iam

package
v0.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 10, 2020 License: MIT Imports: 22 Imported by: 7

Documentation

Overview

Package iam provides support for interacting with HSDP IAM/IDM services

Index

Constants

View Source 
const (
	IAM = "IAM"
	IDM = "IDM"
)

Constants

View Source 
const (
	MFAPoliciesAPIVersion = "2"
	SCIMBasePath          = "authorize/scim/v2/"
)

Variables

View Source 
var (
	ErrNotFound                       = errors.New("entity not found")
	ErrMissingManagingOrganization    = errors.New("missing managing organization")
	ErrMissingName                    = errors.New("missing name value")
	ErrMissingDescription             = errors.New("missing description value")
	ErrMalformedInputValue            = errors.New("malformed input value")
	ErrMissingOrganization            = errors.New("missing organization")
	ErrMissingProposition             = errors.New("missing proposition")
	ErrMissingGlobalReference         = errors.New("missing global reference")
	ErrNotImplementedByHSDP           = errors.New("method not implemented by HSDP")
	ErrCouldNoReadResourceAfterCreate = errors.New("could not read resource after create")
	ErrBaseIDMCannotBeEmpty           = errors.New("base IDM URL cannot be empty")
	ErrBaseIAMCannotBeEmpty           = errors.New("base IDM URL cannot be empty")
	ErrEmptyResults                   = errors.New("empty results")
	ErrOperationFailed                = errors.New("operation failed")
	ErrMissingEtagInformation         = errors.New("missing etag information")
	ErrMissingRefreshToken            = errors.New("missing refresh token")
	ErrNotAuthorized                  = errors.New("not authorized")
	ErrNoValidSignerAvailable         = errors.New("no valid HSDP signer available")
)

Exported Errors

Functions

func String 

func String(v string) *string

String is a helper routine that allocates a new string value to store v and returns a pointer to it.

Types

type Address 

type Address struct {
	Use        string `json:"use" enum:"home|work|temp|old"`
	Text       string `json:"text"`
	City       string `json:"city"`
	State      string `json:"state"`
	PostalCode string `json:"postalCode"`
	Country    string `json:"country"`
	Building   string `json:"building"`
	Street     string `json:"street"`
}

Address describes an address of a Profile

type AddressEntry 

type AddressEntry struct {
	Use        string `json:"use"`
	City       string `json:"city"`
	State      string `json:"state"`
	Country    string `json:"country"`
	Postalcode string `json:"postalcode"`
}

AddressEntry entity

type Application 

type Application struct {
	ID                string `json:"id,omitempty"`
	Name              string `json:"name" validate:"required"`
	Description       string `json:"description"`
	PropositionID     string `json:"propositionId" validate:"required"`
	GlobalReferenceID string `json:"globalReferenceId" validate:"required"`
}

Application represents an IAM Application entity

type ApplicationClient 

type ApplicationClient struct {
	ID                string   `json:"id,omitempty"`
	ClientID          string   `json:"clientId" validate:"required,min=5,max=20"`
	Type              string   `json:"type"`
	Name              string   `json:"name" validate:"required,min=5,max=50"`
	Password          string   `json:"password,omitempty" validate:"required,min=8,max=16"`
	RedirectionURIs   []string `json:"redirectionURIs"`
	ResponseTypes     []string `json:"responseTypes"`
	Scopes            []string `json:"scopes,omitempty"`
	DefaultScopes     []string `json:"defaultScopes,omitempty"`
	Disabled          bool     `json:"disabled,omitempty"`
	Description       string   `json:"description" validate:"max=250"`
	ApplicationID     string   `json:"applicationId" validate:"required"`
	GlobalReferenceID string   `json:"globalReferenceId" validate:"required,min=3,max=50"`
}

ApplicationClient represents an IAM client resource

type ApplicationsService 

type ApplicationsService struct {
	// contains filtered or unexported fields
}

ApplicationsService implements actions on IAM Application entities

func (*ApplicationsService) CreateApplication 

func (a *ApplicationsService) CreateApplication(app Application) (*Application, *Response, error)

CreateApplication creates a Application

func (*ApplicationsService) GetApplication 

func (a *ApplicationsService) GetApplication(opt *GetApplicationsOptions, options ...OptionFunc) ([]*Application, *Response, error)

GetApplication search for an Application entity based on the GetApplicationsOptions values

func (*ApplicationsService) GetApplicationByID 

func (a *ApplicationsService) GetApplicationByID(id string) (*Application, *Response, error)

