func (s *MongoSuite) SetUpTest(c *C) { s.reset() s.Session = juju_testing.MgoServer.MustDial() { store, err := mongo.NewMongoStore(s.Session, "affinity_store_suite", "", "") c.Assert(err, IsNil) s.StoreSuite = testing.NewStoreSuite(store) s.StoreTests.SetUp(c) } { store, err := mongo.NewMongoStore(s.Session, "affinity_rbac_suite", "", "") c.Assert(err, IsNil) s.RbacSuite = testing.NewRbacSuite(store) s.RbacTests.SetUp(c) } }
func (s *MongoAuthSuite) SetUpTest(c *C) { s.reset() s.Session = juju_testing.MgoServer.MustDial() c.Assert(s.setPassword(), IsNil) { store, err := mongo.NewMongoStore(s.Session, "affinity_store_suite_auth", "admin", "password") c.Assert(err, IsNil) s.StoreSuite = testing.NewStoreSuite(store) s.StoreTests.SetUp(c) } { store, err := mongo.NewMongoStore(s.Session, "affinity_rbac_suite_auth", "admin", "password") c.Assert(err, IsNil) s.RbacSuite = testing.NewRbacSuite(store) s.RbacTests.SetUp(c) } }
func main() { flag.Parse() // affinity only redirects to https:// URLs for OpenID. // We'll create some self-signed certs for the demo if needed. err := examples.BuildCerts(*keyFile, *certFile, "localhost:8443") if err != nil { die(err) } session, err := mgo.Dial(*mgoAddr) if err != nil { die(fmt.Errorf("Failed to connect to store:%v", err)) } rbacStore, err := rbac_mongo.NewMongoStore(session, *mgoDbName, "", "") if err != nil { die(fmt.Errorf("Failed to find store:%v", err)) } sessionStore := sessions.NewCookieStore( securecookie.GenerateRandomKey(32), securecookie.GenerateRandomKey(32), ) demoContext := DemoHandler{ Store: rbacStore, Scheme: usso.NewOpenIdWeb("openid-demo", "", sessionStore), } r := mux.NewRouter() r.Handle("/", HomeHandler{&demoContext}) r.Handle("/login", LoginHandler{&demoContext}) r.Handle("/openidcallback", CallbackHandler{&demoContext}) // Send all incoming requests to mux.DefaultRouter. go http.ListenAndServe(":8080", RedirectToTls{}) err = http.ListenAndServeTLS(":8443", *certFile, *keyFile, r) if err != nil { die(err) } }
func (c *serveCmd) Main() { if c.extName == "" { Usage(c, "--name is required") } c.serviceAdmins = strings.Split(c.serviceAdminCsv, ",") for i := range c.serviceAdmins { c.serviceAdmins[i] = strings.TrimSpace(c.serviceAdmins[i]) } session, err := mgo.Dial(c.mongo) if err != nil { die(err) } store, err := mongo.NewMongoStore(session, c.dbname, "", "") if err != nil { die(err) } s := NewGroupServer(store) // Grant service role to configured admins for _, serviceAdmin := range c.serviceAdmins { admin := rbac.NewAdmin(store, group.GroupRoles) u, err := affinity.ParseUser(serviceAdmin) if err != nil { die(err) } err = admin.Grant(u, group.ServiceRole, group.ServiceResource) if err != nil { log.Println("Warning:", err) } } s.Schemes.Register(usso.NewOauthCli(c.extName, &affinity.PasswordUnavailable{})) err = http.ListenAndServe(c.addr, s) die(err) }