Merge pull request #9 from kalmhq/sso

Sso

Author: davidqhr

api/handler/handler.go

@@ -118,6 +118,11 @@ func (h *ApiHandler) Install(e *echo.Echo) {
 	//gv1Alpha1WithAuth.GET("/deploykeys", h.todo)
 	//gv1Alpha1WithAuth.POST("/deploykeys", h.todo)
 	//gv1Alpha1WithAuth.DELETE("/deploykeys/:name", h.todo)
+
+	gv1Alpha1WithAuth.GET("/sso", h.handleListSSOConfig)
+	gv1Alpha1WithAuth.DELETE("/sso", h.handleDeleteSSOConfig)
+	gv1Alpha1WithAuth.PUT("/sso", h.handleUpdateSSOConfig)
+	gv1Alpha1WithAuth.POST("/sso", h.handleCreateSSOConfig)
 }
 
 // use user token and permission

api/handler/sso.go

@@ -0,0 +1,58 @@
+package handler
+
+import (
+	"github.com/kalmhq/kalm/api/resources"
+	"github.com/labstack/echo/v4"
+)
+
+func (h *ApiHandler) handleListSSOConfig(c echo.Context) error {
+	ssoConfig, err := h.Builder(c).GetSSOConfig()
+
+	if err != nil {
+		return err
+	}
+
+	return c.JSON(200, ssoConfig)
+}
+
+func (h *ApiHandler) handleDeleteSSOConfig(c echo.Context) error {
+	err := h.Builder(c).DeleteSSOConfig()
+
+	if err != nil {
+		return err
+	}
+
+	return c.NoContent(200)
+}
+
+func (h *ApiHandler) handleUpdateSSOConfig(c echo.Context) error {
+	ssoConfig := &resources.SSOConfig{}
+
+	if err := c.Bind(ssoConfig); err != nil {
+		return err
+	}
+
+	ssoConfig, err := h.Builder(c).UpdateSSOConfig(ssoConfig)
+
+	if err != nil {
+		return err
+	}
+
+	return c.JSON(200, ssoConfig)
+}
+
+func (h *ApiHandler) handleCreateSSOConfig(c echo.Context) error {
+	ssoConfig := &resources.SSOConfig{}
+
+	if err := c.Bind(ssoConfig); err != nil {
+		return err
+	}
+
+	ssoConfig, err := h.Builder(c).CreateSSOConfig(ssoConfig)
+
+	if err != nil {
+		return err
+	}
+
+	return c.JSON(201, ssoConfig)
+}

api/resources/sso.go

@@ -0,0 +1,100 @@
+package resources
+
+import (
+	"github.com/kalmhq/kalm/controller/api/v1alpha1"
+	"github.com/kalmhq/kalm/controller/controllers"
+	metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+type SSOConfigListChannel struct {
+	List  chan []*v1alpha1.SingleSignOnConfig
+	Error chan error
+}
+
+const SSO_NAME = "sso"
+
+func (builder *Builder) GetSSOConfigListChannel(listOptions ...client.ListOption) *SSOConfigListChannel {
+	channel := &SSOConfigListChannel{
+		List:  make(chan []*v1alpha1.SingleSignOnConfig, 1),
+		Error: make(chan error, 1),
+	}
+
+	go func() {
+		var fetched v1alpha1.SingleSignOnConfigList
+		err := builder.List(&fetched, listOptions...)
+
+		if err != nil {
+			channel.List <- nil
+			channel.Error <- err
+			return
+		}
+
+		res := make([]*v1alpha1.SingleSignOnConfig, len(fetched.Items))
+
+		for i, ssoConfig := range fetched.Items {
+			res[i] = &ssoConfig
+		}
+
+		channel.List <- res
+		channel.Error <- err
+	}()
+
+	return channel
+}
+
+type SSOConfig struct {
+	*v1alpha1.SingleSignOnConfigSpec `json:",inline"`
+}
+
+func (builder *Builder) GetSSOConfig() (*SSOConfig, error) {
+	var ssoConfig v1alpha1.SingleSignOnConfig
+
+	if err := builder.Get(controllers.KALM_DEX_NAMESPACE, SSO_NAME, &ssoConfig); err != nil {
+		return nil, client.IgnoreNotFound(err)
+	}
+
+	return BuildSSOConfigFromResource(&ssoConfig), nil
+}
+
+func BuildSSOConfigFromResource(ssoConfig *v1alpha1.SingleSignOnConfig) *SSOConfig {
+	return &SSOConfig{
+		&ssoConfig.Spec,
+	}
+}
+
+func (builder *Builder) CreateSSOConfig(ssoConfig *SSOConfig) (*SSOConfig, error) {
+	sso := &v1alpha1.SingleSignOnConfig{
+		ObjectMeta: metaV1.ObjectMeta{
+			Name:      SSO_NAME,
+			Namespace: controllers.KALM_DEX_NAMESPACE,
+		},
+		Spec: *ssoConfig.SingleSignOnConfigSpec,
+	}
+
+	if err := builder.Create(sso); err != nil {
+		return nil, err
+	}
+
+	return BuildSSOConfigFromResource(sso), nil
+}
+
+func (builder *Builder) UpdateSSOConfig(ssoConfig *SSOConfig) (*SSOConfig, error) {
+	sso := &v1alpha1.SingleSignOnConfig{}
+
+	if err := builder.Get(controllers.KALM_DEX_NAMESPACE, SSO_NAME, sso); err != nil {
+		return nil, err
+	}
+
+	sso.Spec = *ssoConfig.SingleSignOnConfigSpec
+
+	if err := builder.Update(sso); err != nil {
+		return nil, err
+	}
+
+	return BuildSSOConfigFromResource(sso), nil
+}
+
+func (builder *Builder) DeleteSSOConfig() error {
+	return builder.Delete(&v1alpha1.SingleSignOnConfig{ObjectMeta: metaV1.ObjectMeta{Name: SSO_NAME, Namespace: controllers.KALM_DEX_NAMESPACE}})
+}

api/ws/watcher.go

@@ -30,6 +30,7 @@ func StartWatching(c *Client) {
 	registerWatchHandler(c, &informerCache, &v1alpha1.HttpsCert{}, buildHttpsCertResMessage)
 	registerWatchHandler(c, &informerCache, &v1alpha1.DockerRegistry{}, buildRegistryResMessage)
 	registerWatchHandler(c, &informerCache, &coreV1.PersistentVolumeClaim{}, buildVolumeResMessage)
+	registerWatchHandler(c, &informerCache, &v1alpha1.SingleSignOnConfig{}, buildSSOConfigResMessage)
 
 	informerCache.Start(c.StopWatcher)
 }
@@ -258,3 +259,28 @@ func buildVolumeResMessage(c *Client, action string, objWatched interface{}) (*R
 		Data:   volume,
 	}, nil
 }
+
+func buildSSOConfigResMessage(c *Client, action string, objWatched interface{}) (*ResMessage, error) {
+	ssoConfig, ok := objWatched.(*v1alpha1.SingleSignOnConfig)
+
+	if !ok {
+		return nil, errors.New("convert watch obj to SingleSignOnConfig failed")
+	}
+
+	if ssoConfig.Name != resources.SSO_NAME {
+		// Ignore non SSO_NAME notification
+		return nil, nil
+	}
+
+	builder := resources.NewBuilder(c.K8sClientset, c.K8SClientConfig, log.New())
+	ssoConfigRes, err := builder.GetSSOConfig()
+	if err != nil {
+		return nil, err
+	}
+
+	return &ResMessage{
+		Kind:   "SingleSignOnConfig",
+		Action: action,
+		Data:   ssoConfigRes,
+	}, nil
+}

codecov.yml

@@ -0,0 +1,2 @@
+ignore:
+  - "controller/api"

controller/api/v1alpha1/singlesignonconfig_types.go

@@ -27,9 +27,13 @@ type ExtAuthzEndpoint struct {
 }
 
 type DexConnector struct {
-	Type   string                `json:"type"`
-	ID     string                `json:"id"`
-	Name   string                `json:"name"`
+	// +kubebuilder:validation:Required
+	Type string `json:"type"`
+	// +kubebuilder:validation:Required
+	ID string `json:"id"`
+	// +kubebuilder:validation:Required
+	Name string `json:"name"`
+	// +kubebuilder:validation:Required
 	Config *runtime.RawExtension `json:"config"`
 }