uaa

package
v7.0.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 17, 2020 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package uaa is a GoLang library that interacts with CloudFoundry User Account and Authentication (UAA) Server.

It is currently designed to support UAA API X.X.X. However, it may include features and endpoints of later API versions.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewErrorWrapper

func NewErrorWrapper() *errorWrapper

NewErrorWrapper returns a new error wrapper.

Types

type AccountLockedError

type AccountLockedError struct {
	Message string
}

func (AccountLockedError) Error

func (e AccountLockedError) Error() string

type AuthResponse

type AuthResponse struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
}

AuthResponse contains the access token and refresh token which are granted after UAA has authorized a user.

type Client

type Client struct {
	Info
	// contains filtered or unexported fields
}

Client is the UAA client

func NewClient

func NewClient(config Config) *Client

NewClient returns a new UAA Client with the provided configuration

func (Client) Authenticate

func (client Client) Authenticate(creds map[string]string, origin string, grantType constant.GrantType) (string, string, error)

Authenticate sends a username and password to UAA then returns an access token and a refresh token.

func (*Client) CreateUser

func (client *Client) CreateUser(user string, password string, origin string) (User, error)

CreateUser creates a new UAA user account with the provided password.

func (*Client) DeleteUser

func (client *Client) DeleteUser(userGuid string) (User, error)

func (*Client) GetSSHPasscode

func (client *Client) GetSSHPasscode(accessToken string, sshOAuthClient string) (string, error)

func (Client) ListUsers

func (client Client) ListUsers(userName, origin string) ([]User, error)

ListUsers gets a list of users from UAA with the given username and (if provided) origin. NOTE: that this is a paginated response and we are only currently returning the first page of users. This will mean, if no origin is passed and there are more than 100 users with the given username, only the first 100 will be returned. For our current purposes, this is more than enough, but it would be a problem if we ever need to get all users with a username.

func (*Client) RefreshAccessToken

func (client *Client) RefreshAccessToken(refreshToken string) (RefreshedTokens, error)

RefreshAccessToken refreshes the current access token.

func (*Client) SetupResources

func (client *Client) SetupResources(bootstrapURL string) error

SetupResources configures the client to use the specified settings and diescopers the UAA and Authentication resources

func (*Client) UpdatePassword

func (client *Client) UpdatePassword(userGUID string, oldPassword string, newPassword string) error

func (Client) ValidateClientUser

func (client Client) ValidateClientUser(clientID string) error

func (*Client) WrapConnection

func (client *Client) WrapConnection(wrapper ConnectionWrapper)

WrapConnection wraps the current Client connection in the wrapper.

type Config

type Config interface {
	// BinaryName is the name of the application/process using the client.
	BinaryName() string

	// BinaryVersion is the version of the application/process using the client.
	BinaryVersion() string

	// DialTimeout is the DNS lookup timeout for the client. If not set, it is
	// infinite.
	DialTimeout() time.Duration

	// SetUAAEndpoint sets the UAA endpoint that is obtained from hitting
	// <AuthorizationEndpoint>/login.
	SetUAAEndpoint(uaaEndpoint string)

	// SkipSSLValidation controls whether a client verifies the server's
	// certificate chain and host name. If SkipSSLValidation is true, TLS accepts
	// any certificate presented by the server and any host name in that
	// certificate for *all* client requests going forward.
	//
	// In this mode, TLS is susceptible to man-in-the-middle attacks. This should
	// be used only for testing.
	SkipSSLValidation() bool

	// UAADisableKeepAlives controls whether the UAA client will reuse TCP connections
	// for multiple requests. If true, the client will always use a new TCP request
	// and set Connection: close in the request header. If false, the client
	// will reuse the TCP connection.
	UAADisableKeepAlives() bool

	// UAAGrantType returns the grant type of the supplied UAA credentials.
	UAAGrantType() string

	// UAAOAuthClient is the UAA client ID the client will use.
	UAAOAuthClient() string

	// UAAOAuthClientSecret is the UAA client secret the client will use.
	UAAOAuthClientSecret() string
}

Config allows the Client to be configured

type ConflictError

type ConflictError struct {
	Message string
}

ConflictError is returned when the response status code is 409. It represents when there is a conflict in the state of the requested resource.

func (ConflictError) Error

func (e ConflictError) Error() string

type Connection

type Connection interface {
	Make(request *http.Request, passedResponse *Response) error
}

Connection creates and executes http requests

type ConnectionWrapper

type ConnectionWrapper interface {
	Connection
	Wrap(innerconnection Connection) Connection
}

ConnectionWrapper can wrap a given connection allowing the wrapper to modify all requests going in and out of the given connection.

