api

package
v0.15.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 13, 2023 License: AGPL-3.0 Imports: 49 Imported by: 0

Documentation

Overview

The api package defines all of our REST API endpoints.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type API 

type API struct {
	// DB is the DynamoDB client which provides direct storage access.
	DB               ddb.Storage
	DeploymentConfig deploy.DeployConfigReader
	// Requests is the service which provides business logic for Access Requests.
	Access              AccessService
	Rules               AccessRuleService
	ProviderSetup       ProviderSetupService
	AccessHandlerClient ahtypes.ClientWithResponsesInterface
	AdminGroup          string
	IdentityProvider    string
	FrontendURL         string

	Cache          CacheService
	IdentitySyncer auth.IdentitySyncer
	// Set this to nil if cognito is not configured as the IDP for the deployment
	Cognito            CognitoService
	InternalIdentity   InternalIdentityService
	TargetService      TargetService
	HandlerService     HandlerService
	Workflow           Workflow
	HealthcheckService HealthcheckService
}

API holds all of our API endpoint handlers. We use a schema-first approach to ensure that the API meets our OpenAPI specification.

To add a new endpoint, follow the below steps:

1. Edit `openapi.yaml` in this repository.

2. Run `make generate` to update the generated handler code. The code is generated into types.gen.go, and the function signatures can be found on the ServerInterface interface.

3. You'll get a compilation error because API no longer meets the ServerInterface interface. The missing function will be your new endpoint. Implement the function on API, ensuring that the function signature matches the ServerInterface interface.

func New 

func New(ctx context.Context, opts Opts) (*API, error)

New creates a new API.

func (*API) AdminArchiveAccessRule 

func (a *API) AdminArchiveAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

func (*API) AdminCompleteProvidersetup added in v0.12.0 

func (a *API) AdminCompleteProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Complete a ProviderSetup (POST /api/v1/admin/providersetups/{providersetupId}/complete)

func (*API) AdminCreateAccessRule 

func (a *API) AdminCreateAccessRule(w http.ResponseWriter, r *http.Request)

(POST /api/v1/admin/access-rules)

func (*API) AdminCreateGroup added in v0.12.0 

func (a *API) AdminCreateGroup(w http.ResponseWriter, r *http.Request)

Create Group (POST /api/v1/admin/groups) Creates an internal group not connected to any identiy provider in dynamodb

func (*API) AdminCreateProvidersetup added in v0.12.0 

func (a *API) AdminCreateProvidersetup(w http.ResponseWriter, r *http.Request)

Begin the setup process for a new Access Provider (POST /api/v1/admin/providersetups)

func (*API) AdminCreateTargetGroup added in v0.15.0 

func (a *API) AdminCreateTargetGroup(w http.ResponseWriter, r *http.Request)

(POST /api/v1/target-groups) 

func (a *API) AdminCreateTargetGroupLink(w http.ResponseWriter, r *http.Request, id string)

(POST /api/v1/target-groups/{id}/link)

func (*API) AdminCreateUser added in v0.12.0 

func (a *API) AdminCreateUser(w http.ResponseWriter, r *http.Request)

Create User (POST /api/v1/admin/users)

func (*API) AdminDeleteGroup 

func (a *API) AdminDeleteGroup(w http.ResponseWriter, r *http.Request, groupId string)

Delete Group (DELETE /api/v1/admin/groups/{groupId})

func (*API) AdminDeleteHandler added in v0.15.0 

func (a *API) AdminDeleteHandler(w http.ResponseWriter, r *http.Request, id string)

func (*API) AdminDeleteProvidersetup added in v0.12.0 

func (a *API) AdminDeleteProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Delete an in-progress provider setup (DELETE /api/v1/admin/providersetups/{providersetupId})

func (*API) AdminDeleteTargetGroup added in v0.15.0 

func (a *API) AdminDeleteTargetGroup(w http.ResponseWriter, r *http.Request, id string)

delete target group (DELETE /api/v1/admin/target-groups/{id})

func (*API) AdminGetAccessRule 

func (a *API) AdminGetAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

Returns a rule for a given ruleId (GET /api/v1/admin/access-rules/{ruleId})

func (*API) AdminGetAccessRuleVersion 

func (a *API) AdminGetAccessRuleVersion(w http.ResponseWriter, r *http.Request, ruleId string, version string)

