Skip to content

Commit

Permalink
feat: oauth2 support
Browse files Browse the repository at this point in the history
  • Loading branch information
adityathebe committed Oct 17, 2023
1 parent b53c5bd commit 6fe6095
Show file tree
Hide file tree
Showing 13 changed files with 175 additions and 76 deletions.
7 changes: 7 additions & 0 deletions api/v1/checks.go
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,11 @@ func (c Check) GetLabels() map[string]string {
return c.Labels
}

type Oauth2Config struct {
Scopes []string

Check failure on line 59 in api/v1/checks.go

View workflow job for this annotation

GitHub Actions / lint

encountered struct field "Scopes" without JSON tag in type "Oauth2Config"

Check failure on line 59 in api/v1/checks.go

View workflow job for this annotation

GitHub Actions / test

encountered struct field "Scopes" without JSON tag in type "Oauth2Config"
TokenURL string

Check failure on line 60 in api/v1/checks.go

View workflow job for this annotation

GitHub Actions / lint

encountered struct field "TokenURL" without JSON tag in type "Oauth2Config"

Check failure on line 60 in api/v1/checks.go

View workflow job for this annotation

GitHub Actions / test

encountered struct field "TokenURL" without JSON tag in type "Oauth2Config"
}

type HTTPCheck struct {
Description `yaml:",inline" json:",inline"`
Templatable `yaml:",inline" json:",inline"`
Expand Down Expand Up @@ -87,6 +92,8 @@ type HTTPCheck struct {
TemplateBody bool `yaml:"templateBody,omitempty" json:"templateBody,omitempty"`
// EnvVars are the environment variables that are accesible to templated body
EnvVars []types.EnvVar `yaml:"env,omitempty" json:"env,omitempty"`
// Oauth2 Configuration. The client ID & Client secret should go to username & password respectively.
Oauth2 *Oauth2Config `yaml:"oauth2,omitempty" json:"oauth2,omitempty"`
}

func (c HTTPCheck) GetType() string {
Expand Down
25 changes: 25 additions & 0 deletions api/v1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 5 additions & 3 deletions checks/http.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ import (
"github.com/PaesslerAG/jsonpath"
"github.com/flanksource/canary-checker/api/context"
"github.com/flanksource/commons/http"
"github.com/flanksource/commons/http/middlewares"
"github.com/flanksource/duty/models"
gomplate "github.com/flanksource/gomplate/v3"

Expand Down Expand Up @@ -79,6 +78,10 @@ func (c *HTTPChecker) generateHTTPRequest(ctx *context.Context, check v1.HTTPChe
client.Auth(connection.Username, connection.Password)
}

if check.Oauth2 != nil {
client.OAuth(connection.Username, connection.Password, check.Oauth2.TokenURL, check.Oauth2.Scopes...)
}

client.NTLM(check.NTLM)
client.NTLMV2(check.NTLMv2)

Expand All @@ -88,8 +91,7 @@ func (c *HTTPChecker) generateHTTPRequest(ctx *context.Context, check v1.HTTPChe

// TODO: Add finer controls over tracing to the canary
if ctx.IsTrace() {
tracedTransport := middlewares.NewTracedTransport().TraceAll(true).MaxBodyLength(512)
client.Use(tracedTransport.RoundTripper)
client.Trace(http.TraceConfig{MaxBodyLength: 512, Body: true, Headers: true, ResponseHeaders: true})
}

