iam

package
v0.91.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 10, 2025 License: MIT Imports: 25 Imported by: 1

Documentation

Overview

Package iam provides support for interacting with HSDP IAM and IDM services

Index

Constants

View Source 
const (
	OAuthToken tokenType = iota
	JWTToken   tokenType = 1
)
View Source 
const (
	IAM = "IAM"
	IDM = "IDM"
)

Constants

View Source 
const (
	GroupMemberTypeUser    = "USER"
	GroupMemberTypeDevice  = "DEVICE"
	GroupMemberTypeService = "SERVICE"
)
View Source 
const (
	TypePhoneVerification      = "PHONE_VERIFICATION"
	TypeLoginOTP               = "LOGIN_OTP"
	TypePasswordRecovery       = "PASSWORD_RECOVERY"
	TypePasswordFailedAttempts = "PASSWORD_FAILED_ATTEMPTS"
)

Variables

View Source 
var (
	ErrNotFound                       = errors.New("entity not found")
	ErrMissingManagingOrganization    = errors.New("missing managing organization")
	ErrMissingName                    = errors.New("missing name value")
	ErrMissingDescription             = errors.New("missing description value")
	ErrMalformedInputValue            = errors.New("malformed input value")
	ErrMissingOrganization            = errors.New("missing organization")
	ErrMissingProposition             = errors.New("missing proposition")
	ErrMissingGlobalReference         = errors.New("missing global reference")
	ErrNotImplementedByHSDP           = errors.New("method not implemented by HSDP")
	ErrCouldNoReadResourceAfterCreate = errors.New("could not read resource after create")
	ErrBaseIDMCannotBeEmpty           = errors.New("base IDM URL cannot be empty")
	ErrBaseIAMCannotBeEmpty           = errors.New("base IAM URL cannot be empty")
	ErrEmptyResults                   = errors.New("empty results")
	ErrOperationFailed                = errors.New("operation failed")
	ErrMissingEtagInformation         = errors.New("missing etag information")
	ErrMissingRefreshToken            = errors.New("missing refresh token")
	ErrNotAuthorized                  = errors.New("not authorized")
	ErrNoValidSignerAvailable         = errors.New("no valid HSDP signer available")
	ErrMissingOAuth2Credentials       = errors.New("missing OAuth2 credentials")
)

Exported Errors

Functions

func FixPEM 

func FixPEM(pemString string) string

FixPEM fixes the IAM generated PEM key strings so they are valid for decoding by Go and other parsers which expect newlines after labels

func String 

func String(v string) *string

String is a helper routine that allocates a new string value to store v and returns a pointer to it.

Types

type Address 

type Address struct {
	Use        string   `json:"use,omitempty" enum:"home|work|temp|old"`
	Text       string   `json:"text,omitempty"`
	City       string   `json:"city,omitempty"`
	State      string   `json:"state,omitempty"`
	Line       []string `json:"line,omitempty"`
	PostalCode string   `json:"postalCode,omitempty"`
	Country    string   `json:"country,omitempty"`
	Building   string   `json:"building,omitempty"`
	Street     string   `json:"street,omitempty"`
	IsPrimary  string   `json:"isPrimary,omitempty" enum:"yes|no"`
}

Address describes an address of a Profile

func (*Address) IsBlank 

func (a *Address) IsBlank() bool

type AddressEntry 

type AddressEntry struct {
	Use        string   `json:"use,omitempty"`
	Text       string   `json:"text,omitempty"`
	Line       []string `json:"line,omitempty"`
	City       string   `json:"city,omitempty"`
	State      string   `json:"state,omitempty"`
	Country    string   `json:"country,omitempty"`
	Postalcode string   `json:"postalcode,omitempty"`
}

AddressEntry entity

type Application 

type Application struct {
	ID                string `json:"id,omitempty"`
	Name              string `json:"name" validate:"required"`
	Description       string `json:"description"`
	PropositionID     string `json:"propositionId" validate:"required"`
	GlobalReferenceID string `json:"globalReferenceId" validate:"required"`
}

Application represents an IAM Application entity

type ApplicationClient 

type ApplicationClient struct {
	ID                   string      `json:"id,omitempty"`
	ClientID             string      `json:"clientId" validate:"required,min=5,max=20"`
	Type                 string      `json:"type"`
	Name                 string      `json:"name" validate:"required,min=5,max=50"`
	Password             string      `json:"password,omitempty" validate:"required_without=ID,max=16"`
	RedirectionURIs      []string    `json:"redirectionURIs"`
	ResponseTypes        []string    `json:"responseTypes"`
	Scopes               []string    `json:"scopes,omitempty"`
	DefaultScopes        []string    `json:"defaultScopes,omitempty"`
	Disabled             bool        `json:"disabled,omitempty"`
	Description          string      `json:"description" validate:"max=250"`
	ApplicationID        string      `json:"applicationId" validate:"required"`
	GlobalReferenceID    string      `json:"globalReferenceId" validate:"required,min=3,max=50"`
	ConsentImplied       bool        `json:"consentImplied"`
	AccessTokenLifetime  int         `json:"accessTokenLifetime,omitempty" validate:"min=0,max=31536000"`
	RefreshTokenLifetime int         `json:"refreshTokenLifetime,omitempty" validate:"min=0,max=157680000"`
	IDTokenLifetime      int         `json:"idTokenLifetime,omitempty" validate:"min=0,max=31536000"`
	Realms               []string    `json:"realms,omitempty" validate:"required_with=ID"`
	Meta                 *ClientMeta `json:"meta,omitempty"`
}

ApplicationClient represents an IAM client resource

type ApplicationStatus 

type ApplicationStatus struct {
	Schemas []string `json:"schemas"`
	ID      string   `json:"id"`
	Status  string   `json:"status"`
	Meta    *Meta    `json:"meta"`
}

type ApplicationsService 

type ApplicationsService struct {
	// contains filtered or unexported fields
}

ApplicationsService implements actions on IAM Application entities

func (*ApplicationsService) CreateApplication 

func (a *ApplicationsService) CreateApplication(app Application) (*Application, *Response, error)

CreateApplication creates an Application

func (*ApplicationsService) DeleteApplication 

func (a *ApplicationsService) DeleteApplication(app Application) (bool, *Response, error)

DeleteApplication deletes an Application

func (*ApplicationsService) DeleteStatus 

func (a *ApplicationsService) DeleteStatus(id string) (*ApplicationStatus, *Response, error)

DeleteStatus returns the status of a delete operation on an organization

func (*ApplicationsService) GetApplicationByID 

func (a *ApplicationsService) GetApplicationByID(id string) (*Application, *Response, error)

GetApplicationByID retrieves an Application by its ID

func (*ApplicationsService) GetApplicationByName 

func (a *ApplicationsService) GetApplicationByName(name string) (*Application, *Response, error)

GetApplicationByName retrieves an Application by its Name

func (*ApplicationsService) GetApplications 

func (a *ApplicationsService) GetApplications(opt *GetApplicationsOptions, options ...OptionFunc) ([]*Application, *Response, error)

GetApplications search for an Applications entity based on the GetApplicationsOptions values

type Attribute 

type Attribute struct {
	Value   string `json:"value,omitempty"`
	Ref     string `json:"$ref,omitempty"`
	Primary bool   `json:"primary,omitempty"`
}

type CertificateOptionFunc 

type CertificateOptionFunc func(cert *x509.Certificate) error

type ChallengePolicy 

type ChallengePolicy struct {
	DefaultQuestions     []string `json:"defaultQuestions"`
	MinQuestionCount     int      `json:"minQuestionCount"`
	MinAnswerCount       int      `json:"minAnswerCount"`
	MaxIncorrectAttempts int      `json:"maxIncorrectAttempts"`
}

type ChangeLoginIDRequest 

type ChangeLoginIDRequest struct {
	LoginID string `json:"loginId"`
}

ChangeLoginIDRequest

type Client 

type Client struct {
	// HTTP client used to communicate with the API.
	*http.Client

	// User agent used when communicating with the HSDP IAM API.
	UserAgent string

	Organizations    *OrganizationsService
	Groups           *GroupsService
	Permissions      *PermissionsService
	Roles            *RolesService
	Users            *UsersService
	Applications     *ApplicationsService
	Propositions     *PropositionsService
	Clients          *ClientsService
	Services         *ServicesService
	MFAPolicies      *MFAPoliciesService
	PasswordPolicies *PasswordPoliciesService
	Devices          *DevicesService
	EmailTemplates   *EmailTemplatesService
	SMSGateways      *SMSGatewaysService
	SMSTemplates     *SMSTemplatesService

	sync.Mutex
	// contains filtered or unexported fields
}

A Client manages communication with HSDP IAM API

func NewClient 

func NewClient(httpClient *http.Client, config *Config) (*Client, error)

NewClient returns a new HSDP IAM API client. If a nil httpClient is provided, http.DefaultClient will be used. To use API methods which require authentication, provide a valid oAuth bearer token.

