forked from norcams/himlarcli
/
dataporten.py
executable file
·31 lines (26 loc) · 1.1 KB
/
dataporten.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#!/usr/bin/env python
""" Setup dataporten openid mapping """
import utils
from himlarcli.keystone import Keystone
from himlarcli import utils as himutils
options = utils.get_options('Setup dataporten openid mapping',
hosts=0, dry_run=True)
ksclient = Keystone(options.config, debug=options.debug)
# Domain should be create from hieradata
domain = ksclient.get_domain_id('dataporten')
rules = [{
"local": [{
"user": { "name": "{0}", "id": "{0}" },
"group": { "name": "{0}-group", "domain": { "id": domain } } }],
"remote": [{ "type": "OIDC-email" }, { "type": "OIDC-name" }]
}, {
"local": [{
"group": { "name": "nologin", "domain": { "id": domain } } }],
"remote": [{ "type": "OIDC-email" }, { "type": "OIDC-name" }]
}]
# Crate nologin group
desc = 'All authenticated users are mapped to nologin which has no role grants'
ksclient.create_group('nologin', desc, 'dataporten')
# Create provider, mapping and container to connect them
ksclient.set_mapping('dataporten_personal', rules)
ksclient.set_protocol('openidc', 'dataporten', 'dataporten_personal')