api

package
v0.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 6, 2022 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrUnauthorized refers to the http response code unauthorized, which really means not authenticated, despite its name. See https://stackoverflow.com/a/6937030/155585
	ErrUnauthorized = fmt.Errorf("unauthorized")
	// ErrForbidden means you don't have permissions to the requested resource
	ErrForbidden = fmt.Errorf("forbidden")
	// ErrBadGateway means an invalid response was received from an upstream server (probably an OIDC provider)
	ErrBadGateway = fmt.Errorf("bad gateway")

	ErrDuplicate  = fmt.Errorf("duplicate record")
	ErrNotFound   = fmt.Errorf("record not found")
	ErrBadRequest = fmt.Errorf("bad request")
	ErrInternal   = fmt.Errorf("internal error")
)

Functions

This section is empty.

Types

type AccessKey 

type AccessKey struct {
	ID                uid.ID `json:"id"`
	Created           Time   `json:"created"`
	Name              string `json:"name"`
	IssuedFor         uid.ID `json:"issuedFor"`
	Expires           Time   `json:"expires,omitempty" note:"key is no longer valid after this time"`
	ExtensionDeadline Time   `json:"extensionDeadline" note:"key must be renewed after this time"`
}

type Client 

type Client struct {
	URL       string
	AccessKey string
	HTTP      http.Client
}

func (Client) CreateAccessKey 

func (c Client) CreateAccessKey(req *CreateAccessKeyRequest) (*CreateAccessKeyResponse, error)

func (Client) CreateDestination 

func (c Client) CreateDestination(req *CreateDestinationRequest) (*Destination, error)

func (Client) CreateGrant 

func (c Client) CreateGrant(req *CreateGrantRequest) (*Grant, error)

func (Client) CreateGroup 

func (c Client) CreateGroup(req *CreateGroupRequest) (*Group, error)

func (Client) CreateIdentity added in v0.9.0 

func (c Client) CreateIdentity(req *CreateIdentityRequest) (*CreateIdentityResponse, error)

func (Client) CreateProvider 

func (c Client) CreateProvider(req *CreateProviderRequest) (*Provider, error)

func (Client) CreateToken 

func (c Client) CreateToken(req *CreateTokenRequest) (*CreateTokenResponse, error)

func (Client) DeleteAccessKey 

func (c Client) DeleteAccessKey(id uid.ID) error

func (Client) DeleteDestination 

func (c Client) DeleteDestination(id uid.ID) error

func (Client) DeleteGrant 

func (c Client) DeleteGrant(id uid.ID) error

func (Client) DeleteIdentity added in v0.9.0 

func (c Client) DeleteIdentity(id uid.ID) error

func (Client) DeleteProvider 

func (c Client) DeleteProvider(id uid.ID) error

func (Client) GetGroup 

func (c Client) GetGroup(id uid.ID) (*Group, error)

func (Client) GetIdentity added in v0.9.0 

func (c Client) GetIdentity(id uid.ID) (*Identity, error)

func (Client) GetProvider 

func (c Client) GetProvider(id uid.ID) (*Provider, error)

func (Client) GetVersion 

func (c Client) GetVersion() (*Version, error)

func (Client) Introspect 

func (c Client) Introspect() (*Introspect, error)

func (Client) ListAccessKeys 

func (c Client) ListAccessKeys(req ListAccessKeysRequest) ([]AccessKey, error)

func (Client) ListDestinations 

func (c Client) ListDestinations(req ListDestinationsRequest) ([]Destination, error)

func (Client) ListGrants 

func (c Client) ListGrants(req ListGrantsRequest) ([]Grant, error)

func (Client) ListGroupGrants 

func (c Client) ListGroupGrants(id uid.ID) ([]Grant, error)

func (Client) ListGroups 

func (c Client) ListGroups(req ListGroupsRequest) ([]Group, error)

func (Client) ListIdentities added in v0.9.0 

func (c Client) ListIdentities(req ListIdentitiesRequest) ([]Identity, error)