GetApplicationByID retrieves an Application by its ID

type ChangeLoginIDRequest added in v0.14.0 

type ChangeLoginIDRequest struct {
	LoginID string `json:"loginId"`
}

ChangeLoginIDRequest

type Client 

type Client struct {

	// User agent used when communicating with the HSDP IAM API.
	UserAgent string

	Organizations *OrganizationsService
	Groups        *GroupsService
	Permissions   *PermissionsService
	Roles         *RolesService
	Users         *UsersService
	Applications  *ApplicationsService
	Propositions  *PropositionsService
	Clients       *ClientsService
	Services      *ServicesService
	MFAPolicies   *MFAPoliciesService
	// contains filtered or unexported fields
}

A Client manages communication with HSDP IAM API

func NewClient 

func NewClient(httpClient *http.Client, config *Config) (*Client, error)

NewClient returns a new HSDP IAM API client. If a nil httpClient is provided, http.DefaultClient will be used. To use API methods which require authentication, provide a valid oAuth bearer token.

func (*Client) BaseIAMURL 

func (c *Client) BaseIAMURL() *url.URL

BaseIAMURL return a copy of the baseIAMURL.

func (*Client) BaseIDMURL 

func (c *Client) BaseIDMURL() *url.URL

BaseIDMURL return a copy of the baseIAMURL.

func (*Client) Close 

func (c *Client) Close()

Close releases allocated resources of clients

func (*Client) CodeLogin added in v0.10.0 

func (c *Client) CodeLogin(code string, redirectURI string) error

CodeLogin

func (*Client) Do 

func (c *Client) Do(req *http.Request, v interface{}) (*Response, error)

Do sends an API request and returns the API response. The API response is JSON decoded and stored in the value pointed to by v, or returned as an error if an API error has occurred. If v implements the io.Writer interface, the raw response body will be written to v, without attempting to first decode it.

func (*Client) DoSigned 

func (c *Client) DoSigned(req *http.Request, v interface{}) (*Response, error)

DoSigned performs a signed API request

func (*Client) HasPermissions 

func (c *Client) HasPermissions(orgID string, permissions ...string) bool

HasPermissions returns true if all permissions are there for the client

func (*Client) HasScopes 

func (c *Client) HasScopes(scopes ...string) bool

HasScopes returns true of all scopes are there for the client

func (*Client) HttpClient added in v0.6.0 

func (c *Client) HttpClient() *http.Client

Returns the http Client used for connections

func (*Client) Introspect 

func (c *Client) Introspect() (*IntrospectResponse, *Response, error)

Introspect introspects the current logged in user

func (*Client) Login 

func (c *Client) Login(username, password string) error

Login logs in a user with `username` and `password`

func (*Client) NewRequest 

func (c *Client) NewRequest(endpoint, method, path string, opt interface{}, options []OptionFunc) (*http.Request, error)

NewRequest creates an API request. A relative URL path can be provided in urlStr, in which case it is resolved relative to the base URL of the Client. Relative URL paths should always be specified without a preceding slash. If specified, the value pointed to by body is JSON encoded and included as the request body.

func (*Client) RefreshToken 

func (c *Client) RefreshToken() string

RefreshToken returns the refresh token

func (*Client) ServiceLogin 

func (c *Client) ServiceLogin(service Service) error

ServiceLogin logs a service in using a JWT signed with the service private key

func (*Client) SetBaseIAMURL 

func (c *Client) SetBaseIAMURL(urlStr string) error

SetBaseIAMURL sets the base URL for API requests to a custom endpoint. urlStr should always be specified with a trailing slash.

func (*Client) SetBaseIDMURL 

func (c *Client) SetBaseIDMURL(urlStr string) error

SetBaseIDMURL sets the base URL for API requests to a custom endpoint. urlStr should always be specified with a trailing slash.

func (*Client) SetToken 

func (c *Client) SetToken(token string)

SetToken sets the token

func (*Client) Token 

func (c *Client) Token() string

Token returns the current token

func (*Client) TokenRefresh added in v0.10.0 

func (c *Client) TokenRefresh() error

TokenRefresh refreshes the current access token using the refresh token

func (*Client) WithLogin added in v0.10.0 

func (c *Client) WithLogin(username, password string) (*Client, error)

WithLogin returns a cloned client with new login

func (*Client) WithToken 

func (c *Client) WithToken(token string) *Client

WithToken returns a cloned client with the token set

type ClientsService 

type ClientsService struct {
	// contains filtered or unexported fields
}

ClientsService provides operations on IAM roles resources

func (*ClientsService) CreateClient 

func (c *ClientsService) CreateClient(ac ApplicationClient) (*ApplicationClient, *Response, error)

CreateClient creates a Client

func (*ClientsService) DeleteClient 

func (c *ClientsService) DeleteClient(ac ApplicationClient) (bool, *Response, error)

DeleteClient deletes the given Client

func (*ClientsService) GetClientByID 

func (c *ClientsService) GetClientByID(id string) (*ApplicationClient, *Response, error)

