// NewCommndTemplateRouter provides CLI handler for the template router backend
func NewCommandTemplateRouter(name string) *cobra.Command {
cfg := &templateRouterConfig{
Config: clientcmd.NewConfig(),
}
cmd := &cobra.Command{
Use: fmt.Sprintf("%s%s", name, clientcmd.ConfigSyntax),
Short: "Start an OpenShift router",
Long: routerLong,
Run: func(c *cobra.Command, args []string) {
defaultCert := util.Env("DEFAULT_CERTIFICATE", "")
if len(defaultCert) > 0 {
cfg.DefaultCertificate = defaultCert
}
routerSvcNamespace := util.Env("ROUTER_SERVICE_NAMESPACE", "")
routerSvcName := util.Env("ROUTER_SERVICE_NAME", "")
cfg.RouterService = ktypes.NamespacedName{
Namespace: routerSvcNamespace,
Name: routerSvcName,
}
plugin, err := makeTemplatePlugin(cfg)
if err != nil {
glog.Fatal(err)
}
if err = start(cfg.Config, plugin); err != nil {
glog.Fatal(err)
}
},
}
cmd.AddCommand(version.NewVersionCommand(name))
flag := cmd.Flags()
cfg.Config.Bind(flag)
flag.StringVar(&cfg.TemplateFile, "template", util.Env("TEMPLATE_FILE", ""), "The path to the template file to use")
flag.StringVar(&cfg.ReloadScript, "reload", util.Env("RELOAD_SCRIPT", ""), "The path to the reload script to use")
flag.StringVar(&cfg.StatsPort, "stats-port", util.Env("STATS_PORT", ""), "If the underlying router implementation can provide statistics this is a hint to expose it on this port.")
flag.StringVar(&cfg.StatsPassword, "stats-password", util.Env("STATS_PASSWORD", ""), "If the underlying router implementation can provide statistics this is the requested password for auth.")
flag.StringVar(&cfg.StatsUsername, "stats-user", util.Env("STATS_USERNAME", ""), "If the underlying router implementation can provide statistics this is the requested username for auth.")
return cmd
}
// NewCommandDeployer provides a CLI handler for deploy.
func NewCommandDeployer(name string) *cobra.Command {
cfg := &config{
Config: clientcmd.NewConfig(),
}
cmd := &cobra.Command{
Use: fmt.Sprintf("%s%s", name, clientcmd.ConfigSyntax),
Short: "Run the OpenShift deployer",
Long: deployerLong,
Run: func(c *cobra.Command, args []string) {
_, kClient, err := cfg.Config.Clients()
if err != nil {
glog.Fatal(err)
}
if len(cfg.DeploymentName) == 0 {
glog.Fatal("deployment is required")
}
if len(cfg.Namespace) == 0 {
glog.Fatal("namespace is required")
}
deployer := NewDeployer(kClient)
if err = deployer.Deploy(cfg.Namespace, cfg.DeploymentName); err != nil {
glog.Fatal(err)
}
},
}
cmd.AddCommand(version.NewVersionCommand(name))
flag := cmd.Flags()
cfg.Config.Bind(flag)
flag.StringVar(&cfg.DeploymentName, "deployment", util.Env("OPENSHIFT_DEPLOYMENT_NAME", ""), "The deployment name to start")
flag.StringVar(&cfg.Namespace, "namespace", util.Env("OPENSHIFT_DEPLOYMENT_NAMESPACE", ""), "The deployment namespace")
return cmd
}
func TestCLIGetToken(t *testing.T) {
testutil.DeleteAllEtcdKeys()
// setup
etcdClient := testutil.NewEtcdClient()
etcdHelper, _ := master.NewEtcdHelper(etcdClient, latest.Version, etcdtest.PathPrefix())
accessTokenStorage := accesstokenetcd.NewREST(etcdHelper)
accessTokenRegistry := accesstokenregistry.NewRegistry(accessTokenStorage)
authorizeTokenStorage := authorizetokenetcd.NewREST(etcdHelper)
authorizeTokenRegistry := authorizetokenregistry.NewRegistry(authorizeTokenStorage)
clientStorage := clientetcd.NewREST(etcdHelper)
clientRegistry := clientregistry.NewRegistry(clientStorage)
clientAuthStorage := clientauthetcd.NewREST(etcdHelper)
clientAuthRegistry := clientauthregistry.NewRegistry(clientAuthStorage)
userStorage := useretcd.NewREST(etcdHelper)
userRegistry := userregistry.NewRegistry(userStorage)
identityStorage := identityetcd.NewREST(etcdHelper)
identityRegistry := identityregistry.NewRegistry(identityStorage)
identityMapper := identitymapper.NewAlwaysCreateUserIdentityToUserMapper(identityRegistry, userRegistry)
authRequestHandler := basicauthrequest.NewBasicAuthAuthentication(allowanypassword.New("get-token-test", identityMapper), true)
authHandler := oauthhandlers.NewUnionAuthenticationHandler(
map[string]oauthhandlers.AuthenticationChallenger{"login": passwordchallenger.NewBasicAuthChallenger("openshift")}, nil, nil)
storage := registrystorage.New(accessTokenRegistry, authorizeTokenRegistry, clientRegistry, oauthregistry.NewUserConversion())
config := osinserver.NewDefaultServerConfig()
grantChecker := oauthregistry.NewClientAuthorizationGrantChecker(clientAuthRegistry)
grantHandler := oauthhandlers.NewAutoGrant()
server := osinserver.New(
config,
storage,
osinserver.AuthorizeHandlers{
oauthhandlers.NewAuthorizeAuthenticator(
authRequestHandler,
authHandler,
oauthhandlers.EmptyError{},
),
oauthhandlers.NewGrantCheck(
grantChecker,
grantHandler,
oauthhandlers.EmptyError{},
),
},
osinserver.AccessHandlers{
oauthhandlers.NewDenyAccessAuthenticator(),
},
osinserver.NewDefaultErrorHandler(),
)
mux := http.NewServeMux()
server.Install(mux, origin.OpenShiftOAuthAPIPrefix)
oauthServer := httptest.NewServer(http.Handler(mux))
defer oauthServer.Close()
t.Logf("oauth server is on %v\n", oauthServer.URL)
// create the default oauth clients with redirects to our server
origin.CreateOrUpdateDefaultOAuthClients(oauthServer.URL, []string{oauthServer.URL}, clientRegistry)
flags := pflag.NewFlagSet("test-flags", pflag.ContinueOnError)
clientCfg := clientcmd.NewConfig()
clientCfg.Bind(flags)
flags.Parse(strings.Split("--master="+oauthServer.URL, " "))
reader := bytes.NewBufferString("user\npass")
accessToken, err := tokencmd.RequestToken(clientCfg.OpenShiftConfig(), reader, "", "")
if err != nil {
t.Errorf("Unexpected error: %v", err)
}
if len(accessToken) == 0 {
t.Error("Expected accessToken, but did not get one")
}
// lets see if this access token is any good
token, err := accessTokenRegistry.GetAccessToken(kapi.NewContext(), accessToken)
if err != nil {
t.Errorf("Unexpected error: %v", err)
}
if token.UserName != "user" {
t.Errorf("Expected token for \"user\", but got: %#v", token)
}
}
