// getGrantHandler returns the object that handles approving or rejecting grant requests
func (c *AuthConfig) getGrantHandler(mux cmdutil.Mux, auth authenticator.Request, clientregistry clientregistry.Getter, authregistry clientauthregistry.Registry) handlers.GrantHandler {
startGrantServer := false
var saGrantHandler handlers.GrantHandler
switch c.Options.GrantConfig.ServiceAccountMethod {
case configapi.GrantHandlerDeny:
saGrantHandler = handlers.NewEmptyGrant()
case configapi.GrantHandlerPrompt:
startGrantServer = true
saGrantHandler = handlers.NewRedirectGrant(OpenShiftApprovePrefix)
default:
glog.Fatalf("No grant handler found that matches %v. The oauth server cannot start!", c.Options.GrantConfig.ServiceAccountMethod)
}
var standardGrantHandler handlers.GrantHandler
switch c.Options.GrantConfig.Method {
case configapi.GrantHandlerDeny:
standardGrantHandler = handlers.NewEmptyGrant()
case configapi.GrantHandlerAuto:
standardGrantHandler = handlers.NewAutoGrant()
case configapi.GrantHandlerPrompt:
startGrantServer = true
standardGrantHandler = handlers.NewRedirectGrant(OpenShiftApprovePrefix)
default:
glog.Fatalf("No grant handler found that matches %v. The oauth server cannot start!", c.Options.GrantConfig.Method)
}
if startGrantServer {
grantServer := grant.NewGrant(c.getCSRF(), auth, grant.DefaultFormRenderer, clientregistry, authregistry)
grantServer.Install(mux, OpenShiftApprovePrefix)
}
return handlers.NewServiceAccountAwareGrant(standardGrantHandler, saGrantHandler)
}
// getGrantHandler returns the object that handles approving or rejecting grant requests
func (c *AuthConfig) getGrantHandler(mux cmdutil.Mux, auth authenticator.Request, clientregistry clientregistry.Getter, authregistry clientauthregistry.Registry) handlers.GrantHandler {
// check that the global default strategy is something we honor
if !configapi.ValidGrantHandlerTypes.Has(string(c.Options.GrantConfig.Method)) {
glog.Fatalf("No grant handler found that matches %v. The OAuth server cannot start!", c.Options.GrantConfig.Method)
}
// Since any OAuth client could require prompting, we will unconditionally
// start the GrantServer here.
grantServer := grant.NewGrant(c.getCSRF(), auth, grant.DefaultFormRenderer, clientregistry, authregistry)
grantServer.Install(mux, OpenShiftApprovePrefix)
// Set defaults for standard clients. These can be overridden.
return handlers.NewPerClientGrant(handlers.NewRedirectGrant(OpenShiftApprovePrefix),
oauthapi.GrantHandlerType(c.Options.GrantConfig.Method))
}
// getGrantHandler returns the object that handles approving or rejecting grant requests
func (c *AuthConfig) getGrantHandler(mux cmdutil.Mux, auth authenticator.Request, clientregistry clientregistry.Registry, authregistry clientauthregistry.Registry) handlers.GrantHandler {
switch c.Options.GrantConfig.Method {
case configapi.GrantHandlerDeny:
return handlers.NewEmptyGrant()
case configapi.GrantHandlerAuto:
return handlers.NewAutoGrant()
case configapi.GrantHandlerPrompt:
grantServer := grant.NewGrant(c.getCSRF(), auth, grant.DefaultFormRenderer, clientregistry, authregistry)
grantServer.Install(mux, OpenShiftApprovePrefix)
return handlers.NewRedirectGrant(OpenShiftApprovePrefix)
default:
glog.Fatalf("No grant handler found that matches %v. The oauth server cannot start!", c.Options.GrantConfig.Method)
}
return nil
}