Documentation ¶
Overview ¶
Package ccp implements the CyberArk Credentials Provider (CCP) REST API client
Index ¶
- type Client
- func (c *Client) Close()
- func (c *Client) ConnectionTimeout() int
- func (c *Client) FailRequestOnPasswordChange() bool
- func (c *Client) Host() string
- func (c *Client) Query(ctx context.Context, r *PasswordRequest, qf QueryFormat) (*PasswordResponse, string, error)
- func (c *Client) Request(ctx context.Context, r *PasswordRequest) (*PasswordResponse, string, error)
- func (c *Client) SetConnectionTimeout(v int) error
- func (c *Client) SetFailRequestOnPasswordChange(v bool)
- func (c *Client) SetHost(v string) error
- type Config
- type PasswordRequest
- type PasswordResponse
- type QueryFormat
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client implements the CCP client, which communicates with the CCP Web Servie
func (*Client) ConnectionTimeout ¶
ConnectionTimeout returns the connection timeout to EPV from the CCP Server
func (*Client) FailRequestOnPasswordChange ¶
FailRequestOnPasswordChange returns the request behaviour, when a password change is in progress
func (*Client) Query ¶
func (c *Client) Query(ctx context.Context, r *PasswordRequest, qf QueryFormat) (*PasswordResponse, string, error)
Query queries the CCP Web Service for a password
func (*Client) Request ¶
func (c *Client) Request(ctx context.Context, r *PasswordRequest) (*PasswordResponse, string, error)
Request requests a password from the CCP Web Service
func (*Client) SetConnectionTimeout ¶
SetConnectionTimeout sets the connection timeout to EPV from the CCP Server
func (*Client) SetFailRequestOnPasswordChange ¶
SetFailRequestOnPasswordChange sets the request behaviour, when a password change is in progress
type Config ¶
type Config struct { // The host of CCP Web Service host. // This should be a hostname with an optional port number. // Using the format: hostname[:port] Host string // HttpClient is the HTTP client to use to access the CCP Web Service HTTPClient *http.Client // The ID of the application performing the password request ApplicationID string // The number of seconds that the Central Credential Provider // will try to retrieve the password. The timeout is calculated // when the request is sent from the web service to the Vault // and returned back to the web service. // If zero the default connection timeout will be used. ConnectionTimeout int // Whether or not an error will be returned, if the web service // is called when a password change process is underway. // To fail a request Aduring a password change, set this value to true FailRequestOnPasswordChange bool // Certificate is used to to authenticate against the CCP Web Service ClientCertificate *tls.Certificate // SkipTLSVerify disbles or enables service certificate Validation SkipTLSVerify bool // Enable TLS Renegotiation EnableTLSRenegotiation bool // RootCA is a PEM encoded certificate or bundle to verify the // CCP Web Service Server Certificat RootCAs *x509.CertPool // contains filtered or unexported fields }
Config is used to configure the creation of the CCP client After one has been passed to a CCP function it must not be modified.
type PasswordRequest ¶
type PasswordRequest struct {
Safe, Folder, Object string
UserName, Address, Database string
PolicyID string
// Password request reason
Reason string
}
PasswordRequest defines the query parameters to search for a password
type PasswordResponse ¶
type PasswordResponse struct { SequenceID int `mapstructure2:"sequence_id,omitempty"` // Password Content string `mapstructure2:"content"` Safe string `mapstructure2:"safe"` Folder string `mapstructure2:"folder"` UserName string `mapstructure2:"username"` LogonDomain string `mapstructure2:"logon_domain"` Name string `mapstructure2:"name,omitempty"` AccountDescription string `mapstructure2:"account_description,omitempty"` Address string `mapstructure2:"address,omitempty"` DeviceType string `mapstructure2:"device_type,omitempty"` Environment string `mapstructure2:"content,omitempty"` Database string `mapstructure2:"database,omitempty"` // Is Database a valid response? CreationMethod string `mapstructure2:"creation_method,omitempty"` PolicyID string `mapstructure2:"policy_id,omitempty"` CPMStatus string `mapstructure2:"cpm_status,omitempty"` CPMDisabled string `mapstructure2:"cpm_disabled,omitempty"` PasswordChangeInProcess bool `mapstructure2:"password_change_in_process"` LastTask string `mapstructure2:"last_task,omitempty"` LastSuccessReconciliation int64 `mapstructure2:"last_success_reconciliation,omitempty"` // Unix time, the number of seconds elapsed since January 1, 1970 UTC RetriesCount int `mapstructure2:"retries_count,omitempty"` // Error Information ErrorCode string `mapstructure2:"error_code,omitempty"` ErrorMsg string `mapstructure2:"error_msg,omitempty"` }
PasswordResponse contains the retrieved password information
func (*PasswordResponse) MapSnakeCase ¶ added in v0.1.2
func (pr *PasswordResponse) MapSnakeCase() (map[string]interface{}, error)
MapSnakeCase returns PasswordResponse a map[string]interface{}, using snake case keys
type QueryFormat ¶
type QueryFormat int
QueryFormat specifies the type query being executed
const ( // QueryFormatExact specifies a query in Exact format QueryFormatExact QueryFormat = iota // QueryFormatRegEx specifies a query in Regular Expression format QueryFormatRegEx )
QueryFormat Values