Returns a rule for a given ruleId (GET /api/v1/access-rules/{ruleId}/versions/{version})

func (*API) AdminGetAccessRuleVersions 

func (a *API) AdminGetAccessRuleVersions(w http.ResponseWriter, r *http.Request, ruleId string)

func (*API) AdminGetDeploymentVersion 

func (a *API) AdminGetDeploymentVersion(w http.ResponseWriter, r *http.Request)

Get deployment version details (GET /api/v1/admin/deployment/version)

func (*API) AdminGetGroup added in v0.12.0 

func (a *API) AdminGetGroup(w http.ResponseWriter, r *http.Request, groupId string)

Get Group Details (GET /api/v1/admin/groups/{groupId})

func (*API) AdminGetHandler added in v0.15.0 

func (a *API) AdminGetHandler(w http.ResponseWriter, r *http.Request, id string)

Your GET endpoint (GET /api/v1/handlers/{id})

func (*API) AdminGetIdentityConfiguration added in v0.12.0 

func (a *API) AdminGetIdentityConfiguration(w http.ResponseWriter, r *http.Request)

Get identity configuration (GET /api/v1/admin/identity)

func (*API) AdminGetProvider added in v0.12.0 

func (a *API) AdminGetProvider(w http.ResponseWriter, r *http.Request, providerId string)

func (*API) AdminGetProviderArgs added in v0.12.0 

func (a *API) AdminGetProviderArgs(w http.ResponseWriter, r *http.Request, providerId string)

func (*API) AdminGetProvidersetup added in v0.12.0 

func (a *API) AdminGetProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Get an in-progress provider setup (GET /api/v1/admin/providersetups/{providersetupId})

func (*API) AdminGetProvidersetupInstructions added in v0.12.0 

func (a *API) AdminGetProvidersetupInstructions(w http.ResponseWriter, r *http.Request, providersetupId string)

Get the setup instructions for an Access Provider (GET /api/v1/admin/providersetups/{providersetupId}/instructions)

func (*API) AdminGetRequest 

func (a *API) AdminGetRequest(w http.ResponseWriter, r *http.Request, requestId string)

Get a request (GET /api/v1/admin/requests/{requestId})

func (*API) AdminGetTargetGroup added in v0.15.0 

func (a *API) AdminGetTargetGroup(w http.ResponseWriter, r *http.Request, id string)

Your GET endpoint (GET /api/v1/target-groups/{id})

func (*API) AdminHealthcheckHandlers added in v0.15.0 

func (a *API) AdminHealthcheckHandlers(w http.ResponseWriter, r *http.Request)

func (*API) AdminListAccessRules 

func (a *API) AdminListAccessRules(w http.ResponseWriter, r *http.Request, params types.AdminListAccessRulesParams)

Returns a list of all Access Rules (GET /api/v1/admin/access-rules)

func (*API) AdminListGroups added in v0.12.0 

func (a *API) AdminListGroups(w http.ResponseWriter, r *http.Request, params types.AdminListGroupsParams)

Lists all active groups (GET /api/v1/groups/)

func (*API) AdminListHandlers added in v0.15.0 

func (a *API) AdminListHandlers(w http.ResponseWriter, r *http.Request)

Your GET endpoint (GET /api/v1/handlers)

func (*API) AdminListProviderArgOptions added in v0.12.0 

func (a *API) AdminListProviderArgOptions(w http.ResponseWriter, r *http.Request, providerId string, argId string, params types.AdminListProviderArgOptionsParams)

List provider arg options (GET /api/v1/admin/providers/{providerId}/args/{argId}/options)

func (*API) AdminListProviders added in v0.12.0 

func (a *API) AdminListProviders(w http.ResponseWriter, r *http.Request)

func (*API) AdminListProvidersetups added in v0.12.0 

func (a *API) AdminListProvidersetups(w http.ResponseWriter, r *http.Request)