func (*Client) BaseIAMURL 

func (c *Client) BaseIAMURL() *url.URL

BaseIAMURL return a copy of the baseIAMURL.

func (*Client) BaseIDMURL 

func (c *Client) BaseIDMURL() *url.URL

BaseIDMURL return a copy of the baseIAMURL.

func (*Client) ClientCredentialsLogin 

func (c *Client) ClientCredentialsLogin() error

ClientCredentialsLogin logs in using client credentials The client credentials and scopes are expected to passed during configuration of the client

func (*Client) Close 

func (c *Client) Close()

Close releases allocated resources of clients

func (*Client) CodeLogin 

func (c *Client) CodeLogin(code string, redirectURI string) error

CodeLogin uses the authorization_code grant type to fetch tokens

func (*Client) EndSession 

func (c *Client) EndSession() error

EndSession ends the current active session

func (*Client) ExpireToken 

func (c *Client) ExpireToken()

ExpireToken expires the token immediately

func (*Client) Expires 

func (c *Client) Expires() int64

Expires returns the expiry time (Unix) of the access token

func (*Client) HasOAuth2Credentials 

func (c *Client) HasOAuth2Credentials() bool

HasOAuth2Credentials returns true if the client is configured with OAuth2 credentials

func (*Client) HasPermissions 

func (c *Client) HasPermissions(orgID string, permissions ...string) bool

HasPermissions returns true if all permissions are there for the client

func (*Client) HasScopes 

func (c *Client) HasScopes(scopes ...string) bool

HasScopes returns true of all scopes are there for the client

func (*Client) HasSigningKeys 

func (c *Client) HasSigningKeys() bool

HasSigningKeys returns true if this client is configured with IAM signing keys

func (*Client) HttpClient 

func (c *Client) HttpClient() *http.Client

HttpClient returns the http Client used for connections

func (*Client) IDToken 

func (c *Client) IDToken() string

IDToken returns the ID token

func (*Client) Introspect 

func (c *Client) Introspect(opts ...OptionFunc) (*IntrospectResponse, *Response, error)

Introspect introspects the current logged-in user

func (*Client) Login 

func (c *Client) Login(username, password string) error

Login logs in a user with `username` and `password`

func (*Client) RefreshToken 

func (c *Client) RefreshToken() string

RefreshToken returns the refresh token

func (*Client) RevokeAccessToken 

func (c *Client) RevokeAccessToken() error

RevokeAccessToken revokes the access and refresh token

func (*Client) RevokeRefreshAccessToken 

func (c *Client) RevokeRefreshAccessToken() error

RevokeRefreshAccessToken revokes the access and refresh token

func (*Client) ServiceLogin 

func (c *Client) ServiceLogin(service Service) error

ServiceLogin logs a service in using a JWT signed with the service private key

func (*Client) SetBaseIAMURL 

func (c *Client) SetBaseIAMURL(urlStr string) error

SetBaseIAMURL sets the base URL for API requests to a custom endpoint. urlStr should always be specified with a trailing slash.

func (*Client) SetBaseIDMURL 

func (c *Client) SetBaseIDMURL(urlStr string) error

SetBaseIDMURL sets the base URL for API requests to a custom endpoint. urlStr should always be specified with a trailing slash.

func (*Client) SetToken 

func (c *Client) SetToken(token string)

SetToken sets the token

func (*Client) SetTokens 

func (c *Client) SetTokens(accessToken, refreshToken, idToken string, expiresAt int64)

SetTokens sets the token

func (*Client) Token 

func (c *Client) Token() (string, error)

Token returns the current token

func (*Client) TokenRefresh 

func (c *Client) TokenRefresh() error

TokenRefresh forces a token refresh

func (*Client) WithLogin 

func (c *Client) WithLogin(username, password string) (*Client, error)

WithLogin returns a cloned client with new login

func (*Client) WithToken 

func (c *Client) WithToken(token string) *Client

WithToken returns a cloned client with the token set

type ClientMeta 

type ClientMeta struct {
	VersionID    string `json:"versionId,omitempty"`
	LastModified string `json:"lastModified,omitempty"`
}

type ClientsService 

type ClientsService struct {
	// contains filtered or unexported fields
}

ClientsService provides operations on IAM roles resources

func (*ClientsService) CreateClient 

func (c *ClientsService) CreateClient(ac ApplicationClient) (*ApplicationClient, *Response, error)

CreateClient creates a Client

func (*ClientsService) DeleteClient 

func (c *ClientsService) DeleteClient(ac ApplicationClient) (bool, *Response, error)

DeleteClient deletes the given Client

func (*ClientsService) GetClientByID 

func (c *ClientsService) GetClientByID(id string) (*ApplicationClient, *Response, error)

GetClientByID finds a client by its ID

func (*ClientsService) GetClients 

func (c *ClientsService) GetClients(opt *GetClientsOptions, options ...OptionFunc) (*[]ApplicationClient, *Response, error)

GetClients looks up clients based on GetClientsOptions

func (*ClientsService) UpdateClient 

func (c *ClientsService) UpdateClient(ac ApplicationClient) (*ApplicationClient, *Response, error)

UpdateClient updates a client

func (*ClientsService) UpdateScopes 

func (c *ClientsService) UpdateScopes(ac ApplicationClient, scopes []string, defaultScopes []string) (bool, *Response, error)

UpdateScope updates a clients scope

type CodeableConcept 

type CodeableConcept struct {
	Code string `json:"code" validate:"required,min=1,max=10"`
	Text string `json:"text" validate:"max=250"`
}

CodeableConcept describes a code-able concept

type Config 

type Config struct {
	Region           string
	Environment      string
	OAuth2ClientID   string
	OAuth2Secret     string
	SharedKey        string
	SecretKey        string
	BaseIAMURL       string
	BaseIDMURL       string
	OrgAdminUsername string
	OrgAdminPassword string
	IAMURL           string
	IDMURL           string
	Scopes           []string
	RootOrgID        string
	DebugLog         io.Writer
	Signer           *hsdpsigner.Signer
}

Config contains the configuration of a client

type Contact 

type Contact struct {
	EmailAddress string `json:"emailAddress,omitempty"`
	MobilePhone  string `json:"mobilePhone,omitempty"`
	WorkPhone    string `json:"workPhone,omitempty"`
	HomePhone    string `json:"homePhone,omitempty"`
}

Contact describes contact details of a Profile

type ContextKey 

type ContextKey string

type Device 

type Device struct {
	ID                string           `json:"id,omitempty"`
	LoginID           string           `json:"loginId,omitempty" validate:"required,reserved-strings,min=5,max=50" `
	DeviceExtID       DeviceIdentifier `json:"deviceExtId" validate:"required"`
	Password          string           `json:"password,omitempty" validate:"required_without=ID,max=255"`
	Type              string           `json:"type" validate:"required,min=1,max=50"`
	RegistrationDate  *time.Time       `json:"registrationDate,omitempty"`
	ForTest           bool             `json:"forTest,omitempty"`
	IsActive          bool             `json:"isActive,omitempty"`
	DebugUntil        *time.Time       `json:"debugUntil,omitempty"`
	OrganizationID    string           `json:"organizationId" validate:"required"`
	GlobalReferenceID string           `json:"globalReferenceId" validate:"required,min=3,max=50"`
	Text              string           `json:"text,omitempty"`
	ApplicationID     string           `json:"applicationId" validate:"required"`
	Meta              *Meta            `json:"meta,omitempty"`
}

Device represents an IAM resource

type DeviceIdentifier 

type DeviceIdentifier struct {
	System string          `json:"system" validate:"max=250"`
	Value  string          `json:"value" validate:"max=250"`
	Type   CodeableConcept `json:"type"`
}

DeviceIdentifier holds device identity information

type DevicesService 

type DevicesService struct {
	// contains filtered or unexported fields
}

DevicesService provides operations on IAM device resources

func (*DevicesService) ChangePassword 

func (p *DevicesService) ChangePassword(deviceID, oldPassword, newPassword string) (bool, *Response, error)

ChangePassword changes the password. The current pasword must be provided as well. No password history will be maintained for device.

func (*DevicesService) CreateDevice 

func (p *DevicesService) CreateDevice(device Device) (*Device, *Response, error)

CreateDevice creates a Device A user with DEVICE.WRITE permission can create devices under the organization.

func (*DevicesService) DeleteDevice 

func (p *DevicesService) DeleteDevice(device Device) (bool, *Response, error)

DeleteDevice deletes the given Device The is usually done by a organization administrator. Any user with DEVICE.WRITE or DEVICE.DELETE permission within the organization can delete a device from an organization.

func (*DevicesService) GetDeviceByID 

func (p *DevicesService) GetDeviceByID(deviceID string) (*Device, *Response, error)

GetDeviceByID retrieves a device by ID

func (*DevicesService) GetDevices 

func (p *DevicesService) GetDevices(opt *GetDevicesOptions, options ...OptionFunc) (*[]Device, *Response, error)

