Support iamconfig in rest model (#42)

Author: droid42

api/rest/mapper/mapper.go

@@ -11,17 +11,47 @@ import (
 	"google.golang.org/protobuf/types/known/wrapperspb"
 )
 
-func ToMdmV1Tenant(p *v1.Tenant) *mdmv1.Tenant {
-	if p == nil {
+func ToMdmV1Tenant(t *v1.Tenant) *mdmv1.Tenant {
+	if t == nil {
 		return nil
 	}
 
 	return &mdmv1.Tenant{
-		Meta:          ToMdmV1Meta(p.Meta),
-		Name:          p.Name,
-		Description:   p.Description,
-		Quotas:        ToMdmV1QuotaSet(p.Quotas),
-		DefaultQuotas: ToMdmV1QuotaSet(p.DefaultQuotas),
+		Meta:          ToMdmV1Meta(t.Meta),
+		Name:          t.Name,
+		Description:   t.Description,
+		Quotas:        ToMdmV1QuotaSet(t.Quotas),
+		DefaultQuotas: ToMdmV1QuotaSet(t.DefaultQuotas),
+		IamConfig:     ToMdmV1IamConfig(t.IAMConfig),
+	}
+}
+
+func ToMdmV1IamConfig(i *v1.IAMConfig) *mdmv1.IAMConfig {
+	if i == nil {
+		return nil
+	}
+	return &mdmv1.IAMConfig{
+		IssuerConfig: ToMdmV1IssuerConfig(i.IssuerConfig),
+		IdmConfig:    ToMdmV1IDMConfig(i.IDMConfig),
+	}
+}
+
+func ToMdmV1IssuerConfig(i *v1.IssuerConfig) *mdmv1.IssuerConfig {
+	if i == nil {
+		return nil
+	}
+	return &mdmv1.IssuerConfig{
+		Url:      i.URL,
+		ClientId: i.ClientID,
+	}
+}
+
+func ToMdmV1IDMConfig(i *v1.IDMConfig) *mdmv1.IDMConfig {
+	if i == nil {
+		return nil
+	}
+	return &mdmv1.IDMConfig{
+		IdmType: i.IDMType,
 	}
 }
 
@@ -36,6 +66,39 @@ func ToV1Tenant(p *mdmv1.Tenant) *v1.Tenant {
 		Description:   p.Description,
 		Quotas:        ToV1QuotaSet(p.Quotas),
 		DefaultQuotas: ToV1QuotaSet(p.DefaultQuotas),
+		IAMConfig:     ToV1IAMConfig(p.IamConfig),
+	}
+}
+
+func ToV1IAMConfig(i *mdmv1.IAMConfig) *v1.IAMConfig {
+	if i == nil {
+		return nil
+	}
+
+	return &v1.IAMConfig{
+		IssuerConfig: ToV1IssuerConfig(i.IssuerConfig),
+		IDMConfig:    ToV1IDMConfig(i.IdmConfig),
+	}
+}
+
+func ToV1IssuerConfig(i *mdmv1.IssuerConfig) *v1.IssuerConfig {
+	if i == nil {
+		return nil
+	}
+
+	return &v1.IssuerConfig{
+		URL:      i.Url,
+		ClientID: i.ClientId,
+	}
+}
+
+func ToV1IDMConfig(i *mdmv1.IDMConfig) *v1.IDMConfig {
+	if i == nil {
+		return nil
+	}
+
+	return &v1.IDMConfig{
+		IDMType: i.IdmType,
 	}
 }
 
@@ -76,6 +139,7 @@ func ToMdmV1QuotaSet(qs *v1.QuotaSet) *mdmv1.QuotaSet {
 		Cluster: ToMdmV1Quota(qs.Cluster),
 		Machine: ToMdmV1Quota(qs.Machine),
 		Ip:      ToMdmV1Quota(qs.Ip),
+		Project: ToMdmV1Quota(qs.Project),
 	}
 }
 

api/rest/mapper/mapper_test.go

@@ -0,0 +1,129 @@
+package mapper
+
+import (
+	"github.com/google/go-cmp/cmp"
+	v1 "github.com/metal-stack/masterdata-api/api/rest/v1"
+	"reflect"
+	"testing"
+	"time"
+)
+
+func TestTenantMapperRoundtrip(t *testing.T) {
+	tests := []struct {
+		name     string
+		inAndOut *v1.Tenant
+	}{
+		{
+			name: "full roundtrip",
+			inAndOut: &v1.Tenant{
+				Meta: &v1.Meta{
+					Id:          "1",
+					Kind:        "tenant",
+					Apiversion:  "1",
+					Version:     99,
+					CreatedTime: mustParseTimeP("2021-01-21"),
+					UpdatedTime: mustParseTimeP("2021-03-01"),
+					Annotations: map[string]string{
+						"a": "first",
+						"b": "second",
+					},
+					Labels: []string{
+						"first label",
+					},
+				},
+				Name:        "tnt",
+				Description: "tnt is a test tenant",
+				DefaultQuotas: &v1.QuotaSet{
+					Cluster: &v1.Quota{
+						Quota: int32p(100),
+					},
+					Machine: &v1.Quota{
+						Quota: int32p(10),
+					},
+					Ip: &v1.Quota{
+						Quota: int32p(20),
+					},
+					Project: &v1.Quota{
+						Quota: int32p(11),
+					},
+				},
+				Quotas: &v1.QuotaSet{
+					Cluster: &v1.Quota{
+						Quota: int32p(100),
+					},
+					Machine: &v1.Quota{
+						Quota: int32p(72),
+					},
+					Ip: &v1.Quota{
+						Quota: int32p(30),
+					},
+					Project: &v1.Quota{
+						Quota: int32p(7),
+					},
+				},
+				IAMConfig: &v1.IAMConfig{
+					IssuerConfig: &v1.IssuerConfig{
+						URL:      "https://oidc.myissuer.com",
+						ClientID: "47abcdef12",
+					},
+					IDMConfig: &v1.IDMConfig{
+						IDMType: "ldap",
+					},
+				},
+			},
+		},
+		{
+			name: "minimal roundtrip",
+			inAndOut: &v1.Tenant{
+				Meta: &v1.Meta{
+					Id:          "1",
+					Kind:        "tenant",
+					Apiversion:  "1",
+					Version:     99,
+					CreatedTime: mustParseTimeP("2021-01-21"),
+					UpdatedTime: mustParseTimeP("2021-03-01"),
+				},
+				Name:        "tnt",
+				Description: "tnt is a test tenant",
+				IAMConfig: &v1.IAMConfig{
+					IssuerConfig: &v1.IssuerConfig{
+						URL:      "https://oidc.myissuer.com",
+						ClientID: "47abcdef12",
+					},
+					IDMConfig: &v1.IDMConfig{
+						IDMType: "ldap",
+					},
+				},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+
+			gotMdMV1 := ToMdmV1Tenant(tt.inAndOut)
+			gotV1 := ToV1Tenant(gotMdMV1)
+
+			if !reflect.DeepEqual(tt.inAndOut, gotV1) {
+				diff := cmp.Diff(tt.inAndOut, gotV1)
+				t.Errorf("in = %v, want %v, diff %s", tt.inAndOut, gotV1, diff)
+			}
+		})
+	}
+}
+
+func int32p(i int) *int32 {
+	i32 := int32(i)
+	return &i32
+}
+
+func mustParseTimeP(ts string) *time.Time {
+	t, err := time.Parse("2006-01-02", ts)
+	if err != nil {
+		panic(err)
+	}
+	return timep(t)
+}
+
+func timep(t time.Time) *time.Time {
+	return &t
+}

api/rest/v1/tenant.go

@@ -2,18 +2,37 @@ package v1
 
 type (
 	Tenant struct {
-		Meta          *Meta     `json:"meta,omitempty"`
-		Name          string    `json:"name,omitempty"`
-		Description   string    `json:"description,omitempty"`
-		DefaultQuotas *QuotaSet `json:"default_quotas,omitempty"`
-		Quotas        *QuotaSet `json:"quotas,omitempty"`
+		Meta          *Meta      `json:"meta,omitempty"`
+		Name          string     `json:"name,omitempty"`
+		Description   string     `json:"description,omitempty"`
+		DefaultQuotas *QuotaSet  `json:"default_quotas,omitempty"`
+		Quotas        *QuotaSet  `json:"quotas,omitempty"`
+		IAMConfig     *IAMConfig `json:"iam_config,omitempty"`
+	}
+
+	IAMConfig struct {
+		IssuerConfig *IssuerConfig `json:"issuer_config,omitempty"`
+		IDMConfig    *IDMConfig    `json:"idm_config,omitempty"`
+	}
+
+	IssuerConfig struct {
+		URL      string `json:"url,omitempty"`
+		ClientID string `json:"clientID,omitempty"`
+	}
+
+	IDMConfig struct {
+		IDMType string `json:"idm_type,omitempty"`
 	}
 
 	TenantUpdateRequest struct {
 		Tenant *Tenant `json:"tenant,omitempty"`
 	}
 
 	TenantResponse struct {
-		Tenant *Tenant `json:"tenant,omitempty"`
+		Tenant
+	}
+
+	TenantListResponse struct {
+		Tenants []*TenantResponse `json:"tenants,omitempty"`
 	}
 )

certs/ca-key.pem

@@ -1,5 +1,5 @@
 -----BEGIN EC PRIVATE KEY-----
-MHcCAQEEIEGQkJVroLO3fbDfjHzUhaJrz4Iz5eQsGVE1sZ36exQAoAoGCCqGSM49
-AwEHoUQDQgAEcq+L831+iQ49DSEwITkst74C4Y0M/xYd+7y1FYsHYxkE7wVNg+J/
-UwXatpb8x9ZbheIy26QGFUVCjbx+L4a9Bg==
+MHcCAQEEIEHMiDBS1hIPT+/UcXpqRPZkWvLdmrRFML+dHZz2dEBeoAoGCCqGSM49
+AwEHoUQDQgAEPcsLXBI4syW4y1oEl71W9pZxxz/AlSvIjBfEMe9ob756lfWmjdSi
+HVJ0yLqALaSBFYwsnMVWST69ZV0HTCmlPQ==
 -----END EC PRIVATE KEY-----

certs/ca.csr

@@ -1,8 +1,8 @@
 -----BEGIN CERTIFICATE REQUEST-----
 MIH4MIGfAgEAMD0xCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZNdW5pY2gxEDAOBgNV
 BAcTB0JhdmFyaWExCzAJBgNVBAMTAmNhMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
-QgAEcq+L831+iQ49DSEwITkst74C4Y0M/xYd+7y1FYsHYxkE7wVNg+J/UwXatpb8
-x9ZbheIy26QGFUVCjbx+L4a9BqAAMAoGCCqGSM49BAMCA0gAMEUCIDj3wvAfKM3S
-xzctBm/zKD8vZDt+FQnPiKj2uoIb4NoSAiEAtacrA7xfXyGUZeQWIpuEsnVSNesd
-54aEhXdDTh/ALZw=
+QgAEPcsLXBI4syW4y1oEl71W9pZxxz/AlSvIjBfEMe9ob756lfWmjdSiHVJ0yLqA
+LaSBFYwsnMVWST69ZV0HTCmlPaAAMAoGCCqGSM49BAMCA0gAMEUCIQCacXb7RVaR
+5Q1jg7+S9kEV87WxHcxVb4mgneBhDP/RBgIgF8ebyoPdnoPozW2pXI8hBDYKtMq/
+ITehYtG1kbn/bLg=
 -----END CERTIFICATE REQUEST-----