List the provider setups in progress (GET /api/v1/admin/providersetups)

func (*API) AdminListRequests 

func (a *API) AdminListRequests(w http.ResponseWriter, r *http.Request, params types.AdminListRequestsParams)

"/api/v1/admin/requests"

func (*API) AdminListTargetGroups added in v0.15.0 

func (a *API) AdminListTargetGroups(w http.ResponseWriter, r *http.Request)

Your GET endpoint (GET /api/v1/target-groups)

func (*API) AdminListTargetRoutes added in v0.15.0 

func (a *API) AdminListTargetRoutes(w http.ResponseWriter, r *http.Request, id string)

Your GET endpoint (GET /api/v1/target-groups)

func (*API) AdminListUsers added in v0.12.0 

func (a *API) AdminListUsers(w http.ResponseWriter, r *http.Request, params types.AdminListUsersParams)

Returns a list of users (GET /api/v1/users/)

func (*API) AdminRegisterHandler added in v0.15.0 

func (a *API) AdminRegisterHandler(w http.ResponseWriter, r *http.Request)

(POST /api/v1/handlers) 

func (a *API) AdminRemoveTargetGroupLink(w http.ResponseWriter, r *http.Request, id string, params types.AdminRemoveTargetGroupLinkParams)

Unlink a target group deployment from its target group (POST /api/v1/target-groups/{id}/unlink)

func (*API) AdminSubmitProvidersetupStep added in v0.12.0 

func (a *API) AdminSubmitProvidersetupStep(w http.ResponseWriter, r *http.Request, providersetupId string, stepIndex int)

Update the completion status for a Provider setup step (PUT /api/v1/admin/providersetups/{providersetupId}/steps/{stepIndex}/complete)

func (*API) AdminSyncIdentity added in v0.12.0 

func (a *API) AdminSyncIdentity(w http.ResponseWriter, r *http.Request)

(POST /api/v1/admin/identity/sync)

func (*API) AdminUpdateAccessRule 

func (a *API) AdminUpdateAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

Update Access Rule (POST /api/v1/access-rules/{ruleId})

func (*API) AdminUpdateGroup 

func (a *API) AdminUpdateGroup(w http.ResponseWriter, r *http.Request, groupId string)

Update Group (PUT /api/v1/admin/groups/{id}) Updates an internal group not connected to any identiy provider in dynamodb

func (*API) AdminUpdateUser added in v0.12.0 

func (a *API) AdminUpdateUser(w http.ResponseWriter, r *http.Request, userId string)

Update User (POST /api/v1/admin/users/{userId})

func (*API) AdminValidateProvidersetup added in v0.12.0 

func (a *API) AdminValidateProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Validate the configuration for a Provider Setup (POST /api/v1/admin/providersetups/{providersetupId}/validate)

func (*API) Handler 

func (a *API) Handler(r chi.Router) http.Handler

Handler returns a HTTP handler. Hander doesn't add any middleware. It is the caller's responsibility to add any middleware.

func (*API) UserCancelRequest added in v0.12.0 

func (a *API) UserCancelRequest(w http.ResponseWriter, r *http.Request, requestId string)

func (*API) UserCreateFavorite 

func (a *API) UserCreateFavorite(w http.ResponseWriter, r *http.Request)

(POST /api/v1/favorites)

func (*API) UserCreateRequest 

func (a *API) UserCreateRequest(w http.ResponseWriter, r *http.Request)

Creates a request (POST /api/v1/requests/)

func (*API) UserDeleteFavorite added in v0.12.0 

func (a *API) UserDeleteFavorite(w http.ResponseWriter, r *http.Request, id string)

(DELETE /api/v1/favorites/{id})

func (*API) UserGetAccessInstructions added in v0.12.0 

func (a *API) UserGetAccessInstructions(w http.ResponseWriter, r *http.Request, requestId string)

