Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitb4925a7

Browse files
committed
move the config into api options
1 parent89cf64c commitb4925a7

File tree

7 files changed

+49
-26
lines changed

7 files changed

+49
-26
lines changed

‎cli/server.go‎

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,6 @@ import (
5656
"cdr.dev/slog"
5757
"cdr.dev/slog/sloggers/sloghuman"
5858
"github.com/coder/coder/v2/coderd/entitlements"
59-
"github.com/coder/coder/v2/coderd/idpsync"
6059
"github.com/coder/pretty"
6160
"github.com/coder/quartz"
6261
"github.com/coder/retry"
@@ -199,11 +198,6 @@ func createOIDCConfig(ctx context.Context, logger slog.Logger, set *entitlements
199198
SignupsDisabledText:vals.OIDC.SignupsDisabledText.String(),
200199
IconURL:vals.OIDC.IconURL.String(),
201200
IgnoreEmailVerified:vals.OIDC.IgnoreEmailVerified.Value(),
202-
IDPSync:idpsync.NewSync(logger,set, idpsync.SyncSettings{
203-
OrganizationField:vals.OIDC.OrganizationField.Value(),
204-
OrganizationMapping:vals.OIDC.OrganizationMapping.Value,
205-
OrganizationAssignDefault:vals.OIDC.OrganizationAssignDefault.Value(),
206-
}),
207201
},nil
208202
}
209203

‎coderd/coderd.go‎

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ import (
3838

3939
"cdr.dev/slog"
4040
"github.com/coder/coder/v2/coderd/entitlements"
41+
"github.com/coder/coder/v2/coderd/idpsync"
4142
"github.com/coder/quartz"
4243
"github.com/coder/serpent"
4344

@@ -243,6 +244,9 @@ type Options struct {
243244
WorkspaceUsageTracker*workspacestats.UsageTracker
244245
// NotificationsEnqueuer handles enqueueing notifications for delivery by SMTP, webhook, etc.
245246
NotificationsEnqueuer notifications.Enqueuer
247+
248+
// IDPSync holds all configured values for syncing external IDP users into Coder.
249+
IDPSync idpsync.IDPSync
246250
}
247251

248252
// @title Coder API
@@ -270,6 +274,13 @@ func New(options *Options) *API {
270274
ifoptions.Entitlements==nil {
271275
options.Entitlements=entitlements.New()
272276
}
277+
ifoptions.IDPSync==nil {
278+
options.IDPSync=idpsync.NewAGPLSync(options.Logger, idpsync.SyncSettings{
279+
OrganizationField:options.DeploymentValues.OIDC.OrganizationField.Value(),
280+
OrganizationMapping:options.DeploymentValues.OIDC.OrganizationMapping.Value,
281+
OrganizationAssignDefault:options.DeploymentValues.OIDC.OrganizationAssignDefault.Value(),
282+
})
283+
}
273284
ifoptions.NewTicker==nil {
274285
options.NewTicker=func(duration time.Duration) (tick<-chan time.Time,donefunc()) {
275286
ticker:=time.NewTicker(duration)

‎coderd/idpsync/idpsync.go‎

Lines changed: 1 addition & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -11,22 +11,11 @@ import (
1111

1212
"cdr.dev/slog"
1313
"github.com/coder/coder/v2/coderd/database"
14-
"github.com/coder/coder/v2/coderd/entitlements"
1514
"github.com/coder/coder/v2/coderd/httpapi"
1615
"github.com/coder/coder/v2/codersdk"
1716
"github.com/coder/coder/v2/site"
1817
)
1918

20-
// NewSync is a factory function for creating an IDP sync object.
21-
// Due to the way we instantiate Coder, there is no way for the enterprise
22-
// cli wrapper to pass in the enterprise IDP sync object.
23-
// So instead, if the code is compiled with the enterprise logic, it will
24-
// override this function to return the enterprise IDP sync object.
25-
// For unit testing, the callers can specifically choose which "NewSync" to use.
26-
varNewSync=func(logger slog.Logger,set*entitlements.Set,settingsSyncSettings)IDPSync {
27-
returnNewAGPLSync(logger,set,settings)
28-
}
29-
3019
typeIDPSyncinterface {
3120
// ParseOrganizationClaims takes claims from an OIDC provider, and returns the
3221
// organization sync params for assigning users into organizations.
@@ -57,7 +46,7 @@ type SyncSettings struct {
5746
OrganizationAssignDefaultbool
5847
}
5948

60-
funcNewAGPLSync(logger slog.Logger,_*entitlements.Set,settingsSyncSettings)*AGPLIDPSync {
49+
funcNewAGPLSync(logger slog.Logger,settingsSyncSettings)*AGPLIDPSync {
6150
return&AGPLIDPSync{
6251
Logger:logger.Named("idp-sync"),
6352
SyncSettings:settings,

‎coderd/idpsync/organization.go‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ import (
1616
"github.com/coder/coder/v2/coderd/util/slice"
1717
)
1818

