Class: ManageIQ::ApplianceConsole::ExternalAuthOptions
- Inherits:
-
Object
- Object
- ManageIQ::ApplianceConsole::ExternalAuthOptions
show all
- Includes:
- Logging
- Defined in:
- lib/manageiq/appliance_console/external_auth_options.rb
Constant Summary
collapse
- AUTH_PATH =
"/authentication".freeze
- EXT_AUTH_OPTIONS =
{
"#{AUTH_PATH}/sso_enabled" => {:label => "Single Sign-On", :logic => true},
"#{AUTH_PATH}/saml_enabled" => {:label => "SAML", :logic => true},
"#{AUTH_PATH}/oidc_enabled" => {:label => "OIDC", :logic => true},
"#{AUTH_PATH}/local_login_disabled" => {:label => "Local Login for SAML or OIDC", :logic => false}
}.freeze
Class Method Summary
collapse
Instance Method Summary
collapse
Methods included from Logging
#error_and_logging_from_command_result_error, #error_and_logging_from_standard_error, #interactive, #interactive=, interactive?, #interactive?, #log_and_feedback, #log_and_feedback_exception, #log_and_feedback_info, #log_error, #log_prefix, #logger, #logger=, #say_error, #say_info
Constructor Details
Returns a new instance of ExternalAuthOptions.
18
19
20
21
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 18
def initialize
@updates = {}
@current_config = {}
end
|
Class Method Details
145
146
147
148
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 145
def self.configured?
true
end
|
Instance Method Details
#any_updates? ⇒ Boolean
75
76
77
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 75
def any_updates?
@updates.present?
end
|
#ask_questions ⇒ Object
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 23
def ask_questions
@current_config = load_current
apply = EXT_AUTH_OPTIONS.keys.count + 1
skip = apply + 1
selection = 0
while selection < apply
say("\nExternal Authentication Options:")
cnt = 1
EXT_AUTH_OPTIONS.keys.each do |key|
current_state = selected_value(key)
say("#{cnt}) #{selected_verb(key, !current_state)} #{EXT_AUTH_OPTIONS[key][:label]}")
cnt += 1
end
say("#{apply}) Apply updates")
say("#{skip}) Skip updates")
show_updates
selection = ask_for_integer("option number to apply", 1..skip)
if selection < apply
key = EXT_AUTH_OPTIONS.keys[selection - 1]
@updates[key] = !selected_value(key)
end
end
@updates = {} if selection == skip
@updates = {} unless validate_provider_type
true
end
|
117
118
119
120
121
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 117
def configure_none!(params)
params << "/authentication/oidc_enabled=false"
params << "/authentication/saml_enabled=false"
params << "/authentication/provider_type=none"
end
|
112
113
114
115
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 112
def configure_oidc!(params)
params << "/authentication/saml_enabled=false"
params << "/authentication/provider_type=oidc"
end
|
95
96
97
98
99
100
101
102
103
104
105
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 95
def configure_provider_type!(params)
if params.include?("/authentication/saml_enabled=true")
configure_saml!(params)
elsif params.include?("/authentication/oidc_enabled=true")
configure_oidc!(params)
elsif params.include?("/authentication/oidc_enabled=false") || params.include?("/authentication/saml_enabled=false")
configure_none!(params)
else
params
end
end
|
107
108
109
110
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 107
def configure_saml!(params)
params << "/authentication/oidc_enabled=false"
params << "/authentication/provider_type=saml"
end
|
#parse(options) ⇒ Object
extauth_opts option parser: syntax is key=value,key=value
key is one of the EXT_AUTH_OPTIONS keys.
value is one of 1, true, 0 or false.
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 127
def parse(options)
parsed_updates = {}
options.split(",").each do |keyval|
key, val = keyval.split('=')
key, val = normalize_key(key.to_s.strip), val.to_s.strip
unless EXT_AUTH_OPTIONS.key?(key)
message = "Unknown external authentication option #{key} specified"
message << ", supported options are #{EXT_AUTH_OPTIONS.keys.join(', ')}"
raise message
end
value = option_value(val)
raise("Invalid #{key} option value #{val} specified, must be true or false") if value.nil?
parsed_updates[key] = value
end
parsed_updates
end
|
#selected_value(key) ⇒ Object
61
62
63
64
65
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 61
def selected_value(key)
return @updates[key] if @updates.key?(key)
return @current_config[key] if @current_config.key?(key)
false
end
|
#selected_verb(key, flag) ⇒ Object
67
68
69
70
71
72
73
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 67
def selected_verb(key, flag)
if EXT_AUTH_OPTIONS[key][:logic]
flag ? "Enable" : "Disable"
else
flag ? "Disable" : "Enable"
end
end
|
#show_updates ⇒ Object
50
51
52
53
54
55
56
57
58
59
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 50
def show_updates
updates_todo = ""
EXT_AUTH_OPTIONS.keys.each do |key|
next unless @updates.key?(key)
updates_todo << ", " if updates_todo.present?
updates_todo << " #{selected_verb(key, @updates[key])} #{EXT_AUTH_OPTIONS[key][:label]}"
end
updates_to_apply = updates_todo.present? ? "Updates to apply: #{updates_todo}" : ""
say("\n#{updates_to_apply}")
end
|
#update_configuration(update_hash = nil) ⇒ Object
79
80
81
82
83
84
85
86
87
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 79
def update_configuration(update_hash = nil)
update_hash ||= @updates
if update_hash.present?
say("\nUpdating external authentication options on appliance ...")
params = update_hash.collect { |key, value| "#{key}=#{value}" }
params = configure_provider_type!(params)
ManageIQ::ApplianceConsole::Utilities.rake_run!("evm:settings:set", params)
end
end
|
#validate_provider_type ⇒ Object
89
90
91
92
93
|
# File 'lib/manageiq/appliance_console/external_auth_options.rb', line 89
def validate_provider_type
return true unless @updates["/authentication/oidc_enabled"] == true && @updates["/authentication/saml_enabled"] == true
say("\Error: Both SAML and OIDC can not be enabled ...")
false
end
|