mirror of
https://github.com/documize/community.git
synced 2025-08-08 06:55:28 +02:00
[WIP] Basic LDAP connectivity
This commit is contained in:
sauls8t
parent
f28b7497fa
commit
8d3dfcc3c7
72 changed files with 5039 additions and 3548 deletions
|
|
@ -64,7 +64,7 @@ func (h *Handler) Sync(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
// Exit if not using Keycloak
|
||||
if org.AuthProvider != "keycloak" {
|
||||
if org.AuthProvider != ath.AuthProviderKeycloak {
|
||||
result.Message = "Error: skipping user sync with Keycloak as it is not the configured option"
|
||||
result.IsError = true
|
||||
response.WriteJSON(w, result)
|
||||
|
|
@ -73,7 +73,7 @@ func (h *Handler) Sync(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
// Make Keycloak auth provider config
|
||||
c := keycloakConfig{}
|
||||
c := ath.KeycloakConfig{}
|
||||
err = json.Unmarshal([]byte(org.AuthConfig), &c)
|
||||
if err != nil {
|
||||
result.Message = "Error: unable read Keycloak configuration data"
|
||||
|
|
@ -121,6 +121,7 @@ func (h *Handler) Sync(w http.ResponseWriter, r *http.Request) {
|
|||
insert = append(insert, k)
|
||||
}
|
||||
}
|
||||
|
||||
// Track the number of Keycloak users with missing data.
|
||||
missing := 0
|
||||
|
||||
|
|
@ -153,7 +154,7 @@ func (h *Handler) Authenticate(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
|
||||
a := keycloakAuthRequest{}
|
||||
a := ath.KeycloakAuthRequest{}
|
||||
err = json.Unmarshal(body, &a)
|
||||
if err != nil {
|
||||
response.WriteBadRequestError(w, method, err.Error())
|
||||
|
|
@ -181,7 +182,7 @@ func (h *Handler) Authenticate(w http.ResponseWriter, r *http.Request) {
|
|||
ctx.OrgID = org.RefID
|
||||
|
||||
// Fetch Keycloak auth provider config
|
||||
ac := keycloakConfig{}
|
||||
ac := ath.KeycloakConfig{}
|
||||
err = json.Unmarshal([]byte(org.AuthConfig), &ac)
|
||||
if err != nil {
|
||||
response.WriteBadRequestError(w, method, "Unable to unmarshall Keycloak Public Key")
|
||||
|
|
|
|||
|
|
@ -28,12 +28,13 @@ import (
|
|||
"github.com/documize/community/domain"
|
||||
usr "github.com/documize/community/domain/user"
|
||||
"github.com/documize/community/model/account"
|
||||
"github.com/documize/community/model/auth"
|
||||
"github.com/documize/community/model/user"
|
||||
"github.com/pkg/errors"
|
||||
)
|
||||
|
||||
// Fetch gets list of Keycloak users for specified Realm, Client Id
|
||||
func Fetch(c keycloakConfig) (users []user.User, err error) {
|
||||
func Fetch(c auth.KeycloakConfig) (users []user.User, err error) {
|
||||
users = []user.User{}
|
||||
|
||||
form := url.Values{}
|
||||
|
|
@ -71,7 +72,7 @@ func Fetch(c keycloakConfig) (users []user.User, err error) {
|
|||
return users, errors.New("Keycloak authentication failed " + res.Status)
|
||||
}
|
||||
|
||||
ka := keycloakAPIAuth{}
|
||||
ka := auth.KeycloakAPIAuth{}
|
||||
err = json.Unmarshal(body, &ka)
|
||||
if err != nil {
|
||||
return users, err
|
||||
|
|
@ -114,7 +115,7 @@ func Fetch(c keycloakConfig) (users []user.User, err error) {
|
|||
return users, errors.New("Keycloak users list call failed " + res.Status)
|
||||
}
|
||||
|
||||
kcUsers := []keycloakUser{}
|
||||
kcUsers := []auth.KeycloakUser{}
|
||||
err = json.Unmarshal(body, &kcUsers)
|
||||
if err != nil {
|
||||
err = errors.Wrap(err, "cannot unmarshal Keycloak user list response")
|
||||
|
|
|
|||
|
|
@ -1,52 +0,0 @@
|
|||
// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
|
||||
//
|
||||
// This software (Documize Community Edition) is licensed under
|
||||
// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
|
||||
//
|
||||
// You can operate outside the AGPL restrictions by purchasing
|
||||
// Documize Enterprise Edition and obtaining a commercial license
|
||||
// by contacting <sales@documize.com>.
|
||||
//
|
||||
// https://documize.com
|
||||
|
||||
package keycloak
|
||||
|
||||
// Data received via Keycloak client library
|
||||
type keycloakAuthRequest struct {
|
||||
Domain string `json:"domain"`
|
||||
Token string `json:"token"`
|
||||
RemoteID string `json:"remoteId"`
|
||||
Email string `json:"email"`
|
||||
Username string `json:"username"`
|
||||
Firstname string `json:"firstname"`
|
||||
Lastname string `json:"lastname"`
|
||||
Enabled bool `json:"enabled"`
|
||||
}
|
||||
|
||||
// Keycloak server configuration
|
||||
type keycloakConfig struct {
|
||||
URL string `json:"url"`
|
||||
Realm string `json:"realm"`
|
||||
ClientID string `json:"clientId"`
|
||||
PublicKey string `json:"publicKey"`
|
||||
AdminUser string `json:"adminUser"`
|
||||
AdminPassword string `json:"adminPassword"`
|
||||
Group string `json:"group"`
|
||||
DisableLogout bool `json:"disableLogout"`
|
||||
DefaultPermissionAddSpace bool `json:"defaultPermissionAddSpace"`
|
||||
}
|
||||
|
||||
// keycloakAPIAuth is returned when authenticating with Keycloak REST API.
|
||||
type keycloakAPIAuth struct {
|
||||
AccessToken string `json:"access_token"`
|
||||
}
|
||||
|
||||
// keycloakUser details user record returned by Keycloak
|
||||
type keycloakUser struct {
|
||||
ID string `json:"id"`
|
||||
Username string `json:"username"`
|
||||
Email string `json:"email"`
|
||||
Firstname string `json:"firstName"`
|
||||
Lastname string `json:"lastName"`
|
||||
Enabled bool `json:"enabled"`
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue