本文整理汇总了Golang中github.com/openshift/origin/pkg/oauth/api.GrantHandlerType函数的典型用法代码示例。如果您正苦于以下问题:Golang GrantHandlerType函数的具体用法?Golang GrantHandlerType怎么用?Golang GrantHandlerType使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了GrantHandlerType函数的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: autoConvert_v1_OAuthClient_To_api_OAuthClient
func autoConvert_v1_OAuthClient_To_api_OAuthClient(in *OAuthClient, out *api.OAuthClient, s conversion.Scope) error {
if err := api_v1.Convert_v1_ObjectMeta_To_api_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, s); err != nil {
return err
}
out.Secret = in.Secret
out.AdditionalSecrets = *(*[]string)(unsafe.Pointer(&in.AdditionalSecrets))
out.RespondWithChallenges = in.RespondWithChallenges
out.RedirectURIs = *(*[]string)(unsafe.Pointer(&in.RedirectURIs))
out.GrantMethod = api.GrantHandlerType(in.GrantMethod)
out.ScopeRestrictions = *(*[]api.ScopeRestriction)(unsafe.Pointer(&in.ScopeRestrictions))
return nil
}
示例2: getGrantHandler
// getGrantHandler returns the object that handles approving or rejecting grant requests
func (c *AuthConfig) getGrantHandler(mux cmdutil.Mux, auth authenticator.Request, clientregistry clientregistry.Getter, authregistry clientauthregistry.Registry) handlers.GrantHandler {
// check that the global default strategy is something we honor
if !configapi.ValidGrantHandlerTypes.Has(string(c.Options.GrantConfig.Method)) {
glog.Fatalf("No grant handler found that matches %v. The OAuth server cannot start!", c.Options.GrantConfig.Method)
}
// Since any OAuth client could require prompting, we will unconditionally
// start the GrantServer here.
grantServer := grant.NewGrant(c.getCSRF(), auth, grant.DefaultFormRenderer, clientregistry, authregistry)
grantServer.Install(mux, OpenShiftApprovePrefix)
// Set defaults for standard clients. These can be overridden.
return handlers.NewPerClientGrant(handlers.NewRedirectGrant(OpenShiftApprovePrefix),
oauthapi.GrantHandlerType(c.Options.GrantConfig.Method))
}
示例3: GetRestStorage
//.........这里部分代码省略.........
DCFn: deployConfigRegistry.GetDeploymentConfig,
RCFn: clientDeploymentInterface{kclient}.GetDeployment,
GRFn: deployrollback.NewRollbackGenerator().GenerateRollback,
}
deployConfigRollbackStorage := deployrollback.NewREST(configClient, kclient, c.ExternalVersionCodec)
projectStorage := projectproxy.NewREST(c.PrivilegedLoopbackKubernetesClient.Namespaces(), c.ProjectAuthorizationCache, c.ProjectAuthorizationCache, c.ProjectCache)
namespace, templateName, err := configapi.ParseNamespaceAndName(c.Options.ProjectConfig.ProjectRequestTemplate)
if err != nil {
glog.Errorf("Error parsing project request template value: %v", err)
// we can continue on, the storage that gets created will be valid, it simply won't work properly. There's no reason to kill the master
}
projectRequestStorage := projectrequeststorage.NewREST(c.Options.ProjectConfig.ProjectRequestMessage, namespace, templateName, c.PrivilegedLoopbackOpenShiftClient, c.PrivilegedLoopbackKubernetesClient, c.Informers.PolicyBindings().Lister())
bcClient := c.BuildConfigWebHookClient()
buildConfigWebHooks := buildconfigregistry.NewWebHookREST(
buildConfigRegistry,
buildclient.NewOSClientBuildConfigInstantiatorClient(bcClient),
map[string]webhook.Plugin{
"generic": generic.New(),
"github": github.New(),
},
)
clientStorage, err := clientetcd.NewREST(c.RESTOptionsGetter)
checkStorageErr(err)
clientRegistry := clientregistry.NewRegistry(clientStorage)
// If OAuth is disabled, set the strategy to Deny
saAccountGrantMethod := oauthapi.GrantHandlerDeny
if c.Options.OAuthConfig != nil {
// Otherwise, take the value provided in master-config.yaml
saAccountGrantMethod = oauthapi.GrantHandlerType(c.Options.OAuthConfig.GrantConfig.ServiceAccountMethod)
}
combinedOAuthClientGetter := saoauth.NewServiceAccountOAuthClientGetter(c.KubeClient(), c.KubeClient(), clientRegistry, saAccountGrantMethod)
authorizeTokenStorage, err := authorizetokenetcd.NewREST(c.RESTOptionsGetter, combinedOAuthClientGetter)
checkStorageErr(err)
accessTokenStorage, err := accesstokenetcd.NewREST(c.RESTOptionsGetter, combinedOAuthClientGetter)
checkStorageErr(err)
clientAuthorizationStorage, err := clientauthetcd.NewREST(c.RESTOptionsGetter, combinedOAuthClientGetter)
checkStorageErr(err)
templateStorage, err := templateetcd.NewREST(c.RESTOptionsGetter)
checkStorageErr(err)
storage := map[string]rest.Storage{
"images": imageStorage,
"imagesignatures": imageSignatureStorage,
"imageStreams/secrets": imageStreamSecretsStorage,
"imageStreams": imageStreamStorage,
"imageStreams/status": imageStreamStatusStorage,
"imageStreamImports": imageStreamImportStorage,
"imageStreamImages": imageStreamImageStorage,
"imageStreamMappings": imageStreamMappingStorage,
"imageStreamTags": imageStreamTagStorage,
"deploymentConfigs": deployConfigStorage,
"deploymentConfigs/scale": deployConfigScaleStorage,
"deploymentConfigs/status": deployConfigStatusStorage,
"deploymentConfigs/rollback": deployConfigRollbackStorage,
"deploymentConfigs/log": deploylogregistry.NewREST(configClient, kclient, c.DeploymentLogClient(), kubeletClient),
"deploymentConfigs/instantiate": dcInstantiateStorage,
// TODO: Deprecate these
示例4: InstallAPI
// InstallAPI registers endpoints for an OAuth2 server into the provided mux,
// then returns an array of strings indicating what endpoints were started
// (these are format strings that will expect to be sent a single string value).
