github.com/minio/mc@v0.0.0-20240503112107-b471de8d1882/cmd/idp-ldap-subcommands.go (about) 1 // Copyright (c) 2015-2023 MinIO, Inc. 2 // 3 // This file is part of MinIO Object Storage stack 4 // 5 // This program is free software: you can redistribute it and/or modify 6 // it under the terms of the GNU Affero General Public License as published by 7 // the Free Software Foundation, either version 3 of the License, or 8 // (at your option) any later version. 9 // 10 // This program is distributed in the hope that it will be useful 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU Affero General Public License for more details. 14 // 15 // You should have received a copy of the GNU Affero General Public License 16 // along with this program. If not, see <http://www.gnu.org/licenses/>. 17 18 package cmd 19 20 import ( 21 "errors" 22 "strings" 23 24 "github.com/minio/cli" 25 "github.com/minio/madmin-go/v3" 26 "github.com/minio/mc/pkg/probe" 27 ) 28 29 var idpLdapAddCmd = cli.Command{ 30 Name: "add", 31 Usage: "Create an LDAP IDP server configuration", 32 Action: mainIDPLDAPAdd, 33 Before: setGlobalsFromContext, 34 Flags: globalFlags, 35 OnUsageError: onUsageError, 36 CustomHelpTemplate: `NAME: 37 {{.HelpName}} - {{.Usage}} 38 39 USAGE: 40 {{.HelpName}} TARGET [CFG_PARAMS...] 41 42 FLAGS: 43 {{range .VisibleFlags}}{{.}} 44 {{end}} 45 EXAMPLES: 46 1. Create LDAP IDentity Provider configuration. 47 {{.Prompt}} {{.HelpName}} myminio/ \ 48 server_addr=myldapserver:636 \ 49 lookup_bind_dn=cn=admin,dc=min,dc=io \ 50 lookup_bind_password=somesecret \ 51 user_dn_search_base_dn=dc=min,dc=io \ 52 user_dn_search_filter="(uid=%s)" \ 53 group_search_base_dn=ou=swengg,dc=min,dc=io \ 54 group_search_filter="(&(objectclass=groupofnames)(member=%d))" 55 `, 56 } 57 58 func mainIDPLDAPAdd(ctx *cli.Context) error { 59 if len(ctx.Args()) < 2 { 60 showCommandHelpAndExit(ctx, 1) 61 } 62 63 args := ctx.Args() 64 65 aliasedURL := args.Get(0) 66 67 // Create a new MinIO Admin Client 68 client, err := newAdminClient(aliasedURL) 69 fatalIf(err, "Unable to initialize admin connection.") 70 71 cfgName := madmin.Default 72 input := args[1:] 73 if !strings.Contains(args.Get(1), "=") { 74 cfgName = args.Get(1) 75 input = args[2:] 76 } 77 78 if cfgName != madmin.Default { 79 fatalIf(probe.NewError(errors.New("all config parameters must be of the form \"key=value\"")), 80 "Bad LDAP IDP configuration") 81 } 82 83 inputCfg := strings.Join(input, " ") 84 85 restart, e := client.AddOrUpdateIDPConfig(globalContext, madmin.LDAPIDPCfg, cfgName, inputCfg, false) 86 fatalIf(probe.NewError(e), "Unable to add LDAP IDP config to server") 87 88 // Print set config result 89 printMsg(configSetMessage{ 90 targetAlias: aliasedURL, 91 restart: restart, 92 }) 93 94 return nil 95 } 96 97 var idpLdapUpdateCmd = cli.Command{ 98 Name: "update", 99 Usage: "Update an LDAP IDP configuration", 100 Action: mainIDPLDAPUpdate, 101 OnUsageError: onUsageError, 102 Before: setGlobalsFromContext, 103 Flags: globalFlags, 104 CustomHelpTemplate: `NAME: 105 {{.HelpName}} - {{.Usage}} 106 107 USAGE: 108 {{.HelpName}} TARGET [CFG_PARAMS...] 109 110 FLAGS: 111 {{range .VisibleFlags}}{{.}} 112 {{end}} 113 EXAMPLES: 114 1. Update the LDAP IDP configuration. 115 {{.Prompt}} {{.HelpName}} play/ \ 116 lookup_bind_dn=cn=admin,dc=min,dc=io \ 117 lookup_bind_password=somesecret 118 `, 119 } 120 121 func mainIDPLDAPUpdate(ctx *cli.Context) error { 122 if len(ctx.Args()) < 2 { 123 showCommandHelpAndExit(ctx, 1) 124 } 125 126 args := ctx.Args() 127 128 aliasedURL := args.Get(0) 129 130 // Create a new MinIO Admin Client 131 client, err := newAdminClient(aliasedURL) 132 fatalIf(err, "Unable to initialize admin connection.") 133 134 cfgName := madmin.Default 135 input := args[1:] 136 if !strings.Contains(args.Get(1), "=") { 137 cfgName = args.Get(1) 138 input = args[2:] 139 } 140 141 if cfgName != madmin.Default { 142 fatalIf(probe.NewError(errors.New("all config parameters must be of the form \"key=value\"")), 143 "Bad LDAP IDP configuration") 144 } 145 146 inputCfg := strings.Join(input, " ") 147 148 restart, e := client.AddOrUpdateIDPConfig(globalContext, madmin.LDAPIDPCfg, cfgName, inputCfg, true) 149 fatalIf(probe.NewError(e), "Unable to update LDAP IDP configuration") 150 151 // Print set config result 152 printMsg(configSetMessage{ 153 targetAlias: aliasedURL, 154 restart: restart, 155 }) 156 157 return nil 158 } 159 160 var idpLdapRemoveCmd = cli.Command{ 161 Name: "remove", 162 ShortName: "rm", 163 Usage: "remove LDAP IDP server configuration", 164 Action: mainIDPLDAPRemove, 165 Before: setGlobalsFromContext, 166 Flags: globalFlags, 167 OnUsageError: onUsageError, 168 CustomHelpTemplate: `NAME: 169 {{.HelpName}} - {{.Usage}} 170 171 USAGE: 172 {{.HelpName}} TARGET 173 174 FLAGS: 175 {{range .VisibleFlags}}{{.}} 176 {{end}} 177 EXAMPLES: 178 1. Remove the default LDAP IDP configuration. 179 {{.Prompt}} {{.HelpName}} play/ 180 `, 181 } 182 183 func mainIDPLDAPRemove(ctx *cli.Context) error { 184 if len(ctx.Args()) != 1 { 185 showCommandHelpAndExit(ctx, 1) 186 } 187 188 var cfgName string = madmin.Default 189 return idpRemove(ctx, false, cfgName) 190 } 191 192 var idpLdapListCmd = cli.Command{ 193 Name: "list", 194 ShortName: "ls", 195 Usage: "list LDAP IDP server configuration(s)", 196 Action: mainIDPLDAPList, 197 Before: setGlobalsFromContext, 198 Flags: globalFlags, 199 OnUsageError: onUsageError, 200 CustomHelpTemplate: `NAME: 201 {{.HelpName}} - {{.Usage}} 202 203 USAGE: 204 {{.HelpName}} TARGET 205 206 FLAGS: 207 {{range .VisibleFlags}}{{.}} 208 {{end}} 209 EXAMPLES: 210 1. List configurations for LDAP IDP. 211 {{.Prompt}} {{.HelpName}} play/ 212 `, 213 } 214 215 func mainIDPLDAPList(ctx *cli.Context) error { 216 if len(ctx.Args()) != 1 { 217 showCommandHelpAndExit(ctx, 1) 218 } 219 220 return idpListCommon(ctx, false) 221 } 222 223 var idpLdapInfoCmd = cli.Command{ 224 Name: "info", 225 Usage: "get LDAP IDP server configuration info", 226 Action: mainIDPLDAPInfo, 227 Before: setGlobalsFromContext, 228 Flags: globalFlags, 229 OnUsageError: onUsageError, 230 CustomHelpTemplate: `NAME: 231 {{.HelpName}} - {{.Usage}} 232 233 USAGE: 234 {{.HelpName}} TARGET 235 236 FLAGS: 237 {{range .VisibleFlags}}{{.}} 238 {{end}} 239 EXAMPLES: 240 1. Get configuration info on the LDAP IDP configuration. 241 {{.Prompt}} {{.HelpName}} play/ 242 `, 243 } 244 245 func mainIDPLDAPInfo(ctx *cli.Context) error { 246 if len(ctx.Args()) != 1 { 247 showCommandHelpAndExit(ctx, 1) 248 } 249 250 var cfgName string = madmin.Default 251 return idpInfo(ctx, false, cfgName) 252 } 253 254 var idpLdapEnableCmd = cli.Command{ 255 Name: "enable", 256 Usage: "manage LDAP IDP server configuration", 257 Action: mainIDPLDAPEnable, 258 Before: setGlobalsFromContext, 259 Flags: globalFlags, 260 OnUsageError: onUsageError, 261 CustomHelpTemplate: `NAME: 262 {{.HelpName}} - {{.Usage}} 263 264 USAGE: 265 {{.HelpName}} TARGET 266 267 FLAGS: 268 {{range .VisibleFlags}}{{.}} 269 {{end}} 270 EXAMPLES: 271 1. Enable the LDAP IDP configuration. 272 {{.Prompt}} {{.HelpName}} play/ 273 `, 274 } 275 276 func mainIDPLDAPEnable(ctx *cli.Context) error { 277 if len(ctx.Args()) != 1 { 278 showCommandHelpAndExit(ctx, 1) 279 } 280 281 isOpenID, enable := false, true 282 return idpEnableDisable(ctx, isOpenID, enable) 283 } 284 285 var idpLdapDisableCmd = cli.Command{ 286 Name: "disable", 287 Usage: "Disable an LDAP IDP server configuration", 288 Action: mainIDPLDAPDisable, 289 Before: setGlobalsFromContext, 290 Flags: globalFlags, 291 OnUsageError: onUsageError, 292 CustomHelpTemplate: `NAME: 293 {{.HelpName}} - {{.Usage}} 294 295 USAGE: 296 {{.HelpName}} TARGET 297 298 FLAGS: 299 {{range .VisibleFlags}}{{.}} 300 {{end}} 301 EXAMPLES: 302 1. Disable the default LDAP IDP configuration. 303 {{.Prompt}} {{.HelpName}} play/ 304 `, 305 } 306 307 func mainIDPLDAPDisable(ctx *cli.Context) error { 308 if len(ctx.Args()) != 1 { 309 showCommandHelpAndExit(ctx, 1) 310 } 311 312 isOpenID, enable := false, false 313 return idpEnableDisable(ctx, isOpenID, enable) 314 }