GetDevices looks up Devices based on GetDevicesOptions A user with DEVICE.READ permission can read device information under the user organization.

func (*DevicesService) UpdateDevice 

func (p *DevicesService) UpdateDevice(device Device) (*Device, *Response, error)

UpdateDevice updates Device properties. Any user with DEVICE.WRITE permission within the organization can update device properties. The entire resource data must be passed as request body to update a device. If read-only attributes (such as id, loginId, password, meta, organizationId) are passed, that will be ignored.

type EmailTemplate 

type EmailTemplate struct {
	// ID is the UUID generated for a stored email template
	ID string `json:"id,omitempty"`

	// Type is the type of the email template
	Type string `` /* 202-byte string literal not displayed */

	// ManagingOrganization is the Unique UUID of the organization under which the email template needs to be created.
	ManagingOrganization string `json:"managingOrganization" validate:"required"`

	// From is the sender field
	From string `json:"from,omitempty"`

	// Format is the template format. Must be HTML at this time
	Format string `json:"format" validate:"required" enum:"HTML"`

	// Locale is the locale for the email template. The locale is case insensitive
	Locale string `json:"locale,omitempty"`

	// Subject is the email subject
	Subject string `json:"subject" validate:"required,min=1,max=256"`

	// Message should contain the base64 encoded body of the email
	Message string `json:"message" validate:"required"`

	// Link is a clickable link according to the template type
	Link string `json:"link,omitempty"`

	// Meta contains additional metadata
	Meta *Meta `json:"meta,omitempty"`
}

EmailTemplate describes an email template

type EmailTemplatesService 

type EmailTemplatesService struct {
	// contains filtered or unexported fields
}

EmailTemplatesService provides operations on IAM email template resources

func (*EmailTemplatesService) CreateTemplate 

func (e *EmailTemplatesService) CreateTemplate(template EmailTemplate) (*EmailTemplate, *Response, error)

CreateTemplate creates an EmailTemplate A user with EMAILTEMPLATE.WRITE permission can create templates under the organization.

func (*EmailTemplatesService) DeleteTemplate 

func (e *EmailTemplatesService) DeleteTemplate(template EmailTemplate) (bool, *Response, error)

DeleteTemplate deletes the given EmailTemplate

func (*EmailTemplatesService) GetTemplateByID 

func (e *EmailTemplatesService) GetTemplateByID(ID string) (*EmailTemplate, *Response, error)

func (*EmailTemplatesService) GetTemplates 

func (e *EmailTemplatesService) GetTemplates(opt *GetEmailTemplatesOptions, options ...OptionFunc) (*[]EmailTemplate, *Response, error)

GetTemplates finds EmailTemplate based on search criteria Any user with EMAILTEMPLATE.WRITE or EMAILTEMPLATE.READ permission can retrieve the template information.

type Endpoint 

type Endpoint string

Endpoint type

type ErrorResponse 

type ErrorResponse struct {
	Response         *http.Response `json:"-"`
	Code             string         `json:"responseCode,omitempty"`
	Message          string         `json:"responseMessage,omitempty"`
	ErrorString      string         `json:"error,omitempty"`
	ErrorDescription string         `json:"error_description,omitempty"`
}

ErrorResponse represents an IAM errors response containing a code and a human-readable message

func (*ErrorResponse) Error 

func (e *ErrorResponse) Error() string

type ExtensionGroup 

type ExtensionGroup struct {
	Description  string           `json:"description"`
	Organization Attribute        `json:"organization"`
	GroupMembers SCIMListResponse `json:"groupMembers"`
}

type ExtensionUser 

type ExtensionUser struct {
	EmailVerified bool      `json:"emailVerified"`
	PhoneVerified bool      `json:"phoneVerified"`
	Organization  Attribute `json:"organization"`
}

type GetApplicationsOptions 

type GetApplicationsOptions struct {
	ID                *string `url:"_id,omitempty"`
	PropositionID     *string `url:"propositionId,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	Name              *string `url:"name,omitempty"`
}

GetApplicationsOptions specifies what search criteria can be used to look for entities

type GetClientsOptions 

type GetClientsOptions struct {
	ID                *string `url:"_id,omitempty"`
	Name              *string `url:"name,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	ApplicationID     *string `url:"applicationId,omitempty"`
}

GetClientsOptions describes search criteria for looking up roles

type GetDevicesOptions 

type GetDevicesOptions struct {
	ID                *string `url:"_id,omitempty"`
	Count             *int    `url:"_count,omitempty"`
	Page              *int    `url:"_page,omitempty"`
	DeviceExtIDValue  *string `url:"deviceExtId.value,omitempty"`
	DeviceExtIDType   *string `url:"deviceExtId.value,omitempty"`
	DeviceExtIDSystem *string `url:"deviceExtId.system,omitempty"`
	LoginID           *string `url:"loginId,omitempty" validate:""`
	ForTest           *bool   `url:"forTest,omitempty"`
	IsActive          *bool   `url:"isActive,omitempty"`
	OrganizationID    *string `url:"organizationId,omitempty"`
	ApplicationID     *string `url:"applicationId,omitempty"`
	Type              *string `url:"type,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	GroupID           *string `url:"groupId,omitempty"`
}

GetDevicesOptions describes search criteria for looking up devices

type GetEmailTemplatesOptions 

type GetEmailTemplatesOptions struct {
	Type           *string `url:"type,omitempty"`
	OrganizationID *string `url:"organizationId,omitempty"`
	Locale         *string `url:"locale,omitempty"`
}

type GetGroupOptions 

type GetGroupOptions struct {
	ID             *string `url:"_id,omitempty"`
	OrganizationID *string `url:"orgID,omitempty"`
	Name           *string `url:"name,omitempty"`
	MemberType     *string `url:"memberType,omitempty"`
	MemberID       *string `url:"memberId,omitempty"`
}

GetGroupOptions describes the fields on which you can search for Groups

type GetOrganizationOptions 

type GetOrganizationOptions struct {
	Filter             *string `url:"filter,omitempty"`
	Attributes         *string `url:"attributes,omitempty"`
	ExcludedAttributes *string `url:"excludedAttributes,omitempty"`
}

GetOrganizationOptions describes the criteria for looking up Organizations

func FilterNameEq 

func FilterNameEq(name string) *GetOrganizationOptions

func FilterOrgEq 

func FilterOrgEq(orgID string) *GetOrganizationOptions

func FilterParentEq 

func FilterParentEq(parentID string) *GetOrganizationOptions

type GetPasswordPolicyOptions 

type GetPasswordPolicyOptions struct {
	OrganizationID *string `url:"organizationId,omitempty"`
}

GetPasswordPolicyOptions describes the criteria for looking up password polices

type GetPermissionOptions 

type GetPermissionOptions struct {
	ID     *string `url:"_id,omitempty"`
	Name   *string `url:"name,omitempty"`
	RoleID *string `url:"roleId,omitempty"`
}

GetPermissionOptions describes search criteria for looking up permissions

type GetPropositionsOptions 

type GetPropositionsOptions struct {
	ID                *string `url:"_id,omitempty"`
	Count             *int    `url:"_count,omitempty"`
	Page              *int    `url:"_page,omitempty"`
	OrganizationID    *string `url:"organizationId,omitempty"`
	PropositionID     *string `url:"propositionId,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	Name              *string `url:"name,omitempty"`
}

GetPropositionsOptions specifies what search criteria can be used to look for entities

type GetRolesOptions 

type GetRolesOptions struct {
	Name           *string `url:"name,omitempty"`
	GroupID        *string `url:"groupId,omitempty"`
	OrganizationID *string `url:"organizationId,omitempty"`
	RoleID         *string `url:"roleId,omitempty"`
}

GetRolesOptions describes search criteria for looking up roles

type GetSMSGatewayOptions 

type GetSMSGatewayOptions struct {
	Filter             *string `url:"filter,omitempty"`
	Attributes         *string `url:"attributes,omitempty"`
	ExcludedAttributes *string `url:"excludedAttributes,omitempty"`
}

GetSMSGatewayOptions describes the criteria for looking up SMS gateways

func SMSGatewayFilterOrgEq 

func SMSGatewayFilterOrgEq(orgID string) *GetSMSGatewayOptions

type GetSMSTemplateOptions 

type GetSMSTemplateOptions struct {
	Filter             *string `url:"filter,omitempty"`
	Attributes         *string `url:"attributes,omitempty"`
	ExcludedAttributes *string `url:"excludedAttributes,omitempty"`
}

GetSMSTemplateOptions describes the criteria for looking up SMS templates

func SMSTemplateFilterOrgTypeLang 

func SMSTemplateFilterOrgTypeLang(orgID, templateType, locale string) *GetSMSTemplateOptions

type GetServiceOptions 

type GetServiceOptions struct {
	ID             *string `url:"_id,omitempty"`
	Name           *string `url:"name,omitempty"`
	ApplicationID  *string `url:"applicationId,omitempty"`
	OrganizationID *string `url:"organizationId,omitempty"`
	ServiceID      *string `url:"serviceId,omitempty"`
}

GetServiceOptions describes search criteria for looking up services

type GetUserOptions 

type GetUserOptions struct {
	ID             *string `url:"_id,omitempty"`
	OrganizationID *string `url:"organizationID,omitempty"`
	Name           *string `url:"name,omitempty"`
	LoginID        *string `url:"loginId,omitempty"`
	GroupID        *string `url:"groupId,omitempty"`
	PageSize       *string `url:"pageSize,omitempty"`
	PageNumber     *string `url:"pageNumber,omitempty"`
	UserID         *string `url:"userId,omitempty"`
	ProfileType    *string `url:"profileType,omitempty" enum:"membership|accountStatus|passwordStatus|consentedApps|all"`
}

GetUserOptions describes search criteria for looking up users

type Group 

type Group struct {
	ID                   string `json:"id,omitempty" validate:""`
	Name                 string `json:"name,omitempty" validate:"required"`
	Description          string `json:"description,omitempty" validate:""`
	ManagingOrganization string `json:"managingOrganization,omitempty" validate:"required"`
}

Group represents an IAM group resource

type GroupResource 

type GroupResource struct {
	ID               string `json:"_id"`
	ResourceType     string `json:"resourceType"`
	GroupName        string `json:"groupName"`
	OrgID            string `json:"orgId"`
	GroupDescription string `json:"groupDescription"`
}

GroupResource is the resource response of a Group search operation

type GroupsService 

type GroupsService struct {
	// contains filtered or unexported fields
}

GroupsService implements actions on Group entities

func (*GroupsService) AddDevices 

func (g *GroupsService) AddDevices(ctx context.Context, group Group, devices ...string) (MemberResponse, *Response, error)

AddDevices adds services to the given Group

func (*GroupsService) AddIdentities 

func (g *GroupsService) AddIdentities(ctx context.Context, group Group, memberType string, identities ...string) (MemberResponse, *Response, error)

AddIdentities adds services to the given Group

func (*GroupsService) AddMembers 

func (g *GroupsService) AddMembers(ctx context.Context, group Group, users ...string) (MemberResponse, *Response, error)

AddMembers adds users to the given Group

func (*GroupsService) AddServices 

func (g *GroupsService) AddServices(ctx context.Context, group Group, services ...string) (MemberResponse, *Response, error)

AddServices adds services to the given Group

func (*GroupsService) AssignRole 

func (g *GroupsService) AssignRole(ctx context.Context, group Group, role Role) (bool, *Response, error)

AssignRole adds a role to a group

func (*GroupsService) CreateGroup 

func (g *GroupsService) CreateGroup(group Group) (*Group, *Response, error)

CreateGroup creates a Group

func (*GroupsService) DeleteGroup 

func (g *GroupsService) DeleteGroup(group Group) (bool, *Response, error)

DeleteGroup deletes the given Group

func (*GroupsService) GetGroupByID 

func (g *GroupsService) GetGroupByID(id string) (*Group, *Response, error)

GetGroupByID retrieves a Group based on the ID

func (*GroupsService) GetGroups 

func (g *GroupsService) GetGroups(opt *GetGroupOptions, options ...OptionFunc) (*[]GroupResource, *Response, error)

GetGroups retrieves all groups

func (*GroupsService) GetRoles 

func (g *GroupsService) GetRoles(group Group) (*[]Role, *Response, error)

GetRoles returns the roles assigned to this group

func (*GroupsService) RemoveDevices 

func (g *GroupsService) RemoveDevices(ctx context.Context, group Group, devices ...string) (MemberResponse, *Response, error)

RemoveDevices removes services from the given Group

func (*GroupsService) RemoveIdentities 

func (g *GroupsService) RemoveIdentities(ctx context.Context, group Group, memberType string, identities ...string) (MemberResponse, *Response, error)

RemoveIdentities removes services from the given Group

func (*GroupsService) RemoveMembers 

func (g *GroupsService) RemoveMembers(ctx context.Context, group Group, users ...string) (MemberResponse, *Response, error)

RemoveMembers removes users from the given Group

func (*GroupsService) RemoveRole 

func (g *GroupsService) RemoveRole(ctx context.Context, group Group, role Role) (bool, *Response, error)

RemoveRole removes a role from a group

func (*GroupsService) RemoveServices 

func (g *GroupsService) RemoveServices(ctx context.Context, group Group, services ...string) (MemberResponse, *Response, error)

RemoveServices removes services from the given Group

func (*GroupsService) SCIMGetGroupByID 

func (g *GroupsService) SCIMGetGroupByID(id string, opt *SCIMGetGroupOptions, options ...OptionFunc) (*SCIMGroup, *Response, error)

SCIMGetGroupByID gets a group resource via the SCIM API

func (*GroupsService) SCIMGetGroupByIDAll 

func (g *GroupsService) SCIMGetGroupByIDAll(id string, opt *SCIMGetGroupOptions, options ...OptionFunc) (*SCIMGroup, *Response, error)

SCIMGetGroupByIDAll gets all resources from a group via the SCIM API

func (*GroupsService) UpdateGroup 

func (g *GroupsService) UpdateGroup(group Group) (*Group, *Response, error)

UpdateGroup updates the Group

type HTTPStatus 

type HTTPStatus interface {
	StatusCode() int
}

type IntrospectResponse 

type IntrospectResponse struct {
	Active        bool   `json:"active"`
	Scope         string `json:"scope"`
	Username      string `json:"username"`
	Expires       int64  `json:"exp"`
	Sub           string `json:"sub"`
	ISS           string `json:"iss"`
	Organizations struct {
		ManagingOrganization string `json:"managingOrganization"`
		OrganizationList     []struct {
			OrganizationID       string   `json:"organizationId"`
			Permissions          []string `json:"permissions"`
			EffectivePermissions []string `json:"effectivePermissions"`
			OrganizationName     string   `json:"organizationName"`
			Groups               []string `json:"groups"`
			Roles                []string `json:"roles"`
		} `json:"organizationList"`
	} `json:"organizations"`
	ClientID     string `json:"client_id"`
	TokenType    string `json:"token_type"`
	IdentityType string `json:"identity_type"`
}

IntrospectResponse contains details of the introspect on a profile

type ListSharingPoliciesOptions 

type ListSharingPoliciesOptions struct {
	TargetOrganizationID *string `url:"targetOrganizationId,omitempty"`
	SharingPolicy        *string `url:"sharingPolicy,omitempty"`
	RecordsPerPage       *int    `url:"recordsPerPage,omitempty"`
	StartPage            *int    `url:"startPage,omitempty"`
}

ListSharingPoliciesOptions describes search criteria for listing RoleSharingPolicy resources

type MFAPoliciesService 

type MFAPoliciesService struct {
	// contains filtered or unexported fields
}

MFAPoliciesService holds state for the service

func (*MFAPoliciesService) CreateMFAPolicy 

func (p *MFAPoliciesService) CreateMFAPolicy(policy MFAPolicy) (*MFAPolicy, *Response, error)

CreateMFAPolicy creates a MFAPolicy

func (*MFAPoliciesService) DeleteMFAPolicy 

func (p *MFAPoliciesService) DeleteMFAPolicy(policy MFAPolicy) (bool, *Response, error)

DeleteMFAPolicy deletes the given MFAPolicy

func (*MFAPoliciesService) GetMFAPolicyByID 

func (p *MFAPoliciesService) GetMFAPolicyByID(MFAPolicyID string) (*MFAPolicy, *Response, error)

GetMFAPolicyByID retrieves a MFAPolicy by ID

func (*MFAPoliciesService) UpdateMFAPolicy 

func (p *MFAPoliciesService) UpdateMFAPolicy(policy *MFAPolicy) (*MFAPolicy, *Response, error)

