Documentation ¶
Overview ¶
Package upstreamgithub implements an abstraction of upstream GitHub provider interactions.
Index ¶
- type Provider
- func (p *Provider) ExchangeAuthcode(ctx context.Context, authcode string, redirectURI string) (string, error)
- func (p *Provider) GetAllowedOrganizations() *setutil.CaseInsensitiveSet
- func (p *Provider) GetAuthorizationURL() string
- func (p *Provider) GetClientID() string
- func (p *Provider) GetConfig() ProviderConfig
- func (p *Provider) GetGroupNameAttribute() supervisoridpv1alpha1.GitHubGroupNameAttribute
- func (p *Provider) GetResourceName() string
- func (p *Provider) GetResourceUID() types.UID
- func (p *Provider) GetScopes() []string
- func (p *Provider) GetUser(ctx context.Context, accessToken string, idpDisplayName string) (*upstreamprovider.GitHubUser, error)
- func (p *Provider) GetUsernameAttribute() supervisoridpv1alpha1.GitHubUsernameAttribute
- type ProviderConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Provider ¶
type Provider struct {
// contains filtered or unexported fields
}
func New ¶
func New(config ProviderConfig) *Provider
New creates a Provider. The config is not a pointer to ensure that a copy of the config is created, making the resulting Provider use an effectively read-only configuration.
func (*Provider) ExchangeAuthcode ¶
func (*Provider) GetAllowedOrganizations ¶
func (p *Provider) GetAllowedOrganizations() *setutil.CaseInsensitiveSet
func (*Provider) GetAuthorizationURL ¶
func (*Provider) GetClientID ¶
func (*Provider) GetConfig ¶
func (p *Provider) GetConfig() ProviderConfig
GetConfig returns the config. This is not part of the UpstreamGithubIdentityProviderI interface and is just for testing.
func (*Provider) GetGroupNameAttribute ¶
func (p *Provider) GetGroupNameAttribute() supervisoridpv1alpha1.GitHubGroupNameAttribute
func (*Provider) GetResourceName ¶
func (*Provider) GetResourceUID ¶
func (*Provider) GetUser ¶
func (p *Provider) GetUser(ctx context.Context, accessToken string, idpDisplayName string) (*upstreamprovider.GitHubUser, error)
GetUser will use the provided configuration to make HTTPS calls to the GitHub API to get the identity of the authenticated user and to discover their org and team memberships. If the user's information meets the AllowedOrganization criteria specified on the GitHubIdentityProvider, they will be allowed to log in. Note that errors from the githubclient package already have helpful error prefixes, so there is no need for additional prefixes here.
func (*Provider) GetUsernameAttribute ¶
func (p *Provider) GetUsernameAttribute() supervisoridpv1alpha1.GitHubUsernameAttribute
type ProviderConfig ¶
type ProviderConfig struct { Name string ResourceUID types.UID // APIBaseURL is the url of the GitHub API, not including the path to a specific API endpoint. // According to the GitHub docs, it should be either https://api.github.com/ for cloud // or https://HOSTNAME/api/v3/ for Enterprise Server. APIBaseURL string UsernameAttribute supervisoridpv1alpha1.GitHubUsernameAttribute GroupNameAttribute supervisoridpv1alpha1.GitHubGroupNameAttribute // AllowedOrganizations, when empty, means to allow users from all orgs. AllowedOrganizations *setutil.CaseInsensitiveSet // HttpClient is a client that can be used to call the GitHub APIs and token endpoint. // This client should be configured with the user-provided CA bundle and a timeout. HttpClient *http.Client // OAuth2Config contains ClientID, ClientSecret, Scopes, and Endpoint (which contains auth and token endpoint URLs, // and auth style for the token endpoint). // OAuth2Config will not be used to compute the authorize URL because the redirect back to the Supervisor's // callback must be different per FederationDomain. It holds data that may be useful when calculating the // authorize URL, so that data is exposed by interface methods. However, it can be used to call the token endpoint, // for which there is no RedirectURL needed. OAuth2Config *oauth2.Config }
ProviderConfig holds the active configuration of an upstream GitHub provider.