ias

package
v0.0.0-...-a592c90 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 22, 2021 License: Apache-2.0, Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source
const (
	PathServiceProviders  = "/service/sps"
	PathCompanyGlobal     = "/service/company/global"
	PathAccess            = "/service/sps/%s/rba"
	PathIdentityProviders = "/service/idp"
	PathDelete            = "/service/sps/delete"
	PathDeleteSecret      = "/service/sps/clientSecret"
)
View Source
const (
	FakeIdentityProviderName = "IdentityProviderName"
	FakeIdentityProviderID   = "0dbae593-ab1d-4774-97c1-5118ea22ea2d"
	FakeGrafanaName          = "GrafanaName"
	FakeGrafanaID            = "eebb54dd-e4d5-43a1-929a-e98ea2831342"
	FakeUserForRest          = "874a7fd7-7f0c-482d-ba44-3563b2622586"
	FakeDexName              = "DexName"
	FakeDexID                = "dd70d82e-0a30-4931-9171-3a55a0725512"
	FakeClientID             = "cid"
	FakeClientSecret         = "csc"
)
View Source
const (
	SPDexID     = 1
	SPGrafanaID = 2
)
View Source
const (
	OIDC = "openIdConnect"
	SAML = "saml2"
)

Variables

View Source
var ServiceProviderInputs = map[SPInputID]ServiceProviderParam{
	SPGrafanaID: {
		// contains filtered or unexported fields
	},
}

Functions

This section is empty.

Types

type ACSEndpoint

type ACSEndpoint struct {
	Location  string `json:"location"`
	IsDefault bool   `json:"isDefault,omitempty"`
	Index     int32  `json:"index"`
}

type AssertionAttribute

type AssertionAttribute struct {
	AssertionAttribute string `json:"assertionAttribute"`
	UserAttribute      string `json:"userAttribute"`
}

type AssertionAttributeDeliver

type AssertionAttributeDeliver struct {
	// contains filtered or unexported fields
}

AssertionAttributeDeliver ensures required AssertionAttributes instead remove all and replace by new one, it will remove only not existing in templates and leave existing with probably fresher version of user attributes

func NewAssertionAttributeDeliver

func NewAssertionAttributeDeliver() *AssertionAttributeDeliver

NewAssertionAttributeDeliver returns new AssertionAttributeDeliver with default attributes template

func (*AssertionAttributeDeliver) GenerateAssertionAttribute

func (a *AssertionAttributeDeliver) GenerateAssertionAttribute(serviceProvider ServiceProvider) []AssertionAttribute

GenerateAssertionAttribute remove not existing in template attributes, leaves existing

type AuthenticatingIdp

type AuthenticatingIdp struct {
	ID          string `json:"id"`
	Name        string `json:"name"`
	DisplayName string `json:"display_name"`
}

type AuthenticationAndAccess

type AuthenticationAndAccess struct {
	ServiceProviderAccess ServiceProviderAccess `json:"service_provider"`
}

type Builder

type Builder struct {
	// contains filtered or unexported fields
}

func (*Builder) NewBundle

func (b *Builder) NewBundle(identifier string, inputID SPInputID) (Bundle, error)

type Bundle

type Bundle interface {
	FetchServiceProviderData() error
	ServiceProviderName() string
	ServiceProviderType() string
	ServiceProviderExist() bool
	CreateServiceProvider() error
	DeleteServiceProvider() error
	ConfigureServiceProvider() error
	ConfigureServiceProviderType(path string) error
	GenerateSecret() (*ServiceProviderSecret, error)
}

type BundleBuilder

type BundleBuilder interface {
	NewBundle(identifier string, inputID SPInputID) (Bundle, error)
}

func NewBundleBuilder

func NewBundleBuilder(httpClient *http.Client, config Config) BundleBuilder

type Client

type Client struct {
	// contains filtered or unexported fields
}

func NewClient

func NewClient(cli *http.Client, cfg ClientConfig) *Client

func (Client) AuthenticationURL

func (c Client) AuthenticationURL(id ProviderID) string

func (*Client) CreateServiceProvider

func (c *Client) CreateServiceProvider(serviceName, companyID string) (err error)

func (*Client) DeleteSecret

func (c *Client) DeleteSecret(payload SecretsRef) (err error)

func (*Client) DeleteServiceProvider

func (c *Client) DeleteServiceProvider(spID string) (err error)

func (*Client) GenerateServiceProviderSecret

func (c *Client) GenerateServiceProviderSecret(secretCfg SecretConfiguration) (_ *ServiceProviderSecret, err error)

func (*Client) GetCompany

func (c *Client) GetCompany() (_ *Company, err error)

func (*Client) SetAssertionAttribute

func (c *Client) SetAssertionAttribute(spID string, payload PostAssertionAttributes) error

func (*Client) SetAuthenticationAndAccess

func (c *Client) SetAuthenticationAndAccess(spID string, payload AuthenticationAndAccess) error

