configurable github & gitlab OAuth + version bump to 1.5.10

# See the License for the specific language governing permissions and

# limitations under the License.

version: 1.5.9

version: 1.5.10

repo:

  name: AdvantEDGE

      # host name

      host: my-platform-fqdn

      # enable https only (redirect http requests to https port)

      https-only: true

      https-only: false

      # bind to host ports (true) or node ports (false)

      host-ports: true

      # http port number

    # authentication & authorization config

    auth:

      session:

        # session encryption key k8s secret (data: encryption-key)

      session-key-secret: meep-session

      # Github OAuth k8s secret (data: client-id, secret)

      github-secret: meep-oauth-github

      # Github OAuth k8s secret (data: client-id, secret)

      gitlab-secret: meep-oauth-gitlab

        key-secret: meep-session

        # maximum simultaneous sessions

        max-sessions: 10

      # GitHub OAuth provider config

      github:

        # enable GitHub OAuth

        enabled: true

        # authorization url

        auth-url: https://github.com/login/oauth/authorize

        # access token url

        token-url: https://github.com/login/oauth/access_token

        # OAuth redirect URI

        redirect-uri: https://my-platform-fqdn/platform-ctrl/v1/authorize

        # OAuth k8s secret (data: client-id, secret)

        secret: meep-oauth-github

      # GitLab OAuth provider config

      gitlab:

        # enable GitLab OAuth

        enabled: true

        # authorization url

        auth-url: https://gitlab.com/oauth/authorize

        # access token url

        token-url: https://gitlab.com/oauth/token

        # OAuth redirect URI

        redirect-uri: https://my-platform-fqdn/platform-ctrl/v1/authorize

        # GitLab api url

        # api-url: https://gitlab.com

        # OAuth k8s secret (data: client-id, secret)

        secret: meep-oauth-gitlab

  #------------------------------

  #  Core Subsystem

  pullPolicy: Always

  env:

    MEEP_MAX_SESSIONS: "10"

    MEEP_OAUTH_REDIRECT_URI: "https://<my-platform-fqdn>/platform-ctrl/v1/authorize"

    MEEP_OAUTH_GITHUB_ENABLED: "false"

    MEEP_OAUTH_GITHUB_AUTH_URL: ""

    MEEP_OAUTH_GITHUB_TOKEN_URL: ""

    MEEP_OAUTH_GITHUB_REDIRECT_URI: ""

    MEEP_OAUTH_GITLAB_ENABLED: "false"

    MEEP_OAUTH_GITLAB_AUTH_URL: ""

    MEEP_OAUTH_GITLAB_TOKEN_URL: ""

    MEEP_OAUTH_GITLAB_REDIRECT_URI: ""

    MEEP_OAUTH_GITLAB_API_URL: ""

  envSecret:

    MEEP_SESSION_KEY:

      name: meep-session

	"io"

	"net/http"

	"os"

	"strconv"

	"strings"

	"sync"

	"time"

	"github.com/google/go-github/github"

	"github.com/xanzy/go-gitlab"

	"golang.org/x/oauth2"

	githuboauth "golang.org/x/oauth2/github"

)

const OAUTH_PROVIDER_GITHUB = "github"

const OAUTH_PROVIDER_GITLAB = "gitlab"

const OAUTH_PROVIDER_LOCAL = "local"

const OAUTH_ETSI_GITLAB_AUTH_URL = "https://forge.etsi.org/rep/oauth/authorize"

const OAUTH_ETSI_GITLAB_TOKEN_URL = "https://forge.etsi.org/rep/oauth/token"

const OAUTH_ETSI_GITLAB_API_URL = "https://forge.etsi.org/rep/api/v4"

var mutex sync.Mutex

var gitlabApiUrl = ""

func initOAuth() {

	pfmCtrl.oauthConfigs = make(map[string]*oauth2.Config)

	pfmCtrl.loginRequests = make(map[string]*LoginRequest)

	// Get OAuth redirect URI

	redirectUri := strings.TrimSpace(os.Getenv("MEEP_OAUTH_REDIRECT_URI"))

	// Initialize Github config

	githubClientId := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITHUB_CLIENT_ID"))

	githubSecret := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITHUB_SECRET"))

	if githubClientId != "" && githubSecret != "" {

		githubOauthConfig := &oauth2.Config{

			ClientID:     githubClientId,

			ClientSecret: githubSecret,

	githubEnabledStr := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITHUB_ENABLED"))

	githubEnabled, err := strconv.ParseBool(githubEnabledStr)

	if err == nil && githubEnabled {

		clientId := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITHUB_CLIENT_ID"))

		secret := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITHUB_SECRET"))

		redirectUri := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITHUB_REDIRECT_URI"))

		authUrl := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITHUB_AUTH_URL"))

		tokenUrl := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITHUB_TOKEN_URL"))

		if clientId != "" && secret != "" && redirectUri != "" && authUrl != "" && tokenUrl != "" {

			oauthConfig := &oauth2.Config{

				ClientID:     clientId,

				ClientSecret: secret,

				RedirectURL:  redirectUri,

				Scopes:       []string{},

			Endpoint:     githuboauth.Endpoint,

		}

		pfmCtrl.oauthConfigs[OAUTH_PROVIDER_GITHUB] = githubOauthConfig

				Endpoint: oauth2.Endpoint{

					AuthURL:  authUrl,

					TokenURL: tokenUrl,

				},

			}

	// Initialize ETSI Gitlab config

	gitlabClientId := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITLAB_CLIENT_ID"))

	gitlabSecret := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITLAB_SECRET"))

	if gitlabClientId != "" && gitlabSecret != "" {

		gitlabOauthConfig := &oauth2.Config{

			ClientID:     gitlabClientId,

			ClientSecret: gitlabSecret,

			pfmCtrl.oauthConfigs[OAUTH_PROVIDER_GITHUB] = oauthConfig

			log.Info("GitHub OAuth provider enabled")

		}

	}

	// Initialize GitLab config

	gitlabEnabledStr := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITLAB_ENABLED"))

	gitlabEnabled, err := strconv.ParseBool(gitlabEnabledStr)

	if err == nil && gitlabEnabled {

		gitlabApiUrl = strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITLAB_API_URL"))

		clientId := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITLAB_CLIENT_ID"))

		secret := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITLAB_SECRET"))

		redirectUri := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITLAB_REDIRECT_URI"))

		authUrl := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITLAB_AUTH_URL"))

		tokenUrl := strings.TrimSpace(os.Getenv("MEEP_OAUTH_GITLAB_TOKEN_URL"))

		if clientId != "" && secret != "" && redirectUri != "" && authUrl != "" && tokenUrl != "" {

			oauthConfig := &oauth2.Config{

				ClientID:     clientId,

				ClientSecret: secret,

				RedirectURL:  redirectUri,

				Scopes:       []string{"read_user"},

				Endpoint: oauth2.Endpoint{

				AuthURL:  OAUTH_ETSI_GITLAB_AUTH_URL,

				TokenURL: OAUTH_ETSI_GITLAB_TOKEN_URL,

					AuthURL:  authUrl,

					TokenURL: tokenUrl,

				},

			}

		pfmCtrl.oauthConfigs[OAUTH_PROVIDER_GITLAB] = gitlabOauthConfig

			pfmCtrl.oauthConfigs[OAUTH_PROVIDER_GITLAB] = oauthConfig

			log.Info("GitLab OAuth provider enabled")

		}

	}

}

		}

		userId = *user.Login

	case OAUTH_PROVIDER_GITLAB:

		client, err := gitlab.NewOAuthClient(token.AccessToken, gitlab.WithBaseURL(OAUTH_ETSI_GITLAB_API_URL))

		var client *gitlab.Client

		if gitlabApiUrl != "" {

			client, err = gitlab.NewOAuthClient(token.AccessToken, gitlab.WithBaseURL(gitlabApiUrl))

		} else {

			client, err = gitlab.NewOAuthClient(token.AccessToken)

		}

		if err != nil {

			err = errors.New("Failed to create new GitLab client")

			log.Error(err.Error())

	for _, app := range deployData.coreApps {

		chart := deployData.gitdir + "/" + utils.RepoCfg.GetString("repo.core.go-apps."+app+".chart")

		sessionKeySecret := utils.RepoCfg.GetString("repo.deployment.auth.session-key-secret")

		sessionKeySecret := utils.RepoCfg.GetString("repo.deployment.auth.session.key-secret")

		codecov := utils.RepoCfg.GetBool("repo.core.go-apps." + app + ".codecov")

		userFe := utils.RepoCfg.GetBool("repo.deployment.user.frontend")

		userSwagger := utils.RepoCfg.GetBool("repo.deployment.user.swagger")

