2021-02-17 18:56:56 +00:00
|
|
|
${
|
2021-03-17 14:40:56 +00:00
|
|
|
[1].map(i => {
|
2021-02-17 18:56:56 +00:00
|
|
|
const type = `${fake.helpers.randomize(['kubernetes', 'jwt', 'oidc'])}`;
|
2021-03-18 15:18:23 +00:00
|
|
|
const cert = `-----BEGIN CERTIFICATE-----
|
|
|
|
MIIH/TCCBeWgAwIBAgIQaBYE3/M08XHYCnNVmcFBcjANBgkqhkiG9w0BAQsFADBy
|
|
|
|
MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
|
|
|
|
ETAPBgNVBAoMCFNTTCBDb3JwMS4wLAYDVQQDDCVTU0wuY29tIEVWIFNTTCBJbnRl
|
|
|
|
cm1lZGlhdGUgQ0EgUlNBIFIzMB4XDTIwMDQwMTAwNTgzM1oXDTIxMDcxNjAwNTgz
|
|
|
|
M1owgb0xCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91
|
|
|
|
c3RvbjERMA8GA1UECgwIU1NMIENvcnAxFjAUBgNVBAUTDU5WMjAwODE2MTQyNDMx
|
|
|
|
FDASBgNVBAMMC3d3dy5zc2wuY29tMR0wGwYDVQQPDBRQcml2YXRlIE9yZ2FuaXph
|
|
|
|
dGlvbjEXMBUGCysGAQQBgjc8AgECDAZOZXZhZGExEzARBgsrBgEEAYI3PAIBAxMC
|
|
|
|
VVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHheRkbb1FCc7xRKst
|
|
|
|
wK0JIGaKY8t7JbS2bQ2b6YIJDgnHuIYHqBrCUV79oelikkokRkFvcvpaKinFHDQH
|
|
|
|
UpWEI6RUERYmSCg3O8Wi42uOcV2B5ZabmXCkwdxY5Ecl51BbM8UnGdoAGbdNmiRm
|
|
|
|
SmTjcs+lhMxg4fFY6lBpiEVFiGUjGRR+61R67Lz6U4KJeLNcCm07QwFYKBmpi08g
|
|
|
|
-----END CERTIFICATE-----`;
|
2021-03-17 14:40:56 +00:00
|
|
|
let sourceType;
|
|
|
|
|
|
|
|
if (type !== 'kubernetes') {
|
|
|
|
sourceType = `${fake.helpers.randomize(['JWTValidationPubKeys', 'JWKSURL', 'OIDCDiscoveryURL'])}`;
|
|
|
|
}
|
|
|
|
|
|
|
|
const claimMappings = {
|
|
|
|
"http://example.com/example-1": `${fake.hacker.noun()}`,
|
|
|
|
"http://example.com/example-2": `${fake.hacker.noun()}`
|
|
|
|
}
|
|
|
|
const listClaimMappings = {
|
|
|
|
"http://example.com/example-1": `${fake.hacker.noun()}`
|
|
|
|
}
|
2021-03-31 14:55:31 +00:00
|
|
|
const namespaceRules = `[
|
|
|
|
{
|
|
|
|
"Selector": "${fake.hacker.noun()} in list.group",
|
|
|
|
"BindNamespace": "dc-1"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"Selector": "serviceaccount.namespace!=${fake.hacker.noun()}",
|
|
|
|
"BindNamespace": "dc-2"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"Selector": "serviceaccount.namespace==${fake.hacker.noun()}",
|
|
|
|
"BindNamespace": "dc-3"
|
|
|
|
}
|
|
|
|
]`;
|
2021-03-17 14:40:56 +00:00
|
|
|
|
2021-02-17 18:56:56 +00:00
|
|
|
let config = {};
|
|
|
|
switch(type) {
|
|
|
|
case 'kubernetes':
|
|
|
|
config = {
|
|
|
|
Host: `https://${fake.internet.ip()}:8443`,
|
2021-03-18 15:18:23 +00:00
|
|
|
CACert: cert,
|
2021-02-17 18:56:56 +00:00
|
|
|
ServiceAccountJWT: `eyJhbGciOiJ${fake.internet.password(25)}.eyJ${fake.internet.password(61)}.${fake.internet.password(32)}`
|
|
|
|
};
|
|
|
|
break;
|
|
|
|
case 'oidc':
|
|
|
|
config = {
|
|
|
|
OIDCDiscoveryURL: `https://${fake.internet.ip()}:8443`,
|
2021-03-18 15:18:23 +00:00
|
|
|
OIDCDiscoveryCACert: cert,
|
2021-03-17 14:40:56 +00:00
|
|
|
OIDCClientID: `${fake.hacker.noun()}-ID`,
|
|
|
|
OIDCClientSecret: `${fake.hacker.noun()}-secret`,
|
|
|
|
BoundAudiences: ["aud_example_0", "aud_example_1"],
|
|
|
|
OIDCScopes: ["scope_01", "scope_02", "scope_03"],
|
|
|
|
JWTSupportedAlgs: ["RS256", "RS257"],
|
|
|
|
VerboseOIDCLogging: true,
|
|
|
|
AllowedRedirectURIs: ["http://example.com/example-1", "http://example.com/example-2", "http://example.com/example-3"],
|
|
|
|
ClaimMappings: claimMappings,
|
|
|
|
ListClaimMappings: listClaimMappings
|
2021-02-17 18:56:56 +00:00
|
|
|
};
|
|
|
|
break;
|
|
|
|
case 'jwt':
|
|
|
|
config = {
|
2021-03-17 14:40:56 +00:00
|
|
|
JWTSupportedAlgs: ["RS256", "RS257"],
|
|
|
|
BoundAudiences: ["aud_example_0", "aud_example_1"],
|
|
|
|
BoundIssuer: `${fake.hacker.noun()}-issuer`,
|
|
|
|
ExpirationLeeway: `${fake.random.number({min: 0, max: 60})}`,
|
|
|
|
NotBeforeLeeway: `${fake.random.number({min: 0, max: 60})}`,
|
|
|
|
ClockSkewLeeway: `${fake.random.number({min: 0, max: 60})}`,
|
|
|
|
ClaimMappings: claimMappings,
|
|
|
|
ListClaimMappings: listClaimMappings
|
2021-02-17 18:56:56 +00:00
|
|
|
};
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2021-03-17 14:40:56 +00:00
|
|
|
switch(sourceType) {
|
|
|
|
case 'JWTValidationPubKeys':
|
2021-03-18 15:18:23 +00:00
|
|
|
config.JWTValidationPubKeys = cert;
|
2021-03-17 14:40:56 +00:00
|
|
|
break;
|
|
|
|
case 'JWKSURL':
|
|
|
|
config.JWKSURL = `https://${fake.internet.ip()}:8443`;
|
2021-03-18 15:18:23 +00:00
|
|
|
config.JWKSCACert = cert;
|
2021-03-17 14:40:56 +00:00
|
|
|
break;
|
|
|
|
case 'OIDCDiscoveryURL':
|
|
|
|
config.OIDCDiscoveryURL = `https://${fake.internet.ip()}:8443`;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2021-02-17 18:56:56 +00:00
|
|
|
return `{
|
|
|
|
"Name": "${location.pathname.get(3)}",
|
|
|
|
"Namespace": "${
|
|
|
|
typeof location.search.ns !== 'undefined' ? location.search.ns :
|
|
|
|
typeof http.body.Namespace !== 'undefined' ? http.body.Namespace : 'default'
|
|
|
|
}",
|
|
|
|
"Type": "${type}",
|
|
|
|
"Description": "${fake.lorem.sentence()}",
|
|
|
|
"DisplayName": "${fake.hacker.noun()}",
|
|
|
|
"MaxTokenTTL": "${fake.random.number({min: 0, max: 60})}m${fake.random.number({min: 0, max: 60})}s",
|
|
|
|
"TokenLocality": "${fake.helpers.randomize(['local', 'global', ''])}",
|
2021-03-31 14:55:31 +00:00
|
|
|
"NamespaceRules": ${namespaceRules},
|
2021-02-17 18:56:56 +00:00
|
|
|
"Config": ${JSON.stringify(config)},
|
|
|
|
"CreateIndex": ${fake.random.number()},
|
|
|
|
"ModifyIndex": 10
|
|
|
|
}`
|
|
|
|
})
|
|
|
|
}
|