iam

package
v0.88.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 12, 2024 License: MIT Imports: 25 Imported by: 7

Documentation

Overview

Package iam provides support for interacting with HSDP IAM and IDM services

Index

Constants

View Source 
const (
	OAuthToken tokenType = iota
	JWTToken   tokenType = 1
)
View Source 
const (
	IAM = "IAM"
	IDM = "IDM"
)

Constants

View Source 
const (
	GroupMemberTypeUser    = "USER"
	GroupMemberTypeDevice  = "DEVICE"
	GroupMemberTypeService = "SERVICE"
)
View Source 
const (
	TypePhoneVerification      = "PHONE_VERIFICATION"
	TypeLoginOTP               = "LOGIN_OTP"
	TypePasswordRecovery       = "PASSWORD_RECOVERY"
	TypePasswordFailedAttempts = "PASSWORD_FAILED_ATTEMPTS"
)

Variables

View Source 
var (
	ErrNotFound                       = errors.New("entity not found")
	ErrMissingManagingOrganization    = errors.New("missing managing organization")
	ErrMissingName                    = errors.New("missing name value")
	ErrMissingDescription             = errors.New("missing description value")
	ErrMalformedInputValue            = errors.New("malformed input value")
	ErrMissingOrganization            = errors.New("missing organization")
	ErrMissingProposition             = errors.New("missing proposition")
	ErrMissingGlobalReference         = errors.New("missing global reference")
	ErrNotImplementedByHSDP           = errors.New("method not implemented by HSDP")
	ErrCouldNoReadResourceAfterCreate = errors.New("could not read resource after create")
	ErrBaseIDMCannotBeEmpty           = errors.New("base IDM URL cannot be empty")
	ErrBaseIAMCannotBeEmpty           = errors.New("base IAM URL cannot be empty")
	ErrEmptyResults                   = errors.New("empty results")
	ErrOperationFailed                = errors.New("operation failed")
	ErrMissingEtagInformation         = errors.New("missing etag information")
	ErrMissingRefreshToken            = errors.New("missing refresh token")
	ErrNotAuthorized                  = errors.New("not authorized")
	ErrNoValidSignerAvailable         = errors.New("no valid HSDP signer available")
	ErrMissingOAuth2Credentials       = errors.New("missing OAuth2 credentials")
)

Exported Errors

Functions

func FixPEM added in v0.38.0 

func FixPEM(pemString string) string

FixPEM fixes the IAM generated PEM key strings so they are valid for decoding by Go and other parsers which expect newlines after labels

func String 

func String(v string) *string

String is a helper routine that allocates a new string value to store v and returns a pointer to it.

Types

type Address 

type Address struct {
	Use        string   `json:"use,omitempty" enum:"home|work|temp|old"`
	Text       string   `json:"text,omitempty"`
	City       string   `json:"city,omitempty"`
	State      string   `json:"state,omitempty"`
	Line       []string `json:"line,omitempty"`
	PostalCode string   `json:"postalCode,omitempty"`
	Country    string   `json:"country,omitempty"`
	Building   string   `json:"building,omitempty"`
	Street     string   `json:"street,omitempty"`
	IsPrimary  string   `json:"isPrimary,omitempty" enum:"yes|no"`
}

Address describes an address of a Profile

func (*Address) IsBlank added in v0.36.2 

func (a *Address) IsBlank() bool

type AddressEntry 

type AddressEntry struct {
	Use        string   `json:"use,omitempty"`
	Text       string   `json:"text,omitempty"`
	Line       []string `json:"line,omitempty"`
	City       string   `json:"city,omitempty"`
	State      string   `json:"state,omitempty"`
	Country    string   `json:"country,omitempty"`
	Postalcode string   `json:"postalcode,omitempty"`
}

AddressEntry entity

type Application 

type Application struct {
	ID                string `json:"id,omitempty"`
	Name              string `json:"name" validate:"required"`
	Description       string `json:"description"`
	PropositionID     string `json:"propositionId" validate:"required"`
	GlobalReferenceID string `json:"globalReferenceId" validate:"required"`
}

Application represents an IAM Application entity

type ApplicationClient 

type ApplicationClient struct {
	ID                   string      `json:"id,omitempty"`
	ClientID             string      `json:"clientId" validate:"required,min=5,max=20"`
	Type                 string      `json:"type"`
	Name                 string      `json:"name" validate:"required,min=5,max=50"`
	Password             string      `json:"password,omitempty" validate:"required_without=ID,max=16"`
	RedirectionURIs      []string    `json:"redirectionURIs"`
	ResponseTypes        []string    `json:"responseTypes"`
	Scopes               []string    `json:"scopes,omitempty"`
	DefaultScopes        []string    `json:"defaultScopes,omitempty"`
	Disabled             bool        `json:"disabled,omitempty"`
	Description          string      `json:"description" validate:"max=250"`
	ApplicationID        string      `json:"applicationId" validate:"required"`
	GlobalReferenceID    string      `json:"globalReferenceId" validate:"required,min=3,max=50"`
	ConsentImplied       bool        `json:"consentImplied"`
	AccessTokenLifetime  int         `json:"accessTokenLifetime,omitempty" validate:"min=0,max=31536000"`
	RefreshTokenLifetime int         `json:"refreshTokenLifetime,omitempty" validate:"min=0,max=157680000"`
	IDTokenLifetime      int         `json:"idTokenLifetime,omitempty" validate:"min=0,max=31536000"`
	Realms               []string    `json:"realms,omitempty" validate:"required_with=ID"`
	Meta                 *ClientMeta `json:"meta,omitempty"`
}

ApplicationClient represents an IAM client resource

type ApplicationStatus added in v0.77.0 

type ApplicationStatus struct {
	Schemas []string `json:"schemas"`
	ID      string   `json:"id"`
	Status  string   `json:"status"`
	Meta    *Meta    `json:"meta"`
}

type ApplicationsService 

type ApplicationsService struct {
	// contains filtered or unexported fields
}

ApplicationsService implements actions on IAM Application entities

func (*ApplicationsService) CreateApplication 

func (a *ApplicationsService) CreateApplication(app Application) (*Application, *Response, error)

CreateApplication creates an Application

func (*ApplicationsService) DeleteApplication added in v0.77.0 

func (a *ApplicationsService) DeleteApplication(app Application) (bool, *Response, error)

DeleteApplication deletes an Application

func (*ApplicationsService) DeleteStatus added in v0.77.0 

func (a *ApplicationsService) DeleteStatus(id string) (*ApplicationStatus, *Response, error)

DeleteStatus returns the status of a delete operation on an organization

func (*ApplicationsService) GetApplicationByID 

func (a *ApplicationsService) GetApplicationByID(id string) (*Application, *Response, error)

GetApplicationByID retrieves an Application by its ID

func (*ApplicationsService) GetApplicationByName added in v0.35.1 

func (a *ApplicationsService) GetApplicationByName(name string) (*Application, *Response, error)

GetApplicationByName retrieves an Application by its Name

func (*ApplicationsService) GetApplications added in v0.35.1 

func (a *ApplicationsService) GetApplications(opt *GetApplicationsOptions, options ...OptionFunc) ([]*Application, *Response, error)

GetApplications search for an Applications entity based on the GetApplicationsOptions values

type Attribute added in v0.15.0 

type Attribute struct {
	Value   string `json:"value,omitempty"`
	Ref     string `json:"$ref,omitempty"`
	Primary bool   `json:"primary,omitempty"`
}

type CertificateOptionFunc added in v0.37.0 

type CertificateOptionFunc func(cert *x509.Certificate) error

type ChallengePolicy added in v0.22.0 

type ChallengePolicy struct {
	DefaultQuestions     []string `json:"defaultQuestions"`
	MinQuestionCount     int      `json:"minQuestionCount"`
	MinAnswerCount       int      `json:"minAnswerCount"`
	MaxIncorrectAttempts int      `json:"maxIncorrectAttempts"`
}

type ChangeLoginIDRequest added in v0.14.0 

type ChangeLoginIDRequest struct {
	LoginID string `json:"loginId"`
}

ChangeLoginIDRequest

type Client 

type Client struct {
	// HTTP client used to communicate with the API.
	*http.Client

	// User agent used when communicating with the HSDP IAM API.
	UserAgent string

	Organizations    *OrganizationsService
	Groups           *GroupsService
	Permissions      *PermissionsService
	Roles            *RolesService
	Users            *UsersService
	Applications     *ApplicationsService
	Propositions     *PropositionsService
	Clients          *ClientsService
	Services         *ServicesService
	MFAPolicies      *MFAPoliciesService
	PasswordPolicies *PasswordPoliciesService
	Devices          *DevicesService
	EmailTemplates   *EmailTemplatesService
	SMSGateways      *SMSGatewaysService
	SMSTemplates     *SMSTemplatesService

	sync.Mutex
	// contains filtered or unexported fields
}

A Client manages communication with HSDP IAM API

func NewClient 

func NewClient(httpClient *http.Client, config *Config) (*Client, error)

NewClient returns a new HSDP IAM API client. If a nil httpClient is provided, http.DefaultClient will be used. To use API methods which require authentication, provide a valid oAuth bearer token.

func (*Client) BaseIAMURL 

func (c *Client) BaseIAMURL() *url.URL

BaseIAMURL return a copy of the baseIAMURL.

func (*Client) BaseIDMURL 

func (c *Client) BaseIDMURL() *url.URL

BaseIDMURL return a copy of the baseIAMURL.

func (*Client) ClientCredentialsLogin added in v0.28.0 

func (c *Client) ClientCredentialsLogin() error

ClientCredentialsLogin logs in using client credentials The client credentials and scopes are expected to passed during configuration of the client

func (*Client) Close 

func (c *Client) Close()

Close releases allocated resources of clients

func (*Client) CodeLogin added in v0.10.0 

func (c *Client) CodeLogin(code string, redirectURI string) error

CodeLogin uses the authorization_code grant type to fetch tokens

func (*Client) EndSession added in v0.34.4 

func (c *Client) EndSession() error

EndSession ends the current active session

func (*Client) ExpireToken added in v0.60.1 

func (c *Client) ExpireToken()

ExpireToken expires the token immediately

func (*Client) Expires added in v0.21.0 

func (c *Client) Expires() int64

Expires returns the expiry time (Unix) of the access token

func (*Client) HasOAuth2Credentials added in v0.63.8 

func (c *Client) HasOAuth2Credentials() bool

HasOAuth2Credentials returns true if the client is configured with OAuth2 credentials

func (*Client) HasPermissions 

func (c *Client) HasPermissions(orgID string, permissions ...string) bool

HasPermissions returns true if all permissions are there for the client

func (*Client) HasScopes 

func (c *Client) HasScopes(scopes ...string) bool

HasScopes returns true of all scopes are there for the client

func (*Client) HasSigningKeys added in v0.73.1 

func (c *Client) HasSigningKeys() bool

HasSigningKeys returns true if this client is configured with IAM signing keys

func (*Client) HttpClient added in v0.6.0 

func (c *Client) HttpClient() *http.Client

HttpClient returns the http Client used for connections

func (*Client) IDToken added in v0.21.0 

func (c *Client) IDToken() string

IDToken returns the ID token

func (*Client) Introspect 

func (c *Client) Introspect(opts ...OptionFunc) (*IntrospectResponse, *Response, error)

Introspect introspects the current logged-in user

func (*Client) Login 

func (c *Client) Login(username, password string) error

Login logs in a user with `username` and `password`

func (*Client) RefreshToken 

func (c *Client) RefreshToken() string

RefreshToken returns the refresh token

func (*Client) RevokeAccessToken added in v0.34.4 

func (c *Client) RevokeAccessToken() error

RevokeAccessToken revokes the access and refresh token

func (*Client) RevokeRefreshAccessToken added in v0.34.4 

func (c *Client) RevokeRefreshAccessToken() error

RevokeRefreshAccessToken revokes the access and refresh token

func (*Client) ServiceLogin 

func (c *Client) ServiceLogin(service Service) error

ServiceLogin logs a service in using a JWT signed with the service private key

func (*Client) SetBaseIAMURL 

func (c *Client) SetBaseIAMURL(urlStr string) error

SetBaseIAMURL sets the base URL for API requests to a custom endpoint. urlStr should always be specified with a trailing slash.

func (*Client) SetBaseIDMURL 

func (c *Client) SetBaseIDMURL(urlStr string) error

SetBaseIDMURL sets the base URL for API requests to a custom endpoint. urlStr should always be specified with a trailing slash.

func (*Client) SetToken 

func (c *Client) SetToken(token string)

SetToken sets the token

func (*Client) SetTokens added in v0.21.0 

func (c *Client) SetTokens(accessToken, refreshToken, idToken string, expiresAt int64)

SetTokens sets the token

func (*Client) Token 

func (c *Client) Token() (string, error)

Token returns the current token

func (*Client) TokenRefresh added in v0.10.0 

func (c *Client) TokenRefresh() error

TokenRefresh forces a token refresh

func (*Client) WithLogin added in v0.10.0 

func (c *Client) WithLogin(username, password string) (*Client, error)

WithLogin returns a cloned client with new login

func (*Client) WithToken 

func (c *Client) WithToken(token string) *Client

WithToken returns a cloned client with the token set

type ClientMeta added in v0.18.0 

type ClientMeta struct {
	VersionID    string `json:"versionId,omitempty"`
	LastModified string `json:"lastModified,omitempty"`
}

type ClientsService 

type ClientsService struct {
	// contains filtered or unexported fields
}

ClientsService provides operations on IAM roles resources

func (*ClientsService) CreateClient 

func (c *ClientsService) CreateClient(ac ApplicationClient) (*ApplicationClient, *Response, error)

CreateClient creates a Client

func (*ClientsService) DeleteClient 

func (c *ClientsService) DeleteClient(ac ApplicationClient) (bool, *Response, error)

DeleteClient deletes the given Client

func (*ClientsService) GetClientByID 

func (c *ClientsService) GetClientByID(id string) (*ApplicationClient, *Response, error)

GetClientByID finds a client by its ID

func (*ClientsService) GetClients 

func (c *ClientsService) GetClients(opt *GetClientsOptions, options ...OptionFunc) (*[]ApplicationClient, *Response, error)

GetClients looks up clients based on GetClientsOptions

func (*ClientsService) UpdateClient added in v0.16.0 

func (c *ClientsService) UpdateClient(ac ApplicationClient) (*ApplicationClient, *Response, error)

UpdateClient updates a client

func (*ClientsService) UpdateScopes 

func (c *ClientsService) UpdateScopes(ac ApplicationClient, scopes []string, defaultScopes []string) (bool, *Response, error)

UpdateScope updates a clients scope

type CodeableConcept added in v0.21.0 

type CodeableConcept struct {
	Code string `json:"code" validate:"required,min=1,max=10"`
	Text string `json:"text" validate:"max=250"`
}

CodeableConcept describes a code-able concept

type Config 

type Config struct {
	Region           string
	Environment      string
	OAuth2ClientID   string
	OAuth2Secret     string
	SharedKey        string
	SecretKey        string
	BaseIAMURL       string
	BaseIDMURL       string
	OrgAdminUsername string
	OrgAdminPassword string
	IAMURL           string
	IDMURL           string
	Scopes           []string
	RootOrgID        string
	DebugLog         io.Writer
	Signer           *hsdpsigner.Signer
}

Config contains the configuration of a client

type Contact 

type Contact struct {
	EmailAddress string `json:"emailAddress,omitempty"`
	MobilePhone  string `json:"mobilePhone,omitempty"`
	WorkPhone    string `json:"workPhone,omitempty"`
	HomePhone    string `json:"homePhone,omitempty"`
}

Contact describes contact details of a Profile

type ContextKey added in v0.3.0 

type ContextKey string

type Device added in v0.21.0 

type Device struct {
	ID                string           `json:"id,omitempty"`
	LoginID           string           `json:"loginId,omitempty" validate:"required,reserved-strings,min=5,max=50" `
	DeviceExtID       DeviceIdentifier `json:"deviceExtId" validate:"required"`
	Password          string           `json:"password,omitempty" validate:"required_without=ID,max=255"`
	Type              string           `json:"type" validate:"required,min=1,max=50"`
	RegistrationDate  *time.Time       `json:"registrationDate,omitempty"`
	ForTest           bool             `json:"forTest,omitempty"`
	IsActive          bool             `json:"isActive,omitempty"`
	DebugUntil        *time.Time       `json:"debugUntil,omitempty"`
	OrganizationID    string           `json:"organizationId" validate:"required"`
	GlobalReferenceID string           `json:"globalReferenceId" validate:"required,min=3,max=50"`
	Text              string           `json:"text,omitempty"`
	ApplicationID     string           `json:"applicationId" validate:"required"`
	Meta              *Meta            `json:"meta,omitempty"`
}

Device represents an IAM resource

type DeviceIdentifier added in v0.21.0 

type DeviceIdentifier struct {
	System string          `json:"system" validate:"max=250"`
	Value  string          `json:"value" validate:"max=250"`
	Type   CodeableConcept `json:"type"`
}

DeviceIdentifier holds device identity information

type DevicesService added in v0.21.0 

type DevicesService struct {
	// contains filtered or unexported fields
}

DevicesService provides operations on IAM device resources

func (*DevicesService) ChangePassword added in v0.21.0 

func (p *DevicesService) ChangePassword(deviceID, oldPassword, newPassword string) (bool, *Response, error)

ChangePassword changes the password. The current pasword must be provided as well. No password history will be maintained for device.

func (*DevicesService) CreateDevice added in v0.21.0 

func (p *DevicesService) CreateDevice(device Device) (*Device, *Response, error)

CreateDevice creates a Device A user with DEVICE.WRITE permission can create devices under the organization.

func (*DevicesService) DeleteDevice added in v0.21.0 

func (p *DevicesService) DeleteDevice(device Device) (bool, *Response, error)

DeleteDevice deletes the given Device The is usually done by a organization administrator. Any user with DEVICE.WRITE or DEVICE.DELETE permission within the organization can delete a device from an organization.

func (*DevicesService) GetDeviceByID added in v0.21.0 

func (p *DevicesService) GetDeviceByID(deviceID string) (*Device, *Response, error)

GetDeviceByID retrieves a device by ID

func (*DevicesService) GetDevices added in v0.21.0 

func (p *DevicesService) GetDevices(opt *GetDevicesOptions, options ...OptionFunc) (*[]Device, *Response, error)

GetDevices looks up Devices based on GetDevicesOptions A user with DEVICE.READ permission can read device information under the user organization.

func (*DevicesService) UpdateDevice added in v0.21.0 

func (p *DevicesService) UpdateDevice(device Device) (*Device, *Response, error)

UpdateDevice updates Device properties. Any user with DEVICE.WRITE permission within the organization can update device properties. The entire resource data must be passed as request body to update a device. If read-only attributes (such as id, loginId, password, meta, organizationId) are passed, that will be ignored.

type EmailTemplate added in v0.31.0 

type EmailTemplate struct {
	// ID is the UUID generated for a stored email template
	ID string `json:"id,omitempty"`

	// Type is the type of the email template
	Type string `` /* 202-byte string literal not displayed */

	// ManagingOrganization is the Unique UUID of the organization under which the email template needs to be created.
	ManagingOrganization string `json:"managingOrganization" validate:"required"`

	// From is the sender field
	From string `json:"from,omitempty"`

	// Format is the template format. Must be HTML at this time
	Format string `json:"format" validate:"required" enum:"HTML"`

	// Locale is the locale for the email template. The locale is case insensitive
	Locale string `json:"locale,omitempty"`

	// Subject is the email subject
	Subject string `json:"subject" validate:"required,min=1,max=256"`

	// Message should contain the base64 encoded body of the email
	Message string `json:"message" validate:"required"`

	// Link is a clickable link according to the template type
	Link string `json:"link,omitempty"`

	// Meta contains additional metadata
	Meta *Meta `json:"meta,omitempty"`
}

EmailTemplate describes an email template

type EmailTemplatesService added in v0.31.0 

type EmailTemplatesService struct {
	// contains filtered or unexported fields
}

EmailTemplatesService provides operations on IAM email template resources

func (*EmailTemplatesService) CreateTemplate added in v0.31.0 

func (e *EmailTemplatesService) CreateTemplate(template EmailTemplate) (*EmailTemplate, *Response, error)

CreateTemplate creates an EmailTemplate A user with EMAILTEMPLATE.WRITE permission can create templates under the organization.

func (*EmailTemplatesService) DeleteTemplate added in v0.31.0 

func (e *EmailTemplatesService) DeleteTemplate(template EmailTemplate) (bool, *Response, error)

DeleteTemplate deletes the given EmailTemplate

func (*EmailTemplatesService) GetTemplateByID added in v0.31.0 

func (e *EmailTemplatesService) GetTemplateByID(ID string) (*EmailTemplate, *Response, error)

func (*EmailTemplatesService) GetTemplates added in v0.49.0 

func (e *EmailTemplatesService) GetTemplates(opt *GetEmailTemplatesOptions, options ...OptionFunc) (*[]EmailTemplate, *Response, error)

GetTemplates finds EmailTemplate based on search criteria Any user with EMAILTEMPLATE.WRITE or EMAILTEMPLATE.READ permission can retrieve the template information.

type Endpoint 

type Endpoint string

Endpoint type

type ErrorResponse added in v0.30.0 

type ErrorResponse struct {
	Response         *http.Response `json:"-"`
	Code             string         `json:"responseCode,omitempty"`
	Message          string         `json:"responseMessage,omitempty"`
	ErrorString      string         `json:"error,omitempty"`
	ErrorDescription string         `json:"error_description,omitempty"`
}

ErrorResponse represents an IAM errors response containing a code and a human-readable message

func (*ErrorResponse) Error added in v0.30.0 

func (e *ErrorResponse) Error() string

type ExtensionGroup added in v0.77.3 

type ExtensionGroup struct {
	Description  string           `json:"description"`
	Organization Attribute        `json:"organization"`
	GroupMembers SCIMListResponse `json:"groupMembers"`
}

type ExtensionUser added in v0.77.3 

type ExtensionUser struct {
	EmailVerified bool      `json:"emailVerified"`
	PhoneVerified bool      `json:"phoneVerified"`
	Organization  Attribute `json:"organization"`
}

type GetApplicationsOptions 

type GetApplicationsOptions struct {
	ID                *string `url:"_id,omitempty"`
	PropositionID     *string `url:"propositionId,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	Name              *string `url:"name,omitempty"`
}

GetApplicationsOptions specifies what search criteria can be used to look for entities

type GetClientsOptions 

type GetClientsOptions struct {
	ID                *string `url:"_id,omitempty"`
	Name              *string `url:"name,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	ApplicationID     *string `url:"applicationId,omitempty"`
}

GetClientsOptions describes search criteria for looking up roles

type GetDevicesOptions added in v0.21.0 

type GetDevicesOptions struct {
	ID                *string `url:"_id,omitempty"`
	Count             *int    `url:"_count,omitempty"`
	Page              *int    `url:"_page,omitempty"`
	DeviceExtIDValue  *string `url:"deviceExtId.value,omitempty"`
	DeviceExtIDType   *string `url:"deviceExtId.value,omitempty"`
	DeviceExtIDSystem *string `url:"deviceExtId.system,omitempty"`
	LoginID           *string `url:"loginId,omitempty" validate:""`
	ForTest           *bool   `url:"forTest,omitempty"`
	IsActive          *bool   `url:"isActive,omitempty"`
	OrganizationID    *string `url:"organizationId,omitempty"`
	ApplicationID     *string `url:"applicationId,omitempty"`
	Type              *string `url:"type,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	GroupID           *string `url:"groupId,omitempty"`
}

GetDevicesOptions describes search criteria for looking up devices

type GetEmailTemplatesOptions added in v0.31.0 

type GetEmailTemplatesOptions struct {
	Type           *string `url:"type,omitempty"`
	OrganizationID *string `url:"organizationId,omitempty"`
	Locale         *string `url:"locale,omitempty"`
}

type GetGroupOptions 

type GetGroupOptions struct {
	ID             *string `url:"_id,omitempty"`
	OrganizationID *string `url:"orgID,omitempty"`
	Name           *string `url:"name,omitempty"`
	MemberType     *string `url:"memberType,omitempty"`
	MemberID       *string `url:"memberId,omitempty"`
}

GetGroupOptions describes the fields on which you can search for Groups

type GetOrganizationOptions 

type GetOrganizationOptions struct {
	Filter             *string `url:"filter,omitempty"`
	Attributes         *string `url:"attributes,omitempty"`
	ExcludedAttributes *string `url:"excludedAttributes,omitempty"`
}

GetOrganizationOptions describes the criteria for looking up Organizations

func FilterNameEq added in v0.15.0 

func FilterNameEq(name string) *GetOrganizationOptions

func FilterOrgEq added in v0.15.0 

func FilterOrgEq(orgID string) *GetOrganizationOptions

func FilterParentEq added in v0.15.0 

func FilterParentEq(parentID string) *GetOrganizationOptions

type GetPasswordPolicyOptions added in v0.21.0 

type GetPasswordPolicyOptions struct {
	OrganizationID *string `url:"organizationId,omitempty"`
}

GetPasswordPolicyOptions describes the criteria for looking up password polices

type GetPermissionOptions 

type GetPermissionOptions struct {
	ID     *string `url:"_id,omitempty"`
	Name   *string `url:"name,omitempty"`
	RoleID *string `url:"roleId,omitempty"`
}

GetPermissionOptions describes search criteria for looking up permissions

type GetPropositionsOptions 

type GetPropositionsOptions struct {
	ID                *string `url:"_id,omitempty"`
	Count             *int    `url:"_count,omitempty"`
	Page              *int    `url:"_page,omitempty"`
	OrganizationID    *string `url:"organizationId,omitempty"`
	PropositionID     *string `url:"propositionId,omitempty"`
	GlobalReferenceID *string `url:"globalReferenceId,omitempty"`
	Name              *string `url:"name,omitempty"`
}

GetPropositionsOptions specifies what search criteria can be used to look for entities

type GetRolesOptions 

type GetRolesOptions struct {
	Name           *string `url:"name,omitempty"`
	GroupID        *string `url:"groupId,omitempty"`
	OrganizationID *string `url:"organizationId,omitempty"`
	RoleID         *string `url:"roleId,omitempty"`
}

GetRolesOptions describes search criteria for looking up roles

type GetSMSGatewayOptions added in v0.46.0 

type GetSMSGatewayOptions struct {
	Filter             *string `url:"filter,omitempty"`
	Attributes         *string `url:"attributes,omitempty"`
	ExcludedAttributes *string `url:"excludedAttributes,omitempty"`
}

GetSMSGatewayOptions describes the criteria for looking up SMS gateways

func SMSGatewayFilterOrgEq added in v0.46.0 

func SMSGatewayFilterOrgEq(orgID string) *GetSMSGatewayOptions

type GetSMSTemplateOptions added in v0.46.0 

type GetSMSTemplateOptions struct {
	Filter             *string `url:"filter,omitempty"`
	Attributes         *string `url:"attributes,omitempty"`
	ExcludedAttributes *string `url:"excludedAttributes,omitempty"`
}

GetSMSTemplateOptions describes the criteria for looking up SMS templates

func SMSTemplateFilterOrgTypeLang added in v0.46.0 

func SMSTemplateFilterOrgTypeLang(orgID, templateType, locale string) *GetSMSTemplateOptions

type GetServiceOptions 

type GetServiceOptions struct {
	ID             *string `url:"_id,omitempty"`
	Name           *string `url:"name,omitempty"`
	ApplicationID  *string `url:"applicationId,omitempty"`
	OrganizationID *string `url:"organizationId,omitempty"`
	ServiceID      *string `url:"serviceId,omitempty"`
}

GetServiceOptions describes search criteria for looking up services

type GetUserOptions 

type GetUserOptions struct {
	ID             *string `url:"_id,omitempty"`
	OrganizationID *string `url:"organizationID,omitempty"`
	Name           *string `url:"name,omitempty"`
	LoginID        *string `url:"loginId,omitempty"`
	GroupID        *string `url:"groupId,omitempty"`
	PageSize       *string `url:"pageSize,omitempty"`
	PageNumber     *string `url:"pageNumber,omitempty"`
	UserID         *string `url:"userId,omitempty"`
	ProfileType    *string `url:"profileType,omitempty" enum:"membership|accountStatus|passwordStatus|consentedApps|all"`
}

GetUserOptions describes search criteria for looking up users

type Group 

type Group struct {
	ID                   string `json:"id,omitempty" validate:""`
	Name                 string `json:"name,omitempty" validate:"required"`
	Description          string `json:"description,omitempty" validate:""`
	ManagingOrganization string `json:"managingOrganization,omitempty" validate:"required"`
}

Group represents an IAM group resource

type GroupResource added in v0.51.0 

type GroupResource struct {
	ID               string `json:"_id"`
	ResourceType     string `json:"resourceType"`
	GroupName        string `json:"groupName"`
	OrgID            string `json:"orgId"`
	GroupDescription string `json:"groupDescription"`
}

GroupResource is the resource response of a Group search operation

type GroupsService 

type GroupsService struct {
	// contains filtered or unexported fields
}

GroupsService implements actions on Group entities

func (*GroupsService) AddDevices added in v0.14.0 

func (g *GroupsService) AddDevices(ctx context.Context, group Group, devices ...string) (MemberResponse, *Response, error)

AddDevices adds services to the given Group

func (*GroupsService) AddIdentities added in v0.14.0 

func (g *GroupsService) AddIdentities(ctx context.Context, group Group, memberType string, identities ...string) (MemberResponse, *Response, error)

AddIdentities adds services to the given Group

func (*GroupsService) AddMembers 

func (g *GroupsService) AddMembers(ctx context.Context, group Group, users ...string) (MemberResponse, *Response, error)

AddMembers adds users to the given Group

func (*GroupsService) AddServices added in v0.13.0 

func (g *GroupsService) AddServices(ctx context.Context, group Group, services ...string) (MemberResponse, *Response, error)

AddServices adds services to the given Group

func (*GroupsService) AssignRole 

func (g *GroupsService) AssignRole(ctx context.Context, group Group, role Role) (bool, *Response, error)

AssignRole adds a role to a group

func (*GroupsService) CreateGroup 

func (g *GroupsService) CreateGroup(group Group) (*Group, *Response, error)

CreateGroup creates a Group

func (*GroupsService) DeleteGroup 

func (g *GroupsService) DeleteGroup(group Group) (bool, *Response, error)

DeleteGroup deletes the given Group

func (*GroupsService) GetGroupByID 

func (g *GroupsService) GetGroupByID(id string) (*Group, *Response, error)

GetGroupByID retrieves a Group based on the ID

func (*GroupsService) GetGroups added in v0.36.2 

func (g *GroupsService) GetGroups(opt *GetGroupOptions, options ...OptionFunc) (*[]GroupResource, *Response, error)

GetGroups retrieves all groups

func (*GroupsService) GetRoles 

func (g *GroupsService) GetRoles(group Group) (*[]Role, *Response, error)

GetRoles returns the roles assigned to this group

func (*GroupsService) RemoveDevices added in v0.14.0 

func (g *GroupsService) RemoveDevices(ctx context.Context, group Group, devices ...string) (MemberResponse, *Response, error)

RemoveDevices removes services from the given Group

func (*GroupsService) RemoveIdentities added in v0.14.0 

func (g *GroupsService) RemoveIdentities(ctx context.Context, group Group, memberType string, identities ...string) (MemberResponse, *Response, error)

RemoveIdentities removes services from the given Group

func (*GroupsService) RemoveMembers 

func (g *GroupsService) RemoveMembers(ctx context.Context, group Group, users ...string) (MemberResponse, *Response, error)

RemoveMembers removes users from the given Group

func (*GroupsService) RemoveRole 

func (g *GroupsService) RemoveRole(ctx context.Context, group Group, role Role) (bool, *Response, error)

RemoveRole removes a role from a group

func (*GroupsService) RemoveServices added in v0.13.0 

func (g *GroupsService) RemoveServices(ctx context.Context, group Group, services ...string) (MemberResponse, *Response, error)

RemoveServices removes services from the given Group

func (*GroupsService) SCIMGetGroupByID added in v0.77.3 

func (g *GroupsService) SCIMGetGroupByID(id string, opt *SCIMGetGroupOptions, options ...OptionFunc) (*SCIMGroup, *Response, error)

SCIMGetGroupByID gets a group resource via the SCIM API

func (*GroupsService) SCIMGetGroupByIDAll added in v0.77.3 

func (g *GroupsService) SCIMGetGroupByIDAll(id string, opt *SCIMGetGroupOptions, options ...OptionFunc) (*SCIMGroup, *Response, error)

SCIMGetGroupByIDAll gets all resources from a group via the SCIM API

func (*GroupsService) UpdateGroup 

func (g *GroupsService) UpdateGroup(group Group) (*Group, *Response, error)

UpdateGroup updates the Group

type HTTPStatus added in v0.73.0 

type HTTPStatus interface {
	StatusCode() int
}

type IntrospectResponse 

type IntrospectResponse struct {
	Active        bool   `json:"active"`
	Scope         string `json:"scope"`
	Username      string `json:"username"`
	Expires       int64  `json:"exp"`
	Sub           string `json:"sub"`
	ISS           string `json:"iss"`
	Organizations struct {
		ManagingOrganization string `json:"managingOrganization"`
		OrganizationList     []struct {
			OrganizationID       string   `json:"organizationId"`
			Permissions          []string `json:"permissions"`
			EffectivePermissions []string `json:"effectivePermissions"`
			OrganizationName     string   `json:"organizationName"`
			Groups               []string `json:"groups"`
			Roles                []string `json:"roles"`
		} `json:"organizationList"`
	} `json:"organizations"`
	ClientID     string `json:"client_id"`
	TokenType    string `json:"token_type"`
	IdentityType string `json:"identity_type"`
}

IntrospectResponse contains details of the introspect on a profile

type ListSharingPoliciesOptions added in v0.72.0 

type ListSharingPoliciesOptions struct {
	TargetOrganizationID *string `url:"targetOrganizationId,omitempty"`
	SharingPolicy        *string `url:"sharingPolicy,omitempty"`
	RecordsPerPage       *int    `url:"recordsPerPage,omitempty"`
	StartPage            *int    `url:"startPage,omitempty"`
}

ListSharingPoliciesOptions describes search criteria for listing RoleSharingPolicy resources

type MFAPoliciesService added in v0.10.0 

type MFAPoliciesService struct {
	// contains filtered or unexported fields
}

MFAPoliciesService holds state for the service

func (*MFAPoliciesService) CreateMFAPolicy added in v0.10.0 

func (p *MFAPoliciesService) CreateMFAPolicy(policy MFAPolicy) (*MFAPolicy, *Response, error)

CreateMFAPolicy creates a MFAPolicy

func (*MFAPoliciesService) DeleteMFAPolicy added in v0.10.0 

func (p *MFAPoliciesService) DeleteMFAPolicy(policy MFAPolicy) (bool, *Response, error)

DeleteMFAPolicy deletes the given MFAPolicy

func (*MFAPoliciesService) GetMFAPolicyByID added in v0.10.0 

func (p *MFAPoliciesService) GetMFAPolicyByID(MFAPolicyID string) (*MFAPolicy, *Response, error)

GetMFAPolicyByID retrieves a MFAPolicy by ID

func (*MFAPoliciesService) UpdateMFAPolicy added in v0.10.0 

func (p *MFAPoliciesService) UpdateMFAPolicy(policy *MFAPolicy) (*MFAPolicy, *Response, error)

UpdateMFAPolicy updates a MFAPolicy

type MFAPolicy added in v0.10.0 

type MFAPolicy struct {
	Schemas     []string          `json:"schemas" validate:"min=1"`
	ID          string            `json:"id,omitempty" validate:"omitempty,min=1,max=256"`
	Name        string            `json:"name"`
	Description string            `json:"description,omitempty"`
	Resource    MFAPolicyResource `json:"resource,omitempty"`
	ExternalID  string            `json:"externalId,omitempty"`
	Types       []string          `json:"types" validate:"min=1"`
	Active      *bool             `json:"active,omitempty"`
	CreatedBy   *struct {
		Value string `json:"value,omitempty"`
		Ref   string `json:"$ref,omitempty"`
	} `json:"createdBy,omitempty"`
	ModifiedBy *struct {
		Value string `json:"value,omitempty"`
		Ref   string `json:"$ref,omitempty"`
	} `json:"modifiedBy,omitempty"`
	Meta *MFAPolicyMeta `json:"meta,omitempty"`
}

func (*MFAPolicy) SetActive added in v0.10.0 

func (p *MFAPolicy) SetActive(val bool)

func (*MFAPolicy) SetResourceOrganization added in v0.10.0 

func (p *MFAPolicy) SetResourceOrganization(uuid string)

func (*MFAPolicy) SetResourceUser added in v0.10.0 

func (p *MFAPolicy) SetResourceUser(uuid string)

func (*MFAPolicy) SetType added in v0.10.0 

func (p *MFAPolicy) SetType(val string)

type MFAPolicyMeta added in v0.10.0 

type MFAPolicyMeta struct {
	ResourceType string `json:"resourceType,omitempty"`
	Created      string `json:"created,omitempty"`
	LastModified string `json:"lastModified,omitempty"`
	Location     string `json:"location,omitempty"`
	Version      string `json:"version,omitempty"`
}

type MFAPolicyResource added in v0.10.0 

type MFAPolicyResource struct {
	Type  string `json:"type" validate:"required"`
	Value string `json:"value" validate:"required"`
	Ref   string `json:"$ref,omitempty"`
}

type MemberResponse added in v0.51.0 

type MemberResponse map[string]interface{}

type Membership added in v0.51.0 

type Membership struct {
	internal.OperationOutcome
	MemberType string   `json:"memberType"`
	Value      []string `json:"value"`
}

type Meta added in v0.15.0 

type Meta struct {
	ResourceType string     `json:"resourceType,omitempty"`
	LastModified *time.Time `json:"lastModified,omitempty"`
	LastUpdated  *time.Time `json:"lastUpdated,omitempty"`
	Created      *time.Time `json:"created,omitempty"`
	UpdatedBy    string     `json:"updatedBy,omitempty"`
	CreatedBy    string     `json:"createdBy,omitempty"`
	Location     string     `json:"location,omitempty"`
	Version      string     `json:"version,omitempty"`   // No
	VersionID    string     `json:"versionId,omitempty"` // Consistency
}

type Name 

type Name struct {
	Text   string `json:"text,omitempty"`
	Family string `json:"family" validate:"required"`
	Given  string `json:"given" validate:"required"`
	Prefix string `json:"prefix,omitempty"`
}