GetClientByID finds a client by its ID

func (*ClientsService) GetClients 

func (c *ClientsService) GetClients(opt *GetClientsOptions, options ...OptionFunc) (*[]ApplicationClient, *Response, error)

GetClients looks up clients based on GetClientsOptions

func (*ClientsService) UpdateScopes 

func (c *ClientsService) UpdateScopes(ac ApplicationClient, scopes []string, defaultScopes []string) (bool, *Response, error)

UpdateScope updates a clients scope

type Config 

type Config struct {
	OAuth2ClientID   string
	OAuth2Secret     string
	SharedKey        string
	SecretKey        string
	BaseIAMURL       string
	BaseIDMURL       string
	OrgAdminUsername string
	OrgAdminPassword string
	IAMURL           string
	IDMURL           string
	Scopes           []string
	RootOrgID        string
	Debug            bool
	DebugLog         string
	Signer           *hsdpsigner.Signer
}

Config contains the configuration of a client

type Contact 

type Contact struct {
	EmailAddress string
	MobilePhone  string
	WorkPhone    string
	HomePhone    string
}

Contact describes contact details of a Profile

type ContextKey added in v0.3.0 

type ContextKey string
const (
	ContextKeyRequestID ContextKey = "requestID"
)

type Endpoint 

type Endpoint string

Endpoint type

type GetApplicationsOptions 

type GetApplicationsOptions struct {
	ID                *string `url:"_id,omitempty"`
	PropositionID     *string `url:"propositionId,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	Name              *string `url:"name,omitempty"`
}

GetApplicationsOptions specifies what search criteria can be used to look for entities

type GetClientsOptions 

type GetClientsOptions struct {
	ID                *string `url:"_id,omitempty"`
	Name              *string `url:"name,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	ApplicationID     *string `url:"applicationId,omitempty"`
}

GetClientsOptions describes search criteria for looking up roles

type GetGroupOptions 

type GetGroupOptions struct {
	ID             *string `url:"_id,omitempty"`
	OrganizationID *string `url:"Id,omitempty"`
	Name           *string `url:"name,omitempty"`
}

GetGroupOptions describes the fileds on which you can search for Groups

type GetOrganizationOptions 

type GetOrganizationOptions struct {
	ID          *string `url:"_id,omitempty"`
	ParentOrgID *string `url:"parentOrgId,omitempty"`
	Name        *string `url:"name,omitempty"`
}

GetOrganizationOptions describes the criteria for looking up Organizations

type GetPermissionOptions 

type GetPermissionOptions struct {
	ID     *string `url:"_id,omitempty"`
	Name   *string `url:"name,omitempty"`
	RoleID *string `url:"roleId,omitempty"`
}

GetPermissionOptions describes search criteria for looking up permissions

type GetPropositionsOptions 

type GetPropositionsOptions struct {
	ID                *string `url:"_id,omitempty"`
	PropositionID     *string `url:"propositionId,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	Name              *string `url:"name,omitempty"`
}

GetPropositionsOptions specifies what search criteria can be used to look for entities

type GetRolesOptions 

type GetRolesOptions struct {
	Name           *string `url:"name,omitempty"`
	GroupID        *string `url:"groupId,omitempty"`
	OrganizationID *string `url:"organizationId,omitempty"`
	RoleID         *string `url:"roleId,omitempty"`
}

GetRolesOptions describes search criteria for looking up roles

type GetServiceOptions 

type GetServiceOptions struct {
	ID             *string `url:"_id,omitempty"`
	Name           *string `url:"name,omitempty"`
	ApplicationID  *string `url:"applicationId,omitempty"`
	OrganizationID *string `url:"organizationId,omitempty"`
	ServiceID      *string `url:"serviceId,omitempty"`
}

GetServiceOptions describes search criteria for looking up services

type GetUserOptions 

type GetUserOptions struct {
	ID             *string `url:"_id,omitempty"`
	OrganizationID *string `url:"Id,omitempty"`
	Name           *string `url:"name,omitempty"`
	LoginID        *string `url:"loginId,omitempty"`
	GroupID        *string `url:"groupId,omitempty"`
	PageSize       *string `url:"pageSize,omitempty"`
	PageNumber     *string `url:"pageNumber,omitempty"`
	UserID         *string `url:"userId,omitempty"`
	ProfileType    *string `url:"profileType,omitempty" enum:"membership|accountStatus|passwordStatus|consentedApps|all"`
}

GetUserOptions describes search criteria for looking up users

type Group 

type Group struct {
	ID                   string `json:"id,omitempty" validate:""`
	Name                 string `json:"name,omitempty" validate:"required"`
	Description          string `json:"description,omitempty" validate:""`
	ManagingOrganization string `json:"managingOrganization,omitempty" validate:"required"`
}

