Esempio n. 1
0
def test_google_disabled():
    config = {
        'GOOGLE_LOGIN_CONFIG': {},
    }

    loginmanager = OAuthLoginManager(config)
    assert len(loginmanager.services) == 0
Esempio n. 2
0
    def validate(cls, validator_context):
        config = validator_context.config
        client = validator_context.http_client

        login_manager = OAuthLoginManager(config, client=client)
        for service in login_manager.services:
            if not isinstance(service, OIDCLoginService):
                continue

            if service.config.get('OIDC_SERVER') is None:
                msg = 'Missing OIDC_SERVER on OIDC service %s' % service.service_id(
                )
                raise ConfigValidationException(msg)

            if service.config.get('CLIENT_ID') is None:
                msg = 'Missing CLIENT_ID on OIDC service %s' % service.service_id(
                )
                raise ConfigValidationException(msg)

            if service.config.get('CLIENT_SECRET') is None:
                msg = 'Missing CLIENT_SECRET on OIDC service %s' % service.service_id(
                )
                raise ConfigValidationException(msg)

            try:
                if not service.validate():
                    msg = 'Could not validate OIDC service %s' % service.service_id(
                    )
                    raise ConfigValidationException(msg)
            except DiscoveryFailureException as dfe:
                msg = 'Could not validate OIDC service %s: %s' % (
                    service.service_id(), dfe.message)
                raise ConfigValidationException(msg)
Esempio n. 3
0
def test_github_disabled():
    config = {
        'GITHUB_LOGIN_CONFIG': {},
    }

    loginmanager = OAuthLoginManager(config)
    assert len(loginmanager.services) == 0
Esempio n. 4
0
def test_login_manager_github():
    config = {
        'FEATURE_GITHUB_LOGIN': True,
        'GITHUB_LOGIN_CONFIG': {},
    }

    loginmanager = OAuthLoginManager(config)
    assert len(loginmanager.services) == 1
    assert isinstance(loginmanager.services[0], GithubOAuthService)
Esempio n. 5
0
def test_oidc():
    config = {
        'SOMECOOL_LOGIN_CONFIG': {},
        'HTTPCLIENT': None,
    }

    loginmanager = OAuthLoginManager(config)
    assert len(loginmanager.services) == 1
    assert isinstance(loginmanager.services[0], OIDCLoginService)
Esempio n. 6
0
def test_login_manager_google():
    config = {
        'FEATURE_GOOGLE_LOGIN': True,
        'GOOGLE_LOGIN_CONFIG': {},
    }

    loginmanager = OAuthLoginManager(config)
    assert len(loginmanager.services) == 1
    assert isinstance(loginmanager.services[0], GoogleOAuthService)
Esempio n. 7
0
def test_multiple_oidc():
    config = {
        "SOMECOOL_LOGIN_CONFIG": {},
        "ANOTHER_LOGIN_CONFIG": {},
        "HTTPCLIENT": None,
    }

    loginmanager = OAuthLoginManager(config)
    assert len(loginmanager.services) == 2
    assert isinstance(loginmanager.services[0], OIDCLoginService)
    assert isinstance(loginmanager.services[1], OIDCLoginService)
Esempio n. 8
0
    def validate(cls, validator_context):
        config = validator_context.config
        client = validator_context.http_client

        if not config.get("FEATURE_DIRECT_LOGIN", True):
            # Make sure we have at least one OIDC enabled.
            github_login = config.get("FEATURE_GITHUB_LOGIN", False)
            google_login = config.get("FEATURE_GOOGLE_LOGIN", False)

            login_manager = OAuthLoginManager(config, client=client)
            custom_oidc = [
                s for s in login_manager.services
                if isinstance(s, OIDCLoginService)
            ]

            if not github_login and not google_login and not custom_oidc:
                msg = "Cannot disable credentials login to UI without configured OIDC service"
                raise ConfigValidationException(msg)

        if not config.get("FEATURE_USER_CREATION", True) and config.get(
                "FEATURE_INVITE_ONLY_USER_CREATION", False):
            msg = "Invite only user creation requires user creation to be enabled"
            raise ConfigValidationException(msg)
Esempio n. 9
0
user_analytics = UserAnalytics(app)
billing = Billing(app)
sentry = Sentry(app)
build_logs = BuildLogs(app)
authentication = UserAuthentication(app, config_provider, OVERRIDE_CONFIG_DIRECTORY)
userevents = UserEventsBuilderModule(app)
superusers = SuperUserManager(app)
signer = Signer(app, config_provider)
instance_keys = InstanceKeys(app)
label_validator = LabelValidator(app)
build_canceller = BuildCanceller(app)

github_trigger = GithubOAuthService(app.config, "GITHUB_TRIGGER_CONFIG")
gitlab_trigger = GitLabOAuthService(app.config, "GITLAB_TRIGGER_CONFIG")

oauth_login = OAuthLoginManager(app.config)
oauth_apps = [github_trigger, gitlab_trigger]

image_replication_queue = WorkQueue(app.config["REPLICATION_QUEUE_NAME"], tf, has_namespace=False)
dockerfile_build_queue = WorkQueue(
    app.config["DOCKERFILE_BUILD_QUEUE_NAME"], tf, has_namespace=True
)
notification_queue = WorkQueue(app.config["NOTIFICATION_QUEUE_NAME"], tf, has_namespace=True)
secscan_notification_queue = WorkQueue(
    app.config["SECSCAN_NOTIFICATION_QUEUE_NAME"], tf, has_namespace=False
)
export_action_logs_queue = WorkQueue(
    app.config["EXPORT_ACTION_LOGS_QUEUE_NAME"], tf, has_namespace=True
)

repository_gc_queue = WorkQueue(app.config["REPOSITORY_GC_QUEUE_NAME"], tf, has_namespace=True)