mirror of
https://github.com/kemko/nomad.git
synced 2026-01-06 18:35:44 +03:00
872bb4f2fe
The OIDC provider cache is used by the RPC handler as the OIDC implementation keeps long lived processes running. These process include connections to the remote OIDC provider. The Callback server is used by the CLI and starts when the login command is triggered. This callback server includes success HTML which is displayed when the user successfully logs into the remote OIDC provider.
37 lines
941 B
Go
37 lines
941 B
Go
package oidc
|
|
|
|
import (
|
|
"github.com/hashicorp/nomad/nomad/structs"
|
|
)
|
|
|
|
type Identity struct {
|
|
// Claims is the format of this Identity suitable for selection
|
|
// with a binding rule.
|
|
Claims interface{}
|
|
|
|
// ClaimMappings is the format of this Identity suitable for interpolation in a
|
|
// bind name within a binding rule.
|
|
ClaimMappings map[string]string
|
|
}
|
|
|
|
// NewIdentity builds a new Identity that can be used to generate bindings via
|
|
// Bind for ACL token creation.
|
|
func NewIdentity(
|
|
authMethodConfig *structs.ACLAuthMethodConfig, authClaims *structs.ACLAuthClaims) *Identity {
|
|
|
|
claimMappings := make(map[string]string)
|
|
|
|
// Populate claimMappings vars with empty values so HIL works.
|
|
for _, k := range authMethodConfig.ClaimMappings {
|
|
claimMappings["value."+k] = ""
|
|
}
|
|
for k, val := range authClaims.Value {
|
|
claimMappings["value."+k] = val
|
|
}
|
|
|
|
return &Identity{
|
|
Claims: authClaims,
|
|
ClaimMappings: claimMappings,
|
|
}
|
|
}
|