diff --git a/changelog/unreleased/separate-auth-user-providers.md b/changelog/unreleased/separate-auth-user-providers.md new file mode 100644 index 0000000..3f7eec4 --- /dev/null +++ b/changelog/unreleased/separate-auth-user-providers.md @@ -0,0 +1,9 @@ +Enhancement: Separate user and auth providers, add config for rest user + +Previously, the auth and user provider services used to have the same driver, +which restricted using separate drivers and configs for both. This PR separates +the two and adds the config for the rest user driver and the gatewaysvc +parameter to EOS fs. + +https://github.com/owncloud/ocis-reva/pull/412 +https://github.com/cs3org/reva/pull/995 diff --git a/go.mod b/go.mod index 9b4746b..089fffd 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/owncloud/ocis-reva go 1.13 require ( - github.com/cs3org/reva v0.1.1-0.20200728071211-c948977dd3a0 + github.com/cs3org/reva v0.1.1-0.20200729074826-0252a4b39385 github.com/gofrs/uuid v3.3.0+incompatible github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e // indirect github.com/micro/cli/v2 v2.1.1 @@ -17,6 +17,5 @@ require ( github.com/prometheus/procfs v0.0.8 // indirect github.com/restic/calens v0.2.0 github.com/spf13/viper v1.6.1 - github.com/uber/jaeger-client-go v2.20.1+incompatible // indirect gopkg.in/ini.v1 v1.51.1 // indirect ) diff --git a/go.sum b/go.sum index d288554..677f975 100644 --- a/go.sum +++ b/go.sum @@ -145,10 +145,10 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSY github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/cs3org/cato v0.0.0-20200626150132-28a40e643719/go.mod h1:XJEZ3/EQuI3BXTp/6DUzFr850vlxq11I6satRtz0YQ4= -github.com/cs3org/go-cs3apis v0.0.0-20200709064917-d96c5f2a42ad h1:XxB0h+UKILRKdr+WgPJaOfW8duVPeVKq/18aip5D/Ws= -github.com/cs3org/go-cs3apis v0.0.0-20200709064917-d96c5f2a42ad/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= -github.com/cs3org/reva v0.1.1-0.20200728071211-c948977dd3a0 h1:v1+My73gml0FW0t8pokmbQ32QhJJyxiiJ8zHYL+g81I= -github.com/cs3org/reva v0.1.1-0.20200728071211-c948977dd3a0/go.mod h1:hpkioVUPS+7USJq1cW1ikT22fxeMbVvHfonQVYcix4g= +github.com/cs3org/go-cs3apis v0.0.0-20200728114537-4efa23660dbe h1:CQ/Grq7oVFqwiUg4VA/T+fl3JHZKEyo/RcTE7C23rW4= +github.com/cs3org/go-cs3apis v0.0.0-20200728114537-4efa23660dbe/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY= +github.com/cs3org/reva v0.1.1-0.20200729074826-0252a4b39385 h1:ZV9yj1AeLAkrU36JmeyK/s9xs5VhYsiUyjSYn7PCRME= +github.com/cs3org/reva v0.1.1-0.20200729074826-0252a4b39385/go.mod h1:ZnRxYi5kSr4l24FmRBOeLWX5GKjUCrOreJuUX7E1bVw= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/decker502/dnspod-go v0.2.0/go.mod h1:qsurYu1FgxcDwfSwXJdLt4kRsBLZeosEb9uq4Sy+08g= diff --git a/pkg/command/authbasic.go b/pkg/command/authbasic.go index 96fda92..7947149 100644 --- a/pkg/command/authbasic.go +++ b/pkg/command/authbasic.go @@ -88,10 +88,10 @@ func AuthBasic(cfg *config.Config) *cli.Command { // TODO build services dynamically "services": map[string]interface{}{ "authprovider": map[string]interface{}{ - "auth_manager": cfg.Reva.Users.Driver, + "auth_manager": cfg.Reva.AuthProvider.Driver, "auth_managers": map[string]interface{}{ "json": map[string]interface{}{ - "users": cfg.Reva.Users.JSON, + "users": cfg.Reva.AuthProvider.JSON, }, "ldap": map[string]interface{}{ "hostname": cfg.Reva.LDAP.Hostname, diff --git a/pkg/command/authbearer.go b/pkg/command/authbearer.go index 630b673..d6baa56 100644 --- a/pkg/command/authbearer.go +++ b/pkg/command/authbearer.go @@ -91,9 +91,11 @@ func AuthBearer(cfg *config.Config) *cli.Command { "auth_manager": "oidc", "auth_managers": map[string]interface{}{ "oidc": map[string]interface{}{ - "issuer": cfg.Reva.OIDC.Issuer, - "insecure": cfg.Reva.OIDC.Insecure, - "id_claim": cfg.Reva.OIDC.IDClaim, + "issuer": cfg.Reva.OIDC.Issuer, + "insecure": cfg.Reva.OIDC.Insecure, + "id_claim": cfg.Reva.OIDC.IDClaim, + "uid_claim": cfg.Reva.OIDC.UIDClaim, + "gid_claim": cfg.Reva.OIDC.GIDClaim, }, }, }, diff --git a/pkg/command/storageeos.go b/pkg/command/storageeos.go index 15c79ef..89914e9 100644 --- a/pkg/command/storageeos.go +++ b/pkg/command/storageeos.go @@ -106,6 +106,7 @@ func StorageEOS(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "eoshome": map[string]interface{}{ "namespace": cfg.Reva.Storages.EOS.Namespace, @@ -124,6 +125,7 @@ func StorageEOS(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, }, "mount_path": cfg.Reva.StorageEOS.MountPath, diff --git a/pkg/command/storageeosdata.go b/pkg/command/storageeosdata.go index 7fc8ec5..366d5fb 100644 --- a/pkg/command/storageeosdata.go +++ b/pkg/command/storageeosdata.go @@ -108,6 +108,7 @@ func StorageEOSData(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "eoshome": map[string]interface{}{ "namespace": cfg.Reva.Storages.EOS.Namespace, @@ -126,6 +127,7 @@ func StorageEOSData(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, }, "timeout": 86400, diff --git a/pkg/command/storagehome.go b/pkg/command/storagehome.go index 69f5343..bdfc863 100644 --- a/pkg/command/storagehome.go +++ b/pkg/command/storagehome.go @@ -106,6 +106,7 @@ func StorageHome(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "eoshome": map[string]interface{}{ "namespace": cfg.Reva.Storages.EOS.Namespace, @@ -124,6 +125,7 @@ func StorageHome(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "local": map[string]interface{}{ "root": cfg.Reva.Storages.Local.Root, diff --git a/pkg/command/storagehomedata.go b/pkg/command/storagehomedata.go index 316f1d6..6239454 100644 --- a/pkg/command/storagehomedata.go +++ b/pkg/command/storagehomedata.go @@ -108,6 +108,7 @@ func StorageHomeData(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "eoshome": map[string]interface{}{ "namespace": cfg.Reva.Storages.EOS.Namespace, @@ -126,6 +127,7 @@ func StorageHomeData(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "local": map[string]interface{}{ "root": cfg.Reva.Storages.Local.Root, diff --git a/pkg/command/storageoc.go b/pkg/command/storageoc.go index 60b940a..fc1eabe 100644 --- a/pkg/command/storageoc.go +++ b/pkg/command/storageoc.go @@ -106,6 +106,7 @@ func StorageOC(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "eoshome": map[string]interface{}{ "namespace": cfg.Reva.Storages.EOS.Namespace, @@ -124,6 +125,7 @@ func StorageOC(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "local": map[string]interface{}{ "root": cfg.Reva.Storages.Local.Root, diff --git