Group represents an IAM group resource

type GroupsService 

type GroupsService struct {
	// contains filtered or unexported fields
}

GroupsService implements actions on Group entities

func (*GroupsService) AddDevices added in v0.14.0 

func (g *GroupsService) AddDevices(group Group, devices ...string) (bool, *Response, error)

AddDevices adds services to the given Group

func (*GroupsService) AddIdentities added in v0.14.0 

func (g *GroupsService) AddIdentities(group Group, memberType string, identities ...string) (bool, *Response, error)

AddIdentities adds services to the given Group

func (*GroupsService) AddMembers 

func (g *GroupsService) AddMembers(group Group, users ...string) (bool, *Response, error)

AddMembers adds users to the given Group

func (*GroupsService) AddServices added in v0.13.0 

func (g *GroupsService) AddServices(group Group, services ...string) (bool, *Response, error)

AddServices adds services to the given Group

func (*GroupsService) AssignRole 

func (g *GroupsService) AssignRole(group Group, role Role) (bool, *Response, error)

AssignRole adds a role to a group

func (*GroupsService) CreateGroup 

func (g *GroupsService) CreateGroup(group Group) (*Group, *Response, error)

CreateGroup creates a Group

func (*GroupsService) DeleteGroup 

func (g *GroupsService) DeleteGroup(group Group) (bool, *Response, error)

DeleteGroup deletes the given Group

func (*GroupsService) GetGroup 

func (g *GroupsService) GetGroup(opt *GetGroupOptions, options ...OptionFunc) (*Group, *Response, error)

GetGroup retrieves a Group entity based on the values passed in GetGroupOptions

func (*GroupsService) GetGroupByID 

func (g *GroupsService) GetGroupByID(id string) (*Group, *Response, error)

GetGroupByID retrieves a Group based on the ID

func (*GroupsService) GetRoles 

func (g *GroupsService) GetRoles(group Group) (*[]Role, *Response, error)

GetRoles returns the roles assigned to this group

func (*GroupsService) RemoveDevices added in v0.14.0 

func (g *GroupsService) RemoveDevices(group Group, devices ...string) (bool, *Response, error)

RemoveDevices removes services from the given Group

func (*GroupsService) RemoveIdentities added in v0.14.0 

func (g *GroupsService) RemoveIdentities(group Group, memberType string, identities ...string) (bool, *Response, error)

RemoveIdentities removes services from the given Group

func (*GroupsService) RemoveMembers 

func (g *GroupsService) RemoveMembers(group Group, users ...string) (bool, *Response, error)

RemoveMembers removes users from the given Group

func (*GroupsService) RemoveRole 

func (g *GroupsService) RemoveRole(group Group, role Role) (bool, *Response, error)

RemoveRole removes a role from a group

func (*GroupsService) RemoveServices added in v0.13.0 

func (g *GroupsService) RemoveServices(group Group, services ...string) (bool, *Response, error)

RemoveServices removes services from the given Group

func (*GroupsService) UpdateGroup 

func (g *GroupsService) UpdateGroup(group Group) (*Group, *Response, error)

UpdateGroup updates the Group

type IntrospectResponse 

type IntrospectResponse struct {
	Active        bool   `json:"active"`
	Scope         string `json:"scope"`
	Username      string `json:"username"`
	Expires       int    `json:"exp"`
	Sub           string `json:"sub"`
	ISS           string `json:"iss"`
	Organizations struct {
		ManagingOrganization string `json:"managingOrganization"`
		OrganizationList     []struct {
			OrganizationID   string   `json:"organizationId"`
			Permissions      []string `json:"permissions"`
			OrganizationName string   `json:"organizationName"`
			Groups           []string `json:"groups"`
			Roles            []string `json:"roles"`
		} `json:"organizationList"`
	} `json:"organizations"`
	ClientID     string `json:"client_id"`
	TokenType    string `json:"token_type"`
	IdentityType string `json:"identity_type"`
}

IntrospectResponse contains details of the introspect on a profile

type MFAPoliciesService added in v0.10.0 

type MFAPoliciesService struct {
	// contains filtered or unexported fields
}

func (*MFAPoliciesService) CreateMFAPolicy added in v0.10.0 

func (p *MFAPoliciesService) CreateMFAPolicy(policy MFAPolicy) (*MFAPolicy, *Response, error)

CreateMFAPolicy creates a MFAPolicy

func (*MFAPoliciesService) DeleteMFAPolicy added in v0.10.0 

func (p *MFAPoliciesService) DeleteMFAPolicy(policy MFAPolicy) (bool, *Response, error)

DeleteMFAPolicy deletes the given MFAPolicy

func (*MFAPoliciesService) GetMFAPolicyByID added in v0.10.0 

func (p *MFAPoliciesService) GetMFAPolicyByID(MFAPolicyID string) (*MFAPolicy, *Response, error)

