttribute:        "login",
    51. 

  51. 			UserEmailAttribute:       "email",
    52. 

  52. 			UserDisplaynameAttribtue: "name",
    53. 

  53. 		},
    54. 

  54. 	}
    55. 

  55. 

  56. 	// {
    57. 

  57. 	//  "sub": "112176790568447731603",
    58. 

  58. 	//  "name": "Jian Qiu",
    59. 

  59. 	//  "given_name": "Jian",
    60. 

  60. 	//  "family_name": "Qiu",
    61. 

  61. 	//  "picture": "https://lh3.googleusercontent.com/a/AATXAJyj32UmKhmwI38ljm8xI53LX4Lw3w5wYxKsj4JS\u003ds96-c",
    62. 

  62. 	//  "email": "swordqiu@gmail.com",
    63. 

  63. 	//  "email_verified": true,
    64. 

  64. 	//  "locale": "zh-CN"
    65. 

  65. 	// }
    66. 

  66. 	GoogleOIDCTemplate = api.SOIDCIdpConfigOptions{
    67. 

  67. 		Endpoint: "https://accounts.google.com",
    68. 

  68. 		SIdpAttributeOptions: api.SIdpAttributeOptions{
    69. 

  69. 			UserIdAttribute:          "sub",
    70. 

  70. 			UserNameAttribute:        "email",
    71. 

  71. 			UserEmailAttribute:       "email",
    72. 

  72. 			UserDisplaynameAttribtue: "name",
    73. 

  73. 		},
    74. 

  74. 	}
    75. 

  75. 

  76. 	AzureADTemplate = api.SOIDCIdpConfigOptions{
    77. 

  77. 		Scopes: []string{
    78. 

  78. 			"openid",
    79. 

  79. 			"profile",
    80. 

  80. 			"email",
    81. 

  81. 		},
    82. 

  82. 		TimeoutSecs: 60,
    83. 

  83. 		SIdpAttributeOptions: api.SIdpAttributeOptions{
    84. 

  84. 			UserIdAttribute:          "sub",
    85. 

  85. 			UserNameAttribute:        "name",
    86. 

  86. 			UserEmailAttribute:       "email",
    87. 

  87. 			UserDisplaynameAttribtue: "name",
    88. 

  88. 		},
    89. 

  89. 	}
    90. 

  90. )
    91.