Get Access Instructions (GET /api/v1/requests/{requestId}/access-instructions)

func (*API) UserGetAccessRule 

func (a *API) UserGetAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

Get Access Rule as an end user. (GET /api/v1/access-rules/{ruleId})

func (*API) UserGetAccessRuleApprovers 

func (a *API) UserGetAccessRuleApprovers(w http.ResponseWriter, r *http.Request, ruleId string)

func (*API) UserGetAccessToken added in v0.12.0 

func (a *API) UserGetAccessToken(w http.ResponseWriter, r *http.Request, requestId string)

(GET /api/v1/requests/{requestId}/access-token)

func (*API) UserGetFavorite 

func (a *API) UserGetFavorite(w http.ResponseWriter, r *http.Request, id string)

(GET /api/v1/favorites/{id})

func (*API) UserGetMe added in v0.12.0 

func (a *API) UserGetMe(w http.ResponseWriter, r *http.Request)

Get details for the current user (GET /api/v1/users/me)

func (*API) UserGetRequest 

func (a *API) UserGetRequest(w http.ResponseWriter, r *http.Request, requestId string)

Get a request (GET /api/v1/requests/{requestId})

func (*API) UserGetUser added in v0.12.0 

func (a *API) UserGetUser(w http.ResponseWriter, r *http.Request, userId string)

Returns a user based on userId (GET /api/v1/users/{userId})

func (*API) UserListAccessRules added in v0.12.0 

func (a *API) UserListAccessRules(w http.ResponseWriter, r *http.Request)

List Access Rules (GET /api/v1/access-rules)

func (*API) UserListFavorites 

func (a *API) UserListFavorites(w http.ResponseWriter, r *http.Request)

(GET /api/v1/favorites)

func (*API) UserListRequestEvents added in v0.12.0 

func (a *API) UserListRequestEvents(w http.ResponseWriter, r *http.Request, requestId string)

func (*API) UserListRequests 

func (a *API) UserListRequests(w http.ResponseWriter, r *http.Request, params types.UserListRequestsParams)

List my requests (GET /api/v1/requests)

func (*API) UserListRequestsPast 

func (a *API) UserListRequestsPast(w http.ResponseWriter, r *http.Request, params types.UserListRequestsPastParams)

List my requests (GET /api/v1/requests/past)

func (*API) UserListRequestsUpcoming 

func (a *API) UserListRequestsUpcoming(w http.ResponseWriter, r *http.Request, params types.UserListRequestsUpcomingParams)

List my requests (GET /api/v1/requests/upcoming)

func (*API) UserLookupAccessRule added in v0.12.0 

func (a *API) UserLookupAccessRule(w http.ResponseWriter, r *http.Request, params types.UserLookupAccessRuleParams)

Your GET endpoint (GET /api/v1/access-rules/lookup)

func (*API) UserReviewRequest added in v0.12.0 

func (a *API) UserReviewRequest(w http.ResponseWriter, r *http.Request, requestId string)

Review a request (POST /api/v1/requests/{requestId}/review)

func (*API) UserRevokeRequest added in v0.12.0 

func (a *API) UserRevokeRequest(w http.ResponseWriter, r *http.Request, requestID string)

func (*API) UserUpdateFavorite added in v0.12.0 

func (a *API) UserUpdateFavorite(w http.ResponseWriter, r *http.Request, id string)

(PUT /api/v1/favorites/{id})

type AccessRuleService 

type AccessRuleService interface {
	ArchiveAccessRule(ctx context.Context, userID string, in rule.AccessRule) (*rule.AccessRule, error)
	CreateAccessRule(ctx context.Context, userID string, in types.CreateAccessRuleRequest) (*rule.AccessRule, error)
	LookupRule(ctx context.Context, opts rulesvc.LookupRuleOpts) ([]rulesvc.LookedUpRule, error)
	GetRule(ctx context.Context, ID string, user *identity.User, isAdmin bool) (*rule.GetAccessRuleResponse, error)
	UpdateRule(ctx context.Context, in *rulesvc.UpdateOpts) (*rule.AccessRule, error)
	RequestArguments(ctx context.Context, accessRuleTarget rule.Target) (map[string]types.RequestArgument, error)
}

AccessRuleService can create and get rules

type AccessService 

type AccessService interface {
	CreateRequests(ctx context.Context, in accesssvc.CreateRequestsOpts) ([]accesssvc.CreateRequestResult, error)
	AddReviewAndGrantAccess(ctx context.Context, opts accesssvc.AddReviewOpts) (*accesssvc.AddReviewResult, error)
	CancelRequest(ctx context.Context, opts accesssvc.CancelRequestOpts) error
	CreateFavorite(ctx context.Context, in accesssvc.CreateFavoriteOpts) (*access.Favorite, error)
	UpdateFavorite(ctx context.Context, in accesssvc.UpdateFavoriteOpts) (*access.Favorite, error)
}

RequestServices can create Access Requests.

type CacheService 

type CacheService interface {
	RefreshCachedProviderArgOptions(ctx context.Context, providerId string, argId string) (bool, []cache.ProviderOption, []cache.ProviderArgGroupOption, error)
	LoadCachedProviderArgOptions(ctx context.Context, providerId string, argId string) (bool, []cache.ProviderOption, []cache.ProviderArgGroupOption, error)
}

type CognitoService 

type CognitoService interface {
	AdminCreateUser(ctx context.Context, in cognitosvc.CreateUserOpts) (*identity.User, error)
	AdminUpdateUserGroups(ctx context.Context, in cognitosvc.UpdateUserGroupsOpts) (*identity.User, error)
}

type HandlerService added in v0.15.0 

type HandlerService interface {
	RegisterHandler(ctx context.Context, req types.RegisterHandlerRequest) (*handler.Handler, error)
	DeleteHandler(ctx context.Context, handler *handler.Handler) error
}

type HealthcheckService added in v0.15.0 

type HealthcheckService interface {
	Check(ctx context.Context) error
}

type InternalIdentityService 

type InternalIdentityService interface {
	UpdateGroup(ctx context.Context, group identity.Group, in types.CreateGroupRequest) (*identity.Group, error)
	CreateGroup(ctx context.Context, in types.CreateGroupRequest) (*identity.Group, error)
	UpdateUserGroups(ctx context.Context, user identity.User, groups []string) (*identity.User, error)
	DeleteGroup(ctx context.Context, group identity.Group) error
}

type ListProvidersArgFilterResponse 

type ListProvidersArgFilterResponse struct {
	Options []ahTypes.Option `json:"options"`
}

type Opts 

type Opts struct {
	Log                    *zap.SugaredLogger
	AccessHandlerClient    ahtypes.ClientWithResponsesInterface
	ProviderRegistryClient registry_types.ClientWithResponsesInterface
	EventSender            *gevent.Sender
	IdentitySyncer         auth.IdentitySyncer
	DeploymentConfig       deploy.DeployConfigReader
	DynamoTable            string
	PaginationKMSKeyARN    string
	AdminGroup             string
	TemplateData           psetup.TemplateData
	DeploymentSuffix       string
	CognitoUserPoolID      string
	IDPType                string
	AdminGroupID           string
	StateMachineARN        string
	FrontendURL            string
}

type ProviderSetupService 

type ProviderSetupService interface {
	Create(ctx context.Context, providerType string, existingProviders deploy.ProviderMap, r providerregistry.ProviderRegistry) (*providersetup.Setup, error)
	CompleteStep(ctx context.Context, setupID string, stepIndex int, body types.ProviderSetupStepCompleteRequest) (*providersetup.Setup, error)
}

ProviderSetupService contains business logic for managing the guided provider setup workflows.

type TargetService added in v0.15.0 

type TargetService interface {
	CreateGroup(ctx context.Context, targetGroup types.CreateTargetGroupRequest) (*target.Group, error)
	CreateRoute(ctx context.Context, group string, req types.CreateTargetGroupLink) (*target.Route, error)
	DeleteGroup(ctx context.Context, group *target.Group) error
}

type Workflow added in v0.15.0 

type Workflow interface {
	Revoke(ctx context.Context, request access.Request, revokerID string, revokerEmail string) (*access.Request, error)
}

Source Files

View all Source files

Directories

Path Synopsis
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.