1.when we are the first time we login harbor page when we login from OIDC ,we add the url in onboard-add-username page.
2.fix the part of issue that we cannot redirect to de origin page when we login
Signed-off-by: Yogi_Wang <yawang@vmware.com>
Solve the problem that when we log on to the harbor page, the automation test will click on an incorrect button, which results in the test page being unable to log in.
Signed-off-by: Yogi_Wang <yawang@vmware.com>
When a user logs in to Harbor for the first time through OIDC, the user will enter an onboard page, prompting the user to add the user name of Harbor. After the user name is entered, click save, and the user successfully logs in to Harbor through OIDC.
Signed-off-by: Yogi_Wang <yawang@vmware.com>
In the configration auth mode section, we add an option, OIDC.When the user logs in using OIDC mode, the system defaults to auth mode to select OIDC, where the user can modify the name, endpoint, scope, clientId, clientSecret and skipCertVerify of the OIDC. After the modification, the user clicks the Save button to save the changes
Signed-off-by: Yogi_Wang <yawang@vmware.com>
This commit add callback controller to handle the redirection from
successful OIDC authentication.
For E2E case this requires callback controller to kick off onboard
process, which will be covered in subsequent commits.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
The controller will redirect user to the OIDC login page based on
configuration.
Additionally this commit add some basic code to wrap `oauth2` package
and `provider` in `go-oidc`, and fixed an issue in UT to make
InMemoryDriver for config management thread-safe.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* add authn proxy docker login support
User could use the web hook token issued by k8s api server to login to harbor.
The username should add a specific prefix.
Signed-off-by: wang yan <wangyan@vmware.com>
* update code per review comments
Signed-off-by: wang yan <wangyan@vmware.com>
* Add UT for auth proxy modifier
Signed-off-by: wang yan <wangyan@vmware.com>
* Refactor scan all api
This commit is to let scan all api using admin job to handle schedule
management. After the PR, GC and scan all share unified code path.
Signed-off-by: wang yan <wangyan@vmware.com>
* update admin job api code according to review comments
Signed-off-by: wang yan <wangyan@vmware.com>
* Update test code and comments per review
Signed-off-by: wang yan <wangyan@vmware.com>
As registry v2.7.1 has introduced the possibility to clean untagged manifests,
enable it in the registryctl api.
Signed-off-by: wang yan <wangyan@vmware.com>
