add authz.PolicyConfig to aaasf.Config

Author: greenpau

CONTRIBUTING.md

@@ -0,0 +1,36 @@
+# Contributing Guidelines
+
+## Pull Request Checklist
+
+Before sending your pull requests, make sure you followed this list.
+
+1. Open an issue to discuss your PR
+2. Ensure you read appropriate Contributor License Agreement (CLA)
+3. Run unit tests
+
+## Contributor License Agreements
+
+I'd love to accept your pull request! Before I can take them, we have to jump a
+couple of legal hurdles.
+
+***NOTE***: Only original source code from you and other people that have
+signed the CLA can be accepted into the main repository.
+
+Please fill out either the individual or corporate Contributor License Agreement (CLA).
+* If you are an individual writing original source code and you're sure you own the
+  intellectual property, then you'll need to sign an [individual CLA](/assets/cla/individual_cla.md).
+* If you work for a company that wants to allow you to contribute your work, then
+  you'll need to sign a [corporate CLA](/assets/cla/corporate_cla.md).
+
+Follow either of the two links above to access the appropriate CLA. Next, if you are
+ready to accept, add the following text in the body your first commit message.
+
+* For Individual CLA:
+
+      I hereby consent to the Individual CLA provided in assets/cla/individual_cla.md
+
+* For Corporate CLA:
+
+      I hereby consent to the Corporate CLA provided in assets/cla/corporate_cla.md
+
+

SECURITY.md

@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+To report a vulnerability, please send an email to [email protected].

assets/cla/corporate_cla.md

@@ -0,0 +1,33 @@
+# Corporate Contributor License Agreement
+
+In order to clarify the intellectual property license granted with Contributions from any person or entity, Paul Greenberg ("Project Owner") must have a Contributor License Agreement (CLA) on file that has been signed by each Contributor, indicating agreement to the license terms below. This license is for your protection as a Contributor as well as the protection of Project Owner and its users; it does not change your rights to use your own Contributions for any other purpose.
+
+This version of the Agreement allows an entity (the "Corporation") to submit Contributions to Project Owner, to authorize Contributions submitted by its designated employees to Project Owner, and to grant copyright and patent licenses thereto.
+
+You accept and agree to the following terms and conditions for Your present and future Contributions submitted to Project Owner. Except for the license granted herein to Project Owner and recipients of software distributed by Project Owner, You reserve all right, title, and interest in and to Your Contributions.
+
+## Definitions
+
+"You" (or "Your") shall mean the copyright owner or legal entity authorized by the copyright owner that is making this Agreement with Project Owner. For legal entities, the entity making a Contribution and all other entities that control, are controlled by, or are under common control with that entity are considered to be a single Contributor. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
+
+"Contribution" shall mean the code, documentation or any original work of authorship, including any modifications or additions to an existing work, that is intentionally submitted by You to Project Owner for inclusion in, or documentation of, any of the products owned or managed by Project Owner (the "Work"). For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to Project Owner or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, Project Owner for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by You as "Not a Contribution."
+
+## Grant of Copyright License
+
+Subject to the terms and conditions of this Agreement, You hereby grant to Project Owner and to recipients of software distributed by Project Owner a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Your Contributions and such derivative works.
+
+## Grant of Patent License
+
+Subject to the terms and conditions of this Agreement, You hereby grant to Project Owner and to recipients of software distributed by Project Owner a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by You that are necessarily infringed by Your Contribution(s) alone or by combination of Your Contribution(s) with the Work to which such Contribution(s) was submitted. If any entity institutes patent litigation against You or any other entity (including a cross-claim or counterclaim in a lawsuit) alleging that your Contribution, or the Work to which you have contributed, constitutes direct or contributory patent infringement, then any patent licenses granted to that entity under this Agreement for that Contribution or Work shall terminate as of the date such litigation is filed.
+
+## Miscellaneous
+
+1. You represent that You are legally entitled to grant the above license. You represent further that each employee of the Corporation designated by You is authorized to submit Contributions on behalf of the Corporation.
+
+2. You represent that each of Your Contributions is Your original creation (see section 4 for submissions on behalf of others).
+
+3. You are not expected to provide support for Your Contributions, except to the extent You desire to provide support. You may provide support for free, for a fee, or not at all. Unless required by applicable law or agreed to in writing, You provide Your Contributions on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.
+
+4. Should You wish to submit work that is not Your original creation, You may submit it to Project Owner separately from any Contribution, identifying the complete details of its source and of any license or other restriction (including, but not limited to, related patents, trademarks, and license agreements) of which you are personally aware, and conspicuously marking the work as "Submitted on behalf of a third-party: [named here]".
+
+5. It is your responsibility to notify Project Owner when any change is required to the list of designated employees authorized to submit Contributions on behalf of the Corporation, or to the Corporation's Point of Contact with Project Owner.

