Merge pull request #145 from ImMin5/master

Refactor external auth apis

src/spaceone/identity/connector/external_auth_plugin_connector.py

@@ -0,0 +1,79 @@
+import logging
+
+from spaceone.core.connector import BaseConnector
+
+from spaceone.identity.error.error_authentication import *
+
+_LOGGER = logging.getLogger(__name__)
+
+
+class ExternalAuthPluginConnector(BaseConnector):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.client = None
+
+    def initialize(self, endpoint):
+        static_endpoint = self.config.get("endpoint")
+
+        if static_endpoint:
+            endpoint = static_endpoint
+
+        _LOGGER.info(f"[initialize] endpoint: {endpoint}")
+        self.client = self.locator.get_connector("SpaceConnector", endpoint=endpoint)
+
+    def init(self, options: dict, domain_id: str):
+        params = {"options": options, "domain_id": domain_id}
+
+        try:
+            return self.client.dispatch("ExternalAuth.init", params)
+
+        except ERROR_BASE as e:
+            raise ERROR_AUTHENTICATION_FAILURE_PLUGIN(message=e.message)
+        except Exception as e:
+            raise ERROR_AUTHENTICATION_FAILURE_PLUGIN(messsage=str(e))
+
+    def authorize(self, credentials, options, secret_data, domain_id, schema_id=None):
+        params = {
+            "options": options,
+            "secret_data": secret_data,
+            "user_credentials": credentials,
+            "schema_id": schema_id,
+            "domain_id": domain_id,
+        }
+
+        try:
+            user_info = self.client.dispatch("ExternalAuth.authorize", params)
+            return user_info
+        except ERROR_BASE as e:
+            _LOGGER.error(
+                f"[authorize] ExternalAuth.authorize failed. (reason={e.message})"
+            )
+            raise ERROR_INVALID_CREDENTIALS()
+        except Exception as e:
+            _LOGGER.error(
+                f"[authorize] ExternalAuth.authorize failed. (reason={str(e)})"
+            )
+            raise ERROR_INVALID_CREDENTIALS()
+
+    # def call_find(self, keyword, user_id, options, secret_data={}, schema=None):
+    #     params = {
+    #         "options": options,
+    #         "secret_data": secret_data,
+    #         "schema": schema,
+    #         "keyword": keyword,
+    #         "user_id": user_id,
+    #     }
+    #     _LOGGER.info(f"[call_find] params: {params}")
+    #
+    #     try:
+    #         response = self.client.Auth.find(
+    #             params, metadata=self.transaction.get_connection_meta()
+    #         )
+    #
+    #         _LOGGER.debug(f"[call_find] MessageToDict(user_info): {users_info}")
+    #         return users_info
+    #
+    #     except ERROR_BASE as e:
+    #         raise ERROR_AUTHENTICATION_FAILURE_PLUGIN(message=e.message)
+    #     except Exception as e:
+    #         raise ERROR_AUTHENTICATION_FAILURE_PLUGIN(messsage=str(e))

src/spaceone/identity/managed_resource/schema/email_smtp.yaml

@@ -0,0 +1,30 @@
+---
+schema_id: email-smtp
+name: Email SMTP
+schema_type: SECRET
+schema:
+  properties:
+    password:
+      minLength: 4.0
+      title: SMTP Password
+      type: string
+    smtp_host:
+      minLength: 4.0
+      title: SMTP Host
+      type: string
+    smtp_port:
+      minLength: 2.0
+      title: SMTP Port
+      type: integer
+    user:
+      minLength: 4.0
+      title: SMTP User
+      type: string
+  required:
+    - smtp_host
+    - smtp_port
+    - user
+    - password
+  type: object
+tags:
+  description: Email SMTP Auth

src/spaceone/identity/managed_resource/schema/google_cloud_oauth2_credentials.yaml

@@ -0,0 +1,64 @@
+---
+schema_id: google-cloud-oauth2-credentials
+name: Google Cloud OAuth2 Credentials
+version: '1.0'
+schema_type: SECRET
+schema:
+  properties:
+    auth_provider_x509_cert_url:
+      default: https://www.googleapis.com/oauth2/v1/certs
+      minLength: 4.0
+      title: Auth Provider X509 Cert URL
+      type: string
+    auth_uri:
+      default: https://acounts.google.com/o/oauth2/auth
+      minLength: 4.0
+      title: Auth URI
+      type: string
+    client_email:
+      minLength: 4.0
+      title: Client Email
+      type: string
+    client_id:
+      minLength: 4.0
+      title: Client ID
+      type: string
+    client_x509_cert_url:
+      minLength: 4.0
+      title: Client X509 Cert URL
+      type: string
+    private_key:
+      minLength: 4.0
+      title: Private Key
+      type: string
+    private_key_id:
+      minLength: 4.0
+      title: Private Key ID
+      type: string
+    project_id:
+      minLength: 4.0
+      title: Project ID
+      type: string
+    token_uri:
+      default: https://oauth2.googleapis.com/token
+      minLength: 4.0
+      title: Token URI
+      type: string
+    type:
+      default: service_account
+      minLength: 4.0
+      title: Type
+      type: string
+  required:
+    - type
+    - project_id
+    - private_key_id
+    - private_key
+    - client_email
+    - client_id
+    - auth_uri
+    - token_uri
+    - auth_provider_x509_cert_url
+    - client_x509_cert_url
+  type: object
+provider: google_cloud

src/spaceone/identity/managed_resource/schema/google_cloud_project_id.yaml

@@ -0,0 +1,15 @@
+---
+schema_id: google-cloud-project-id
+name: Google Cloud Project ID
+version: '1.0'
+schema_type: TRUSTING_SECRET
+schema:
+  properties:
+    project_id:
+      minLength: 4.0
+      title: Project ID
+      type: string
+  required:
+    - project_id
+  type: object
+provider: google_cloud

src/spaceone/identity/managed_resource/schema/google_cloud_service_account.yaml

@@ -0,0 +1,54 @@
+---
+schema_id: google-cloud-service-account
+name: Google Cloud Service Account
+version: '1.0'
+schema_type: SERVICE_ACCOUNT
+schema:
+  type: object
+  properties:
+    project_id:
+      title: Project ID
+      type: string
+      minLength: 4
+  required:
+    - project_id
+provider: google_cloud
+related_schemas:
+  - google-cloud-oauth2-credentials
+  - google-cloud-project-id
+options:
+  external_link_template: https://console.cloud.google.com/home/dashboard?project=<%-data.project_id %>
+  help:
+    en:
+      en: |
+        # Getting started with Google Cloud
+        
+        ## Identifying Your Project
+        
+        Get your Project infos (Project Name, Project ID and Project number)
+        
+        [Project Info](https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects)
+        
+        ## Get Your Service Account Key(JSON)
+        
+        Generate Your JSON Service Account Key.
+        
+        [Service Account Key](https://cloud.google.com/docs/authentication/getting-started)
+
+
+      ko: |
+        # Google Cloud 시작 가이드
+
+        ## Project 정보 확인하기
+
+        프로젝트 명, 프로젝트 아이디, 프로젝트 번호 등의 프로젝트 정보 확인하기
+
+        [Project Info](https://cloud.google.com/resource-manager/docs/creating-managing-projects?hl=ko#identifying_projects)
+
+        ## 서비스 어카운트 키(JSON) 받기
+
+        JSON 포멧의 서비스 어카운트 키를 생성하기.
+
+        [Service Account Key](https://cloud.google.com/docs/authentication/getting-started?hl=ko)
+
+