a/pkg/command/storageocdata.go b/pkg/command/storageocdata.go index 78da2e9..1326b9f 100644 --- a/pkg/command/storageocdata.go +++ b/pkg/command/storageocdata.go @@ -108,6 +108,7 @@ func StorageOCData(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "eoshome": map[string]interface{}{ "namespace": cfg.Reva.Storages.EOS.Namespace, @@ -126,6 +127,7 @@ func StorageOCData(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "local": map[string]interface{}{ "root": cfg.Reva.Storages.Local.Root, diff --git a/pkg/command/storageroot.go b/pkg/command/storageroot.go index c562743..dc6453c 100644 --- a/pkg/command/storageroot.go +++ b/pkg/command/storageroot.go @@ -106,6 +106,7 @@ func StorageRoot(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "eoshome": map[string]interface{}{ "namespace": cfg.Reva.Storages.EOS.Namespace, @@ -124,6 +125,7 @@ func StorageRoot(cfg *config.Config) *cli.Command { "keytab": cfg.Reva.Storages.EOS.Keytab, "single_username": cfg.Reva.Storages.EOS.SingleUsername, "user_layout": cfg.Reva.Storages.EOS.Layout, + "gatewaysvc": cfg.Reva.Gateway.URL, }, "local": map[string]interface{}{ "root": cfg.Reva.Storages.Local.Root, diff --git a/pkg/command/users.go b/pkg/command/users.go index d215f59..bb71723 100644 --- a/pkg/command/users.go +++ b/pkg/command/users.go @@ -110,6 +110,18 @@ func Users(cfg *config.Config) *cli.Command { "cn": cfg.Reva.LDAP.Schema.CN, }, }, + "rest": map[string]interface{}{ + "client_id": cfg.Reva.UserRest.ClientID, + "client_secret": cfg.Reva.UserRest.ClientSecret, + "redis_address": cfg.Reva.UserRest.RedisAddress, + "redis_username": cfg.Reva.UserRest.RedisUsername, + "redis_password": cfg.Reva.UserRest.RedisPassword, + "user_groups_cache_expiration": cfg.Reva.UserRest.UserGroupsCacheExpiration, + "id_provider": cfg.Reva.UserRest.IDProvider, + "api_base_url": cfg.Reva.UserRest.APIBaseURL, + "oidc_token_endpoint": cfg.Reva.UserRest.OIDCTokenEndpoint, + "target_api": cfg.Reva.UserRest.TargetAPI, + }, }, }, }, diff --git a/pkg/config/config.go b/pkg/config/config.go index c2b0654..44700be 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -199,6 +199,8 @@ type OIDC struct { Issuer string Insecure bool IDClaim string + UIDClaim string + GIDClaim string } // LDAP defines the available ldap configuration. @@ -216,6 +218,20 @@ type LDAP struct { Schema LDAPSchema } +// UserRest defines the user REST driver specification. +type UserRest struct { + ClientID string + ClientSecret string + RedisAddress string + RedisUsername string + RedisPassword string + UserGroupsCacheExpiration int + IDProvider string + APIBaseURL string + OIDCTokenEndpoint string + TargetAPI string +} + // LDAPSchema defines the available ldap schema configuration. type LDAPSchema struct { UID string @@ -238,6 +254,7 @@ type Reva struct { TransferExpires int OIDC OIDC LDAP LDAP + UserRest UserRest OCDav OCDav Storages StorageConfig // Ports are used to configure which services to start on which port @@ -245,6 +262,7 @@ type Reva struct { DataGateway Port Gateway Gateway Users Users + AuthProvider Users AuthBasic Port AuthBearer Port Sharing Sharing diff --git a/pkg/flagset/authbasic.go b/pkg/flagset/authbasic.go index 021bba3..4e10a77 100644 --- a/pkg/flagset/authbasic.go +++ b/pkg/flagset/authbasic.go @@ -82,21 +82,21 @@ func AuthBasicWithConfig(cfg *config.Config) []cli.Flag { Destination: &cfg.Reva.JWTSecret, }, - // Users + // Auth &cli.StringFlag{ - Name: "users-driver", + Name: "auth-driver", Value: "ldap", - Usage: "user driver: 'demo', 'json' or 'ldap'", - EnvVars: []string{"REVA_USERS_DRIVER"}, - Destination: &cfg.Reva.Users.Driver, + Usage: "auth driver: 'demo', 'json' or 'ldap'", + EnvVars: []string{"REVA_AUTH_DRIVER"}, + Destination: &cfg.Reva.AuthProvider.Driver, }, &cli.StringFlag{ - Name: "users-json", + Name: "auth-json", Value: "", Usage: "Path to users.json file", - EnvVars: []string{"REVA_USERS_JSON"}, - Destination: &cfg.Reva.Users.JSON, + EnvVars: []string{"REVA_AUTH_JSON"}, + Destination: &cfg.Reva.AuthProvider.JSON, }, // LDAP diff --git a/pkg/flagset/authbearer.go b/pkg/flagset/authbearer.go index c01dcbc..d58c4f0 100644 --- a/pkg/flagset/authbearer.go +++ b/pkg/flagset/authbearer.go @@ -111,6 +111,20 @@ func AuthBearerWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"REVA_OIDC_ID_CLAIM"}, Destination: &cfg.Reva.OIDC.IDClaim, }, + &cli.StringFlag{ + Name: "oidc-uid-claim", + Value: "cern_uid", + Usage: "OIDC uid claim", + EnvVars: []string{"REVA_OIDC_UID_CLAIM"}, + Destination: &cfg.Reva.OIDC.UIDClaim, + }, + &cli.StringFlag{ + Name: "oidc-gid-claim", + Value: "cern_gid", + Usage: "OIDC gid claim", + EnvVars: []string{"REVA_OIDC_GID_CLAIM"}, + Destination: &cfg.Reva.OIDC.GIDClaim, + }, // Services diff --git a/pkg/flagset/storageeos.go b/pkg/flagset/storageeos.go index e302832..1b3ffc1 100644 --- a/pkg/flagset/storageeos.go +++ b/pkg/flagset/storageeos.go @@ -329,5 +329,15 @@ func StorageEOSWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"REVA_STORAGE_OWNCLOUD_LAYOUT"}, Destination: &cfg.Reva.Storages.OwnCloud.Layout, }, + + // Gateway + + &cli.StringFlag{ + Name: "gateway-url", + Value: "localhost:9142", + Usage: "URL to use for the reva gateway service", + EnvVars: []string{"REVA_GATEWAY_URL"}, + Destination: &cfg.Reva.Gateway.URL, + }, } } diff --git a/pkg/flagset/storagehome.go b/pkg/flagset/storagehome.go index fcfd595..579b806 100644 --- a/pkg/flagset/storagehome.go +++ b/pkg/flagset/storagehome.go @@ -334,5 +334,15 @@ func StorageHomeWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"REVA_STORAGE_OWNCLOUD_LAYOUT"}, Destination: &cfg.Reva.Storages.OwnCloud.Layout, }, + + // Gateway + + &cli.StringFlag{ + Name: "gateway-url", + Value: "localhost:9142", + Usage: "URL to use for the reva gateway service", + EnvVars: []string{"REVA_GATEWAY_URL"}, + Destination: &cfg.Reva.Gateway.URL, + }, } } diff --git a/pkg/flagset/storageoc.go b/pkg/flagset/storageoc.go index 62d58bc..0ad9baf 100644 --- a/pkg/flagset/storageoc.go +++ b/pkg/flagset/storageoc.go @@ -332,5 +332,15 @@ func StorageOCWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"REVA_STORAGE_OWNCLOUD_LAYOUT"}, Destination: &cfg.Reva.Storages.OwnCloud.Layout, }, + + // Gateway + + &cli.StringFlag{ + Name: "gateway-url", + Value: "localhost:9142", + Usage: "URL to use for the reva gateway service", + EnvVars: []string{"REVA_GATEWAY_URL"}, + Destination: &cfg.Reva.Gateway.URL, + }, } } diff --git a/pkg/flagset/storageroot.go