示例#1
0
文件: auth.go 项目: ZenoRewn/origin
// getGrantHandler returns the object that handles approving or rejecting grant requests
func (c *AuthConfig) getGrantHandler(mux cmdutil.Mux, auth authenticator.Request, clientregistry clientregistry.Getter, authregistry clientauthregistry.Registry) handlers.GrantHandler {
	startGrantServer := false

	var saGrantHandler handlers.GrantHandler
	switch c.Options.GrantConfig.ServiceAccountMethod {
	case configapi.GrantHandlerDeny:
		saGrantHandler = handlers.NewEmptyGrant()
	case configapi.GrantHandlerPrompt:
		startGrantServer = true
		saGrantHandler = handlers.NewRedirectGrant(OpenShiftApprovePrefix)
	default:
		glog.Fatalf("No grant handler found that matches %v.  The oauth server cannot start!", c.Options.GrantConfig.ServiceAccountMethod)
	}

	var standardGrantHandler handlers.GrantHandler
	switch c.Options.GrantConfig.Method {
	case configapi.GrantHandlerDeny:
		standardGrantHandler = handlers.NewEmptyGrant()
	case configapi.GrantHandlerAuto:
		standardGrantHandler = handlers.NewAutoGrant()
	case configapi.GrantHandlerPrompt:
		startGrantServer = true
		standardGrantHandler = handlers.NewRedirectGrant(OpenShiftApprovePrefix)
	default:
		glog.Fatalf("No grant handler found that matches %v.  The oauth server cannot start!", c.Options.GrantConfig.Method)
	}

	if startGrantServer {
		grantServer := grant.NewGrant(c.getCSRF(), auth, grant.DefaultFormRenderer, clientregistry, authregistry)
		grantServer.Install(mux, OpenShiftApprovePrefix)
	}

	return handlers.NewServiceAccountAwareGrant(standardGrantHandler, saGrantHandler)
}
示例#2
0
文件: auth.go 项目: abhgupta/origin
// getGrantHandler returns the object that handles approving or rejecting grant requests
func (c *AuthConfig) getGrantHandler(mux cmdutil.Mux, auth authenticator.Request, clientregistry clientregistry.Getter, authregistry clientauthregistry.Registry) handlers.GrantHandler {
	// check that the global default strategy is something we honor
	if !configapi.ValidGrantHandlerTypes.Has(string(c.Options.GrantConfig.Method)) {
		glog.Fatalf("No grant handler found that matches %v.  The OAuth server cannot start!", c.Options.GrantConfig.Method)
	}

	// Since any OAuth client could require prompting, we will unconditionally
	// start the GrantServer here.
	grantServer := grant.NewGrant(c.getCSRF(), auth, grant.DefaultFormRenderer, clientregistry, authregistry)
	grantServer.Install(mux, OpenShiftApprovePrefix)

	// Set defaults for standard clients. These can be overridden.
	return handlers.NewPerClientGrant(handlers.NewRedirectGrant(OpenShiftApprovePrefix),
		oauthapi.GrantHandlerType(c.Options.GrantConfig.Method))
}
示例#3
0
文件: auth.go 项目: redlocal/origin
// getGrantHandler returns the object that handles approving or rejecting grant requests
func (c *AuthConfig) getGrantHandler(mux cmdutil.Mux, auth authenticator.Request, clientregistry clientregistry.Registry, authregistry clientauthregistry.Registry) handlers.GrantHandler {
	switch c.Options.GrantConfig.Method {
	case configapi.GrantHandlerDeny:
		return handlers.NewEmptyGrant()

	case configapi.GrantHandlerAuto:
		return handlers.NewAutoGrant()

	case configapi.GrantHandlerPrompt:
		grantServer := grant.NewGrant(c.getCSRF(), auth, grant.DefaultFormRenderer, clientregistry, authregistry)
		grantServer.Install(mux, OpenShiftApprovePrefix)
		return handlers.NewRedirectGrant(OpenShiftApprovePrefix)

	default:
		glog.Fatalf("No grant handler found that matches %v.  The oauth server cannot start!", c.Options.GrantConfig.Method)
	}

	return nil
}