Improve auth redirect optioin

kubesphere-sigs · Jan 11, 2021 · 2c55d5d · 2c55d5d
1 parent 9830834
commit 2c55d5d
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 12 deletions.
diff --git a/kubectl-plugin/auth/aliyun.go b/kubectl-plugin/auth/aliyun.go
@@ -15,8 +15,8 @@ provider:
     userInfoUrl: "https://huedxurbjj.login.aliyunidaas.com/api/bff/v1.2/oauth2/userinfo"
     authURL: "https://huedxurbjj.login.aliyunidaas.com/oauth/authorize"
     tokenURL: "https://huedxurbjj.login.aliyunidaas.com/oauth/token"
-  redirectURL: "%s"
+  redirectURL: "%s/auth/redirect"
   scopes:
   - read
-`, opt.ClientID, opt.ClientSecret, opt.RedirectURL)
+`, opt.ClientID, opt.ClientSecret, opt.Host)
 }
diff --git a/kubectl-plugin/auth/gitee.go b/kubectl-plugin/auth/gitee.go
@@ -14,7 +14,8 @@ provider:
   endpoint:
     authURL: 'https://gitee.com/oauth/authorize'
     tokenURL: 'https://gitee.com/oauth/token'
+  redirectURL: %s/auth/redirect
   scopes:
   - user_info
-`, opt.ClientID, opt.ClientSecret, opt.RedirectURL)
+`, opt.ClientID, opt.ClientSecret, opt.Host)
 }
diff --git a/kubectl-plugin/auth/github.go b/kubectl-plugin/auth/github.go
@@ -10,11 +10,11 @@ mappingMethod: auto
 provider:
   clientID: %s
   clientSecret: %s
-  redirectURL: "%s"
   endpoint:
     authURL: 'https://github.com/login/oauth/authorize'
     tokenURL: 'https://github.com/login/oauth/access_token'
+  redirectURL: %s/auth/redirect
   scopes:
   - user
-`, opt.ClientID, opt.ClientSecret, opt.RedirectURL)
+`, opt.ClientID, opt.ClientSecret, opt.Host)
 }
diff --git a/kubectl-plugin/auth/root.go b/kubectl-plugin/auth/root.go
@@ -19,6 +19,7 @@ func NewAuthCmd(client dynamic.Interface) (cmd *cobra.Command) {
 
 	cmd = &cobra.Command{
 		Use:     "auth",
+		Short:   "Add addition auth configuration into kubesphere-config",
 		PreRunE: opt.preRunE,
 		Example: `
 subjects:
@@ -30,10 +31,14 @@ subjects:
 	}
 
 	flags := cmd.Flags()
-	flags.StringVarP(&opt.Type, "type", "t", "", "")
-	flags.StringVarP(&opt.ClientID, "client-id", "", "", "")
-	flags.StringVarP(&opt.ClientSecret, "client-secret", "", "", "")
-	flags.StringVarP(&opt.RedirectURL, "redirectURL", "", "", "")
+	flags.StringVarP(&opt.Type, "type", "t", "",
+		"The oAuth provider, supported: GitHub, Aliyun, Gitee")
+	flags.StringVarP(&opt.ClientID, "client-id", "", "",
+		"The client id which you can find it from the oAuth provider")
+	flags.StringVarP(&opt.ClientSecret, "client-secret", "", "",
+		"The client secret which you can find it from the oAuth provider")
+	flags.StringVarP(&opt.Host, "host", "", "",
+		"The host of KubeSphere")
 	return
 }
 
@@ -44,12 +49,17 @@ type authOption struct {
 
 	ClientID     string
 	ClientSecret string
-	RedirectURL  string
+	Host         string
 }
 
 func (o *authOption) preRunE(cmd *cobra.Command, args []string) (err error) {
-	if o.ClientID == "" || o.ClientSecret == "" || o.RedirectURL == "" {
-		return fmt.Errorf("ClientID, ClientSecret, RedirectURL cannot be empty")
+	if o.ClientID == "" || o.ClientSecret == "" || o.Host == "" {
+		return fmt.Errorf("ClientID, ClientSecret, Host cannot be empty")
+	}
+
+	// make sure the host has prefix http or https
+	if !strings.HasPrefix(o.Host, "http://") && !strings.HasPrefix(o.Host, "https://") {
+		o.Host = fmt.Sprintf("http://%s", o.Host)
 	}
 
 	switch o.Type {