github/paralus
1
0
Fork 0
mirror of https://github.com/paralus/paralus.git synced 2026-02-14 17:49:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #107 from RafayLabs/synchronizer-dockerfile

Browse Source 
Synchronizer dockerfile
This commit is contained in:
Nirav Parikh
2022-04-15 15:03:52 +05:30
committed by GitHub
parent 508eb61d4f 73f815d58a
commit 371bbc1076
3 changed files with 40 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
scripts/kratos/oidc_providers_example.yml Normal file
View File

@@ -0,0 +1,34 @@
selfservice:
methods:
oidc:
config:
providers:
# This is an example provider
- id: uuid
provider: generic
mapper_url: http://mydomain.com/github.schema.json
client_id: ...
client_secret: ...
scope:
- email
issuer_url: http://openid-connect-provider/
auth_url: http://openid-connect-provider/oauth2/auth
token_url: http://openid-connect-provider/oauth2/token
requested_claims:
userinfo:
given_name:
essential: true
nickname: null
email:
essential: true
email_verified:
essential: true
picture: null
http://example/info/claims/groups: null
id_token:
auth_time:
essential: true
acr:
values: ['urn:mace:incommon:iap:silver']
sub:
value: 248289761001

99
scripts/kratos/providers_sync.go Normal file
View File

@@ -0,0 +1,99 @@
package main
import (
"context"
"database/sql"
"fmt"
"os"
"time"
"github.com/cloudflare/cfssl/log"
"github.com/google/uuid"
"github.com/uptrace/bun"
"github.com/uptrace/bun/dialect/pgdialect"
"github.com/uptrace/bun/driver/pgdriver"
"gopkg.in/yaml.v2"
)
type Provider struct {
Id uuid.UUID `bun:"id,type:uuid"`
Provider string `bun:"provider_name,notnull"`
MapperURL string `bun:"mapper_url" yaml:"mapper_url"`
ClientId string `bun:"client_id,notnull" yaml:"client_id"`
ClientSecret string `bun:"client_secret,notnull" yaml:"client_secret"`
Scope []string `bun:"scopes,array,notnull"`
IssuerURL string `bun:"issuer_url,notnull" yaml:"issuer_url"`
AuthURL string `bun:"auth_url" yaml:"auth_url,omitempty"`
TokenURL string `bun:"token_url" yaml:"token_url,omitempty"`
RequestedClaims map[string]interface{} `bun:"type:jsonb" yaml:"requested_claims,omitempty"`
}
type Config struct {
Selfservice struct {
Methods struct {
Oidc struct {
Config struct {
Providers []Provider
}
}
}
}
}
var ProvidersDB []Provider
func sync(ctx context.Context, db *bun.DB, path string) error {
err := db.NewSelect().Model(&ProvidersDB).ModelTableExpr("authsrv_oidc_provider AS provider").Scan(ctx)
if err != nil {
return fmt.Errorf("failed to fetch providers from DB: %s", err)
}
var c Config
c.Selfservice.Methods.Oidc.Config.Providers = ProvidersDB
d, err := yaml.Marshal(&c)
if err != nil {
return fmt.Errorf("failed to marshal: %s", err)
}
err = os.WriteFile(path, d, 0644)
if err != nil {
return fmt.Errorf("failed to write data: %s", err)
}
return nil
}
func main() {
dsn := "postgres://"
outputPath := "/etc/kratos/providers.yaml"
ctx := context.Background()
channel := "provider:changed"
if len(os.Getenv("DSN")) != 0 {
dsn = os.Getenv("DSN")
}
if len(os.Getenv("KRATOS_PROVIDER_CFG")) != 0 {
outputPath = os.Getenv("KRATOS_PROVIDER_CFG")
}
sqldb := sql.OpenDB(pgdriver.NewConnector(pgdriver.WithDSN(dsn)))
db := bun.NewDB(sqldb, pgdialect.New())
ln := pgdriver.NewListener(db)
listen:
if err := ln.Listen(ctx, channel); err != nil {
log.Errorf("error listening for notifications on channel %q: %s", channel, err)
time.Sleep(2 * time.Second)
goto listen
}
log.Infof("Started listening for notification on channel %q", channel)
for range ln.Channel() {
log.Info("A notification received")
if err := sync(ctx, db, outputPath); err != nil {
log.Errorf("sync failed: %s", err)
} else {
log.Info("Synchronized successfully")
}
}
}