assets/cla/individual_cla.md

@@ -0,0 +1,94 @@
+# Individual Contributor License Agreement
+
+In order to clarify the intellectual property license granted with Contributions from
+any person or entity, Paul Greenberg ("Project Owner") must have a Contributor License
+Agreement ("CLA") on file that has been signed by each Contributor, indicating agreement
+to the license terms below. This license is for your protection as a Contributor as well
+as the protection of Project Owner; it does not change your rights to use your own
+Contributions for any other purpose.
+
+You accept and agree to the following terms and conditions for Your present and future
+Contributions submitted to Project Owner. Except for the license granted herein to
+Project Owner and recipients of software distributed by Project Owner, You reserve
+all right, title, and interest in and to Your Contributions.
+
+## Definitions
+
+"You" (or "Your") shall mean the copyright owner or legal entity authorized by
+the copyright owner that is making this Agreement with Project Owner. For legal
+entities, the entity making a Contribution and all other entities that control, are
+controlled by, or are under common control with that entity are considered to be a single
+Contributor. For the purposes of this definition, "control" means (i) the power, direct
+or indirect, to cause the direction or management of such entity, whether by contract
+or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding
+shares, or (iii) beneficial ownership of such entity.
+
+"Contribution" shall mean any original work of authorship, including any modifications
+or additions to an existing work, that is intentionally submitted by You to Project
+Owner for inclusion in, or documentation of, any of the products owned or managed by
+Project Owner (the "Work"). For the purposes of this definition, "submitted" means any
+form of electronic, verbal, or written communication sent to Project Owner or its
+representatives, including but not limited to communication on electronic mailing lists,
+source code control systems, and issue tracking systems that are managed by, or on
+behalf of, Project Owner for the purpose of discussing and improving the Work, but
+excluding communication that is conspicuously marked or otherwise designated in writing
+by You as "Not a Contribution."
+
+## Grant of Copyright License
+
+Subject to the terms and conditions of this Agreement, You hereby grant to Project
+Owner and to recipients of software distributed by Project Owner a perpetual,
+worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license
+to reproduce, prepare derivative works of, publicly display, publicly perform,
+sublicense, and distribute Your Contributions and such derivative works.
+
+## Grant of Patent License
+
+Subject to the terms and conditions of this Agreement, You hereby grant to Project
+Owner and to recipients of software distributed by Project Owner a perpetual,
+worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in
+this section) patent license to make, have made, use, offer to sell, sell, import,
+and otherwise transfer the Work, where such license applies only to those patent
+claims licensable by You that are necessarily infringed by Your Contribution(s)
+alone or by combination of Your Contribution(s) with the Work to which such
+Contribution(s) was submitted. If any entity institutes patent litigation against
+You or any other entity (including a cross-claim or counterclaim in a lawsuit)
+alleging that your Contribution, or the Work to which you have contributed,
+constitutes direct or contributory patent infringement, then any patent licenses
+granted to that entity under this Agreement for that Contribution or Work shall
+terminate as of the date such litigation is filed.
+
+## Miscellaneous
+
+1. You represent that you are legally entitled to grant the above license. If your
+employer(s) has rights to intellectual property that you create that includes
+your Contributions, you represent that you have received permission to make
+Contributions on behalf of that employer, that your employer has waived such
+rights for your Contributions to Project Owner, or that your employer has
+executed a separate Corporate CLA with Project Owner.
+
+2. You represent that each of Your Contributions is Your original creation
+(see section 4 for submissions on behalf of others). You represent that Your
+Contribution submissions include complete details of any third-party license
+or other restriction (including, but not limited to, related patents and trademarks)
+of which you are personally aware and which are associated with any part of Your
+Contributions.
+
+3. You are not expected to provide support for Your Contributions, except to
+the extent You desire to provide support. You may provide support for free,
+for a fee, or not at all. Unless required by applicable law or agreed to in
+writing, You provide Your Contributions on an "AS IS" BASIS, WITHOUT WARRANTIES
+OR CONDITIONS OF ANY KIND, either express or implied, including, without
+limitation, any warranties or conditions of TITLE, NON- INFRINGEMENT,
+MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.
+
+4. Should You wish to submit work that is not Your original creation, You may
+submit it to Project Owner separately from any Contribution, identifying the
+complete details of its source and of any license or other restriction (including,
+but not limited to, related patents, trademarks, and license agreements) of
+which you are personally aware, and conspicuously marking the work as
+"Submitted on behalf of a third-party: [named here]".
+
+5. You agree to notify Project Owner of any facts or circumstances of
+which you become aware that would make these representations inaccurate
+in any respect.

config.go

@@ -1,12 +1,16 @@
 package aaasf
 
 import (
+	"github.com/greenpau/aaasf/pkg/authn"
+	"github.com/greenpau/aaasf/pkg/authz"
 	"github.com/greenpau/aaasf/pkg/credentials"
 )
 
 // Config is a configuration of Server.
 type Config struct {
 	Credentials []*credentials.Config `json:"credentials,omitempty" xml:"credentials,omitempty" yaml:"credentials,omitempty"`
+	Portals     []*authn.PortalConfig `json:"auth_portal_config,omitempty" xml:"auth_portal_config,omitempty" yaml:"auth_portal_config,omitempty"`
+	Policies    []*authz.PolicyConfig `json:"authz_policy_config,omitempty" xml:"authz_policy_config,omitempty" yaml:"authz_policy_config,omitempty"`
 	credMap     map[string]*credentials.Config
 }
 

internal/tag/tag_test.go

@@ -22,30 +22,30 @@ import (
 	"github.com/greenpau/aaasf/internal/testutils"
 	"github.com/greenpau/aaasf/pkg/acl"
 	"github.com/greenpau/aaasf/pkg/authn"
-	"github.com/greenpau/aaasf/pkg/authn/registration"
-	"github.com/greenpau/aaasf/pkg/credentials"
-	"github.com/greenpau/aaasf/pkg/identity"
-	"github.com/greenpau/aaasf/pkg/identity/qr"
-	"github.com/greenpau/aaasf/pkg/kms"
-	"github.com/greenpau/aaasf/pkg/requests"
-	"github.com/greenpau/aaasf/pkg/util/cfg"
-	"strings"
-	"unicode"
-	// "github.com/greenpau/aaasf/pkg/shared"
 	"github.com/greenpau/aaasf/pkg/authn/backends"
 	"github.com/greenpau/aaasf/pkg/authn/backends/ldap"
 	"github.com/greenpau/aaasf/pkg/authn/backends/local"
 	"github.com/greenpau/aaasf/pkg/authn/backends/oauth2"
 	"github.com/greenpau/aaasf/pkg/authn/backends/saml"
 	authncache "github.com/greenpau/aaasf/pkg/authn/cache"
 	"github.com/greenpau/aaasf/pkg/authn/cookie"
+	"github.com/greenpau/aaasf/pkg/authn/registration"
 	"github.com/greenpau/aaasf/pkg/authn/transformer"
 	"github.com/greenpau/aaasf/pkg/authn/ui"
+	"github.com/greenpau/aaasf/pkg/authz"
 	"github.com/greenpau/aaasf/pkg/authz/cache"
 	"github.com/greenpau/aaasf/pkg/authz/options"
 	"github.com/greenpau/aaasf/pkg/authz/validator"
+	"github.com/greenpau/aaasf/pkg/credentials"
+	"github.com/greenpau/aaasf/pkg/identity"
+	"github.com/greenpau/aaasf/pkg/identity/qr"
+	"github.com/greenpau/aaasf/pkg/kms"
+	"github.com/greenpau/aaasf/pkg/requests"
 	"github.com/greenpau/aaasf/pkg/shared/idp"
 	"github.com/greenpau/aaasf/pkg/user"
+	"github.com/greenpau/aaasf/pkg/util/cfg"
+	"strings"
+	"unicode"
 
 	"os"
 	"path/filepath"
@@ -529,7 +529,13 @@ func TestTagCompliance(t *testing.T) {
 		{
 			name:  "test aaasf.Config struct",
 			entry: &aaasf.Config{},
-			opts:  &Options{},
+			opts: &Options{
+				AllowFieldMismatch: true,
+				AllowedFields: map[string]interface{}{
+					"auth_portal_config":  true,
+					"authz_policy_config": true,
+				},
+			},
 		},
 		{
 			name:  "test cache.TokenCache struct",
@@ -638,6 +644,11 @@ func TestTagCompliance(t *testing.T) {
 			entry: &acl.AccessList{},
 			opts:  &Options{},
 		},
+		{
+			name:  "test authz.PolicyConfig struct",
+			entry: &authz.PolicyConfig{},
+			opts:  &Options{},
+		},
 	}
 
 	for _, tc := range testcases {

pkg/authz/config.go

@@ -0,0 +1,11 @@
+package authz
+
+import (
+// "time"
+// "go.uber.org/zap"
+)
+
+// PolicyConfig TODO
+type PolicyConfig struct {
+	Name string `json:"name,omitempty" xml:"name,omitempty" yaml:"name,omitempty"`
+}