Initial QSfera import
This commit is contained in:
@@ -0,0 +1,96 @@
|
||||
package revaconfig
|
||||
|
||||
import (
|
||||
"github.com/qsfera/server/services/auth-basic/pkg/config"
|
||||
)
|
||||
|
||||
// AuthBasicConfigFromStruct will adapt a КуСфера config struct into a reva mapstructure to start a reva service.
|
||||
func AuthBasicConfigFromStruct(cfg *config.Config) map[string]any {
|
||||
rcfg := map[string]any{
|
||||
"shared": map[string]any{
|
||||
"jwt_secret": cfg.TokenManager.JWTSecret,
|
||||
"gatewaysvc": cfg.Reva.Address,
|
||||
"skip_user_groups_in_token": cfg.SkipUserGroupsInToken,
|
||||
"grpc_client_options": cfg.Reva.GetGRPCClientConfig(),
|
||||
"multi_tenant_enabled": cfg.Commons.MultiTenantEnabled,
|
||||
},
|
||||
"grpc": map[string]any{
|
||||
"network": cfg.GRPC.Protocol,
|
||||
"address": cfg.GRPC.Addr,
|
||||
"tls_settings": map[string]any{
|
||||
"enabled": cfg.GRPC.TLS.Enabled,
|
||||
"certificate": cfg.GRPC.TLS.Cert,
|
||||
"key": cfg.GRPC.TLS.Key,
|
||||
},
|
||||
// TODO build services dynamically
|
||||
"services": map[string]any{
|
||||
"authprovider": map[string]any{
|
||||
"auth_manager": cfg.AuthProvider,
|
||||
"auth_managers": map[string]any{
|
||||
"json": map[string]any{
|
||||
"users": cfg.AuthProviders.JSON.File,
|
||||
},
|
||||
"ldap": ldapConfigFromString(cfg.AuthProviders.LDAP),
|
||||
"owncloudsql": map[string]any{
|
||||
"dbusername": cfg.AuthProviders.OwnCloudSQL.DBUsername,
|
||||
"dbpassword": cfg.AuthProviders.OwnCloudSQL.DBPassword,
|
||||
"dbhost": cfg.AuthProviders.OwnCloudSQL.DBHost,
|
||||
"dbport": cfg.AuthProviders.OwnCloudSQL.DBPort,
|
||||
"dbname": cfg.AuthProviders.OwnCloudSQL.DBName,
|
||||
"idp": cfg.AuthProviders.OwnCloudSQL.IDP,
|
||||
"nobody": cfg.AuthProviders.OwnCloudSQL.Nobody,
|
||||
"join_username": cfg.AuthProviders.OwnCloudSQL.JoinUsername,
|
||||
"join_ownclouduuid": cfg.AuthProviders.OwnCloudSQL.JoinOwnCloudUUID,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
"interceptors": map[string]any{
|
||||
"prometheus": map[string]any{
|
||||
"namespace": "qsfera",
|
||||
"subsystem": "auth_basic",
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
return rcfg
|
||||
}
|
||||
|
||||
func ldapConfigFromString(cfg config.LDAPProvider) map[string]any {
|
||||
return map[string]any{
|
||||
"uri": cfg.URI,
|
||||
"cacert": cfg.CACert,
|
||||
"insecure": cfg.Insecure,
|
||||
"bind_username": cfg.BindDN,
|
||||
"bind_password": cfg.BindPassword,
|
||||
"user_base_dn": cfg.UserBaseDN,
|
||||
"group_base_dn": cfg.GroupBaseDN,
|
||||
"user_filter": cfg.UserFilter,
|
||||
"group_filter": cfg.GroupFilter,
|
||||
"user_scope": cfg.UserScope,
|
||||
"group_scope": cfg.GroupScope,
|
||||
"user_objectclass": cfg.UserObjectClass,
|
||||
"group_objectclass": cfg.GroupObjectClass,
|
||||
"login_attributes": cfg.LoginAttributes,
|
||||
"user_disable_mechanism": cfg.DisableUserMechanism,
|
||||
"user_enabled_property": cfg.UserSchema.Enabled,
|
||||
"group_local_disabled_dn": cfg.LdapDisabledUsersGroupDN,
|
||||
"idp": cfg.IDP,
|
||||
"user_schema": map[string]any{
|
||||
"id": cfg.UserSchema.ID,
|
||||
"tenantId": cfg.UserSchema.TenantID,
|
||||
"idIsOctetString": cfg.UserSchema.IDIsOctetString,
|
||||
"mail": cfg.UserSchema.Mail,
|
||||
"displayName": cfg.UserSchema.DisplayName,
|
||||
"userName": cfg.UserSchema.Username,
|
||||
},
|
||||
"group_schema": map[string]any{
|
||||
"id": cfg.GroupSchema.ID,
|
||||
"idIsOctetString": cfg.GroupSchema.IDIsOctetString,
|
||||
"mail": cfg.GroupSchema.Mail,
|
||||
"displayName": cfg.GroupSchema.DisplayName,
|
||||
"groupName": cfg.GroupSchema.Groupname,
|
||||
"member": cfg.GroupSchema.Member,
|
||||
},
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user