Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(authn/oauth2): Add commands for byo oauth2 #963

Merged
merged 1 commit into from
Jun 5, 2018
Merged

feat(authn/oauth2): Add commands for byo oauth2 #963

merged 1 commit into from
Jun 5, 2018

Conversation

awalker125
Copy link
Contributor

@awalker125 awalker125 commented Jun 3, 2018
edited
Loading

This PR implements a BYO oauth config mechanism via halyard.

See

#956

spinnaker/spinnaker#2856

spinnaker/spinnaker#2664

Example byo comand

./hal config security authn oauth2 edit \
--client-id YYYYYYYYYYYYYYYYY \
--client-secret XXXXXX \
--provider byo \
--access-token-uri https://example.com/login/oauth/access_token \
--user-authorization-uri https://example.com/login/oauth/authorize \
--user-info-uri https://example.com/api/v3/user \
--scope all \
--client-authentication-scheme query \
--user-info-requirements foo=bar \
--user-info-requirements baz=qux \
--user-info-mapping-username username \
--user-info-mapping-first-name firstname \
--user-info-mapping-last-name lastname \
--user-info-mapping-email email```

stewchen
stewchen approved these changes Jun 4, 2018
View reviewed changes
Copy link
Contributor

@stewchen stewchen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@stewchen stewchen requested a review from ttomsu June 4, 2018 19:03
@usrleon
Copy link

usrleon commented Jun 4, 2018

Current documentation says I must provide all data in gate-local.yml file, but according to example all data provided in command line. So what is the way?

@awalker125
Copy link
Contributor Author

awalker125 commented Jun 4, 2018
edited
Loading

@usrleon currently it must be done in gate-local.yml. If this gets approved then either should work.

@stewchen
Copy link
Contributor

stewchen commented Jun 4, 2018

We will move from setting gate-local.yml to using halyard like described here once the PR is merged and released.

ttomsu
ttomsu requested changes Jun 4, 2018
View reviewed changes
halyard-config/src/main/java/com/netflix/spinnaker/halyard/config/model/v1/security/OAuth2.java Outdated
@@ -168,6 +181,7 @@ public String toString() {
AZURE("azure"),
GITHUB("github"),
ORACLE("oracle"),
BYO("byo"),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we name this "other" or "custom"? Simply "byo" isn't clear that it means "bring your own".

@awalker125
Copy link
Contributor Author

I've changed byo to other

@stewchen stewchen merged commit ebb30f3 into spinnaker:master Jun 5, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ttomsu ttomsu ttomsu requested changes

@stewchen stewchen stewchen approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@awalker125 @usrleon @stewchen @ttomsu