return client.R(ctx), nil
Expand Down
3 changes: 3 additions & 0 deletions config/deploy/crd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3161,6 +3161,9 @@ spec:
ntlmv2:
description: NTLM when set to true will do authentication using NTLM v2 protocol
type: boolean
oauth2:
description: Oauth2 Configuration. The client ID & Client secret should go to username & password respectively.
type: object
password:
properties:
name:
Expand Down
3 changes: 3 additions & 0 deletions config/deploy/manifests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3161,6 +3161,9 @@ spec:
ntlmv2:
description: NTLM when set to true will do authentication using NTLM v2 protocol
type: boolean
oauth2:
description: Oauth2 Configuration. The client ID & Client secret should go to username & password respectively.
type: object
password:
properties:
name:
Expand Down
22 changes: 22 additions & 0 deletions config/schemas/canary.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -1703,6 +1703,9 @@
"$ref": "#/$defs/EnvVar"
},
"type": "array"
},
"oauth2": {
"$ref": "#/$defs/Oauth2Config"
}
},
"additionalProperties": false,
Expand Down Expand Up @@ -2364,6 +2367,25 @@
"podSpec"
]
},
"Oauth2Config": {
"properties": {
"Scopes": {
"items": {
"type": "string"
},
"type": "array"
},
"TokenURL": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object",
"required": [
"Scopes",
"TokenURL"
]
},
"ObjectFieldSelector": {
"properties": {
"apiVersion": {
Expand Down
22 changes: 22 additions & 0 deletions config/schemas/component.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -1915,6 +1915,9 @@
"$ref": "#/$defs/EnvVar"
},
"type": "array"
},
"oauth2": {
"$ref": "#/$defs/Oauth2Config"
}
},
"additionalProperties": false,
Expand Down Expand Up @@ -2626,6 +2629,25 @@
"podSpec"
]
},
"Oauth2Config": {
"properties": {
"Scopes": {
"items": {
"type": "string"
},
"type": "array"
},
"TokenURL": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object",
"required": [
"Scopes",
"TokenURL"
]
},
"ObjectFieldSelector": {
"properties": {
"apiVersion": {
Expand Down
22 changes: 22 additions & 0 deletions config/schemas/health_http.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,9 @@
"$ref": "#/$defs/EnvVar"
},
"type": "array"
},
"oauth2": {
"$ref": "#/$defs/Oauth2Config"
}
},
"additionalProperties": false,
Expand Down Expand Up @@ -213,6 +216,25 @@
"additionalProperties": false,
"type": "object"
},
"Oauth2Config": {
"properties": {
"Scopes": {
"items": {
"type": "string"
},
"type": "array"
},
"TokenURL": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object",
"required": [
"Scopes",
"TokenURL"
]
},
"SecretKeySelector": {
"properties": {
"name": {
Expand Down
22 changes: 22 additions & 0 deletions config/schemas/topology.schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -1885,6 +1885,9 @@
"$ref": "#/$defs/EnvVar"
},
"type": "array"
},
"oauth2": {
"$ref": "#/$defs/Oauth2Config"
}
},
"additionalProperties": false,
Expand Down Expand Up @@ -2596,6 +2599,25 @@
"podSpec"
]
},
"Oauth2Config": {
"properties": {
"Scopes": {
"items": {
"type": "string"
},
"type": "array"
},
"TokenURL": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object",
"required": [
"Scopes",
"TokenURL"
]
},
"ObjectFieldSelector": {
"properties": {
"apiVersion": {
Expand Down
16 changes: 8 additions & 8 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ require (
github.com/eko/gocache/store/bigcache/v4 v4.2.1
github.com/elastic/go-elasticsearch/v8 v8.10.0
github.com/fergusstrange/embedded-postgres v1.24.0
github.com/flanksource/commons v1.14.1
github.com/flanksource/commons v1.15.0
github.com/flanksource/duty v1.0.191
github.com/flanksource/gomplate/v3 v3.20.18
github.com/flanksource/is-healthy v0.0.0-20231003215854-76c51e3a3ff7
Expand Down Expand Up @@ -62,14 +62,12 @@ require (
github.com/sevennt/echo-pprof v0.1.1-0.20220616082843-66a461746b5f
github.com/spf13/cobra v1.7.0
github.com/spf13/pflag v1.0.5
github.com/vadimi/go-http-ntlm v1.0.3
github.com/vadimi/go-http-ntlm/v2 v2.4.1
go.mongodb.org/mongo-driver v1.12.1
golang.org/x/crypto v0.14.0
golang.org/x/net v0.17.0
golang.org/x/sync v0.4.0
google.golang.org/api v0.147.0
google.golang.org/genproto v0.0.0-20231012201019-e917dd12ba7a
google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b
gopkg.in/flanksource/yaml.v3 v3.2.3
gorm.io/gorm v1.25.4
gorm.io/plugin/prometheus v0.0.0-20230504115745-1aec2356381b
Expand Down Expand Up @@ -97,7 +95,7 @@ require (
github.com/antonmedv/expr v1.15.3 // indirect
github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
github.com/aws/aws-sdk-go v1.45.25 // indirect
github.com/aws/aws-sdk-go v1.45.26 // indirect
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.13 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.11 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.41 // indirect
Expand Down Expand Up @@ -183,7 +181,7 @@ require (
github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/klauspost/compress v1.17.0 // indirect
github.com/klauspost/compress v1.17.1 // indirect
github.com/kr/fs v0.1.0 // indirect
github.com/kr/pretty v0.3.1 // indirect
github.com/kr/text v0.2.0 // indirect
Expand Down Expand Up @@ -218,6 +216,8 @@ require (
github.com/tidwall/pretty v1.2.1 // indirect
github.com/ugorji/go/codec v1.2.11 // indirect
github.com/ulikunitz/xz v0.5.11 // indirect
github.com/vadimi/go-http-ntlm v1.0.3 // indirect
github.com/vadimi/go-http-ntlm/v2 v2.4.1 // indirect
github.com/vadimi/go-ntlm v1.2.1 // indirect
github.com/valyala/bytebufferpool v1.0.0 // indirect
github.com/valyala/fasttemplate v1.2.2 // indirect
Expand Down Expand Up @@ -249,8 +249,8 @@ require (
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
google.golang.org/appengine v1.6.8 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20231012201019-e917dd12ba7a // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20231012201019-e917dd12ba7a // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b // indirect
google.golang.org/grpc v1.58.3 // indirect
google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
Expand Down
Loading

0 comments on commit 6fe6095

Please sign in to comment.