certs/ca.pem

@@ -1,12 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIBvjCCAWSgAwIBAgIUC3dlg4v0G6DwfBNaMtvUfbcc5tkwCgYIKoZIzj0EAwIw
+MIIBvjCCAWSgAwIBAgIUa/tS2dCD3Utcqmi1pk0zhv1LHz0wCgYIKoZIzj0EAwIw
 PTELMAkGA1UEBhMCREUxDzANBgNVBAgTBk11bmljaDEQMA4GA1UEBxMHQmF2YXJp
-YTELMAkGA1UEAxMCY2EwHhcNMjAwMjE4MTAxMDAwWhcNMjUwMjE2MTAxMDAwWjA9
+YTELMAkGA1UEAxMCY2EwHhcNMjEwMzExMDgxOTAwWhcNMjYwMzEwMDgxOTAwWjA9
 MQswCQYDVQQGEwJERTEPMA0GA1UECBMGTXVuaWNoMRAwDgYDVQQHEwdCYXZhcmlh
-MQswCQYDVQQDEwJjYTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABHKvi/N9fokO
-PQ0hMCE5LLe+AuGNDP8WHfu8tRWLB2MZBO8FTYPif1MF2raW/MfWW4XiMtukBhVF
-Qo28fi+GvQajQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0G
-A1UdDgQWBBTdKgkY5lHmbdAZp64P/49ZYO6kTTAKBggqhkjOPQQDAgNIADBFAiEA
-wSC8H1zy6PAjXOguWOCGcqf9Vldr0fR2S5GjNKkl5L8CIBHjhGkBmYOxdxfXACte
-SoayBKBVl4NXAxLVKQA+Xj6T
+MQswCQYDVQQDEwJjYTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD3LC1wSOLMl
+uMtaBJe9VvaWccc/wJUryIwXxDHvaG++epX1po3Uoh1SdMi6gC2kgRWMLJzFVkk+
+vWVdB0wppT2jQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0G
+A1UdDgQWBBR0WJT3m1iSSSafGx/JIPVIkWjl9TAKBggqhkjOPQQDAgNIADBFAiEA
+/RQ9QZqW0yQ1v/MM1dlIgUpwZaHGgwGTEnKQw7MNJR4CIHhPEvuHMdA4GJ5GK/IL
+mUsRm3qnlPKV+Z1OpG+NNk0X
 -----END CERTIFICATE-----

certs/client-key.pem

@@ -1,5 +1,5 @@
 -----BEGIN EC PRIVATE KEY-----
-MHcCAQEEIKZZ1r7bBblcfQo/4OMWMYIQVmf4Mu43e+a8pdMY2ofpoAoGCCqGSM49
-AwEHoUQDQgAEveM3FlZwkP3xXgIq9RF1kd8t77XbcF3qH83WA63MMgUVWJfSjZlz
-Zwp1bl2NhoKLZqylgc5hrDFBO+FygYsQXg==
+MHcCAQEEIOoqZwOgGjgfAiu87oHG8ap3mMP+Z6ppLiNntnJim5sdoAoGCCqGSM49
+AwEHoUQDQgAEQ0D1FT4nOQjBWWfrX4GFmaMqgGIRAqfLLgwx2XBk4tMRursoaooe
+YNTEgBe755kLwqxSIMMKhv8VF2Az1mS0qg==
 -----END EC PRIVATE KEY-----

certs/client.csr

@@ -1,8 +1,8 @@
 -----BEGIN CERTIFICATE REQUEST-----
-MIIBGTCBwQIBADBBMQswCQYDVQQGEwJERTEPMA0GA1UECBMGTXVuaWNoMRAwDgYD
+MIIBGzCBwQIBADBBMQswCQYDVQQGEwJERTEPMA0GA1UECBMGTXVuaWNoMRAwDgYD
 VQQHEwdCYXZhcmlhMQ8wDQYDVQQDEwZjbGllbnQwWTATBgcqhkjOPQIBBggqhkjO
-PQMBBwNCAAS94zcWVnCQ/fFeAir1EXWR3y3vtdtwXeofzdYDrcwyBRVYl9KNmXNn
-CnVuXY2GgotmrKWBzmGsMUE74XKBixBeoB4wHAYJKoZIhvcNAQkOMQ8wDTALBgNV
-HREEBDACggAwCgYIKoZIzj0EAwIDRwAwRAIgMshqi4F8pOU9z/dLiOVEZFafjFft
-9IqfnZyDYE2UuhcCIHdF4TstfYqO8DGdQ4miWchtSGz69L49FRqEePzqQ2Xf
+PQMBBwNCAARDQPUVPic5CMFZZ+tfgYWZoyqAYhECp8suDDHZcGTi0xG6uyhqih5g
+1MSAF7vnmQvCrFIgwwqG/xUXYDPWZLSqoB4wHAYJKoZIhvcNAQkOMQ8wDTALBgNV
+HREEBDACggAwCgYIKoZIzj0EAwIDSQAwRgIhAJejLc3w2RQIRcntwQYxWGbRNT5d
+7Nl8e4s1gW8M+7P+AiEAy2ebRKBxQ9zRXhdvoVi+XVuyOYpJSEOVLmiOr4rtEe4=
 -----END CERTIFICATE REQUEST-----

