Class: ManageIQ::ApplianceConsole::OIDCAuthentication

Inherits:

Object

Object
ManageIQ::ApplianceConsole::OIDCAuthentication

Includes:: AuthUtilities

Defined in:: lib/manageiq/appliance_console/oidc_authentication.rb

Constant Summary collapse

URL_SUFFIX =

/\/\.well-known\/openid-configuration$/.freeze

INTROSPECT_SUFFIX =

"/protocol/openid-connect/token/introspect".freeze

INTROSPECT_ENDPOINT_ERROR =

"Unable to derive the OpenID-Connect Client Introspection Endpoint. Use --oidc-introspection-endpoint".freeze

Constants included from AuthUtilities

AuthUtilities::HTTPD_CONFIG_DIRECTORY

Instance Attribute Summary collapse

#host ⇒ Object

Returns the value of attribute host.
#options ⇒ Object

Returns the value of attribute options.

Instance Method Summary collapse

#configure(host) ⇒ Object
#initialize(options) ⇒ OIDCAuthentication constructor

A new instance of OIDCAuthentication.
#unconfigure ⇒ Object

Methods included from AuthUtilities

#configure_auth_settings, #configure_auth_settings_database, #copy_template, #debug_msg, #log_command_error, #path_is_file?, #path_is_url?, #relative_from_root, #remove_file, #restart_httpd, #template_directory

Constructor Details

#initialize(options) ⇒ `OIDCAuthentication`

Returns a new instance of OIDCAuthentication.



15
16
17

# File 'lib/manageiq/appliance_console/oidc_authentication.rb', line 15

def initialize(options)
  @options = options
end

Instance Attribute Details

#host ⇒ `Object`

Returns the value of attribute host.



9
10
11

# File 'lib/manageiq/appliance_console/oidc_authentication.rb', line 9

def host
  @host
end

#options ⇒ `Object`

Returns the value of attribute options.



9
10
11

# File 'lib/manageiq/appliance_console/oidc_authentication.rb', line 9

def options
  @options
end

Instance Method Details

#configure(host) ⇒ `Object`

# File 'lib/manageiq/appliance_console/oidc_authentication.rb', line 19

def configure(host)
  @host = host
  validate_oidc_options
  derive_introspection_endpoint

  say("Configuring OpenID-Connect Authentication for https://#{host} ...")
  copy_apache_oidc_configfiles
  configure_auth_settings_oidc
  restart_httpd
  true
rescue AwesomeSpawn::CommandResultError => e
  log_command_error(e)
  say("Failed to Configure OpenID-Connect Authentication - #{e}")
  false
rescue => e
  say("Failed to Configure OpenID-Connect Authentication - #{e}")
  false
end

#unconfigure ⇒ `Object`

# File 'lib/manageiq/appliance_console/oidc_authentication.rb', line 38

def unconfigure
  raise "Appliance is not currently configured for OpenID-Connect" unless configured?

  say("Unconfiguring OpenID-Connect Authentication ...")
  remove_apache_oidc_configfiles
  configure_auth_settings_database
  restart_httpd
  true
rescue AwesomeSpawn::CommandResultError => e
  log_command_error(e)
  say("Failed to Unconfigure OpenID-Connect Authentication - #{e}")
  false
rescue => e
  say("Failed to Unconfigure OpenID-Connect Authentication - #{e}")
  false
end