b/pkg/flagset/storageroot.go index 31b136d..8ae48df 100644 --- a/pkg/flagset/storageroot.go +++ b/pkg/flagset/storageroot.go @@ -316,5 +316,15 @@ func StorageRootWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"REVA_STORAGE_OWNCLOUD_LAYOUT"}, Destination: &cfg.Reva.Storages.OwnCloud.Layout, }, + + // Gateway + + &cli.StringFlag{ + Name: "gateway-url", + Value: "localhost:9142", + Usage: "URL to use for the reva gateway service", + EnvVars: []string{"REVA_GATEWAY_URL"}, + Destination: &cfg.Reva.Gateway.URL, + }, } } diff --git a/pkg/flagset/users.go b/pkg/flagset/users.go index 24b9b6e..dd909a9 100644 --- a/pkg/flagset/users.go +++ b/pkg/flagset/users.go @@ -178,6 +178,76 @@ func UsersWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"REVA_LDAP_SCHEMA_CN"}, Destination: &cfg.Reva.LDAP.Schema.CN, }, + &cli.StringFlag{ + Name: "rest-client-id", + Value: "", + Usage: "User rest driver Client ID", + EnvVars: []string{"REVA_REST_CLIENT_ID"}, + Destination: &cfg.Reva.UserRest.ClientID, + }, + &cli.StringFlag{ + Name: "rest-client-secret", + Value: "", + Usage: "User rest driver Client Secret", + EnvVars: []string{"REVA_REST_CLIENT_SECRET"}, + Destination: &cfg.Reva.UserRest.ClientSecret, + }, + &cli.StringFlag{ + Name: "rest-redis-address", + Value: "localhost:6379", + Usage: "Address for redis server", + EnvVars: []string{"REVA_REST_REDIS_ADDRESS"}, + Destination: &cfg.Reva.UserRest.RedisAddress, + }, + &cli.StringFlag{ + Name: "rest-redis-username", + Value: "", + Usage: "Username for redis server", + EnvVars: []string{"REVA_REST_REDIS_USERNAME"}, + Destination: &cfg.Reva.UserRest.RedisUsername, + }, + &cli.StringFlag{ + Name: "rest-redis-password", + Value: "", + Usage: "Password for redis server", + EnvVars: []string{"REVA_REST_REDIS_PASSWORD"}, + Destination: &cfg.Reva.UserRest.RedisPassword, + }, + &cli.IntFlag{ + Name: "rest-user-groups-cache-expiration", + Value: 5, + Usage: "Time in minutes for redis cache expiration.", + EnvVars: []string{"REVA_REST_CACHE_EXPIRATION"}, + Destination: &cfg.Reva.UserRest.UserGroupsCacheExpiration, + }, + &cli.StringFlag{ + Name: "rest-id-provider", + Value: "", + Usage: "The OIDC Provider", + EnvVars: []string{"REVA_REST_ID_PROVIDER"}, + Destination: &cfg.Reva.UserRest.IDProvider, + }, + &cli.StringFlag{ + Name: "rest-api-base-url", + Value: "", + Usage: "Base API Endpoint", + EnvVars: []string{"REVA_REST_API_BASE_URL"}, + Destination: &cfg.Reva.UserRest.APIBaseURL, + }, + &cli.StringFlag{ + Name: "rest-oidc-token-endpoint", + Value: "", + Usage: "Endpoint to generate token to access the API", + EnvVars: []string{"REVA_REST_OIDC_TOKEN_ENDPOINT"}, + Destination: &cfg.Reva.UserRest.OIDCTokenEndpoint, + }, + &cli.StringFlag{ + Name: "rest-target-api", + Value: "", + Usage: "The target application", + EnvVars: []string{"REVA_REST_TARGET_API"}, + Destination: &cfg.Reva.UserRest.TargetAPI, + }, // Services @@ -221,7 +291,7 @@ func UsersWithConfig(cfg *config.Config) []cli.Flag { &cli.StringFlag{ Name: "driver", Value: "ldap", - Usage: "user driver: 'demo', 'json' or 'ldap'", + Usage: "user driver: 'demo', 'json', 'ldap', or 'rest'", EnvVars: []string{"REVA_USERS_DRIVER"}, Destination: &cfg.Reva.Users.Driver, },