updated email domains to email address patterns

2024-11-21 23:53:19 +01:00 · 2024-02-14 13:38:19 -06:00 · 2024-02-14 13:38:19 -06:00 · 28f6b9f57b
commit 28f6b9f57b
parent 2411a29d3e
15 changed files with 60 additions and 56 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,8 +1,9 @@
 # CHANGELOG

-## v0.4.23
+## v0.4.25

-FEATURE: Public share oauth email domains now takes a glob to match against. 
+FEATURE: Public share oauth email domains renamed to `email address patterns`. These now take a glob to match against.
+Old `zrok share` and `zrok reserve` flag: `oauth-email-domains`. Changed to: `oauth-email-address-patterns`.

 ## v0.4.23

--- a/cmd/zrok/reserve.go
+++ b/cmd/zrok/reserve.go
@ -18,15 +18,15 @@ func init() {
 }

 type reserveCommand struct {
-	uniqueName         string
-	basicAuth          []string
-	frontendSelection  []string
-	backendMode        string
-	jsonOutput         bool
-	oauthProvider      string
-	oauthEmailDomains  []string
-	oauthCheckInterval time.Duration
-	cmd                *cobra.Command
+	uniqueName                string
+	basicAuth                 []string
+	frontendSelection         []string
+	backendMode               string
+	jsonOutput                bool
+	oauthProvider             string
+	oauthEmailAddressPatterns []string
+	oauthCheckInterval        time.Duration
+	cmd                       *cobra.Command
 }

 func newReserveCommand() *reserveCommand {
@ -42,7 +42,7 @@ func newReserveCommand() *reserveCommand {
 	cmd.Flags().BoolVarP(&command.jsonOutput, "json-output", "j", false, "Emit JSON describing the created reserved share")
 	cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
 	cmd.Flags().StringVar(&command.oauthProvider, "oauth-provider", "", "Enable OAuth provider [google, github]")
-	cmd.Flags().StringArrayVar(&command.oauthEmailDomains, "oauth-email-domains", []string{}, "Allow only these email domains to authenticate via OAuth")
+	cmd.Flags().StringArrayVar(&command.oauthEmailAddressPatterns, "oauth-email-address-patterns", []string{}, "Allow only these email domains to authenticate via OAuth")
 	cmd.Flags().DurationVar(&command.oauthCheckInterval, "oauth-check-interval", 3*time.Hour, "Maximum lifetime for OAuth authentication; reauthenticate after expiry")
 	cmd.MarkFlagsMutuallyExclusive("basic-auth", "oauth-provider")

@ -116,7 +116,7 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
 			tui.Error("--oauth-provider only supported for public shares", nil)
 		}
 		req.OauthProvider = cmd.oauthProvider
-		req.OauthEmailDomains = cmd.oauthEmailDomains
+		req.OauthEmailAddressPatterns = cmd.oauthEmailAddressPatterns
 		req.OauthAuthorizationCheckInterval = cmd.oauthCheckInterval
 	}
 	shr, err := sdk.CreateShare(env, req)
--- a/cmd/zrok/sharePublic.go
+++ b/cmd/zrok/sharePublic.go
@ -25,15 +25,15 @@ func init() {
 }

 type sharePublicCommand struct {
-	basicAuth          []string
-	frontendSelection  []string
-	backendMode        string
-	headless           bool
-	insecure           bool
-	oauthProvider      string
-	oauthEmailDomains  []string
-	oauthCheckInterval time.Duration
-	cmd                *cobra.Command
+	basicAuth                 []string
+	frontendSelection         []string
+	backendMode               string
+	headless                  bool
+	insecure                  bool
+	oauthProvider             string
+	oauthEmailAddressPatterns []string
+	oauthCheckInterval        time.Duration
+	cmd                       *cobra.Command
 }

 func newSharePublicCommand() *sharePublicCommand {
@ -50,7 +50,7 @@ func newSharePublicCommand() *sharePublicCommand {

 	cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
 	cmd.Flags().StringVar(&command.oauthProvider, "oauth-provider", "", "Enable OAuth provider [google, github]")
-	cmd.Flags().StringArrayVar(&command.oauthEmailDomains, "oauth-email-domains", []string{}, "Allow only these email domain globs to authenticate via OAuth")
+	cmd.Flags().StringArrayVar(&command.oauthEmailAddressPatterns, "oauth-email-address-patterns", []string{}, "Allow only these email domain globs to authenticate via OAuth")
 	cmd.Flags().DurationVar(&command.oauthCheckInterval, "oauth-check-interval", 3*time.Hour, "Maximum lifetime for OAuth authentication; reauthenticate after expiry")
 	cmd.MarkFlagsMutuallyExclusive("basic-auth", "oauth-provider")

@ -115,10 +115,10 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 	}
 	if cmd.oauthProvider != "" {
 		req.OauthProvider = cmd.oauthProvider
-		req.OauthEmailDomains = cmd.oauthEmailDomains
+		req.OauthEmailAddressPatterns = cmd.oauthEmailAddressPatterns
 		req.OauthAuthorizationCheckInterval = cmd.oauthCheckInterval

-		for _, g := range cmd.oauthEmailDomains {
+		for _, g := range cmd.oauthEmailAddressPatterns {
 			_, err := glob.Compile(g)
 			if err != nil {
 				if !panicInstead {
--- a/controller/sharePrivate.go
+++ b/controller/sharePrivate.go
@ -27,7 +27,7 @@ func (a *privateResourceAllocator) allocate(envZId, shrToken string, params shar
 		BasicAuthUsers: authUsers,
 		Oauth: &sdk.OauthConfig{
 			Provider:                   params.Body.OauthProvider,
-			EmailDomains:               params.Body.OauthEmailDomains,
+			EmailDomains:               params.Body.OauthEmailAddressPatterns,
 			AuthorizationCheckInterval: params.Body.OauthAuthorizationCheckInterval,
 		},
 	}
--- a/controller/sharePublic.go
+++ b/controller/sharePublic.go
@ -27,7 +27,7 @@ func (a *publicResourceAllocator) allocate(envZId, shrToken string, frontendZIds
 		BasicAuthUsers: authUsers,
 		Oauth: &sdk.OauthConfig{
 			Provider:                   params.Body.OauthProvider,
-			EmailDomains:               params.Body.OauthEmailDomains,
+			EmailDomains:               params.Body.OauthEmailAddressPatterns,
 			AuthorizationCheckInterval: params.Body.OauthAuthorizationCheckInterval,
 		},
 	}
--- a/rest_model_zrok/share_request.go
+++ b/rest_model_zrok/share_request.go
@ -43,8 +43,8 @@ type ShareRequest struct {
 	// oauth authorization check interval
 	OauthAuthorizationCheckInterval string `json:"oauthAuthorizationCheckInterval,omitempty"`

-	// oauth email domains
-	OauthEmailDomains []string `json:"oauthEmailDomains"`
+	// oauth email address patterns
+	OauthEmailAddressPatterns []string `json:"oauthEmailAddressPatterns"`

 	// oauth provider
 	// Enum: [github google]
--- a/rest_server_zrok/embedded_spec.go
+++ b/rest_server_zrok/embedded_spec.go
@ -1494,7 +1494,7 @@ func init() {
        "oauthAuthorizationCheckInterval": {
          "type": "string"
        },
-        "oauthEmailDomains": {
+        "oauthEmailAddressPatterns": {
          "type": "array",
          "items": {
            "type": "string"
@ -3117,7 +3117,7 @@ func init() {
        "oauthAuthorizationCheckInterval": {
          "type": "string"
        },
-        "oauthEmailDomains": {
+        "oauthEmailAddressPatterns": {
          "type": "array",
          "items": {
            "type": "string"
--- a/sdk/golang/sdk/model.go
+++ b/sdk/golang/sdk/model.go
@ -29,7 +29,7 @@ type ShareRequest struct {
 	Frontends                       []string
 	BasicAuth                       []string
 	OauthProvider                   string
-	OauthEmailDomains               []string
+	OauthEmailAddressPatterns       []string
 	OauthAuthorizationCheckInterval time.Duration
 }

--- a/sdk/golang/sdk/share.go
+++ b/sdk/golang/sdk/share.go
@ -84,7 +84,7 @@ func newPublicShare(root env_core.Root, request *ShareRequest) *share.ShareParam
 		BackendMode:                     string(request.BackendMode),
 		BackendProxyEndpoint:            request.Target,
 		AuthScheme:                      string(None),
-		OauthEmailDomains:               request.OauthEmailDomains,
+		OauthEmailAddressPatterns:       request.OauthEmailAddressPatterns,
 		OauthProvider:                   request.OauthProvider,
 		OauthAuthorizationCheckInterval: request.OauthAuthorizationCheckInterval.String(),
 	}
--- a/sdk/python/sdk/zrok/.swagger-codegen/VERSION
+++ b/sdk/python/sdk/zrok/.swagger-codegen/VERSION
@ -1 +1 @@
-3.0.51
+3.0.52
--- a/sdk/python/sdk/zrok/zrok_api/configuration.py
+++ b/sdk/python/sdk/zrok/zrok_api/configuration.py
@ -219,9 +219,12 @@ class Configuration(six.with_metaclass(TypeWithDefault, object)):

        :return: The token for basic HTTP authentication.
        """
-        return urllib3.util.make_headers(
-            basic_auth=self.username + ':' + self.password
-        ).get('authorization')
+        token = ""
+        if self.username or self.password:
+            token = urllib3.util.make_headers(
+                basic_auth=self.username + ':' + self.password
+            ).get('authorization')
+        return token

    def auth_settings(self):
        """Gets Auth Settings dict for api client.
--- a/sdk/python/sdk/zrok/zrok_api/models/share_request.py
+++ b/sdk/python/sdk/zrok/zrok_api/models/share_request.py
@ -36,7 +36,7 @@ class ShareRequest(object):
        'auth_scheme': 'str',
        'auth_users': 'list[AuthUser]',
        'oauth_provider': 'str',
-        'oauth_email_domains': 'list[str]',
+        'oauth_email_address_patterns': 'list[str]',
        'oauth_authorization_check_interval': 'str',
        'reserved': 'bool',
        'unique_name': 'str'
@ -51,13 +51,13 @@ class ShareRequest(object):
        'auth_scheme': 'authScheme',
        'auth_users': 'authUsers',
        'oauth_provider': 'oauthProvider',
-        'oauth_email_domains': 'oauthEmailDomains',
+        'oauth_email_address_patterns': 'oauthEmailAddressPatterns',
        'oauth_authorization_check_interval': 'oauthAuthorizationCheckInterval',
        'reserved': 'reserved',
        'unique_name': 'uniqueName'
    }

