When a user logs in to Harbor for the first time through OIDC, the user will enter an onboard page, prompting the user to add the user name of Harbor. After the user name is entered, click save, and the user successfully logs in to Harbor through OIDC.
Signed-off-by: Yogi_Wang <yawang@vmware.com>
Call Harbor API to delete the images in Harbor adapter to avoid the inconsistent between the different versions of Harbor
Signed-off-by: Wenkai Yin <yinw@vmware.com>
1. Add operation property for tasks
2. Add trigger property for executions
3. Update the getting registry info API to allow passing 0 as ID to get the info of local Harbor registry
Signed-off-by: Wenkai Yin <yinw@vmware.com>
1. Provide a util function to return a shared HTTP transport
2. Read secretkey from the configuration of replication
Signed-off-by: Wenkai Yin <yinw@vmware.com>
Only add the authentication info when the username is provided to support pulling public images from docker hub without login
Signed-off-by: Wenkai Yin <yinw@vmware.com>
1. Use the secret to do the auth between the components when replicating
2. Handle internal core URL and token service URl when the instance is local Harbor
Signed-off-by: Wenkai Yin <yinw@vmware.com>
In the configration auth mode section, we add an option, OIDC.When the user logs in using OIDC mode, the system defaults to auth mode to select OIDC, where the user can modify the name, endpoint, scope, clientId, clientSecret and skipCertVerify of the OIDC. After the modification, the user clicks the Save button to save the changes
Signed-off-by: Yogi_Wang <yawang@vmware.com>
This commit add callback controller to handle the redirection from
successful OIDC authentication.
For E2E case this requires callback controller to kick off onboard
process, which will be covered in subsequent commits.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
The controller will redirect user to the OIDC login page based on
configuration.
Additionally this commit add some basic code to wrap `oauth2` package
and `provider` in `go-oidc`, and fixed an issue in UT to make
InMemoryDriver for config management thread-safe.
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* add authn proxy docker login support
User could use the web hook token issued by k8s api server to login to harbor.
The username should add a specific prefix.
Signed-off-by: wang yan <wangyan@vmware.com>
* update code per review comments
Signed-off-by: wang yan <wangyan@vmware.com>
* Add UT for auth proxy modifier
Signed-off-by: wang yan <wangyan@vmware.com>
