github/paralus
1
0
Fork 0
mirror of https://github.com/paralus/paralus.git synced 2026-03-04 18:10:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
37 Commits 37 Branches 21 Tags
8464307c1e699d3497052f6697a3bc26eb376e5a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Akshay Gaikwad 8464307c1e SAML Authentication and IDP Service 
Initial SAML based authentication in usermgmt component

Signed-off-by: Akshay Gaikwad <akshay.gaikwad@rafay.co>

Update SAMLAuth middleware

- Get username from request body
- Validate for exiwstng session
- Redirect to IDP authentication when no valid session

Modification in SAML middlewares

- Reduce duplicate code by new function createSAMLMiddleware

Restructure saml package

- Moved SAML Middlewares to middleware.go
- Embed samlsp.Middleware into own struct

Use EntityDAO from common and mock Idp model for testing

Signed-off-by: Akshay Gaikwad <akshay.gaikwad@rafay.co>

Add IDP API definitions

Signed-off-by: Akshay Gaikwad <akshay.gaikwad@rafay.co>

Add interface for IdpService

Add id to UpdateIdp proto message

Add metadata_url to UpdateIdp message and limit to ListIdps rpc

Implement Idp Service methods

Update Idp model

Remove main.go and mocked idp model

Generate ACS URL and SAML SP cert

Change Id type in proto as well as in IDP model

Update IDP model struct tags

Set TimeFormat for IDP service

Update generateSpCert() and generateAcsURL()

Add idpServer which is wrapper around idpService

idpServer is a gRPC controller.

Add back-end validations for idp service
2022-01-17 11:29:55 +05:30
components
SAML Authentication and IDP Service
2022-01-17 11:29:55 +05:30
persistence/migrations
Update account id constraints to use kratos db
2022-01-12 17:35:38 +05:30
go.mod
Revert bun version to 1.0.20
2022-01-12 17:35:38 +05:30
go.sum
Revert bun version to 1.0.20
2022-01-12 17:35:38 +05:30
Makefile
initial commit for adminsrv
2021-12-28 14:23:52 +05:30
README.md
Switch kratos from using mem to db
2022-01-12 17:35:38 +05:30

README.md

rcloud-base

rcloud-base

Setting up the database

Create the initial db/user

Example for admindb:

create database admindb;
create user admindbuser;

Now in the newly created db:

CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
grant execute on function uuid_generate_v4() to admindbuser;

This will grant the necessary permission to the newly created user to run uuid_generate_v4()

Run application migrations

We use golang-migrate to perform migrations.

Install golang-migrate

go install -tags 'postgres' github.com/golang-migrate/migrate/v4/cmd/migrate@latest

-tags 'postgres' is important as otherwise it compiles without postgres support

You can refer to the guide for full details.

Run migrations

Example for admindb:

export POSTGRESQL_URL='postgres://<user>:<pass>@<host>:<port>/admindb?sslmode=disable'
migrate -path ./persistence/migrations/admindb -database "$POSTGRESQL_URL" up

See cli-usage for more info.

Reference in New Issue View Git Blame Copy Permalink
Description
All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.
access-managementcloud-securityhacktoberfesthacktoberfest2022k8s-access-managementkubernetes-securityzero-trust-securityztka
Readme Apache-2.0 20 MiB
Languages
Go 99.2%
Jsonnet 0.5%
PLpgSQL 0.1%