GetMFAPolicyByID retrieves a MFAPolicy by ID

func (*MFAPoliciesService) UpdateMFAPolicy added in v0.10.0 

func (p *MFAPoliciesService) UpdateMFAPolicy(policy *MFAPolicy) (*MFAPolicy, *Response, error)

UpdateMFAPolicy updates a MFAPolicy

type MFAPolicy added in v0.10.0 

type MFAPolicy struct {
	Schemas     []string          `json:"schemas" validate:"min=1"`
	ID          string            `json:"id,omitempty" validate:"omitempty,min=1,max=256"`
	Name        string            `json:"name"`
	Description string            `json:"description,omitempty"`
	Resource    MFAPolicyResource `json:"resource,omitempty"`
	ExternalID  string            `json:"externalId,omitempty"`
	Types       []string          `json:"types" validate:"min=1"`
	Active      *bool             `json:"active,omitempty"`
	CreatedBy   *struct {
		Value string `json:"value,omitempty"`
		Ref   string `json:"$ref,omitempty"`
	} `json:"createdBy,omitempty"`
	ModifiedBy *struct {
		Value string `json:"value,omitempty"`
		Ref   string `json:"$ref,omitempty"`
	} `json:"modifiedBy,omitempty"`
	Meta *MFAPolicyMeta `json:"meta,omitempty"`
}

func (*MFAPolicy) SetActive added in v0.10.0 

func (p *MFAPolicy) SetActive(val bool)

func (*MFAPolicy) SetResourceOrganization added in v0.10.0 

func (p *MFAPolicy) SetResourceOrganization(uuid string)

func (*MFAPolicy) SetResourceUser added in v0.10.0 

func (p *MFAPolicy) SetResourceUser(uuid string)

func (*MFAPolicy) SetType added in v0.10.0 

func (p *MFAPolicy) SetType(val string)

type MFAPolicyMeta added in v0.10.0 

type MFAPolicyMeta struct {
	ResourceType string     `json:"resourceType,omitempty"`
	Created      *time.Time `json:"created,omitempty"`
	LastModified *time.Time `json:"lastModified,omitempty"`
	Location     string     `json:"location,omitempty"`
	Version      string     `json:"version,omitempty"`
}

type MFAPolicyResource added in v0.10.0 

type MFAPolicyResource struct {
	Type  string `json:"type" validate:"required"`
	Value string `json:"value" validate:"required"`
	Ref   string `json:"$ref,omitempty"`
}

type Name 

type Name struct {
	Text   string `json:"text"`
	Family string `json:"family" validate:"required"`
	Given  string `json:"given" validate:"required"`
	Prefix string `json:"prefix"`
}

Name entity

type OptionFunc 

type OptionFunc func(*http.Request) error

OptionFunc is the function signature function for options

func WithContext 

func WithContext(ctx context.Context) OptionFunc

WithContext runs the request with the provided context

type Organization 

type Organization struct {
	Name           string `json:"name"`
	Description    string `json:"description"`
	DistinctName   string `json:"distinctName,omitempty"`
	OrganizationID string `json:"organizationId,omitempty"`
}

Organization represents a IAM Organization resource

type OrganizationsService 

type OrganizationsService struct {
	// contains filtered or unexported fields
}

OrganizationsService implements operations on Organization entities

func (*OrganizationsService) CreateOrganization 

func (o *OrganizationsService) CreateOrganization(parentOrgID, name, description string) (*Organization, *Response, error)

CreateOrganization creates a (sub) organization in IAM

func (*OrganizationsService) GetOrganization 

func (o *OrganizationsService) GetOrganization(opt *GetOrganizationOptions, options ...OptionFunc) (*Organization, *Response, error)

GetOrganization retrieves an organization based on the GetOrganizationOptions parameters.

func (*OrganizationsService) GetOrganizationByID 

func (o *OrganizationsService) GetOrganizationByID(id string) (*Organization, *Response, error)

GetOrganizationByID retrieves an organization by ID

func (*OrganizationsService) UpdateOrganization 

func (o *OrganizationsService) UpdateOrganization(org Organization) (*Organization, *Response, error)

UpdateOrganization updates the description of the organization.

type Param 

type Param struct {
	Name     string   `json:"name"`
	Resource Resource `json:"resource"`
}

Param describes a resource

type Parameter 

type Parameter struct {
	Name       string      `json:"name"`
	References []Reference `json:"references"`
}

Parameter holds named references

type Parameters 

type Parameters struct {
	ResourceType string  `json:"resourceType"`
	Parameter    []Param `json:"parameter"`
}