UpdateMFAPolicy updates a MFAPolicy

type MFAPolicy 

type MFAPolicy struct {
	Schemas     []string          `json:"schemas" validate:"min=1"`
	ID          string            `json:"id,omitempty" validate:"omitempty,min=1,max=256"`
	Name        string            `json:"name"`
	Description string            `json:"description,omitempty"`
	Resource    MFAPolicyResource `json:"resource,omitempty"`
	ExternalID  string            `json:"externalId,omitempty"`
	Types       []string          `json:"types" validate:"min=1"`
	Active      *bool             `json:"active,omitempty"`
	CreatedBy   *struct {
		Value string `json:"value,omitempty"`
		Ref   string `json:"$ref,omitempty"`
	} `json:"createdBy,omitempty"`
	ModifiedBy *struct {
		Value string `json:"value,omitempty"`
		Ref   string `json:"$ref,omitempty"`
	} `json:"modifiedBy,omitempty"`
	Meta *MFAPolicyMeta `json:"meta,omitempty"`
}

func (*MFAPolicy) SetActive 

func (p *MFAPolicy) SetActive(val bool)

func (*MFAPolicy) SetResourceOrganization 

func (p *MFAPolicy) SetResourceOrganization(uuid string)

func (*MFAPolicy) SetResourceUser 

func (p *MFAPolicy) SetResourceUser(uuid string)

func (*MFAPolicy) SetType 

func (p *MFAPolicy) SetType(val string)

type MFAPolicyMeta 

type MFAPolicyMeta struct {
	ResourceType string `json:"resourceType,omitempty"`
	Created      string `json:"created,omitempty"`
	LastModified string `json:"lastModified,omitempty"`
	Location     string `json:"location,omitempty"`
	Version      string `json:"version,omitempty"`
}

type MFAPolicyResource 

type MFAPolicyResource struct {
	Type  string `json:"type" validate:"required"`
	Value string `json:"value" validate:"required"`
	Ref   string `json:"$ref,omitempty"`
}

type MemberResponse 

type MemberResponse map[string]interface{}

type Membership 

type Membership struct {
	internal.OperationOutcome
	MemberType string   `json:"memberType"`
	Value      []string `json:"value"`
}

type Meta 

type Meta struct {
	ResourceType string     `json:"resourceType,omitempty"`
	LastModified *time.Time `json:"lastModified,omitempty"`
	LastUpdated  *time.Time `json:"lastUpdated,omitempty"`
	Created      *time.Time `json:"created,omitempty"`
	UpdatedBy    string     `json:"updatedBy,omitempty"`
	CreatedBy    string     `json:"createdBy,omitempty"`
	Location     string     `json:"location,omitempty"`
	Version      string     `json:"version,omitempty"`   // No
	VersionID    string     `json:"versionId,omitempty"` // Consistency
}

type Name 

type Name struct {
	Text   string `json:"text,omitempty"`
	Family string `json:"family" validate:"required"`
	Given  string `json:"given" validate:"required"`
	Prefix string `json:"prefix,omitempty"`
}

Name entity

type OptionFunc 

type OptionFunc func(*http.Request) error

OptionFunc is the function signature function for options

func WithContext 

func WithContext(ctx context.Context) OptionFunc

WithContext runs the request with the provided context

func WithOrgContext 

func WithOrgContext(organizationId string) OptionFunc

type OrgAddress 

type OrgAddress struct {
	Formatted     string `json:"formatted,omitempty"`
	StreetAddress string `json:"streetAddress,omitempty"`
	Locality      string `json:"locality,omitempty"`
	Region        string `json:"region,omitempty"`
	PostalCode    string `json:"postalCode,omitempty"`
	Country       string `json:"country,omitempty"`
}

type Organization 

type Organization struct {
	Schemas           []string    `json:"schemas"`
	ID                string      `json:"id"`
	ExternalID        string      `json:"externalId,omitempty"`
	Name              string      `json:"name"`
	DisplayName       string      `json:"displayName,omitempty"`
	Description       string      `json:"description,omitempty"`
	Parent            Attribute   `json:"parent,omitempty"`
	Type              string      `json:"type,omitempty"`
	Active            bool        `json:"active,omitempty"`
	InheritProperties bool        `json:"inheritProperties,omitempty"`
	Address           OrgAddress  `json:"address,omitempty"`
	Owners            []Attribute `json:"owners,omitempty"`
	CreatedBy         *Attribute  `json:"createdBy,omitempty"`
	ModifiedBy        *Attribute  `json:"modifiedBy,omitempty"`
	Meta              *Meta       `json:"meta,omitempty"`
}

Organization represents a IAM Organization resource

type OrganizationStatus 

type OrganizationStatus struct {
	Schemas        []string `json:"schemas"`
	ID             string   `json:"id"`
	Status         string   `json:"status"`
	TotalResources int      `json:"totalResources"`
	Meta           *Meta    `json:"meta"`
}

type OrganizationValue 

type OrganizationValue struct {
	Value string `json:"value" validate:"required"`
}

type OrganizationsService 

type OrganizationsService struct {
	// contains filtered or unexported fields
}

OrganizationsService implements operations on Organization entities

func (*OrganizationsService) CreateOrganization 

func (o *OrganizationsService) CreateOrganization(organization Organization) (*Organization, *Response, error)

CreateOrganization creates a (sub) organization in IAM

func (*OrganizationsService) DeleteOrganization 

func (o *OrganizationsService) DeleteOrganization(org Organization) (bool, *Response, error)

DeleteOrganization deletes the organization

func (*OrganizationsService) DeleteStatus 

func (o *OrganizationsService) DeleteStatus(id string) (*OrganizationStatus, *Response, error)

DeleteStatus returns the status of a delete operation on an organization

func (*OrganizationsService) GetOrganization 

func (o *OrganizationsService) GetOrganization(opt *GetOrganizationOptions, options ...OptionFunc) (*Organization, *Response, error)

GetOrganization retrieves an organization based on the GetOrganizationOptions parameters.

func (*OrganizationsService) GetOrganizationByID 

func (o *OrganizationsService) GetOrganizationByID(id string) (*Organization, *Response, error)

GetOrganizationByID retrieves an organization by ID

func (*OrganizationsService) UpdateOrganization 

func (o *OrganizationsService) UpdateOrganization(org Organization) (*Organization, *Response, error)

UpdateOrganization updates the description of the organization.

type Param 

type Param struct {
	Name     string   `json:"name"`
	Resource Resource `json:"resource"`
}

Param describes a resource

type Parameter 

type Parameter struct {
	Name       string      `json:"name"`
	References []Reference `json:"references"`
}

Parameter holds named references

type Parameters 

type Parameters struct {
	ResourceType string  `json:"resourceType"`
	Parameter    []Param `json:"parameter"`
}

Parameters holds parameters

type PasswordPoliciesService 

type PasswordPoliciesService struct {
	// contains filtered or unexported fields
}

PasswordPoliciesService keeps the state of the service

func (*PasswordPoliciesService) CreatePasswordPolicy 

func (p *PasswordPoliciesService) CreatePasswordPolicy(policy PasswordPolicy) (*PasswordPolicy, *Response, error)

CreatePasswordPolicy creates a password policy

func (*PasswordPoliciesService) DeletePasswordPolicy 

func (p *PasswordPoliciesService) DeletePasswordPolicy(policy PasswordPolicy) (bool, *Response, error)

DeletePasswordPolicy deletes the given password policy

func (*PasswordPoliciesService) GetPasswordPolicies 

func (p *PasswordPoliciesService) GetPasswordPolicies(opt *GetPasswordPolicyOptions, options ...OptionFunc) (*[]PasswordPolicy, *Response, error)

GetPasswordPolicies looks up clients based on GetClientsOptions

func (*PasswordPoliciesService) GetPasswordPolicyByID 

func (p *PasswordPoliciesService) GetPasswordPolicyByID(id string) (*PasswordPolicy, *Response, error)

GetPasswordPolicyByID retrieves a Password policy by ID

func (*PasswordPoliciesService) UpdatePasswordPolicy 

func (p *PasswordPoliciesService) UpdatePasswordPolicy(policy PasswordPolicy) (*PasswordPolicy, *Response, error)

UpdatePasswordPolicy updates a password policy

type PasswordPolicy 

type PasswordPolicy struct {
	ID                   string `json:"id,omitempty"`
	ManagingOrganization string `json:"managingOrganization"`
	ExpiryPeriodInDays   int    `json:"expiryPeriodInDays"`
	HistoryCount         int    `json:"historyCount"`
	Complexity           struct {
		MinLength       int `json:"minLength"`
		MaxLength       int `json:"maxLength"`
		MinNumerics     int `json:"minNumerics"`
		MinUpperCase    int `json:"minUpperCase"`
		MinLowerCase    int `json:"minLowerCase"`
		MinSpecialChars int `json:"minSpecialChars"`
	} `json:"complexity"`
	ChallengesEnabled bool             `json:"challengesEnabled"`
	ChallengePolicy   *ChallengePolicy `json:"challengePolicy,omitempty"`
	Meta              *Meta            `json:"meta,omitempty"`
}

type Period 

type Period struct {
	Description string `json:"description"`
	Start       string `json:"start"`
	End         string `json:"end"`
}

Period defines a given time period for use in Profile context

type Permission 

type Permission struct {
	ID          string `json:"id"`
	Name        string `json:"name"`
	Description string `json:"description"`
	Category    string `json:"category"`
	Type        string `json:"type"`
}

Permission represents a IAM Permission resource

type PermissionsService 

type PermissionsService struct {
	// contains filtered or unexported fields
}

PermissionsService provides operations on IAM Permissions resources

func (*PermissionsService) GetPermission 

func (p *PermissionsService) GetPermission(opt *GetPermissionOptions, options ...OptionFunc) (*Permission, *Response, error)

GetPermission looks up a permission based on GetPermissionOptions

func (*PermissionsService) GetPermissionByID 

func (p *PermissionsService) GetPermissionByID(id string) (*Permission, *Response, error)

GetPermissionByID looks up a permission by ID

func (*PermissionsService) GetPermissionByName 

func (p *PermissionsService) GetPermissionByName(name string) (*Permission, *Response, error)

GetPermissionByName looks up a permission by name

func (*PermissionsService) GetPermissions 

func (p *PermissionsService) GetPermissions(opt *GetPermissionOptions, options ...OptionFunc) (*[]Permission, *Response, error)

GetPermissions looks up permissions based on GetPermissionOptions

func (*PermissionsService) GetPermissionsByRoleID 

func (p *PermissionsService) GetPermissionsByRoleID(roleID string) (*[]Permission, *Response, error)

GetPermissionsByRoleID finds all permission which belong to the roleID

type Person 

type Person struct {
	ID string `json:"id,omitempty" validate:"omitempty"`
	// Pattern: ^((?![~`!#%^&*()+={}[\\]|/\\\\<>,;:\"'?])[\\S])*$
	LoginID                       string         `json:"loginId" validate:"required"`
	ResourceType                  string         `json:"resourceType,omitempty" validate:"required" enum:"Person"`
	Name                          Name           `json:"name" validate:"required"`
	Telecom                       []TelecomEntry `json:"telecom,omitempty" validate:"min=1"`
	Address                       []AddressEntry `json:"address,omitempty"`
	Description                   string         `json:"description,omitempty"`
	ManagingOrganization          string         `json:"managingOrganization,omitempty"`
	PreferredLanguage             string         `json:"preferredLanguage,omitempty"`
	PreferredCommunicationChannel string         `json:"preferredCommunicationChannel,omitempty"`
	IsAgeValidated                string         `json:"isAgeValidated,omitempty"`
	Password                      string         `json:"password,omitempty"`
	Disabled                      bool           `json:"disabled"`
	Loaded                        bool           `json:"-"`
}

Person represents an IAM user resource

type Profile 

type Profile struct {
	ID                            string     `json:"-"`
	GivenName                     string     `json:"givenName"`
	MiddleName                    string     `json:"middleName"`
	FamilyName                    string     `json:"familyName"`
	BirthDay                      *time.Time `json:"birthDay,omitempty"`
	DisplayName                   string     `json:"displayName,omitempty"`
	Gender                        string     `json:"gender,omitempty" enum:"Male|Female"`
	Country                       string     `json:"country,omitempty"`
	Contact                       Contact    `json:"contact,omitempty"`
	Addresses                     []Address  `json:"addresses,omitempty"`
	Disabled                      *bool      `json:"disabled,omitempty"`
	PreferredLanguage             string     `json:"preferredLanguage,omitempty"`
	PreferredCommunicationChannel string     `json:"preferredCommunicationChannel,omitempty"`
	VerifiedMobilePhoneStatus     string     `json:"verifiedMobilePhoneStatus,omitempty"`
	EmailVerifiedStatus           string     `json:"emailVerifiedStatus,omitempty"`
	MustChangePassword            string     `json:"mustChangePassword,omitempty"`
}

Profile describes the response from legacy User APIs The response does not correspond to the object that is used to create a user

func (*Profile) MergeUser 

func (p *Profile) MergeUser(user *User)

MergeUser merges User into legacy Profile

func (*Profile) PruneBlankAddresses 

func (p *Profile) PruneBlankAddresses()

PruneBlankAddresses removes addresses which are blank

type Proposition 

type Proposition struct {
	ID                string `json:"id,omitempty"`
	Name              string `json:"name"`
	Description       string `json:"description"`
	OrganizationID    string `json:"organizationId"`
	GlobalReferenceID string `json:"globalReferenceId"`
}

Proposition represents an IAM Proposition entity

type PropositionStatus 

type PropositionStatus struct {
	Schemas        []string `json:"schemas"`
	ID             string   `json:"id"`
	Status         string   `json:"status"`
	TotalResources int      `json:"totalResources"`
	Meta           *Meta    `json:"meta"`
}

PropositionStatus holds the status of a delete Proposition operation

type PropositionsService 

type PropositionsService struct {
	// contains filtered or unexported fields
}

PropositionsService implements actions on IAM Proposition entities

func (*PropositionsService) CreateProposition 

func (p *PropositionsService) CreateProposition(prop Proposition) (*Proposition, *Response, error)

CreateProposition creates a Proposition

func (*PropositionsService) DeleteProposition 

func (p *PropositionsService) DeleteProposition(prop Proposition) (bool, *Response, error)

func (*PropositionsService) DeleteStatus 

func (p *PropositionsService) DeleteStatus(id string) (*PropositionStatus, *Response, error)

DeleteStatus returns the status of a delete operation on an organization

func (*PropositionsService) GetProposition 

func (p *PropositionsService) GetProposition(opt *GetPropositionsOptions, options ...OptionFunc) (*Proposition, *Response, error)

GetProposition find a Proposition based on the GetPropositions values

func (*PropositionsService) GetPropositionByID 

func (p *PropositionsService) GetPropositionByID(id string) (*Proposition, *Response, error)

GetPropositionByID retrieves an Proposition by its ID

func (*PropositionsService) GetPropositions 

func (p *PropositionsService) GetPropositions(opt *GetPropositionsOptions, options ...OptionFunc) (*[]Proposition, *Response, error)

GetPropositions search for an Proposition entity based on the GetPropositions values

type ProviderCredentials 

type ProviderCredentials struct {
	Token string `json:"token" validate:"required"`
}

type ProviderProperties 

type ProviderProperties struct {
	SID        string `json:"sid" validate:"required"`
	Endpoint   string `json:"endpoint" validate:"required"`
	FromNumber string `json:"fromNumber" validate:"required"`
}

type Reference 

type Reference struct {
	Reference string `json:"reference"`
}

Reference holds a reference

type Resource 

type Resource struct {
	LoginID          string `json:"loginId,omitempty"`
	ConfirmationCode string `json:"confirmationCode,omitempty"`
	OldPassword      string `json:"oldPassword,omitempty"`
	NewPassword      string `json:"newPassword,omitempty"`
	Context          string `json:"context,omitempty"`
}

Resource holds a resource

type Response 

type Response struct {
	*http.Response
}

Response is a HSDP IAM API response. This wraps the standard http.Response returned from HSDP IAM and provides convenient access to things like errors

func (*Response) StatusCode 

func (r *Response) StatusCode() int

type Role 

type Role struct {
	ID                   string `json:"id,omitempty"`
	Name                 string `json:"name"`
	Description          string `json:"description"`
	ManagingOrganization string `json:"managingOrganization"`
}

Role represents an IAM resource

type RoleResponse 

type RoleResponse map[string]interface{}

type RoleSharingPolicy 

type RoleSharingPolicy struct {
	SharingPolicy        string `json:"sharingPolicy"`
	Purpose              string `json:"purpose"`
	TargetOrganizationID string `json:"targetOrganizationId"`
	InternalID           string `json:"internalId,omitempty"`
	SourceOrganizationID string `json:"sourceOrganizationId,omitempty"`
	RoleName             string `json:"roleName,omitempty"`
	RoleID               string `json:"roleId,omitempty"`
	Meta                 *Meta  `json:"meta,omitempty"`
}

RoleSharingPolicy describes a role sharing policy

type RolesService 

type RolesService struct {
	// contains filtered or unexported fields
}

RolesService provides operations on IAM roles resources

func (*RolesService) AddRolePermission 

func (p *RolesService) AddRolePermission(role Role, permission string) (RoleResponse, *Response, error)

func (*RolesService) ApplySharingPolicy 

func (p *RolesService) ApplySharingPolicy(role Role, policy RoleSharingPolicy) (*RoleSharingPolicy, *Response, error)

func (*RolesService) CreateRole 

func (p *RolesService) CreateRole(name, description, managingOrganization string) (*Role, *Response, error)

CreateRole creates a Role

func (*RolesService) DeleteRole 

func (p *RolesService) DeleteRole(role Role) (RoleResponse, *Response, error)

DeleteRole deletes the given Role

func (*RolesService) GetRoleByID 

func (p *RolesService) GetRoleByID(roleID string) (*Role, *Response, error)

GetRoleByID retrieves a role by ID

func (*RolesService) GetRolePermissions 

func (p *RolesService) GetRolePermissions(role Role) (*[]string, *Response, error)

GetRolePermissions retrieves the permissions associated with the Role

func (*RolesService) GetRoles 

func (p *RolesService) GetRoles(opt *GetRolesOptions) (*[]Role, *Response, error)

GetRoles retries based on GetRolesOptions

func (*RolesService) GetRolesByGroupID 

func (p *RolesService) GetRolesByGroupID(groupID string) (*[]Role, *Response, error)

GetRolesByGroupID retrieves Roles based on group ID

func (*RolesService) ListSharingPolicies 

func (p *RolesService) ListSharingPolicies(role Role, opt *ListSharingPoliciesOptions) (*[]RoleSharingPolicy, *Response, error)

func (*RolesService) RemoveRolePermission 

func (p *RolesService) RemoveRolePermission(role Role, permission string) (RoleResponse, *Response, error)

RemoveRolePermission removes the permission from the Role

func (*RolesService) RemoveSharingPolicy 

func (p *RolesService) RemoveSharingPolicy(role Role, policy RoleSharingPolicy) (*RoleSharingPolicy, *Response, error)

type SCIMCoreUser 

type SCIMCoreUser struct {
	UserName          string      `json:"userName,omitempty"`
	DisplayName       string      `json:"displayName,omitempty"`
	Name              SCIMName    `json:"name,omitempty"`
	PreferredLanguage string      `json:"preferredLanguage,omitempty"`
	Locale            string      `json:"locale,omitempty"`
	Emails            []Attribute `json:"emails,omitempty"`
	PhoneNumbers      []Attribute `json:"phoneNumbers,omitempty"`
}

type SCIMDevice 

type SCIMDevice struct {
	LoginID string `json:"loginId,omitempty"`
}

type SCIMGetGroupOptions 

type SCIMGetGroupOptions struct {
	IncludeGroupMembersType *string `url:"includeGroupMembersType,omitempty"`
	GroupMembersStartIndex  *int    `url:"groupMembersStartIndex,omitempty"`
	GroupMembersCount       *int    `url:"groupMembersCount,omitempty"`
	ExcludedAttributes      *string `url:"excludedAttributes,omitempty"`
	Attributes              *string `url:"attributes,omitempty"`
}

SCIMGetGroupOptions describes the query fields to use for querying SCIM Groups

type SCIMGroup 

type SCIMGroup struct {
	Schemas        []string       `json:"schemas"`
	ID             string         `json:"id"`
	DisplayName    string         `json:"displayName"`
	ExtensionGroup ExtensionGroup `json:"urn:ietf:params:scim:schemas:extension:philips:hsdp:2.0:Group"`
	Meta           *Meta          `json:"meta,omitempty"`
}

SCIMGroup is the resource returned when getting group resources

type SCIMListResource 

type SCIMListResource struct {
	Schemas      []string  `json:"schemas"`
	ID           string    `json:"id"`
	Organization Attribute `json:"organization,omitempty"`
	Application  Attribute `json:"application,omitempty"`
	Active       bool      `json:"active,omitempty"`
	SCIMCoreUser
	SCIMService
	SCIMDevice
	ExtensionUser ExtensionUser `json:"urn:ietf:params:scim:schemas:extension:philips:hsdp:2.0:User,omitempty"`
}

type SCIMListResponse 

type SCIMListResponse struct {
	Schemas      []string           `json:"schemas"`
	TotalResults int                `json:"totalResults"`
	StartIndex   int                `json:"startIndex"`
	ItemsPerPage int                `json:"itemsPerPage"`
	Resources    []SCIMListResource `json:"Resources"`
}

type SCIMName 

type SCIMName struct {
	FullName   string `json:"fullName,omitempty"`
	FamilyName string `json:"familyName,omitempty"`
	GivenName  string `json:"givenName,omitempty"`
	MiddleName string `json:"middleName,omitempty"`
}

type SCIMService 

type SCIMService struct {
	ServiceId string     `json:"serviceId,omitempty"`
	ExpiresOn *time.Time `json:"expiresOn,omitempty"`
}

type SMSGateway 

type SMSGateway struct {
	Schemas          []string            `json:"schemas" validate:"required"`
	ID               string              `json:"id,omitempty"`
	Organization     OrganizationValue   `json:"organization" validate:"required"`
	ExternalID       string              `json:"externalId,omitempty"`
	Provider         string              `json:"provider" validate:"required,oneof=twilio"`
	Properties       ProviderProperties  `json:"properties"`
	Credentials      ProviderCredentials `json:"credentials" validate:"required"`
	Active           bool                `json:"active"`
	ActivationExpiry int                 `json:"activationExpiry" validate:"required,min=1,max=43200"`
	Meta             *Meta               `json:"meta,omitempty"`
}

SMSGateway represents a IAM SMS gateway resource

type SMSGatewaysService 

type SMSGatewaysService struct {
	// contains filtered or unexported fields
}

SMSGatewaysService represents the SMS related services for IAM

func (*SMSGatewaysService) CreateSMSGateway 

func (o *SMSGatewaysService) CreateSMSGateway(gw SMSGateway) (*SMSGateway, *Response, error)

CreateSMSGateway creates a SMS gateway for IAM

func (*SMSGatewaysService) DeleteSMSGateway 

func (o *SMSGatewaysService) DeleteSMSGateway(gw SMSGateway) (bool, *Response, error)

DeleteSMSGateway deletes the SMS gateway

func (*SMSGatewaysService) GetSMSGateway 

func (o *SMSGatewaysService) GetSMSGateway(opt *GetSMSGatewayOptions, options ...OptionFunc) (*SMSGateway, *Response, error)

GetSMSGateway retrieves an SMS gateway based on the GetSMSGatewayOptions parameters.

func (*SMSGatewaysService) GetSMSGatewayByID 

func (o *SMSGatewaysService) GetSMSGatewayByID(id string) (*SMSGateway, *Response, error)

GetSMSGatewayByID retrieves an SMS gateway by ID

func (*SMSGatewaysService) UpdateSMSGateway 

func (o *SMSGatewaysService) UpdateSMSGateway(gw SMSGateway) (*SMSGateway, *Response, error)

UpdateSMSGateway updates the SMS gateway

type SMSTemplate 

type SMSTemplate struct {
	Schemas      []string          `json:"schemas" validate:"required"`
	ID           string            `json:"id,omitempty"`
	Organization OrganizationValue `json:"organization" validate:"required"`
	ExternalID   string            `json:"externalId,omitempty"`
	Type         string            `json:"type" validate:"required,oneof=PHONE_VERIFICATION MFA_OTP PASSWORD_RECOVERY PASSWORD_FAILED_ATTEMPTS"`
	Message      string            `json:"message" validate:"required"`
	Locale       string            `json:"locale,omitempty"`
	Meta         *Meta             `json:"meta,omitempty"`
}

type SMSTemplatesService 

type SMSTemplatesService struct {
	// contains filtered or unexported fields
}

SMSTemplatesService represents the SMS template related services for IAM

func (*SMSTemplatesService) CreateSMSTemplate 

func (o *SMSTemplatesService) CreateSMSTemplate(template SMSTemplate) (*SMSTemplate, *Response, error)

CreateSMSTemplate creates a SMS template for IAM

func (*SMSTemplatesService) DeleteSMSTemplate 

func (o *SMSTemplatesService) DeleteSMSTemplate(template SMSTemplate) (bool, *Response, error)

DeleteSMSTemplate deletes the SMS template

func (*SMSTemplatesService) GetSMSTemplate 

func (o *SMSTemplatesService) GetSMSTemplate(opt *GetSMSTemplateOptions, options ...OptionFunc) (*SMSTemplate, *Response, error)

GetSMSTemplate retrieves an organization based on the GetSMSTemplateOptions parameters.

func (*SMSTemplatesService) GetSMSTemplateByID 

func (o *SMSTemplatesService) GetSMSTemplateByID(id string) (*SMSTemplate, *Response, error)

GetSMSTemplateByID retrieves an SMS template by ID

func (*SMSTemplatesService) UpdateSMSTemplate 

func (o *SMSTemplatesService) UpdateSMSTemplate(template SMSTemplate) (*SMSTemplate, *Response, error)

UpdateSMSTemplate updates the SMS template

type Service 

type Service struct {
	ID                  string   `json:"id,omitempty"`
	Name                string   `json:"name"`
	Description         string   `json:"description"`
	ApplicationID       string   `json:"applicationId"`
	Validity            int      `json:"validity,omitempty"`
	ServiceID           string   `json:"serviceId,omitempty"`
	OrganizationID      string   `json:"organizationId,omitempty"`
	ExpiresOn           string   `json:"expiresOn,omitempty"`
	PrivateKey          string   `json:"privateKey,omitempty"`
	Scopes              []string `json:"scopes,omitempty"`
	DefaultScopes       []string `json:"defaultScopes,omitempty"`
	AccessTokenLifetime int      `json:"-"` // This is only settable in PUT :(
}

Service represents a IAM service resource

func (*Service) GenerateJWT 

func (s *Service) GenerateJWT(accessTokenEndpoint string) (signedString string, err error)

GenerateJWT returns a JWT which can be exchanged for access token

func (*Service) Valid 

func (s *Service) Valid() bool

Valid checks if a service is usable

type ServiceUpdateRequest 

type ServiceUpdateRequest struct {
	AccessTokenLifetime int    `json:"accessTokenLifetime"`
	Description         string `json:"description"`
}

type ServiceUpdateResponse 

type ServiceUpdateResponse struct {
	Service
	TokenValidity int `json:"tokenValidity"`
}

type ServicesService 

type ServicesService struct {
	// contains filtered or unexported fields
}

ServicesService provides operations on IAM Sessions resources

func (*ServicesService) AddScopes 

func (p *ServicesService) AddScopes(service Service, scopes []string, defaultScopes []string) (bool, *Response, error)