func (c *AuthConfig) InstallAPI(container *restful.Container) ([]string, error) {
mux := c.getMux(container)
clientStorage, err := clientetcd.NewREST(c.RESTOptionsGetter)
if err != nil {
return nil, err
}
clientRegistry := clientregistry.NewRegistry(clientStorage)
combinedOAuthClientGetter := saoauth.NewServiceAccountOAuthClientGetter(c.KubeClient, c.KubeClient, clientRegistry, oauthapi.GrantHandlerType(c.Options.GrantConfig.ServiceAccountMethod))
accessTokenStorage, err := accesstokenetcd.NewREST(c.RESTOptionsGetter, combinedOAuthClientGetter, c.EtcdBackends...)
if err != nil {
return nil, err
}
accessTokenRegistry := accesstokenregistry.NewRegistry(accessTokenStorage)
authorizeTokenStorage, err := authorizetokenetcd.NewREST(c.RESTOptionsGetter, combinedOAuthClientGetter, c.EtcdBackends...)
if err != nil {
return nil, err
}
authorizeTokenRegistry := authorizetokenregistry.NewRegistry(authorizeTokenStorage)
clientAuthStorage, err := clientauthetcd.NewREST(c.RESTOptionsGetter, combinedOAuthClientGetter)
if err != nil {
return nil, err
}
clientAuthRegistry := clientauthregistry.NewRegistry(clientAuthStorage)
errorPageHandler, err := c.getErrorHandler()
if err != nil {
glog.Fatal(err)
}
authRequestHandler, authHandler, authFinalizer, err := c.getAuthorizeAuthenticationHandlers(mux, errorPageHandler)
if err != nil {
glog.Fatal(err)
}
storage := registrystorage.New(accessTokenRegistry, authorizeTokenRegistry, combinedOAuthClientGetter, registry.NewUserConversion())
config := osinserver.NewDefaultServerConfig()
if c.Options.TokenConfig.AuthorizeTokenMaxAgeSeconds > 0 {
config.AuthorizationExpiration = c.Options.TokenConfig.AuthorizeTokenMaxAgeSeconds
}
if c.Options.TokenConfig.AccessTokenMaxAgeSeconds > 0 {
config.AccessExpiration = c.Options.TokenConfig.AccessTokenMaxAgeSeconds
}
grantChecker := registry.NewClientAuthorizationGrantChecker(clientAuthRegistry)
grantHandler := c.getGrantHandler(mux, authRequestHandler, combinedOAuthClientGetter, clientAuthRegistry)
server := osinserver.New(
config,
storage,
osinserver.AuthorizeHandlers{
handlers.NewAuthorizeAuthenticator(
authRequestHandler,
authHandler,
errorPageHandler,
),
handlers.NewGrantCheck(
grantChecker,
grantHandler,
errorPageHandler,
),
authFinalizer,
},
osinserver.AccessHandlers{
handlers.NewDenyAccessAuthenticator(),
},
osinserver.NewDefaultErrorHandler(),
)
server.Install(mux, OpenShiftOAuthAPIPrefix)
if err := CreateOrUpdateDefaultOAuthClients(c.Options.MasterPublicURL, c.AssetPublicAddresses, clientRegistry); err != nil {
glog.Fatal(err)
}
browserClient, err := clientRegistry.GetClient(kapi.NewContext(), OpenShiftBrowserClientID)
if err != nil {
glog.Fatal(err)
}
osOAuthClientConfig := c.NewOpenShiftOAuthClientConfig(browserClient)
osOAuthClientConfig.RedirectUrl = c.Options.MasterPublicURL + path.Join(OpenShiftOAuthAPIPrefix, tokenrequest.DisplayTokenEndpoint)
osOAuthClient, _ := osincli.NewClient(osOAuthClientConfig)
if len(*c.Options.MasterCA) > 0 {
rootCAs, err := cmdutil.CertPoolFromFile(*c.Options.MasterCA)
if err != nil {
glog.Fatal(err)
}
osOAuthClient.Transport = knet.SetTransportDefaults(&http.Transport{
TLSClientConfig: &tls.Config{RootCAs: rootCAs},
})
}
tokenRequestEndpoints := tokenrequest.NewEndpoints(c.Options.MasterPublicURL, osOAuthClient)
tokenRequestEndpoints.Install(mux, OpenShiftOAuthAPIPrefix)
//.........这里部分代码省略.........