Parameters holds parameters

type Period 

type Period struct {
	Description string `json:"description"`
	Start       string `json:"start"`
	End         string `json:"end"`
}

Period defines a given time period for use in Profile context

type Permission 

type Permission struct {
	ID          string `json:"id"`
	Name        string `json:"name"`
	Description string `json:"description"`
	Category    string `json:"category"`
	Type        string `json:"type"`
}

Permission represents a IAM Permission resource

type PermissionsService 

type PermissionsService struct {
	// contains filtered or unexported fields
}

PermissionsService provides operations on IAM Permissions resources

func (*PermissionsService) GetPermission 

func (p *PermissionsService) GetPermission(opt *GetPermissionOptions, options ...OptionFunc) (*Permission, *Response, error)

GetPermission looks up a permission based on GetPermissionOptions

func (*PermissionsService) GetPermissionByID 

func (p *PermissionsService) GetPermissionByID(id string) (*Permission, *Response, error)

GetPermissionByID looks up a permission by ID

func (*PermissionsService) GetPermissionByName 

func (p *PermissionsService) GetPermissionByName(name string) (*Permission, *Response, error)

GetPermissionByName looks up a permission by name

func (*PermissionsService) GetPermissions 

func (p *PermissionsService) GetPermissions(opt *GetPermissionOptions, options ...OptionFunc) (*[]Permission, *Response, error)

GetPermissions looks up permissions based on GetPermissionOptions

func (*PermissionsService) GetPermissionsByRoleID 

func (p *PermissionsService) GetPermissionsByRoleID(roleID string) (*[]Permission, *Response, error)

GetPermissionsByRoleID finds all permission which belong to the roleID

type Person 

type Person struct {
	ID string `json:"id,omitempty" validate:"omitempty"`
	// Pattern: ^((?![~`!#%^&*()+={}[\\]|/\\\\<>,;:\"'?])[\\S])*$
	LoginID              string         `json:"loginId" validate:"required"`
	ResourceType         string         `json:"resourceType,omitempty" validate:"required" enum:"Person"`
	Name                 Name           `json:"name" validate:"required"`
	Telecom              []TelecomEntry `json:"telecom,omitempty" validate:"min=1"`
	Address              []AddressEntry `json:"address,omitempty"`
	Description          string         `json:"description,omitempty"`
	ManagingOrganization string         `json:"managingOrganization,omitempty"`
	PreferredLanguage    string         `json:"preferredLanguage,omitempty"`
	IsAgeValidated       string         `json:"isAgeValidated,omitempty"`
	Disabled             bool           `json:"disabled"`
	Loaded               bool           `json:"-"`
}

Person represents an IAM user resource

type Profile 

type Profile struct {
	GivenName         string    `json:"givenName"`
	MiddleName        string    `json:"middleName"`
	FamilyName        string    `json:"familyName"`
	BirthDay          string    `json:"birthDay"`
	DisplayName       string    `json:"displayName"`
	Gender            string    `json:"gender" enum:"Male|Female"`
	Country           string    `json:"country"`
	Addresses         []Address `json:"addresses"`
	PreferredLanguage string    `json:"preferredLanguage"`
}

Profile describes the response from legacy User APIs The response does not correspond to the object that is used to create a user

type Proposition 

type Proposition struct {
	ID                string `json:"id,omitempty"`
	Name              string `json:"name"`
	Description       string `json:"description"`
	OrganizationID    string `json:"organizationId"`
	GlobalReferenceID string `json:"globalReferenceId"`
}

Proposition represents an IAM Proposition entity

type PropositionsService 

type PropositionsService struct {
	// contains filtered or unexported fields
}

PropositionsService implements actions on IAM Proposition entities

func (*PropositionsService) CreateProposition 

func (p *PropositionsService) CreateProposition(prop Proposition) (*Proposition, *Response, error)

CreateProposition creates a Proposition

func (*PropositionsService) GetProposition 

func (p *PropositionsService) GetProposition(opt *GetPropositionsOptions, options ...OptionFunc) (*Proposition, *Response, error)

GetProposition find a Proposition based on the GetPropisitions values

func (*PropositionsService) GetPropositionByID 

func (p *PropositionsService) GetPropositionByID(id string) (*Proposition, *Response, error)

GetPropositionByID retrieves an Proposition by its ID

func (*PropositionsService) GetPropositions 

func (p *PropositionsService) GetPropositions(opt *GetPropositionsOptions, options ...OptionFunc) (*[]Proposition, *Response, error)

GetPropositions search for an Proposition entity based on the GetPropositions values

type Reference 

type Reference struct {
	Reference string `json:"reference"`
}

Reference holds a reference

type Resource 

type Resource struct {
	LoginID          string `json:"loginId,omitempty"`
	ConfirmationCode string `json:"confirmationCode,omitempty"`
	OldPassword      string `json:"oldPassword,omitempty"`
	NewPassword      string `json:"newPassword,omitempty"`
	Context          string `json:"context,omitempty"`
}