19-
func (sAGPLIDPSync)ParseOrganizationClaims(ctx context.Context,_ jwt.MapClaims) (OrganizationParams,*HTTPError) {
19+
func (sAGPLIDPSync)ParseOrganizationClaims(_ context.Context,_ jwt.MapClaims) (OrganizationParams,*HTTPError) {
2020
// For AGPL we only sync the default organization.
2121
returnOrganizationParams{
2222
SyncEnabled:false,

‎coderd/userauth.go‎

Lines changed: 2 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -742,9 +742,6 @@ type OIDCConfig struct {
742742
// support the userinfo endpoint, or if the userinfo endpoint causes
743743
// undesirable behavior.
744744
IgnoreUserInfobool
745-
// IDPSync contains all the configuration for syncing user information
746-
// from the external IDP.
747-
IDPSync idpsync.IDPSync
748745

749746
// TODO: Move all idp fields into the IDPSync struct
750747
// GroupField selects the claim field to be used as the created user's
@@ -1030,7 +1027,7 @@ func (api *API) userOIDC(rw http.ResponseWriter, r *http.Request) {
10301027
return
10311028
}
10321029

1033-
orgSync,orgSyncErr:=api.OIDCConfig.IDPSync.ParseOrganizationClaims(ctx,mergedClaims)
1030+
orgSync,orgSyncErr:=api.IDPSync.ParseOrganizationClaims(ctx,mergedClaims)
10341031
iforgSyncErr!=nil {
10351032
orgSyncErr.Write(rw,r)
10361033
return
@@ -1491,9 +1488,7 @@ func (api *API) oauthLogin(r *http.Request, params *oauthLoginParams) ([]*http.C
14911488
}
14921489
}
14931490

1494-
// Only OIDC really supports syncing like this. At some point, we might
1495-
// want to move this configuration and allow github to allow do org syncing.
1496-
err=api.OIDCConfig.IDPSync.SyncOrganizations(ctx,tx,user,params.OrganizationSync)
1491+
err=api.IDPSync.SyncOrganizations(ctx,tx,user,params.OrganizationSync)
14971492
iferr!=nil {
14981493
returnxerrors.Errorf("sync organizations: %w",err)
14991494
}

‎codersdk/deployment.go‎

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1545,6 +1545,31 @@ when required by your organization's security policy.`,
15451545
Group:&deploymentGroupOIDC,
15461546
YAML:"ignoreUserInfo",
15471547
},
1548+
{
1549+
Name:"OIDC Organization Field",
1550+
Description:"This field must be set if using the organization sync feature."+
1551+
" Set to the claim to be used for organizations.",
1552+
Flag:"oidc-organization-field",
1553+
Env:"CODER_OIDC_ORGANIZATION_FIELD",
1554+
// Empty value means sync is disabled
1555+
Default:"",
1556+
Value:&c.OIDC.OrganizationField,
1557+
Group:&deploymentGroupOIDC,
1558+
YAML:"organizationField",
1559+
},
1560+
{
1561+
Name:"OIDC Assign Default Organization",
1562+
Description:"If set to true, users will always be added to the default organization. "+
1563+
"If organization sync is enabled, then the default org is always added to the user's set of expected"+
1564+
"organizations.",
1565+
Flag:"oidc-organization-assign-default",
1566+
Env:"CODER_OIDC_ORGANIZATION_ASSIGN_DEFAULT",
1567+
// Single org deployments should always have this enabled.
1568+
Default:"true",
1569+
Value:&c.OIDC.OrganizationAssignDefault,
1570+
Group:&deploymentGroupOIDC,
1571+
YAML:"organizationAssignDefault",
1572+
},
15481573
{
15491574
Name:"OIDC Group Field",
15501575
Description:"This field must be set if using the group sync feature and the scope name is not 'groups'. Set to the claim to be used for groups.",

‎enterprise/coderd/coderd.go‎

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,8 +16,10 @@ import (
1616
"github.com/coder/coder/v2/coderd/appearance"
1717
"github.com/coder/coder/v2/coderd/database"
1818
"github.com/coder/coder/v2/coderd/entitlements"
19+
"github.com/coder/coder/v2/coderd/idpsync"
1920
agplportsharing"github.com/coder/coder/v2/coderd/portsharing"
2021
"github.com/coder/coder/v2/coderd/rbac/policy"
22+
"github.com/coder/coder/v2/enterprise/coderd/enidpsync"
2123
"github.com/coder/coder/v2/enterprise/coderd/portsharing"
2224

2325
"golang.org/x/xerrors"
@@ -78,6 +80,13 @@ func New(ctx context.Context, options *Options) (_ *API, err error) {
7880
ifoptions.Entitlements==nil {
7981
options.Entitlements=entitlements.New()
8082
}
83+
ifoptions.IDPSync==nil {
84+
options.IDPSync=enidpsync.NewSync(options.Logger,options.Entitlements, idpsync.SyncSettings{
85+
OrganizationField:options.DeploymentValues.OIDC.OrganizationField.Value(),
86+
OrganizationMapping:options.DeploymentValues.OIDC.OrganizationMapping.Value,
87+
OrganizationAssignDefault:options.DeploymentValues.OIDC.OrganizationAssignDefault.Value(),
88+
})
89+
}
8190

8291
ctx,cancelFunc:=context.WithCancel(ctx)
8392

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp