v1.7.0
This commit is contained in:
@@ -15,7 +15,6 @@ import (
|
||||
"sync"
|
||||
|
||||
"github.com/google/go-querystring/query"
|
||||
"golang.org/x/oauth2"
|
||||
"repository.basistech.ru/BASIS/decort-golang-sdk/config"
|
||||
"repository.basistech.ru/BASIS/decort-golang-sdk/pkg/cloudapi"
|
||||
k8s_ca "repository.basistech.ru/BASIS/decort-golang-sdk/pkg/cloudapi/k8s"
|
||||
@@ -26,16 +25,9 @@ import (
|
||||
// HTTP-client for platform
|
||||
type BVSDecortClient struct {
|
||||
client *http.Client
|
||||
cfg *oauth2.Config
|
||||
cfg config.BVSConfig
|
||||
mutex *sync.Mutex
|
||||
token *oauth2.Token
|
||||
decortURL string
|
||||
username string
|
||||
password string
|
||||
}
|
||||
|
||||
type ProviderEndpoint struct {
|
||||
TokenURL string `json:"token_endpoint"`
|
||||
}
|
||||
|
||||
// Сlient builder
|
||||
@@ -43,11 +35,6 @@ func NewBVS(cfg config.BVSConfig) *BVSDecortClient {
|
||||
if cfg.Retries == 0 {
|
||||
cfg.Retries = 5
|
||||
}
|
||||
// if cfg.Token.AccessToken != "" {
|
||||
|
||||
// }
|
||||
ctx := context.Background()
|
||||
providerEndpoint, _ := GetEndpoint(ctx, cfg.SSOURL, cfg.Domain, cfg.SSLSkipVerify)
|
||||
|
||||
return &BVSDecortClient{
|
||||
decortURL: cfg.DecortURL,
|
||||
@@ -59,15 +46,8 @@ func NewBVS(cfg config.BVSConfig) *BVSDecortClient {
|
||||
},
|
||||
},
|
||||
},
|
||||
cfg: &oauth2.Config{
|
||||
ClientID: cfg.AppID,
|
||||
ClientSecret: cfg.AppSecret,
|
||||
Endpoint: providerEndpoint,
|
||||
},
|
||||
mutex: &sync.Mutex{},
|
||||
token: &cfg.Token,
|
||||
username: cfg.Username,
|
||||
password: cfg.Password,
|
||||
cfg: cfg,
|
||||
mutex: &sync.Mutex{},
|
||||
}
|
||||
}
|
||||
|
||||
@@ -131,14 +111,14 @@ func (bdc *BVSDecortClient) getToken(ctx context.Context) error {
|
||||
bdc.mutex.Lock()
|
||||
defer bdc.mutex.Unlock()
|
||||
|
||||
if !bdc.token.Valid() {
|
||||
if !bdc.cfg.Token.Valid() {
|
||||
|
||||
body := fmt.Sprintf("grant_type=password&client_id=%s&client_secret=%s&username=%s&password=%s&response_type=token", bdc.cfg.ClientID, bdc.cfg.ClientSecret, bdc.username, bdc.password)
|
||||
body := fmt.Sprintf("grant_type=password&client_id=%s&client_secret=%s&username=%s&password=%s&response_type=token&scope=openid", bdc.cfg.AppID, bdc.cfg.AppSecret, bdc.cfg.Username, bdc.cfg.Password)
|
||||
bodyReader := strings.NewReader(body)
|
||||
// body := fmt.Sprintf("grant_type=client_credentials&client_id=%s&client_secret=%s&", bdc.cfg.ClientID, bdc.cfg.ClientSecret)
|
||||
// bodyReader := strings.NewReader(body)
|
||||
|
||||
bdc.cfg.SSOURL = strings.TrimSuffix(bdc.cfg.SSOURL, "/")
|
||||
|
||||
req, _ := http.NewRequestWithContext(ctx, "POST", bdc.cfg.Endpoint.TokenURL, bodyReader)
|
||||
req, _ := http.NewRequestWithContext(ctx, "POST", bdc.cfg.SSOURL+"/realms/"+bdc.cfg.Domain+"/protocol/openid-connect/token", bodyReader)
|
||||
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
||||
|
||||
resp, err := bdc.client.Do(req)
|
||||
@@ -153,7 +133,7 @@ func (bdc *BVSDecortClient) getToken(ctx context.Context) error {
|
||||
return fmt.Errorf("cannot get token: %s", tokenBytes)
|
||||
}
|
||||
|
||||
err = json.Unmarshal(tokenBytes, &bdc.token)
|
||||
err = json.Unmarshal(tokenBytes, &bdc.cfg.Token)
|
||||
if err != nil {
|
||||
return fmt.Errorf("cannot unmarshal token: %s", tokenBytes)
|
||||
}
|
||||
@@ -168,7 +148,7 @@ func (bdc *BVSDecortClient) do(req *http.Request, ctype string) (*http.Response,
|
||||
} else {
|
||||
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
||||
}
|
||||
bdc.token.SetAuthHeader(req)
|
||||
bdc.cfg.Token.SetAuthHeader(req)
|
||||
req.Header.Set("Accept", "application/json")
|
||||
|
||||
// var resp *http.Response
|
||||
@@ -180,7 +160,7 @@ func (bdc *BVSDecortClient) do(req *http.Request, ctype string) (*http.Response,
|
||||
req.Body = io.NopCloser(bytes.NewBuffer(buf))
|
||||
resp, err := bdc.client.Do(req)
|
||||
// if err == nil {
|
||||
if resp.StatusCode != 200 {
|
||||
if resp.StatusCode == 200 {
|
||||
return resp, err
|
||||
}
|
||||
respBytes, _ := io.ReadAll(resp.Body)
|
||||
@@ -419,39 +399,3 @@ func createK8sCloudBrokerBVS(req k8s_cb.CreateRequest) (*bytes.Buffer, string) {
|
||||
writer.Close()
|
||||
return reqBody, ct
|
||||
}
|
||||
|
||||
func GetEndpoint(ctx context.Context, issuer string, domain string, skip bool) (oauth2.Endpoint, error) {
|
||||
wellKnown := issuer + "/" + domain + "/.well-known/openid-configuration"
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", wellKnown, nil)
|
||||
if err != nil {
|
||||
return oauth2.Endpoint{}, err
|
||||
}
|
||||
|
||||
client := &http.Client{
|
||||
Transport: &http.Transport{
|
||||
TLSClientConfig: &tls.Config{
|
||||
//nolint:gosec
|
||||
InsecureSkipVerify: skip,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
return oauth2.Endpoint{}, err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
body, err := io.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
return oauth2.Endpoint{}, fmt.Errorf("unable to read response body: %w", err)
|
||||
}
|
||||
|
||||
var p ProviderEndpoint
|
||||
err = json.Unmarshal(body, &p)
|
||||
if err != nil {
|
||||
return oauth2.Endpoint{}, fmt.Errorf("cannot unmarshal endpoint: %s", body)
|
||||
}
|
||||
|
||||
return oauth2.Endpoint{TokenURL: p.TokenURL}, nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user