Resource holds a resource

type Response 

type Response struct {
	*http.Response
}

Response is a HSDP IAM API response. This wraps the standard http.Response returned from HSDP IAM and provides convenient access to things like errors

type Role 

type Role struct {
	ID                   string `json:"id,omitempty"`
	Name                 string `json:"name"`
	Description          string `json:"description"`
	ManagingOrganization string `json:"managingOrganization"`
}

Role represents an IAM resource

type RolesService 

type RolesService struct {
	// contains filtered or unexported fields
}

RolesService provides operations on IAM roles resources

func (*RolesService) AddRolePermission 

func (p *RolesService) AddRolePermission(role Role, permission string) (bool, *Response, error)

func (*RolesService) CreateRole 

func (p *RolesService) CreateRole(name, description, managingOrganization string) (*Role, *Response, error)

CreateRole creates a Role

func (*RolesService) DeleteRole 

func (p *RolesService) DeleteRole(role Role) (bool, *Response, error)

DeleteRole deletes the given Role

func (*RolesService) GetRoleByID 

func (p *RolesService) GetRoleByID(roleID string) (*Role, *Response, error)

GetRoleByID retrieves a role by ID

func (*RolesService) GetRolePermissions 

func (p *RolesService) GetRolePermissions(role Role) (*[]string, *Response, error)

GetRolePermissions retrieves the permissions associated with the Role

func (*RolesService) GetRolesByGroupID 

func (p *RolesService) GetRolesByGroupID(groupID string) (*[]Role, *Response, error)

GetRolesByGroupID retrieves Roles based on group ID

func (*RolesService) RemoveRolePermission 

func (p *RolesService) RemoveRolePermission(role Role, permission string) (bool, *Response, error)

RemoveRolePermission removes the permission from the Role

type Service 

type Service struct {
	ID             string   `json:"id,omitempty"`
	Name           string   `json:"name"`
	Description    string   `json:"description"` // RITM0021326
	ApplicationID  string   `json:"applicationId"`
	Validity       int      `json:"validity,omitempty"`
	ServiceID      string   `json:"serviceId,omitempty"`
	OrganizationID string   `json:"organizationId,omitempty"`
	ExpiresOn      string   `json:"expiresOn,omitempty"`
	PrivateKey     string   `json:"privateKey,omitempty"`
	Scopes         []string `json:"scopes,omitempty"`
	DefaultScopes  []string `json:"defaultScopes,omitempty"`
}

Service represents a IAM service resource

func (*Service) GetToken 

func (s *Service) GetToken(accessTokenEndpoint string) (string, error)

GetToken returns a JWT which can be exchanged for an access token

type ServicesService 

type ServicesService struct {
	// contains filtered or unexported fields
}

ServicesService provides operations on IAM Sessions resources

func (*ServicesService) AddScopes 

func (p *ServicesService) AddScopes(service Service, scopes []string, defaultScopes []string) (bool, *Response, error)

AddScopes add scopes to the service

func (*ServicesService) CreateService 

func (p *ServicesService) CreateService(service Service) (*Service, *Response, error)

CreateService creates a Service

func (*ServicesService) DeleteService 

func (p *ServicesService) DeleteService(service Service) (bool, *Response, error)

DeleteService deletes the given Service

func (*ServicesService) GetService 

func (p *ServicesService) GetService(opt *GetServiceOptions, options ...OptionFunc) (*Service, *Response, error)

GetService looks up a services based on GetServiceOptions

func (*ServicesService) GetServiceByID 

func (p *ServicesService) GetServiceByID(id string) (*Service, *Response, error)

GetServiceByID looks up a service by ID

func (*ServicesService) GetServiceByName 

func (p *ServicesService) GetServiceByName(name string) (*Service, *Response, error)

GetServiceByName looks up a service by name

func (*ServicesService) GetServices 

func (p *ServicesService) GetServices(opt *GetServiceOptions, options ...OptionFunc) (*[]Service, *Response, error)

GetServices looks up services based on GetServiceOptions

func (*ServicesService) GetServicesByApplicationID 

func (p *ServicesService) GetServicesByApplicationID(applicationID string) (*[]Service, *Response, error)

GetServicesByApplicationID finds all services which belong to the applicationID

func (*ServicesService) RemoveScopes 

func (p *ServicesService) RemoveScopes(service Service, scopes []string, defaultScopes []string) (bool, *Response, error)

RemoveScopes add scopes to the service

type TelecomEntry 

type TelecomEntry struct {
	System string `json:"system" enum:"mobile|fax|email|url"`
	Value  string `json:"value"`
}

