add localhost:9000 as a default redirect URL

Fixes: #10885 This patch adds `https://localhost:9000` as a default redirect URI to the webconsole oauthclient. This is done as a new `oc cluster up` startup task. ``` $ oc cluster up ... -- Finding server IP ... Using <IP> as the server IP -- Starting OpenShift container ... Creating initial OpenShift configuration Starting OpenShift using container 'origin' Waiting for API server to start listening OpenShift server started -- Adding default oAuthClient redirect URIs ... "openshift-web-console" patched -- Installing registry ... OK -- Installing router ... OK -- Importing image streams ... OK -- Importing templates ... OK -- Login to server ... OK -- Creating initial project "myproject" ... OK ... ``` ``` $ oc login -u system:admin $ oc get oauthclients NAME WWW-CHALLENGE REDIRECT URIS openshift-web-console FALSE https://localhost:9000 ```
openshift · Sep 26, 2016 · 2367bcb · 2367bcb
1 parent 342f49c
commit 2367bcb
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 0 deletions.
diff --git a/pkg/bootstrap/docker/up.go b/pkg/bootstrap/docker/up.go
@@ -29,6 +29,7 @@ import (
 	osclientcmd "github.com/openshift/origin/pkg/cmd/util/clientcmd"
 	dockerutil "github.com/openshift/origin/pkg/cmd/util/docker"
 	"github.com/openshift/origin/pkg/cmd/util/variable"
+	"k8s.io/kubernetes/pkg/util/sets"
 )
 
 const (
@@ -45,6 +46,9 @@ const (
 	initialProjectDisplay = "My Project"
 	initialProjectDesc    = "Initial developer project"
 
+	defaultRedirectClient  = "openshift-web-console"
+	developmentRedirectURI = "https://localhost:9000"
+
 	defaultImages         = "openshift/origin-${component}:${version}"
 	defaultOpenShiftImage = "openshift/origin:${version}"
 
@@ -258,6 +262,9 @@ func (c *ClientStartConfig) Complete(f *osclientcmd.Factory, cmd *cobra.Command)
 	// Create an OpenShift configuration and start a container that uses it.
 	c.addTask("Starting OpenShift container", c.StartOpenShift)
 
+	// Add default redirect URI to config
+	c.addTask("Adding default OAuthClient redirect URIs", c.EnsureDefaultRedirectURIs)
+
 	// Install a registry
 	c.addTask("Installing registry", c.InstallRegistry)
 
@@ -511,6 +518,39 @@ func (c *ClientStartConfig) EnsureHostDirectories(io.Writer) error {
 	return c.HostHelper().EnsureVolumeShare()
 }
 
+// EnsureDefaultRedirectURIs merges a default URL to an auth client's RedirectURIs array
+func (c *ClientStartConfig) EnsureDefaultRedirectURIs(out io.Writer) error {
+	oc, _, err := c.Clients()
+	if err != nil {
+		return nil
+	}
+
+	webConsoleOAuth, err := oc.OAuthClients().Get(defaultRedirectClient)
+	if err != nil {
+		fmt.Fprintf(out, "%s\n", err)
+		os.Exit(1)
+	}
+
+	// ensure the default redirect URI is not already present
+	redirects := sets.NewString(webConsoleOAuth.RedirectURIs...)
+	if redirects.Has(developmentRedirectURI) {
+		return nil
+	}
+
+	webConsoleOAuth.RedirectURIs = append(webConsoleOAuth.RedirectURIs, developmentRedirectURI)
+
+	_, err = oc.OAuthClients().Update(webConsoleOAuth)
+	if err != nil {
+		// announce error without interrupting remaining tasks
+		suggestedCmd := fmt.Sprintf("oc patch %s -p '{%q:[%q]}'", "oauthclient/openshift-web-console", "redirectURIs", developmentRedirectURI)
+		errMsg := fmt.Sprintf("Unable to add development redirect URI to the openshift-web-console OAuthClient.\nTo manually add it, run %q\n", suggestedCmd)
+		fmt.Fprintf(out, "%s\n", errMsg)
+		return nil
+	}
+
+	return nil
+}
+
 // CheckAvailablePorts ensures that ports used by OpenShift are available on the Docker host
 func (c *ClientStartConfig) CheckAvailablePorts(out io.Writer) error {
 	err := c.OpenShiftHelper().TestPorts(openshift.DefaultPorts)

diff --git a/pkg/client/oauthclient.go b/pkg/client/oauthclient.go
@@ -17,6 +17,7 @@ type OAuthClientInterface interface {
 	Get(name string) (*oauthapi.OAuthClient, error)
 	Delete(name string) error
 	Watch(opts kapi.ListOptions) (watch.Interface, error)
+	Update(client *oauthapi.OAuthClient) (*oauthapi.OAuthClient, error)
 }
 
 type oauthClients struct {
@@ -55,3 +56,9 @@ func (c *oauthClients) Delete(name string) (err error) {
 func (c *oauthClients) Watch(opts kapi.ListOptions) (watch.Interface, error) {
 	return c.r.Get().Prefix("watch").Resource("oAuthClients").VersionedParams(&opts, kapi.ParameterCodec).Watch()
 }
+
+func (c *oauthClients) Update(client *oauthapi.OAuthClient) (result *oauthapi.OAuthClient, err error) {
+	result = &oauthapi.OAuthClient{}
+	err = c.r.Put().Resource("oAuthClients").Name(client.Name).Body(client).Do().Into(result)
+	return
+}
diff --git a/pkg/client/testclient/fake_oauthclient.go b/pkg/client/testclient/fake_oauthclient.go
@@ -47,3 +47,12 @@ func (c *FakeOAuthClient) Delete(name string) error {
 func (c *FakeOAuthClient) Watch(opts kapi.ListOptions) (watch.Interface, error) {
 	return c.Fake.InvokesWatch(ktestclient.NewRootWatchAction("oauthclients", opts))
 }
+
+func (c *FakeOAuthClient) Update(client *oauthapi.OAuthClient) (*oauthapi.OAuthClient, error) {
+	obj, err := c.Fake.Invokes(ktestclient.NewRootUpdateAction("oauthclients", client), &oauthapi.OAuthClient{})
+	if obj == nil {
+		return nil, err
+	}
+
+	return obj.(*oauthapi.OAuthClient), err
+}