func (*Client) SetDefaultAuthenticatingIDP

func (c *Client) SetDefaultAuthenticatingIDP(payload DefaultAuthIDPConfig) error

func (*Client) SetOIDCConfiguration

func (c *Client) SetOIDCConfiguration(spID string, payload OIDCType) error

func (*Client) SetSAMLConfiguration

func (c *Client) SetSAMLConfiguration(spID string, payload SAMLType) error

func (*Client) SetSubjectNameIdentifier

func (c *Client) SetSubjectNameIdentifier(spID string, payload SubjectNameIdentifier) error

type ClientConfig

type ClientConfig struct {
	URL    string
	ID     string
	Secret string
}

type Company

type Company struct {
	ServiceProviders  []ServiceProvider  `json:"service_providers"`
	IdentityProviders []IdentityProvider `json:"identity_providers"`
}

type Config

type Config struct {
	URL                    string
	UserSecret             string
	UserID                 string
	IdentityProvider       string
	Disabled               bool
	TLSRenegotiationEnable bool `envconfig:"default=false"`
	SkipCertVerification   bool `envconfig:"default=false"`
}

type DefaultAttribute

type DefaultAttribute struct {
	AssertionAttribute string `json:"assertionAttribute"`
	Value              string `json:"value"`
}

type DefaultAuthIDPConfig

type DefaultAuthIDPConfig struct {
	Organization   string `json:"organization"`
	ID             string `json:"id"`
	DefaultAuthIDP string `json:"default_auth_idp"`
}

type FakeClient

type FakeClient struct {
	// contains filtered or unexported fields
}

func NewFakeClient

func NewFakeClient() *FakeClient

func (FakeClient) AuthenticationURL

func (f FakeClient) AuthenticationURL(id ProviderID) string

func (*FakeClient) CreateServiceProvider

func (f *FakeClient) CreateServiceProvider(name string, _ string) error

func (*FakeClient) DeleteSecret

func (f *FakeClient) DeleteSecret(payload SecretsRef) error

func (*FakeClient) DeleteServiceProvider

func (f *FakeClient) DeleteServiceProvider(id string) error

func (FakeClient) GenerateServiceProviderSecret

func (f FakeClient) GenerateServiceProviderSecret(ss SecretConfiguration) (*ServiceProviderSecret, error)

func (*FakeClient) GetCompany

func (f *FakeClient) GetCompany() (*Company, error)

func (*FakeClient) GetServiceProvider

func (f *FakeClient) GetServiceProvider(id string) (*ServiceProvider, error)

func (FakeClient) SetAssertionAttribute

func (f FakeClient) SetAssertionAttribute(id string, paa PostAssertionAttributes) error

func (FakeClient) SetAuthenticationAndAccess

func (f FakeClient) SetAuthenticationAndAccess(id string, auth AuthenticationAndAccess) error

func (*FakeClient) SetDefaultAuthenticatingIDP

func (f *FakeClient) SetDefaultAuthenticatingIDP(config DefaultAuthIDPConfig) error

func (*FakeClient) SetOIDCConfiguration

func (f *FakeClient) SetOIDCConfiguration(id string, iasType OIDCType) error

func (*FakeClient) SetSAMLConfiguration

func (f *FakeClient) SetSAMLConfiguration(id string, iasType SAMLType) error

func (FakeClient) SetSubjectNameIdentifier

func (f FakeClient) SetSubjectNameIdentifier(id string, sni SubjectNameIdentifier) error

type IASCLient

type IASCLient interface {
	GetCompany() (*Company, error)
	CreateServiceProvider(string, string) error
	DeleteServiceProvider(string) error
	DeleteSecret(SecretsRef) error
	GenerateServiceProviderSecret(SecretConfiguration) (*ServiceProviderSecret, error)
	AuthenticationURL(ProviderID) string
	SetOIDCConfiguration(string, OIDCType) error
	SetSAMLConfiguration(string, SAMLType) error
	SetAssertionAttribute(string, PostAssertionAttributes) error
	SetSubjectNameIdentifier(string, SubjectNameIdentifier) error
	SetAuthenticationAndAccess(string, AuthenticationAndAccess) error
	SetDefaultAuthenticatingIDP(DefaultAuthIDPConfig) error
}

type IdentityProvider

type IdentityProvider struct {
	Name string `json:"name"`
	ID   string `json:"id"`
}

type OIDCType

type OIDCType struct {
	SsoType             string              `json:"ssoType"`
	ServiceProviderName string              `json:"sp_name"`
	OpenIDConnectConfig OpenIDConnectConfig `json:"openId_connect_configuration"`
}

type OpenIDConnectConfig

type OpenIDConnectConfig struct {
	RedirectURIs           []string `json:"redirect_uris"`
	PostLogoutRedirectURIs []string `json:"post_logout_redirect_uris,omitempty"`
}

type PostAssertionAttributes

type PostAssertionAttributes struct {
	AssertionAttributes []AssertionAttribute `json:"assertion_attributes"`
}

type ProviderID

type ProviderID string

type RBAConfig

type RBAConfig struct {
	RBARules      []RBARules `json:"rba_rules"`
	DefaultAction string     `json:"default_action"`
}