AddScopes add scopes to the service

func (*ServicesService) CreateService 

func (p *ServicesService) CreateService(service Service) (*Service, *Response, error)

CreateService creates a Service

func (*ServicesService) DeleteService 

func (p *ServicesService) DeleteService(service Service) (bool, *Response, error)

DeleteService deletes the given Service

func (*ServicesService) GetService 

func (p *ServicesService) GetService(opt *GetServiceOptions, options ...OptionFunc) (*Service, *Response, error)

GetService looks up a services based on GetServiceOptions

func (*ServicesService) GetServiceByID 

func (p *ServicesService) GetServiceByID(id string) (*Service, *Response, error)

GetServiceByID looks up a service by ID

func (*ServicesService) GetServiceByName 

func (p *ServicesService) GetServiceByName(name string) (*Service, *Response, error)

GetServiceByName looks up a service by name

func (*ServicesService) GetServices 

func (p *ServicesService) GetServices(opt *GetServiceOptions, options ...OptionFunc) (*[]Service, *Response, error)

GetServices looks up services based on GetServiceOptions

func (*ServicesService) GetServicesByApplicationID 

func (p *ServicesService) GetServicesByApplicationID(applicationID string) (*[]Service, *Response, error)

GetServicesByApplicationID finds all services which belong to the applicationID

func (*ServicesService) RemoveScopes 

func (p *ServicesService) RemoveScopes(service Service, scopes []string, defaultScopes []string) (bool, *Response, error)

RemoveScopes add scopes to the service

func (*ServicesService) UpdateService 

func (p *ServicesService) UpdateService(service Service) (*ServiceUpdateResponse, *Response, error)

UpdateService updates some fields of the given Service A user with any of the following permissions can update the service token validity: SERVICE.WRITE HSDP_IAM_ORGANIZATION.MGMT Only the description and accessTokenLifetime values can be updated

func (*ServicesService) UpdateServiceCertificate 

func (p *ServicesService) UpdateServiceCertificate(service Service, privateKey *rsa.PrivateKey, options ...CertificateOptionFunc) (*Service, *Response, error)

UpdateServiceCertificate updates the associated certificate of the service

func (*ServicesService) UpdateServiceCertificateDER 

func (p *ServicesService) UpdateServiceCertificateDER(service Service, derBytes []byte) (*Service, *Response, error)

UpdateServiceCertificateDER updates the associated certificate of the service using raw DER

type TelecomEntry 

type TelecomEntry struct {
	System string `json:"system" enum:"mobile|fax|email|url"`
	Value  string `json:"value"`
}

TelecomEntry entity

type TokenRefresher 

type TokenRefresher interface {
	TokenRefresh() error
}

type User 

type User struct {
	PreferredLanguage             string             `json:"preferredLanguage"`
	PreferredCommunicationChannel string             `json:"preferredCommunicationChannel,omitempty"`
	EmailAddress                  string             `json:"emailAddress"`
	PhoneNumber                   string             `json:"phoneNumber,omitempty"`
	ID                            string             `json:"id"`
	LoginID                       string             `json:"loginId"`
	Name                          Name               `json:"name"`
	ManagingOrganization          string             `json:"managingOrganization"`
	PasswordStatus                UserPasswordStatus `json:"passwordStatus"`
	Memberships                   []UserMembership   `json:"memberships,omitempty"`
	AccountStatus                 UserAccountStatus  `json:"accountStatus"`
	ConsentedApps                 []string           `json:"consentedApps,omitempty"`
	Delegations                   UserDelegation     `json:"delegations,omitempty"`
}

User represents a user profile in IAM

type UserAccountStatus 

type UserAccountStatus struct {
	LastLoginTime          time.Time `json:"lastLoginTime"`
	MFAStatus              string    `json:"mfaStatus"`
	EmailVerified          bool      `json:"emailVerified"`
	PhoneVerified          bool      `json:"phoneVerified"`
	MustChangePassword     bool      `json:"mustChangePassword"`
	Disabled               bool      `json:"disabled"`
	AccountLockedOn        time.Time `json:"accountLockedOn"`
	AccountLockedUntil     time.Time `json:"accountLockedUntil"`
	NumberOfInvalidAttempt int       `json:"numberOfInvalidAttempt"`
	LastInvalidAttemptedOn time.Time `json:"lastInvalidAttemptedOn"`
}

type UserDelegation 

type UserDelegation struct {
	Granted  []UserDelegator `json:"granted"`
	Received []UserDelegator `json:"received"`
}

type UserDelegator 

type UserDelegator struct {
	DelegateeID string `json:"delegateeId"`
	ValidFrom   string `json:"validFrom"`
	ValidUntil  string `json:"validUntil"`
}

type UserError 

type UserError struct {
	User string
	Err  error
}

func (*UserError) Error 

func (e *UserError) Error() string

func (*UserError) Unwrap 

func (e *UserError) Unwrap() error

type UserList 

type UserList struct {
	UserUUIDs   []string
	PageNumber  int
	PageSize    int
	HasNextPage bool
}

UserList holds a paginated lists of users

type UserMembership 

type UserMembership struct {
	OrganizationID   string   `json:"organizationId"`
	OrganizationName string   `json:"organizationName"`
	Roles            []string `json:"roles"`
	Groups           []string `json:"groups"`
}

type UserPasswordStatus 

type UserPasswordStatus struct {
	PasswordExpiresOn time.Time `json:"passwordExpiresOn"`
	PasswordChangedOn time.Time `json:"passwordChangedOn"`
}

type UsersService 

type UsersService struct {
	// contains filtered or unexported fields
}

UsersService provides operations on IAM User resources

func (*UsersService) ChangeLoginID 

func (u *UsersService) ChangeLoginID(user Person, newLoginID string) (bool, *Response, error)

ChangeLoginID changes the loginID Link: https://www.hsdp.io/documentation/identity-and-access-management-iam/api-documents/resource-reference-api/user-api-v2#/User%20Management/post_User__id___change_loginid

func (*UsersService) ChangePassword 

func (u *UsersService) ChangePassword(loginID, oldPassword, newPassword string) (bool, *Response, error)

ChangePassword changes the password. The current pasword must be provided as well.

func (*UsersService) CreateUser 

func (u *UsersService) CreateUser(person Person) (*User, *Response, error)

CreateUser creates a new IAM user.

func (*UsersService) DeleteUser 

func (u *UsersService) DeleteUser(person Person) (bool, *Response, error)

DeleteUser deletes the IAM user.

func (*UsersService) GetAllUsers 

func (u *UsersService) GetAllUsers(opts *GetUserOptions, options ...OptionFunc) ([]string, *Response, error)

GetAllUsers retrieves all users based on GetUserOptions

func (*UsersService) GetUserByID 

func (u *UsersService) GetUserByID(uuid string) (*User, *Response, error)

GetUserByID looks up a user by UUID

func (*UsersService) GetUserIDByLoginID 

func (u *UsersService) GetUserIDByLoginID(loginID string) (string, *Response, error)

GetUserIDByLoginID looks up the UUID of a user by LoginID (email address)

func (*UsersService) GetUsers 

func (u *UsersService) GetUsers(opts *GetUserOptions, options ...OptionFunc) (*UserList, *Response, error)

GetUsers looks up users by search criteria specified in GetUserOptions

func (*UsersService) LegacyGetUserByUUID 

func (u *UsersService) LegacyGetUserByUUID(uuid string) (*Profile, *Response, error)

LegacyGetUserByUUID looks the a user by UUID using the legacy API

func (*UsersService) LegacyGetUserIDByLoginID 

func (u *UsersService) LegacyGetUserIDByLoginID(loginID string) (string, *Response, error)

LegacyGetUserIDByLoginID looks up the UUID of a user by LoginID (email address)

func (*UsersService) LegacyUpdateUser 

func (u *UsersService) LegacyUpdateUser(profile Profile) (*Profile, *Response, error)

LegacyUpdateUser updates the user profile

func (*UsersService) ResendActivation 

func (u *UsersService) ResendActivation(loginID string) (bool, *Response, error)

ResendActivation re-sends an activation email to the given user

func (*UsersService) SetMFA 

func (u *UsersService) SetMFA(userID string, activate bool) (bool, *Response, error)

SetMFA activate Multi-Factor-Authentication for the given UUID. See also SetMFAByLoginID.

func (*UsersService) SetMFAByLoginID 

func (u *UsersService) SetMFAByLoginID(loginID string, activate bool) (bool, *Response, error)

SetMFAByLoginID enabled Multi-Factor-Authentication for the given user. Only OrgAdmins can do this.

func (*UsersService) SetPassword 

func (u *UsersService) SetPassword(loginID, confirmationCode, newPassword, context string) (bool, *Response, error)

SetPassword sets the password of a user given a correct confirmation code

func (*UsersService) Unlock 

func (u *UsersService) Unlock(userID string) (bool, *Response, error)

Unlock unlocks a user account with the given UserID

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.