func (Client) ListIdentityGrants added in v0.9.0 

func (c Client) ListIdentityGrants(id uid.ID) ([]Grant, error)

func (Client) ListIdentityGroups added in v0.9.0 

func (c Client) ListIdentityGroups(id uid.ID) ([]Group, error)

func (Client) ListProviders 

func (c Client) ListProviders(name string) ([]Provider, error)

func (Client) Login 

func (c Client) Login(req *LoginRequest) (*LoginResponse, error)

func (Client) Logout 

func (c Client) Logout() error

func (Client) Setup 

func (c Client) Setup() (*CreateAccessKeyResponse, error)

func (Client) SetupRequired 

func (c Client) SetupRequired() (*SetupRequiredResponse, error)

func (Client) UpdateDestination 

func (c Client) UpdateDestination(req UpdateDestinationRequest) (*Destination, error)

func (Client) UpdateIdentity added in v0.9.0 

func (c Client) UpdateIdentity(req *UpdateIdentityRequest) (*Identity, error)

func (Client) UpdateProvider 

func (c Client) UpdateProvider(req UpdateProviderRequest) (*Provider, error)

type CreateAccessKeyRequest 

type CreateAccessKeyRequest struct {
	IdentityID        uid.ID   `json:"identityID" validate:"required"`
	Name              string   `json:"name" validate:"required"`
	TTL               Duration `json:"ttl" validate:"required" note:"maximum time valid"`
	ExtensionDeadline Duration `` /* 196-byte string literal not displayed */
}

type CreateAccessKeyResponse 

type CreateAccessKeyResponse struct {
	ID                uid.ID `json:"id"`
	Created           Time   `json:"created"`
	Name              string `json:"name"`
	IssuedFor         uid.ID `json:"issuedFor"`
	Expires           Time   `json:"expires" note:"after this deadline the key is no longer valid"`
	ExtensionDeadline Time   `json:"extensionDeadline" note:"the key must be used by this time to remain valid"`
	AccessKey         string `json:"accessKey"`
}

type CreateDestinationRequest 

type CreateDestinationRequest struct {
	UniqueID   string                `json:"uniqueID"`
	Name       string                `json:"name" validate:"required"`
	Connection DestinationConnection `json:"connection"`
}

type CreateGrantRequest 

type CreateGrantRequest struct {
	Subject   uid.PolymorphicID `json:"subject" validate:"required" note:"a polymorphic field primarily expecting a user, machine, or group ID"`
	Privilege string            `json:"privilege" validate:"required" example:"view" note:"a role or permission"`
	Resource  string            `` /* 129-byte string literal not displayed */
}

type CreateGroupRequest 

type CreateGroupRequest struct {
	Name       string `json:"name" validate:"required"`
	ProviderID uid.ID `json:"providerID" validate:"required"`
}

type CreateIdentityRequest added in v0.9.0 

type CreateIdentityRequest struct {
	Name       string `json:"name" validate:"required"`
	Kind       string `json:"kind" validate:"required,oneof=user machine"`
	ProviderID uid.ID `json:"providerID" validate:"required"`
}

type CreateIdentityResponse added in v0.9.0 

type CreateIdentityResponse struct {
	ID              uid.ID `json:"id"`
	Name            string `json:"name" validate:"required"`
	ProviderID      uid.ID `json:"providerID" validate:"required"`
	OneTimePassword string `json:"oneTimePassword,omitempty"`
}

type CreateProviderRequest 

type CreateProviderRequest struct {
	Name         string `json:"name" validate:"required" example:"okta"`
	URL          string `json:"url" validate:"required" example:"infrahq.okta.com"`
	ClientID     string `json:"clientID" example:"0oapn0qwiQPiMIyR35d6"`
	ClientSecret string `json:"clientSecret" example:"jmda5eG93ax3jMDxTGrbHd_TBGT6kgNZtrCugLbU"`
}

type CreateTokenRequest 

type CreateTokenRequest struct {
	UserID uid.ID `json:"userID" validate:"required"`
}

type CreateTokenResponse 

type CreateTokenResponse struct {
	Expires Time   `json:"expires"`
	Token   string `json:"token"`
}

type Destination 

type Destination struct {
	ID         uid.ID                `json:"id"`
	UniqueID   string                `json:"uniqueID" form:"uniqueID" example:"94c2c570a20311180ec325fd56"`
	Name       string                `json:"name" form:"name"`
	Created    Time                  `json:"created"`
	Updated    Time                  `json:"updated"`
	Connection DestinationConnection `json:"connection"`
}

type DestinationConnection 

type DestinationConnection struct {
	URL string `json:"url" validate:"required" example:"aa60eexample.us-west-2.elb.amazonaws.com"`
	CA  string `json:"ca" example:"-----BEGIN CERTIFICATE-----\nMIIDNTCCAh2gAwIBAgIRALRetnpcTo9O3V2fAK3ix+c\n-----END CERTIFICATE-----\n"`
}

type Duration added in v0.8.0 

type Duration time.Duration

func (Duration) MarshalJSON added in v0.8.0 

func (d Duration) MarshalJSON() ([]byte, error)

func (Duration) String added in v0.8.0 

func (d Duration) String() string

func (*Duration) UnmarshalJSON added in v0.8.0 

func (d *Duration) UnmarshalJSON(data []byte) error

type EmptyRequest 

type EmptyRequest struct{}

type EmptyResponse 

type EmptyResponse struct{}

type Error 

type Error struct {
	Code        int32        `json:"code"` // should be a repeat of the http response status code
	Message     string       `json:"message"`
	FieldErrors []FieldError `json:"fieldErrors,omitempty"`
}

type FieldError 

type FieldError struct {
	FieldName string   `json:"fieldName"`
	Errors    []string `json:"errors"`
}

type Grant 

type Grant struct {
	ID uid.ID `json:"id"`

	Created   Time   `json:"created"`
	CreatedBy uid.ID `json:"created_by" note:"id of the identity that created the grant"`
	Updated   Time   `json:"updated"`

	Subject   uid.PolymorphicID `json:"subject" note:"a polymorphic field primarily expecting an user, or group ID"`
	Privilege string            `json:"privilege" note:"a role or permission"`
	Resource  string            `json:"resource" note:"a resource name in Infra's Universal Resource Notation"`
}

type Group 

type Group struct {
	ID         uid.ID `json:"id"`
	Name       string `json:"name"`
	Created    Time   `json:"created"`
	Updated    Time   `json:"updated"`
	ProviderID uid.ID `json:"providerID"`
}

type Identity added in v0.9.0 

type Identity struct {
	ID         uid.ID `json:"id"`
	Created    Time   `json:"created"`
	Updated    Time   `json:"updated"`
	LastSeenAt Time   `json:"lastSeenAt"`
	Name       string `json:"name" validate:"required"`
	Kind       string `json:"kind" validate:"required"`
	ProviderID uid.ID `json:"providerID"`
}

type Introspect 

type Introspect struct {
	ID           uid.ID `json:"id"`
	Name         string `json:"name"`         // the machine name or the user email
	IdentityType string `json:"identityType"` // user or machine
}

Introspect returns information about the party that the calling token was issued for

type ListAccessKeysRequest 

type ListAccessKeysRequest struct {
	IdentityID uid.ID `form:"identity_id"`
	Name       string `form:"name"`
}

type ListDestinationsRequest 

type ListDestinationsRequest struct {
	Name     string `form:"name"`
	UniqueID string `form:"unique_id"`
}

type ListGrantsRequest 

type ListGrantsRequest struct {
	Subject   uid.PolymorphicID `form:"subject"`
	Resource  string            `form:"resource" example:"kubernetes.production"`
	Privilege string            `form:"privilege" example:"view"`
}

type ListGroupsRequest 

type ListGroupsRequest struct {
	Name       string `form:"name"`
	ProviderID uid.ID `form:"provider_id"`
}

type ListIdentitiesRequest added in v0.9.0 

type ListIdentitiesRequest struct {
	Name       string `form:"name"`
	ProviderID uid.ID `form:"provider_id"`
}

type ListProvidersRequest 

type ListProvidersRequest struct {
	Name string `form:"name" example:"okta"`
}

type LoginRequest 

type LoginRequest struct {
	AccessKey           string                           `json:"accessKey" validate:"excluded_with=OIDC,excluded_with=PasswordCredentials"`
	PasswordCredentials *LoginRequestPasswordCredentials `json:"passwordCredentials" validate:"excluded_with=OIDC,excluded_with=AccessKey"`
	OIDC                *LoginRequestOIDC                `json:"oidc" validate:"excluded_with=KeyExchange,excluded_with=PasswordCredentials"`
}

type LoginRequestOIDC 

type LoginRequestOIDC struct {
	ProviderID  uid.ID `json:"providerID" validate:"required"`
	RedirectURL string `json:"redirectURL" validate:"required"`
	Code        string `json:"code" validate:"required"`
}

type LoginRequestPasswordCredentials added in v0.6.0 

type LoginRequestPasswordCredentials struct {
	Email    string `json:"email" validate:"required"`
	Password string `json:"password" validate:"required"`
}

type LoginResponse 

type LoginResponse struct {
	PolymorphicID          uid.PolymorphicID `json:"polymorphicID"`
	Name                   string            `json:"name"`
	AccessKey              string            `json:"accessKey"`
	PasswordUpdateRequired bool              `json:"passwordUpdateRequired,omitempty"`
	Expires                Time              `json:"expires"`
}

type Provider 

type Provider struct {
	ID       uid.ID `json:"id"`
	Name     string `json:"name" example:"okta"`
	Created  Time   `json:"created"`
	Updated  Time   `json:"updated"`
	URL      string `json:"url" validate:"fqdn,required" example:"infrahq.okta.com"`
	ClientID string `json:"clientID" validate:"required" example:"0oapn0qwiQPiMIyR35d6"`
}

type Resource 

type Resource struct {
	ID uid.ID `uri:"id" validate:"required"`
}

type SetupRequiredResponse 

type SetupRequiredResponse struct {
	Required bool `json:"required"`
}

type Time added in v0.8.0 

type Time time.Time

func (Time) Format added in v0.8.0 

func (t Time) Format(layout string) string

func (*Time) MarshalJSON added in v0.8.0 

func (t *Time) MarshalJSON() ([]byte, error)

func (Time) String added in v0.8.0 

func (t Time) String() string

func (*Time) UnmarshalJSON added in v0.8.0 

func (t *Time) UnmarshalJSON(data []byte) error

type UpdateDestinationRequest 

type UpdateDestinationRequest struct {
	ID         uid.ID                `uri:"id" json:"-" validate:"required"`
	Name       string                `json:"name" validate:"required"`
	UniqueID   string                `json:"uniqueID"`
	Connection DestinationConnection `json:"connection"`
}

type UpdateIdentityRequest added in v0.9.0 

type UpdateIdentityRequest struct {
	ID       uid.ID `uri:"id" json:"-" validate:"required"`
	Password string `json:"password" validate:"required,min=8"`
}

type UpdateProviderRequest 

type UpdateProviderRequest struct {
	ID           uid.ID `uri:"id" json:"-" validate:"required"`
	Name         string `json:"name" example:"okta"`
	URL          string `json:"url" example:"infrahq.okta.com"`
	ClientID     string `json:"clientID" example:"0oapn0qwiQPiMIyR35d6"`
	ClientSecret string `json:"clientSecret" example:"jmda5eG93ax3jMDxTGrbHd_TBGT6kgNZtrCugLbU"`
}

type Version 

type Version struct {
	Version string `json:"version"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.