type RBARules

type RBARules struct {
	Action    string `json:"action"`
	Group     string `json:"group"`
	GroupType string `json:"group_type"`
}

type Request

type Request struct {
	Method  string
	Path    string
	Body    io.Reader
	Headers map[string]string
	Delete  bool
}

type RestAPIClientSecret

type RestAPIClientSecret struct {
	Description string   `json:"description"`
	Scopes      []string `json:"scopes"`
}

type SAMLType

type SAMLType struct {
	ServiceProviderName string        `json:"sp_name"`
	ACSEndpoints        []ACSEndpoint `json:"acs_endpoints"`
}

type SPInputID

type SPInputID int

type SPSecret

type SPSecret struct {
	SecretID    string   `json:"clientSecretId"`
	Description string   `json:"description"`
	Scopes      []string `json:"scopes"`
}

type SecretConfiguration

type SecretConfiguration struct {
	Organization        string              `json:"organization"`
	ID                  string              `json:"id"`
	RestAPIClientSecret RestAPIClientSecret `json:"rest_api_client_secret"`
}

type SecretsRef

type SecretsRef struct {
	ClientID         string   `json:"clientId"`
	ClientSecretsIDs []string `json:"clientSecretsIds"`
}

type ServiceProvider

type ServiceProvider struct {
	DisplayName         string               `json:"display_name"`
	ID                  string               `json:"id"`
	AssertionAttributes []AssertionAttribute `json:"assertion_attributes"`
	DefaultAttributes   []DefaultAttribute   `json:"default_attributes"`
	Organization        string               `json:"organization"`
	SsoType             string               `json:"ssoType"`
	RedirectURIs        []string             `json:"redirect_uris"`
	NameIDAttribute     string               `json:"name_id_attribute"`
	RBAConfig           RBAConfig            `json:"rba_config"`
	AuthenticatingIdp   AuthenticatingIdp    `json:"authenticatingIdp"`
	Secret              []SPSecret           `json:"clientSecrets"`
	ACSEndpoints        []ACSEndpoint        `json:"acs_endpoints"`
	UserForRest         string               `json:"userForRest"`
}

type ServiceProviderAccess

type ServiceProviderAccess struct {
	RBAConfig RBAConfig `json:"rba_config"`
}

type ServiceProviderBundle

type ServiceProviderBundle struct {
	// contains filtered or unexported fields
}

func NewServiceProviderBundle

func NewServiceProviderBundle(bundleIdentifier string, spParams ServiceProviderParam, c IASCLient, cfg Config) *ServiceProviderBundle

NewServiceProviderBundle returns pointer to new ServiceProviderBundle

func (*ServiceProviderBundle) ConfigureServiceProvider

func (b *ServiceProviderBundle) ConfigureServiceProvider() error

ConfigureServiceProvider sets configuration such as assertion attributes, name identifier and gropus allows to connect with specific ServiceProvider

func (*ServiceProviderBundle) ConfigureServiceProviderType

func (b *ServiceProviderBundle) ConfigureServiceProviderType(consolePath string) error

ConfigureServiceProviderType sets SSO type, name and URLs based on provided URL for ServiceProvider

func (*ServiceProviderBundle) CreateServiceProvider

func (b *ServiceProviderBundle) CreateServiceProvider() error

CreateServiceProvider creates new ServiceProvider on IAS based on name it will be create in specific company/organization

func (*ServiceProviderBundle) DeleteServiceProvider

func (b *ServiceProviderBundle) DeleteServiceProvider() error

DeleteServiceProvider removes ServiceProvider from IAS

func (*ServiceProviderBundle) FetchServiceProviderData

func (b *ServiceProviderBundle) FetchServiceProviderData() error

FetchServiceProviderData fetches all ServiceProviders and IdentityProviders for company saves specific elements based on the name

func (*ServiceProviderBundle) GenerateSecret

func (b *ServiceProviderBundle) GenerateSecret() (*ServiceProviderSecret, error)

GenerateSecret generates new ID and Secret for ServiceProvider, removes already existing secrets

func (*ServiceProviderBundle) ServiceProviderExist

func (b *ServiceProviderBundle) ServiceProviderExist() bool

ServiceProviderExist deteminates whether a particular item has been found

func (*ServiceProviderBundle) ServiceProviderName

func (b *ServiceProviderBundle) ServiceProviderName() string

ServiceProviderName returns SP name which includes instance ID

func (*ServiceProviderBundle) ServiceProviderType

func (b *ServiceProviderBundle) ServiceProviderType() string

ServiceProviserType returns SSO type (SAML or OIDC)

type ServiceProviderParam

type ServiceProviderParam struct {
	// contains filtered or unexported fields
}

type ServiceProviderSecret

type ServiceProviderSecret struct {
	ClientID     string `json:"clientId"`
	ClientSecret string `json:"clientSecret"`
}

type SubjectNameIdentifier

type SubjectNameIdentifier struct {
	NameIDAttribute string `json:"name_id_attribute"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL