api

package
v0.14.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 3, 2023 License: AGPL-3.0 Imports: 41 Imported by: 0

Documentation

Overview

The api package defines all of our REST API endpoints.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type API 

type API struct {
	// DB is the DynamoDB client which provides direct storage access.
	DB               ddb.Storage
	DeploymentConfig deploy.DeployConfigReader
	// Requests is the service which provides business logic for Access Requests.
	Access              AccessService
	Rules               AccessRuleService
	ProviderSetup       ProviderSetupService
	AccessHandlerClient ahtypes.ClientWithResponsesInterface
	AdminGroup          string
	IdentityProvider    string
	FrontendURL         string
	Granter             accesssvc.Granter
	Cache               CacheService
	IdentitySyncer      auth.IdentitySyncer
	// Set this to nil if cognito is not configured as the IDP for the deployment
	Cognito          CognitoService
	InternalIdentity InternalIdentityService
}

API holds all of our API endpoint handlers. We use a schema-first approach to ensure that the API meets our OpenAPI specification.

To add a new endpoint, follow the below steps:

1. Edit `openapi.yaml` in this repository.

2. Run `make generate` to update the generated handler code. The code is generated into types.gen.go, and the function signatures can be found on the ServerInterface interface.

3. You'll get a compilation error because API no longer meets the ServerInterface interface. The missing function will be your new endpoint. Implement the function on API, ensuring that the function signature matches the ServerInterface interface.

func New 

func New(ctx context.Context, opts Opts) (*API, error)

New creates a new API.

func (*API) AdminArchiveAccessRule 

func (a *API) AdminArchiveAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

func (*API) AdminCompleteProvidersetup added in v0.12.0 

func (a *API) AdminCompleteProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Complete a ProviderSetup (POST /api/v1/admin/providersetups/{providersetupId}/complete)

func (*API) AdminCreateAccessRule 

func (a *API) AdminCreateAccessRule(w http.ResponseWriter, r *http.Request)

(POST /api/v1/admin/access-rules)

func (*API) AdminCreateGroup added in v0.12.0 

func (a *API) AdminCreateGroup(w http.ResponseWriter, r *http.Request)

Create Group (POST /api/v1/admin/groups) Creates an internal group not connected to any identiy provider in dynamodb

func (*API) AdminCreateProvidersetup added in v0.12.0 

func (a *API) AdminCreateProvidersetup(w http.ResponseWriter, r *http.Request)

Begin the setup process for a new Access Provider (POST /api/v1/admin/providersetups)

func (*API) AdminCreateUser added in v0.12.0 

func (a *API) AdminCreateUser(w http.ResponseWriter, r *http.Request)

Create User (POST /api/v1/admin/users)

func (*API) AdminDeleteGroup 

func (a *API) AdminDeleteGroup(w http.ResponseWriter, r *http.Request, groupId string)

Delete Group (DELETE /api/v1/admin/groups/{groupId})

func (*API) AdminDeleteProvidersetup added in v0.12.0 

func (a *API) AdminDeleteProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Delete an in-progress provider setup (DELETE /api/v1/admin/providersetups/{providersetupId})

func (*API) AdminGetAccessRule 

func (a *API) AdminGetAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

Returns a rule for a given ruleId (GET /api/v1/admin/access-rules/{ruleId})

func (*API) AdminGetAccessRuleVersion 

func (a *API) AdminGetAccessRuleVersion(w http.ResponseWriter, r *http.Request, ruleId string, version string)

Returns a rule for a given ruleId (GET /api/v1/access-rules/{ruleId}/versions/{version})

func (*API) AdminGetAccessRuleVersions 

func (a *API) AdminGetAccessRuleVersions(w http.ResponseWriter, r *http.Request, ruleId string)

func (*API) AdminGetDeploymentVersion 

func (a *API) AdminGetDeploymentVersion(w http.ResponseWriter, r *http.Request)

Get deployment version details (GET /api/v1/admin/deployment/version)

func (*API) AdminGetGroup added in v0.12.0 

func (a *API) AdminGetGroup(w http.ResponseWriter, r *http.Request, groupId string)

Get Group Details (GET /api/v1/admin/groups/{groupId})

func (*API) AdminGetIdentityConfiguration added in v0.12.0 

func (a *API) AdminGetIdentityConfiguration(w http.ResponseWriter, r *http.Request)

Get identity configuration (GET /api/v1/admin/identity)

func (*API) AdminGetProvider added in v0.12.0 

func (a *API) AdminGetProvider(w http.ResponseWriter, r *http.Request, providerId string)

func (*API) AdminGetProviderArgs added in v0.12.0 

func (a *API) AdminGetProviderArgs(w http.ResponseWriter, r *http.Request, providerId string)

func (*API) AdminGetProvidersetup added in v0.12.0 

func (a *API) AdminGetProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Get an in-progress provider setup (GET /api/v1/admin/providersetups/{providersetupId})

func (*API) AdminGetProvidersetupInstructions added in v0.12.0 

func (a *API) AdminGetProvidersetupInstructions(w http.ResponseWriter, r *http.Request, providersetupId string)

Get the setup instructions for an Access Provider (GET /api/v1/admin/providersetups/{providersetupId}/instructions)

func (*API) AdminGetRequest 

func (a *API) AdminGetRequest(w http.ResponseWriter, r *http.Request, requestId string)

Get a request (GET /api/v1/admin/requests/{requestId})

func (*API) AdminListAccessRules 

func (a *API) AdminListAccessRules(w http.ResponseWriter, r *http.Request, params types.AdminListAccessRulesParams)

Returns a list of all Access Rules (GET /api/v1/admin/access-rules)

func (*API) AdminListGroups added in v0.12.0 

func (a *API) AdminListGroups(w http.ResponseWriter, r *http.Request, params types.AdminListGroupsParams)

Lists all active groups (GET /api/v1/groups/)

func (*API) AdminListProviderArgOptions added in v0.12.0 

func (a *API) AdminListProviderArgOptions(w http.ResponseWriter, r *http.Request, providerId string, argId string, params types.AdminListProviderArgOptionsParams)

List provider arg options (GET /api/v1/admin/providers/{providerId}/args/{argId}/options)

func (*API) AdminListProviders added in v0.12.0 

func (a *API) AdminListProviders(w http.ResponseWriter, r *http.Request)

func (*API) AdminListProvidersetups added in v0.12.0 

func (a *API) AdminListProvidersetups(w http.ResponseWriter, r *http.Request)

List the provider setups in progress (GET /api/v1/admin/providersetups)

func (*API) AdminListRequests 

func (a *API) AdminListRequests(w http.ResponseWriter, r *http.Request, params types.AdminListRequestsParams)

"/api/v1/admin/requests"

func (*API) AdminListUsers added in v0.12.0 

func (a *API) AdminListUsers(w http.ResponseWriter, r *http.Request, params types.AdminListUsersParams)

Returns a list of users (GET /api/v1/users/)

func (*API) AdminSubmitProvidersetupStep added in v0.12.0 

func (a *API) AdminSubmitProvidersetupStep(w http.ResponseWriter, r *http.Request, providersetupId string, stepIndex int)

Update the completion status for a Provider setup step (PUT /api/v1/admin/providersetups/{providersetupId}/steps/{stepIndex}/complete)

func (*API) AdminSyncIdentity added in v0.12.0 

func (a *API) AdminSyncIdentity(w http.ResponseWriter, r *http.Request)

(POST /api/v1/admin/identity/sync)

func (*API) AdminUpdateAccessRule 

func (a *API) AdminUpdateAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

Update Access Rule (POST /api/v1/access-rules/{ruleId})

func (*API) AdminUpdateGroup 

func (a *API) AdminUpdateGroup(w http.ResponseWriter, r *http.Request, groupId string)

Update Group (PUT /api/v1/admin/groups/{id}) Updates an internal group not connected to any identiy provider in dynamodb

func (*API) AdminUpdateUser added in v0.12.0 

func (a *API) AdminUpdateUser(w http.ResponseWriter, r *http.Request, userId string)

Update User (POST /api/v1/admin/users/{userId})

func (*API) AdminValidateProvidersetup added in v0.12.0 

func (a *API) AdminValidateProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Validate the configuration for a Provider Setup (POST /api/v1/admin/providersetups/{providersetupId}/validate)

func (*API) Handler 

func (a *API) Handler(r chi.Router) http.Handler

Handler returns a HTTP handler. Hander doesn't add any middleware. It is the caller's responsibility to add any middleware.

func (*API) UserCancelRequest added in v0.12.0 

func (a *API) UserCancelRequest(w http.ResponseWriter, r *http.Request, requestId string)

func (*API) UserCreateFavorite 

func (a *API) UserCreateFavorite(w http.ResponseWriter, r *http.Request)

(POST /api/v1/favorites)

func (*API) UserCreateRequest 

func (a *API) UserCreateRequest(w http.ResponseWriter, r *http.Request)

Creates a request (POST /api/v1/requests/)

func (*API) UserDeleteFavorite added in v0.12.0 

func (a *API) UserDeleteFavorite(w http.ResponseWriter, r *http.Request, id string)

(DELETE /api/v1/favorites/{id})

func (*API) UserGetAccessInstructions added in v0.12.0 

func (a *API) UserGetAccessInstructions(w http.ResponseWriter, r *http.Request, requestId string)

Get Access Instructions (GET /api/v1/requests/{requestId}/access-instructions)

func (*API) UserGetAccessRule 

func (a *API) UserGetAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

Get Access Rule as an end user. (GET /api/v1/access-rules/{ruleId})

func (*API) UserGetAccessRuleApprovers 

func (a *API) UserGetAccessRuleApprovers(w http.ResponseWriter, r *http.Request, ruleId string)

func (*API) UserGetAccessToken added in v0.12.0 

func (a *API) UserGetAccessToken(w http.ResponseWriter, r *http.Request, requestId string)

(GET /api/v1/requests/{requestId}/access-token)

func (*API) UserGetFavorite 

func (a *API) UserGetFavorite(w http.ResponseWriter, r *http.Request, id string)

(GET /api/v1/favorites/{id})

func (*API) UserGetMe added in v0.12.0 

func (a *API) UserGetMe(w http.ResponseWriter, r *http.Request)

Get details for the current user (GET /api/v1/users/me)

func (*API) UserGetRequest 

func (a *API) UserGetRequest(w http.ResponseWriter, r *http.Request, requestId string)

Get a request (GET /api/v1/requests/{requestId})

func (*API) UserGetUser added in v0.12.0 

func (a *API) UserGetUser(w http.ResponseWriter, r *http.Request, userId string)

Returns a user based on userId (GET /api/v1/users/{userId})

func (*API) UserListAccessRules added in v0.12.0 

func (a *API) UserListAccessRules(w http.ResponseWriter, r *http.Request)

List Access Rules (GET /api/v1/access-rules)

func (*API) UserListFavorites 

func (a *API) UserListFavorites(w http.ResponseWriter, r *http.Request)

(GET /api/v1/favorites)

func (*API) UserListRequestEvents added in v0.12.0 

func (a *API) UserListRequestEvents(w http.ResponseWriter, r *http.Request, requestId string)

func (*API) UserListRequests 

func (a *API) UserListRequests(w http.ResponseWriter, r *http.Request, params types.UserListRequestsParams)

List my requests (GET /api/v1/requests)

func (*API) UserListRequestsPast 

func (a *API) UserListRequestsPast(w http.ResponseWriter, r *http.Request, params types.UserListRequestsPastParams)

List my requests (GET /api/v1/requests/past)

func (*API) UserListRequestsUpcoming 

func (a *API) UserListRequestsUpcoming(w http.ResponseWriter, r *http.Request, params types.UserListRequestsUpcomingParams)

List my requests (GET /api/v1/requests/upcoming)

func (*API) UserLookupAccessRule added in v0.12.0 

func (a *API) UserLookupAccessRule(w http.ResponseWriter, r *http.Request, params types.UserLookupAccessRuleParams)

Your GET endpoint (GET /api/v1/access-rules/lookup)

func (*API) UserReviewRequest added in v0.12.0 

func (a *API) UserReviewRequest(w http.ResponseWriter, r *http.Request, requestId string)