	case "meep-platform-ctrl":

		hostName := utils.RepoCfg.GetString("repo.deployment.ingress.host")

		flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_HOST_URL=https://"+hostName)

		redirectUri := utils.RepoCfg.GetString("repo.deployment.auth.redirect-uri")

		flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_OAUTH_REDIRECT_URI="+redirectUri)

		githubSecret := utils.RepoCfg.GetString("repo.deployment.auth.github-secret")

		if githubSecret != "" {

			flags = utils.HelmFlags(flags, "--set", "image.envSecret.MEEP_OAUTH_GITHUB_CLIENT_ID.name="+githubSecret)

			flags = utils.HelmFlags(flags, "--set", "image.envSecret.MEEP_OAUTH_GITHUB_SECRET.name="+githubSecret)

		}

		gitlabSecret := utils.RepoCfg.GetString("repo.deployment.auth.gitlab-secret")

		if gitlabSecret != "" {

			flags = utils.HelmFlags(flags, "--set", "image.envSecret.MEEP_OAUTH_GITLAB_CLIENT_ID.name="+gitlabSecret)

			flags = utils.HelmFlags(flags, "--set", "image.envSecret.MEEP_OAUTH_GITLAB_SECRET.name="+gitlabSecret)

		maxSessions := utils.RepoCfg.GetString("repo.deployment.auth.session.max-sessions")

		if maxSessions != "" {

			flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_MAX_SESSIONS="+maxSessions)

		}

		// GitHub

		githubEnabled := utils.RepoCfg.GetBool("repo.deployment.auth.github.enabled")

		if githubEnabled {

			authUrl := utils.RepoCfg.GetString("repo.deployment.auth.github.auth-url")

			tokenUrl := utils.RepoCfg.GetString("repo.deployment.auth.github.token-url")

			redirectUri := utils.RepoCfg.GetString("repo.deployment.auth.github.redirect-uri")

			secret := utils.RepoCfg.GetString("repo.deployment.auth.github.secret")

			flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_OAUTH_GITHUB_ENABLED=true")

			flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_OAUTH_GITHUB_AUTH_URL="+authUrl)

			flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_OAUTH_GITHUB_TOKEN_URL="+tokenUrl)

			flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_OAUTH_GITHUB_REDIRECT_URI="+redirectUri)

			if secret != "" {

				flags = utils.HelmFlags(flags, "--set", "image.envSecret.MEEP_OAUTH_GITHUB_CLIENT_ID.name="+secret)

				flags = utils.HelmFlags(flags, "--set", "image.envSecret.MEEP_OAUTH_GITHUB_SECRET.name="+secret)

			}

		}

		// GitLab

		gitlabEnabled := utils.RepoCfg.GetBool("repo.deployment.auth.gitlab.enabled")

		if gitlabEnabled {

			authUrl := utils.RepoCfg.GetString("repo.deployment.auth.gitlab.auth-url")

			tokenUrl := utils.RepoCfg.GetString("repo.deployment.auth.gitlab.token-url")

			redirectUri := utils.RepoCfg.GetString("repo.deployment.auth.gitlab.redirect-uri")

			apiUrl := utils.RepoCfg.GetString("repo.deployment.auth.gitlab.api-url")

			secret := utils.RepoCfg.GetString("repo.deployment.auth.gitlab.secret")

			flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_OAUTH_GITLAB_ENABLED=true")

			flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_OAUTH_GITLAB_AUTH_URL="+authUrl)

			flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_OAUTH_GITLAB_TOKEN_URL="+tokenUrl)

			flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_OAUTH_GITLAB_REDIRECT_URI="+redirectUri)

			flags = utils.HelmFlags(flags, "--set", "image.env.MEEP_OAUTH_GITLAB_API_URL="+apiUrl)

			if secret != "" {

				flags = utils.HelmFlags(flags, "--set", "image.envSecret.MEEP_OAUTH_GITLAB_CLIENT_ID.name="+secret)

				flags = utils.HelmFlags(flags, "--set", "image.envSecret.MEEP_OAUTH_GITLAB_SECRET.name="+secret)

			}

		}

	case "meep-virt-engine":

		virtEngineTarget := "repo.core.go-apps.meep-virt-engine"

	BuildID   string `json:"build,omitempty"`

}

const meepctlVersion = "1.5.9"

const meepctlVersion = "1.5.10"

const na = "NA"

const versionDesc = `Display version information