mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-05-01 01:48:11 +00:00
Contre
956d2f55c3
* feat(access-control): Add support for Kubernetes Label
* feat(access-control): Defaults to Docker
* feat(access-control): Remove kubeconfig fallback
* feat(watcher): Watcher for kubernetes service
* feat(watcher): Merge with main + remove nightly fix redirect
* fix(go): Go mod + Go sum after sync with main
* fix(config): Ser default value for LabelProvider to Docker
* feat(go): go mod tidy
* feat(k8s_service): Remove logic for deprecated Ingress k8s v1.22
* feat(k8s_service): (Watcher) -> Wait 5s before breaking to outer loop again
* feat(k8s_service): Remove logic for deprecated Ingress k8s v1.22
* feat(k8s_service): Remove logic for deprecated Ingress k8s v1.22
* feat(k8s_service): Remove logic for deprecated Ingress k8s v1.22
* feat(k8s_service): Remove
var _ = unstructured.Unstructured{} + comments + msg edits
* feat(bootstrap): Remove dockerService from bootstrap svc
* feat(auth_svc): Remove dockerService from authservice
* feat(test): Add tests for kubernetes_services
* feat(test): Remove docker serivce form proxy/user test
* fix(refactor): Remove update logic from watcher and resync
* fix(refactor): Split watchGVR to make it more readable
* fix(refactor): Remove discovery + drop K 1.22 completely
* fix(refactor): Move interface to acess_controls_service
* feat: Autodetect labelprovider if TINYAUTH_LABELPROVIDER not set
* fix(test): Match testing scheme to the controllers
* fix: service bootstrap import after merge
* fix: service bootstrap import after merge
59 lines
1.5 KiB
Go
59 lines
1.5 KiB
Go
package service
|
|
|
|
import (
|
|
"errors"
|
|
"strings"
|
|
|
|
"github.com/tinyauthapp/tinyauth/internal/config"
|
|
"github.com/tinyauthapp/tinyauth/internal/utils/tlog"
|
|
)
|
|
|
|
type LabelProvider interface {
|
|
GetLabels(appDomain string) (config.App, error)
|
|
}
|
|
|
|
type AccessControlsService struct {
|
|
labelProvider LabelProvider
|
|
static map[string]config.App
|
|
}
|
|
|
|
func NewAccessControlsService(labelProvider LabelProvider, static map[string]config.App) *AccessControlsService {
|
|
return &AccessControlsService{
|
|
labelProvider: labelProvider,
|
|
static: static,
|
|
}
|
|
}
|
|
|
|
func (acls *AccessControlsService) Init() error {
|
|
return nil // No initialization needed
|
|
}
|
|
|
|
func (acls *AccessControlsService) lookupStaticACLs(domain string) (config.App, error) {
|
|
for app, config := range acls.static {
|
|
if config.Config.Domain == domain {
|
|
tlog.App.Debug().Str("name", app).Msg("Found matching container by domain")
|
|
return config, nil
|
|
}
|
|
|
|
if strings.SplitN(domain, ".", 2)[0] == app {
|
|
tlog.App.Debug().Str("name", app).Msg("Found matching container by app name")
|
|
return config, nil
|
|
}
|
|
}
|
|
return config.App{}, errors.New("no results")
|
|
}
|
|
|
|
func (acls *AccessControlsService) GetAccessControls(domain string) (config.App, error) {
|
|
// First check in the static config
|
|
app, err := acls.lookupStaticACLs(domain)
|
|
|
|
if err == nil {
|
|
tlog.App.Debug().Msg("Using ACls from static configuration")
|
|
return app, nil
|
|
}
|
|
|
|
// Fallback to label provider
|
|
tlog.App.Debug().Msg("Falling back to label provider for ACLs")
|
|
return acls.labelProvider.GetLabels(domain)
|
|
}
|