Review a request (POST /api/v1/requests/{requestId}/review)

func (*API) UserRevokeRequest added in v0.12.0 

func (a *API) UserRevokeRequest(w http.ResponseWriter, r *http.Request, requestID string)

func (*API) UserUpdateFavorite added in v0.12.0 

func (a *API) UserUpdateFavorite(w http.ResponseWriter, r *http.Request, id string)

(PUT /api/v1/favorites/{id})

type AccessRuleService 

type AccessRuleService interface {
	ArchiveAccessRule(ctx context.Context, userID string, in rule.AccessRule) (*rule.AccessRule, error)
	CreateAccessRule(ctx context.Context, userID string, in types.CreateAccessRuleRequest) (*rule.AccessRule, error)
	LookupRule(ctx context.Context, opts rulesvc.LookupRuleOpts) ([]rulesvc.LookedUpRule, error)
	GetRule(ctx context.Context, ID string, user *identity.User, isAdmin bool) (*rule.GetAccessRuleResponse, error)
	UpdateRule(ctx context.Context, in *rulesvc.UpdateOpts) (*rule.AccessRule, error)
	RequestArguments(ctx context.Context, accessRuleTarget rule.Target) (map[string]types.RequestArgument, error)
}

AccessRuleService can create and get rules

type AccessService 

type AccessService interface {
	CreateRequests(ctx context.Context, in accesssvc.CreateRequestsOpts) ([]accesssvc.CreateRequestResult, error)
	AddReviewAndGrantAccess(ctx context.Context, opts accesssvc.AddReviewOpts) (*accesssvc.AddReviewResult, error)
	CancelRequest(ctx context.Context, opts accesssvc.CancelRequestOpts) error
	CreateFavorite(ctx context.Context, in accesssvc.CreateFavoriteOpts) (*access.Favorite, error)
	UpdateFavorite(ctx context.Context, in accesssvc.UpdateFavoriteOpts) (*access.Favorite, error)
}

RequestServices can create Access Requests.

type CacheService 

type CacheService interface {
	RefreshCachedProviderArgOptions(ctx context.Context, providerId string, argId string) (bool, []cache.ProviderOption, []cache.ProviderArgGroupOption, error)
	LoadCachedProviderArgOptions(ctx context.Context, providerId string, argId string) (bool, []cache.ProviderOption, []cache.ProviderArgGroupOption, error)
}

type CognitoService 

type CognitoService interface {
	AdminCreateUser(ctx context.Context, in cognitosvc.CreateUserOpts) (*identity.User, error)
	AdminUpdateUserGroups(ctx context.Context, in cognitosvc.UpdateUserGroupsOpts) (*identity.User, error)
}

type InternalIdentityService 

type InternalIdentityService interface {
	UpdateGroup(ctx context.Context, group identity.Group, in types.CreateGroupRequest) (*identity.Group, error)
	CreateGroup(ctx context.Context, in types.CreateGroupRequest) (*identity.Group, error)
	UpdateUserGroups(ctx context.Context, user identity.User, groups []string) (*identity.User, error)
	DeleteGroup(ctx context.Context, group identity.Group) error
}

type ListProvidersArgFilterResponse 

type ListProvidersArgFilterResponse struct {
	Options []ahTypes.Option `json:"options"`
}

type Opts 

type Opts struct {
	Log                 *zap.SugaredLogger
	AccessHandlerClient ahtypes.ClientWithResponsesInterface
	EventSender         *gevent.Sender
	IdentitySyncer      auth.IdentitySyncer
	DeploymentConfig    deploy.DeployConfigReader
	DynamoTable         string
	PaginationKMSKeyARN string
	FrontendURL         string
	AdminGroup          string
	TemplateData        psetup.TemplateData
	DeploymentSuffix    string
	CognitoUserPoolID   string
	IDPType             string
	AdminGroupID        string
}

type ProviderSetupService 

type ProviderSetupService interface {
	Create(ctx context.Context, providerType string, existingProviders deploy.ProviderMap, r providerregistry.ProviderRegistry) (*providersetup.Setup, error)
	CompleteStep(ctx context.Context, setupID string, stepIndex int, body types.ProviderSetupStepCompleteRequest) (*providersetup.Setup, error)
}

ProviderSetupService contains business logic for managing the guided provider setup workflows.

Source Files

View all Source files

Directories

Path Synopsis
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.