TelecomEntry entity

type User added in v0.14.0 

type User struct {
	PreferredLanguage string `json:"preferredLanguage"`
	EmailAddress      string `json:"emailAddress"`
	ID                string `json:"id"`
	LoginID           string `json:"loginId"`
	Name              struct {
		Given  string `json:"given"`
		Family string `json:"family"`
	} `json:"name"`
	ManagingOrganization string `json:"managingOrganization"`
	PasswordStatus       struct {
		PasswordExpiresOn time.Time `json:"passwordExpiresOn"`
		PasswordChangedOn time.Time `json:"passwordChangedOn"`
	} `json:"passwordStatus"`
	Memberships []struct {
		OrganizationID   string   `json:"organizationId"`
		OrganizationName string   `json:"organizationName"`
		Roles            []string `json:"roles"`
		Groups           []string `json:"groups"`
	} `json:"memberships"`
	AccountStatus struct {
		LastLoginTime          time.Time `json:"lastLoginTime"`
		MfaStatus              string    `json:"mfaStatus"`
		EmailVerified          bool      `json:"emailVerified"`
		Disabled               bool      `json:"disabled"`
		AccountLockedOn        time.Time `json:"accountLockedOn"`
		AccountLockedUntil     time.Time `json:"accountLockedUntil"`
		NumberOfInvalidAttempt int       `json:"numberOfInvalidAttempt"`
		LastInvalidAttemptedOn time.Time `json:"lastInvalidAttemptedOn"`
	} `json:"accountStatus"`
	ConsentedApps []string `json:"consentedApps"`
}

User represents a user profile in IAM

type UserError added in v0.13.0 

type UserError struct {
	User string
	Err  error
}

func (*UserError) Error added in v0.13.0 

func (e *UserError) Error() string

func (*UserError) Unwrap added in v0.13.0 

func (e *UserError) Unwrap() error

type UserList 

type UserList struct {
	Users       []Person
	PageNumber  int
	PageSize    int
	HasNextPage bool
}

UserList holds a paginated lists of users

type UsersService 

type UsersService struct {
	// contains filtered or unexported fields
}

UsersService provides operations on IAM User resources

func (*UsersService) ChangeLoginID added in v0.14.0 

func (u *UsersService) ChangeLoginID(user Person, newLoginID string) (bool, *Response, error)

ChangeLoginID changes the loginID

func (*UsersService) ChangePassword 

func (u *UsersService) ChangePassword(loginID, oldPassword, newPassword string) (bool, *Response, error)

ChangePassword changes the password. The current pasword must be provided as well.

func (*UsersService) CreateUser 

func (u *UsersService) CreateUser(person Person) (*User, *Response, error)

CreateUser creates a new IAM user.

func (*UsersService) DeleteUser added in v0.14.0 

func (u *UsersService) DeleteUser(person Person) (bool, *Response, error)

DeleteUser deletes the IAM user.

func (*UsersService) GetUserByID 

func (u *UsersService) GetUserByID(uuid string) (*User, *Response, error)

GetUserByID looks up a user by UUID

func (*UsersService) GetUserIDByLoginID 

func (u *UsersService) GetUserIDByLoginID(loginID string) (string, *Response, error)

GetUserIDByLoginID looks up the UUID of a user by LoginID (email address)

func (*UsersService) GetUsers 

func (u *UsersService) GetUsers(opts *GetUserOptions, options ...OptionFunc) (*UserList, *Response, error)

GetUsers looks up users by search criteria specified in GetUserOptions

func (*UsersService) RecoverPassword deprecated 

func (u *UsersService) RecoverPassword(loginID string) (bool, *Response, error)

RecoverPassword triggers the recovery flow for the given user

Deprecated: Support end date is 1 Augustus 2020

func (*UsersService) ResendActivation 

func (u *UsersService) ResendActivation(loginID string) (bool, *Response, error)

ResendActivation re-sends an activation email to the given user

func (*UsersService) SetMFA 

func (u *UsersService) SetMFA(userID string, activate bool) (bool, *Response, error)

SetMFA activate Multi-Factor-Authentication for the given UUID. See also SetMFAByLoginID.

func (*UsersService) SetMFAByLoginID 

func (u *UsersService) SetMFAByLoginID(loginID string, activate bool) (bool, *Response, error)

SetMFAByLoginID enabled Multi-Factor-Authentication for the given user. Only OrgAdmins can do this.

func (*UsersService) SetPassword 

func (u *UsersService) SetPassword(loginID, confirmationCode, newPassword, context string) (bool, *Response, error)

SetPassword sets the password of a user given a correct confirmation code

func (*UsersService) Unlock 

func (u *UsersService) Unlock(userID string) (bool, *Response, error)

Unlock unlocks a user account with the given UserID

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.