Merge pull request #277 from ImMin5/feature-service-accont-auto-sync

Modify external auth content to identity provider

src/spaceone/identity/manager/email_manager.py

@@ -124,7 +124,7 @@ def send_invite_email_when_external_user_added(
         email: str,
         console_link: str,
         language: str,
-        auth_type: str = "EXTERNAL",
+        external_auth_provider: str = "EXTERNAL",
     ):
         service_name = self._get_service_name()
         language_map_info = LANGUAGE_MAPPER.get(language, "default")
@@ -133,7 +133,7 @@ def send_invite_email_when_external_user_added(
 
         email_contents = template.render(
             user_name=user_id,
-            auth_type=auth_type,
+            auth_type=external_auth_provider,
             service_name=service_name,
             login_link=console_link,
         )

src/spaceone/identity/service/job_service.py

@@ -65,7 +65,7 @@ def create_jobs_by_trusted_account(self, params: dict):
         current_hour = params.get("current_hour", datetime.utcnow().hour)
 
         for trusted_account_vo in self._get_all_schedule_enabled_trusted_accounts(
-            current_hour
+                current_hour
         ):
             try:
                 self.create_service_account_job(trusted_account_vo, {})
@@ -334,7 +334,7 @@ def sync_service_accounts(self, params: dict) -> None:
         )
 
     def create_service_account_job(
-        self, trusted_account_vo: TrustedAccount, job_options: dict
+            self, trusted_account_vo: TrustedAccount, job_options: dict
     ) -> Union[Job, dict]:
         resource_group = trusted_account_vo.resource_group
         provider = trusted_account_vo.provider
@@ -437,10 +437,10 @@ def _get_trusted_secret_data(self, trusted_secret_id: str, domain_id: str) -> di
         return secret_data
 
     def _check_duplicate_job(
-        self,
-        domain_id: str,
-        trusted_account_id: str,
-        this_job_vo: Job,
+            self,
+            domain_id: str,
+            trusted_account_id: str,
+            this_job_vo: Job,
     ) -> bool:
         query = {
             "filter": [
@@ -464,7 +464,7 @@ def _check_duplicate_job(
         return False
 
     def _is_job_failed(
-        self, job_id: str, domain_id: str, workspace_id: str = None
+            self, job_id: str, domain_id: str, workspace_id: str = None
     ) -> bool:
         job_vo: Job = self.job_mgr.get_job(domain_id, job_id, workspace_id)
 
@@ -474,10 +474,10 @@ def _is_job_failed(
             return False
 
     def _close_job(
-        self,
-        job_id: str,
-        domain_id: str,
-        workspace_id: str = None,
+            self,
+            job_id: str,
+            domain_id: str,
+            workspace_id: str = None,
     ):
         job_vo: Job = self.job_mgr.get_job(domain_id, job_id, workspace_id)
         if job_vo.status == "IN_PROGRESS":
@@ -486,7 +486,7 @@ def _close_job(
             self.job_mgr.update_job_by_vo({"finished_at": datetime.utcnow()}, job_vo)
 
     def _create_workspace(
-        self, domain_id: str, trusted_account_id: str, location_info: dict
+            self, domain_id: str, trusted_account_id: str, location_info: dict
     ) -> Workspace:
         name = location_info.get("name")
         reference_id = location_info.get("resource_id")
@@ -496,7 +496,7 @@ def _create_workspace(
         )
 
         _LOGGER.debug(
-            f"[_create_workspace] {name} 'domain_id': {domain_id}, count: {len(workspace_vos)}"
+            f"[_create_workspace] 'name': '{name}', 'domain_id': '{domain_id}', count: {len(workspace_vos)}"
         )
 
         params = {"trusted_account_id": trusted_account_id, "is_managed": True}
@@ -532,12 +532,12 @@ def _create_workspace(
         return workspace_vo
 
     def _create_project_group(
-        self,
-        domain_id: str,
-        workspace_id: str,
-        trusted_account_id: str,
-        location_info: dict,
-        parent_group_id: str = None,
+            self,
+            domain_id: str,
+            workspace_id: str,
+            trusted_account_id: str,
+            location_info: dict,
+            parent_group_id: str = None,
     ) -> ProjectGroup:
         name = location_info["name"]
         reference_id = location_info["resource_id"]
@@ -587,14 +587,14 @@ def _create_project_group(
         return project_group_vo
 
     def _create_project(
-        self,
-        result: dict,
-        domain_id: str,
-        workspace_id: str,
-        trusted_account_id: str,
-        project_group_id: str = None,
-        sync_options: dict = None,
-        project_type: str = "PRIVATE",
+            self,
+            result: dict,
+            domain_id: str,
+            workspace_id: str,
+            trusted_account_id: str,
+            project_group_id: str = None,
+            sync_options: dict = None,
+            project_type: str = "PRIVATE",
     ) -> Project:
         name = result["name"]
         reference_id = result["resource_id"]
@@ -609,7 +609,7 @@ def _create_project(
 
         project_vos = self.project_mgr.filter_projects(**params)
         _LOGGER.debug(
-            f"[_create_service_account] project_vos: {name} {params} count: {len(project_vos)}"
+            f"[_create_service_account] project_vos: 'name': '{name}', 'params': '{params}' count: {len(project_vos)}"
         )
 
         if project_group_id:
@@ -633,13 +633,13 @@ def _create_project(
         return project_vo
 
     def _create_service_account(
-        self,
-        result: dict,
-        project_vo: Project,
-        trusted_account_id: str,
-        trusted_secret_id: str,
-        provider: str,
-        sync_options: dict = None,
+            self,
+            result: dict,
+            project_vo: Project,
+            trusted_account_id: str,
+            trusted_secret_id: str,
+            provider: str,
+            sync_options: dict = None,
     ) -> Union[ServiceAccount, None]:
         domain_id = project_vo.domain_id
         workspace_id = project_vo.workspace_id
@@ -725,7 +725,7 @@ def _create_service_account(
         return service_account_vo
 
     def _remove_old_reference_id_from_workspace(
-        self, domain_id: str, workspace_id: str, reference_id: str
+            self, domain_id: str, workspace_id: str, reference_id: str
     ) -> None:
         query = {
             "filter": [

src/spaceone/identity/service/user_service.py

@@ -11,9 +11,11 @@
 
 from spaceone.identity.error.error_mfa import *
 from spaceone.identity.error.error_user import *
+from spaceone.identity.manager.config_manager import ConfigManager
 from spaceone.identity.manager.email_manager import EmailManager
 from spaceone.identity.manager.domain_manager import DomainManager
 from spaceone.identity.manager.domain_secret_manager import DomainSecretManager
+from spaceone.identity.manager.external_auth_manager import ExternalAuthManager
 
 from spaceone.identity.manager.token_manager.local_token_manager import (
     LocalTokenManager,
@@ -69,7 +71,8 @@ def create_user(self, params: dict) -> User:
         reset_password = params["reset_password"]
         domain_id = params["domain_id"]
         email = params.get("email")
-        language = params.get("language", "en") or "en"
+        language = self._get_domain_default_language(domain_id, params.get("language"))
+        params["language"] = language
 
         if reset_password:
             self._check_reset_password_eligibility(user_id, auth_type, email)
@@ -111,15 +114,13 @@ def create_user(self, params: dict) -> User:
                 auth_type == "EXTERNAL"
                 and self._check_invite_external_user_eligibility(user_id, user_id)
             ):
-                email_manager = EmailManager()
+                email_mgr = EmailManager()
+
                 console_link = self._get_console_url(domain_id)
+                external_auth_provider = self._get_external_auth_provider(domain_id)
 
-                email_manager.send_invite_email_when_external_user_added(
-                    user_id,
-                    user_id,
-                    console_link,
-                    language,
-                    user_vo.auth_type,
+                email_mgr.send_invite_email_when_external_user_added(
+                    user_id, user_id, console_link, language, external_auth_provider
                 )
 
         return user_vo
@@ -499,3 +500,21 @@ def _check_invite_external_user_eligibility(user_id: str, email: str) -> bool:
             return False
 
         return True
+
+    @staticmethod
+    def _get_external_auth_provider(domain_id: str) -> str:
+        external_auth_mgr = ExternalAuthManager()
+        external_auth_vo = external_auth_mgr.get_external_auth(domain_id)
+        plugin_info_metadata = external_auth_vo.plugin_info.get("metadata", {})
+        identity_provider = plugin_info_metadata.get("identity_provider", "EXTERNAL")
+        return identity_provider
+
+    @staticmethod
+    def _get_domain_default_language(domain_id: str, language: str = None) -> str:
+        if not language:
+            config_mgr = ConfigManager()
+            domain_config_data_info = config_mgr.get_auth_config(domain_id)
+            settings = domain_config_data_info.get("settings", {})
+            if settings:
+                language = settings.get("language", "en")
+        return language

src/spaceone/identity/template/sso_invite_user_link_ko.html

@@ -168,7 +168,7 @@
                             >
                                 <div><br/></div>
                                 <div>
-                                    <span style="font-size: 18px;">{{user_email}}님 안녕하세요, </span>
+                                    <span style="font-size: 18px;">{{user_name}}님 안녕하세요, </span>
                                 </div>
                                 <div><br/></div>
                                 <div>