-    def __init__(self, env_zid=None, share_mode=None, frontend_selection=None, backend_mode=None, backend_proxy_endpoint=None, auth_scheme=None, auth_users=None, oauth_provider=None, oauth_email_domains=None, oauth_authorization_check_interval=None, reserved=None, unique_name=None):  # noqa: E501
+    def __init__(self, env_zid=None, share_mode=None, frontend_selection=None, backend_mode=None, backend_proxy_endpoint=None, auth_scheme=None, auth_users=None, oauth_provider=None, oauth_email_address_patterns=None, oauth_authorization_check_interval=None, reserved=None, unique_name=None):  # noqa: E501
        """ShareRequest - a model defined in Swagger"""  # noqa: E501
        self._env_zid = None
        self._share_mode = None
@ -67,7 +67,7 @@ class ShareRequest(object):
        self._auth_scheme = None
        self._auth_users = None
        self._oauth_provider = None
-        self._oauth_email_domains = None
+        self._oauth_email_address_patterns = None
        self._oauth_authorization_check_interval = None
        self._reserved = None
        self._unique_name = None
@ -88,8 +88,8 @@ class ShareRequest(object):
            self.auth_users = auth_users
        if oauth_provider is not None:
            self.oauth_provider = oauth_provider
-        if oauth_email_domains is not None:
-            self.oauth_email_domains = oauth_email_domains
+        if oauth_email_address_patterns is not None:
+            self.oauth_email_address_patterns = oauth_email_address_patterns
        if oauth_authorization_check_interval is not None:
            self.oauth_authorization_check_interval = oauth_authorization_check_interval
        if reserved is not None:
@ -284,25 +284,25 @@ class ShareRequest(object):
        self._oauth_provider = oauth_provider

    @property
-    def oauth_email_domains(self):
-        """Gets the oauth_email_domains of this ShareRequest.  # noqa: E501
+    def oauth_email_address_patterns(self):
+        """Gets the oauth_email_address_patterns of this ShareRequest.  # noqa: E501


-        :return: The oauth_email_domains of this ShareRequest.  # noqa: E501
+        :return: The oauth_email_address_patterns of this ShareRequest.  # noqa: E501
        :rtype: list[str]
        """
-        return self._oauth_email_domains
+        return self._oauth_email_address_patterns

-    @oauth_email_domains.setter
-    def oauth_email_domains(self, oauth_email_domains):
-        """Sets the oauth_email_domains of this ShareRequest.
+    @oauth_email_address_patterns.setter
+    def oauth_email_address_patterns(self, oauth_email_address_patterns):
+        """Sets the oauth_email_address_patterns of this ShareRequest.


-        :param oauth_email_domains: The oauth_email_domains of this ShareRequest.  # noqa: E501
+        :param oauth_email_address_patterns: The oauth_email_address_patterns of this ShareRequest.  # noqa: E501
        :type: list[str]
        """

-        self._oauth_email_domains = oauth_email_domains
+        self._oauth_email_address_patterns = oauth_email_address_patterns

    @property
    def oauth_authorization_check_interval(self):
--- a/sdk/python/sdk/zrok/zrok_api/rest.py
+++ b/sdk/python/sdk/zrok/zrok_api/rest.py
@ -42,11 +42,11 @@ class RESTResponse(io.IOBase):

    def getheaders(self):
        """Returns a dictionary of the response headers."""
-        return self.urllib3_response.getheaders()
+        return self.urllib3_response.headers

    def getheader(self, name, default=None):
        """Returns a given response header."""
-        return self.urllib3_response.getheader(name, default)
+        return self.urllib3_response.headers.get(name, default)


 class RESTClientObject(object):
--- a/specs/zrok.yml
+++ b/specs/zrok.yml
@ -985,7 +985,7 @@ definitions:
      oauthProvider:
        type: string
        enum: ["github", "google"]
-      oauthEmailDomains:
+      oauthEmailAddressPatterns:
        type: array
        items:
          type: string
--- a/ui/src/api/types.js
+++ b/ui/src/api/types.js
@ -255,7 +255,7 @@
 * @property {string} authScheme 
 * @property {module:types.authUser[]} authUsers 
 * @property {string} oauthProvider 
- * @property {string[]} oauthEmailDomains 
+ * @property {string[]} oauthEmailAddressPatterns 
 * @property {string} oauthAuthorizationCheckInterval 
 * @property {boolean} reserved 
 * @property {string} uniqueName
 @ -1 +1 @@
 .0.51
 .0.52