certs/client.pem

@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIICBDCCAaqgAwIBAgIUFh0lzDY1mOp5KDNcCAN5ZkZQ9h8wCgYIKoZIzj0EAwIw
+MIICBDCCAaqgAwIBAgIUOLeJ8R/LfH83RVdksn49TH69N4AwCgYIKoZIzj0EAwIw
 PTELMAkGA1UEBhMCREUxDzANBgNVBAgTBk11bmljaDEQMA4GA1UEBxMHQmF2YXJp
-YTELMAkGA1UEAxMCY2EwHhcNMjAwMjE4MTAxMDAwWhcNMjEwMjE3MTAxMDAwWjBB
+YTELMAkGA1UEAxMCY2EwHhcNMjEwMzExMDgxOTAwWhcNMjIwMzExMDgxOTAwWjBB
 MQswCQYDVQQGEwJERTEPMA0GA1UECBMGTXVuaWNoMRAwDgYDVQQHEwdCYXZhcmlh
-MQ8wDQYDVQQDEwZjbGllbnQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS94zcW
-VnCQ/fFeAir1EXWR3y3vtdtwXeofzdYDrcwyBRVYl9KNmXNnCnVuXY2GgotmrKWB
-zmGsMUE74XKBixBeo4GDMIGAMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggr
-BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSKA4sxGrYLfpOY1FNRmlyl
-H0103DAfBgNVHSMEGDAWgBTdKgkY5lHmbdAZp64P/49ZYO6kTTALBgNVHREEBDAC
-ggAwCgYIKoZIzj0EAwIDSAAwRQIgWOJamubU0GD09VWtQO4uu2T8EAfpDW3HDRxk
-ZEjpmOUCIQCjvgi78HBTwcPx/psYZ8V3ND6yXU7S2FoFTnoFj7jL4g==
+MQ8wDQYDVQQDEwZjbGllbnQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARDQPUV
+Pic5CMFZZ+tfgYWZoyqAYhECp8suDDHZcGTi0xG6uyhqih5g1MSAF7vnmQvCrFIg
+wwqG/xUXYDPWZLSqo4GDMIGAMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggr
+BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQqWD6Jy3glt19w34COTR9w
+MAcQwDAfBgNVHSMEGDAWgBR0WJT3m1iSSSafGx/JIPVIkWjl9TALBgNVHREEBDAC
+ggAwCgYIKoZIzj0EAwIDSAAwRQIgYoFMxsY0EcLsRauPEVE/wj+cdLmlyw6GHdZT
+0no/By4CIQDEcZjb5Ik9MsYwlAssv5e/yM1pds8FHnQXR7kNS5VaTQ==
 -----END CERTIFICATE-----

certs/server-key.pem

@@ -1,5 +1,5 @@
 -----BEGIN EC PRIVATE KEY-----
-MHcCAQEEIKg7BDL21D1meMTPaWqiV9CTQts16hwyqVuqowTO9ErxoAoGCCqGSM49
-AwEHoUQDQgAEwM5ezGeC60TuLXG5EfDrNuVitHWAGCScCcJerfc3kX8Kgl9iGCgC
-GXY6xuOZqolmTRzhfu3z2aqvWGC2Rys3Iw==
+MHcCAQEEIKqRUMgqpdz8bdCG40yG8AjWdFKz22/Vi5mDUH+XLFopoAoGCCqGSM49
+AwEHoUQDQgAEKZ2yA+VMK+8M0sTyzgGYpLROOsjerdLmptd1+Akap04zTHuCC0Kq
+ACo4m3RDki1/MoNd7ABo54AughSvohoofg==
 -----END EC PRIVATE KEY-----