type Info

type Info struct {
	App struct {
		Version string `json:"version"`
	} `json:"app"`
	Links struct {
		UAA   string `json:"uaa"`
		Login string `json:"login"`
	} `json:"links"`
	Prompts map[string][]string `json:"prompts"`
}

Info represents a GET response from a login server

func NewInfo

func NewInfo(link string) Info

NewInfo returns back a new

func (Info) APIVersion

func (info Info) APIVersion() string

APIVersion is the version of the server.

func (info Info) LoginLink() string

LoginLink is the URL to the login server.

func (Info) LoginPrompts

func (info Info) LoginPrompts() map[string][]string
func (info Info) UAALink() string

UAALink is the URL to the UAA server.

type InsufficientScopeError

type InsufficientScopeError struct {
	Message string
}

InsufficientScopeError is returned when the client has insufficient scope

func (InsufficientScopeError) Error

func (e InsufficientScopeError) Error() string

type InvalidAuthTokenError

type InvalidAuthTokenError struct {
	Message string
}

InvalidAuthTokenError is returned when the client has an invalid authorization header.

func (InvalidAuthTokenError) Error

func (e InvalidAuthTokenError) Error() string

type InvalidPasswordError

type InvalidPasswordError struct {
	Message string
}

func (InvalidPasswordError) Error

func (e InvalidPasswordError) Error() string

type InvalidSCIMResourceError

type InvalidSCIMResourceError struct {
	Message string
}

InvalidSCIMResourceError is returned usually when the client tries to create an inproperly formatted username

func (InvalidSCIMResourceError) Error

func (e InvalidSCIMResourceError) Error() string

type RawHTTPStatusError

type RawHTTPStatusError struct {
	StatusCode  int
	RawResponse []byte
}

RawHTTPStatusError represents any response with a 4xx or 5xx status code.

func (RawHTTPStatusError) Error

func (r RawHTTPStatusError) Error() string

type RefreshedTokens

type RefreshedTokens struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	Type         string `json:"token_type"`
}

RefreshedTokens represents the UAA refresh token response.

func (RefreshedTokens) AuthorizationToken

func (refreshTokenResponse RefreshedTokens) AuthorizationToken() string

AuthorizationToken returns formatted authorization header.

type RequestError

type RequestError struct {
	Err error
}

RequestError represents a generic error encountered while performing the HTTP request. This generic error occurs before a HTTP response is obtained.

func (RequestError) Error

func (e RequestError) Error() string

type Response

type Response struct {
	// Result represents the resource entity type that is expected in the
	// response JSON.
	Result interface{}

	// RawResponse represents the response body.
	RawResponse []byte

	// HTTPResponse represents the HTTP response object.
	HTTPResponse *http.Response
}

Response represents an UAA response object.

type UAAConnection

type UAAConnection struct {
	HTTPClient *http.Client
}

UAAConnection represents the connection to UAA

func NewConnection

func NewConnection(skipSSLValidation bool, disableKeepAlives bool, dialTimeout time.Duration) *UAAConnection

NewConnection returns a pointer to a new UAA Connection

func (*UAAConnection) Make

func (connection *UAAConnection) Make(request *http.Request, passedResponse *Response) error

Make takes a passedRequest, converts it into an HTTP request and then executes it. The response is then injected into passedResponse.

type UAAErrorResponse

type UAAErrorResponse struct {
	Type        string `json:"error"`
	Description string `json:"error_description"`
}

UAAErrorResponse represents a generic UAA error response.

func (UAAErrorResponse) Error

func (e UAAErrorResponse) Error() string

type UnauthorizedError

type UnauthorizedError struct {
	Message string
}

UnauthorizedError is returned when the authentication informatin is invalid.

func (UnauthorizedError) Error

func (e UnauthorizedError) Error() string

type UnverifiedServerError

type UnverifiedServerError struct {
	URL string
}

UnverifiedServerError replaces x509.UnknownAuthorityError when the server has SSL but the client is unable to verify it's certificate

func (UnverifiedServerError) Error

func (e UnverifiedServerError) Error() string

type User

type User struct {
	ID     string
	Origin string
}

User represents an UAA user account.

Directories

Path Synopsis
Package constant contains types and constants used by the uaa package.
Package constant contains types and constants used by the uaa package.
Package noaabridge wraps a UAA client and a tokenCache to support the TokenRefresher interface for noaa/consumer.
Package noaabridge wraps a UAA client and a tokenCache to support the TokenRefresher interface for noaa/consumer.
noaabridgefakes
Code generated by counterfeiter.
Code generated by counterfeiter.
Code generated by counterfeiter.
Code generated by counterfeiter.
wrapperfakes
Code generated by counterfeiter.
Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL