[ARVADOS] created: 1.3.0-2516-g4d3cc2eb8
Git user
git at public.arvados.org
Tue Apr 28 18:25:22 UTC 2020
at 4d3cc2eb8f4c6e3eaecbcd3a7c0625dcbd10ffa0 (commit)
commit 4d3cc2eb8f4c6e3eaecbcd3a7c0625dcbd10ffa0
Author: Lucas Di Pentima <lucas at di-pentima.com.ar>
Date: Tue Apr 28 15:18:43 2020 -0300
16212: Exports Login.Endpoint new config item to hint WB2 the auth method.
Also, unexports Login.PAM as it isn't needed for clients.
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas at di-pentima.com.ar>
diff --git a/lib/config/config.default.yml b/lib/config/config.default.yml
index d4870919e..ad8df0363 100644
--- a/lib/config/config.default.yml
+++ b/lib/config/config.default.yml
@@ -573,6 +573,16 @@ Clusters:
# accounts.
PAMDefaultEmailDomain: ""
+ # Login endpoint to use by clients such as Workbench for obtaining
+ # a user token.
+ #
+ # Valid values are: 'login' or 'authenticate'.
+ #
+ # The former 'login' endpoint should be used when using SSO server,
+ # or Google authentication, and the 'authenticate' option is needed when
+ # using username/password authentication services such as PAM.
+ Endpoint: login
+
# The cluster ID to delegate the user database. When set,
# logins on this cluster will be redirected to the login cluster
# (login cluster must appear in RemoteClusters with Proxy: true)
diff --git a/lib/config/export.go b/lib/config/export.go
index ded03fc30..5b15e0875 100644
--- a/lib/config/export.go
+++ b/lib/config/export.go
@@ -131,10 +131,11 @@ var whitelist = map[string]bool{
"InstanceTypes.*": true,
"InstanceTypes.*.*": true,
"Login": true,
+ "Login.Endpoint": true,
"Login.GoogleClientID": false,
"Login.GoogleClientSecret": false,
"Login.GoogleAlternateEmailAddresses": false,
- "Login.PAM": true,
+ "Login.PAM": false,
"Login.PAMService": false,
"Login.PAMDefaultEmailDomain": false,
"Login.ProviderAppID": false,
diff --git a/lib/config/generated_config.go b/lib/config/generated_config.go
index 42707396d..ffdd1a404 100644
--- a/lib/config/generated_config.go
+++ b/lib/config/generated_config.go
@@ -579,6 +579,16 @@ Clusters:
# accounts.
PAMDefaultEmailDomain: ""
+ # Login endpoint to use by clients such as Workbench for obtaining
+ # a user token.
+ #
+ # Valid values are: 'login' or 'authenticate'.
+ #
+ # The former 'login' endpoint should be used when using SSO server,
+ # or Google authentication, and the 'authenticate' option is needed when
+ # using username/password authentication services such as PAM.
+ Endpoint: login
+
# The cluster ID to delegate the user database. When set,
# logins on this cluster will be redirected to the login cluster
# (login cluster must appear in RemoteClusters with Proxy: true)
diff --git a/sdk/go/arvados/config.go b/sdk/go/arvados/config.go
index 38de6b8ea..f31cd7c2e 100644
--- a/sdk/go/arvados/config.go
+++ b/sdk/go/arvados/config.go
@@ -135,15 +135,16 @@ type Cluster struct {
Repositories string
}
Login struct {
+ Endpoint string
GoogleClientID string
GoogleClientSecret string
GoogleAlternateEmailAddresses bool
+ LoginCluster string
PAM bool
PAMService string
PAMDefaultEmailDomain string
ProviderAppID string
ProviderAppSecret string
- LoginCluster string
RemoteTokenRefresh Duration
}
Mail struct {
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list