Name entity

type OptionFunc 

type OptionFunc func(*http.Request) error

OptionFunc is the function signature function for options

func WithContext 

func WithContext(ctx context.Context) OptionFunc

WithContext runs the request with the provided context

func WithOrgContext added in v0.63.2 

func WithOrgContext(organizationId string) OptionFunc

type OrgAddress added in v0.15.0 

type OrgAddress struct {
	Formatted     string `json:"formatted,omitempty"`
	StreetAddress string `json:"streetAddress,omitempty"`
	Locality      string `json:"locality,omitempty"`
	Region        string `json:"region,omitempty"`
	PostalCode    string `json:"postalCode,omitempty"`
	Country       string `json:"country,omitempty"`
}

type Organization 

type Organization struct {
	Schemas           []string    `json:"schemas"`
	ID                string      `json:"id"`
	ExternalID        string      `json:"externalId,omitempty"`
	Name              string      `json:"name"`
	DisplayName       string      `json:"displayName,omitempty"`
	Description       string      `json:"description,omitempty"`
	Parent            Attribute   `json:"parent,omitempty"`
	Type              string      `json:"type,omitempty"`
	Active            bool        `json:"active,omitempty"`
	InheritProperties bool        `json:"inheritProperties,omitempty"`
	Address           OrgAddress  `json:"address,omitempty"`
	Owners            []Attribute `json:"owners,omitempty"`
	CreatedBy         *Attribute  `json:"createdBy,omitempty"`
	ModifiedBy        *Attribute  `json:"modifiedBy,omitempty"`
	Meta              *Meta       `json:"meta,omitempty"`
}

Organization represents a IAM Organization resource

type OrganizationStatus added in v0.15.0 

type OrganizationStatus struct {
	Schemas        []string `json:"schemas"`
	ID             string   `json:"id"`
	Status         string   `json:"status"`
	TotalResources int      `json:"totalResources"`
	Meta           *Meta    `json:"meta"`
}

type OrganizationValue added in v0.46.0 

type OrganizationValue struct {
	Value string `json:"value" validate:"required"`
}

type OrganizationsService 

type OrganizationsService struct {
	// contains filtered or unexported fields
}

OrganizationsService implements operations on Organization entities

func (*OrganizationsService) CreateOrganization 

func (o *OrganizationsService) CreateOrganization(organization Organization) (*Organization, *Response, error)

CreateOrganization creates a (sub) organization in IAM

func (*OrganizationsService) DeleteOrganization added in v0.15.0 

func (o *OrganizationsService) DeleteOrganization(org Organization) (bool, *Response, error)

DeleteOrganization deletes the organization

func (*OrganizationsService) DeleteStatus added in v0.15.0 

func (o *OrganizationsService) DeleteStatus(id string) (*OrganizationStatus, *Response, error)

DeleteStatus returns the status of a delete operation on an organization

func (*OrganizationsService) GetOrganization 

func (o *OrganizationsService) GetOrganization(opt *GetOrganizationOptions, options ...OptionFunc) (*Organization, *Response, error)

GetOrganization retrieves an organization based on the GetOrganizationOptions parameters.

func (*OrganizationsService) GetOrganizationByID 

func (o *OrganizationsService) GetOrganizationByID(id string) (*Organization, *Response, error)

GetOrganizationByID retrieves an organization by ID

func (*OrganizationsService) UpdateOrganization 

func (o *OrganizationsService) UpdateOrganization(org Organization) (*Organization, *Response, error)

UpdateOrganization updates the description of the organization.

type Param 

type Param struct {
	Name     string   `json:"name"`
	Resource Resource `json:"resource"`
}

Param describes a resource

type Parameter 

type Parameter struct {
	Name       string      `json:"name"`
	References []Reference `json:"references"`
}

Parameter holds named references

type Parameters 

type Parameters struct {
	ResourceType string  `json:"resourceType"`
	Parameter    []Param `json:"parameter"`
}

Parameters holds parameters

type PasswordPoliciesService added in v0.21.0 

type PasswordPoliciesService struct {
	// contains filtered or unexported fields
}

PasswordPoliciesService keeps the state of the service

func (*PasswordPoliciesService) CreatePasswordPolicy added in v0.21.0 

func (p *PasswordPoliciesService) CreatePasswordPolicy(policy PasswordPolicy) (*PasswordPolicy, *Response, error)

CreatePasswordPolicy creates a password policy

func (*PasswordPoliciesService) DeletePasswordPolicy added in v0.21.0 

func (p *PasswordPoliciesService) DeletePasswordPolicy(policy PasswordPolicy) (bool, *Response, error)

DeletePasswordPolicy deletes the given password policy

func (*PasswordPoliciesService) GetPasswordPolicies added in v0.21.0 

func (p *PasswordPoliciesService) GetPasswordPolicies(opt *GetPasswordPolicyOptions, options ...OptionFunc) (*[]PasswordPolicy, *Response, error)

GetPasswordPolicies looks up clients based on GetClientsOptions

func (*PasswordPoliciesService) GetPasswordPolicyByID added in v0.21.0 

func (p *PasswordPoliciesService) GetPasswordPolicyByID(id string) (*PasswordPolicy, *Response, error)

GetPasswordPolicyByID retrieves a Password policy by ID

func (*PasswordPoliciesService) UpdatePasswordPolicy added in v0.21.0 

func (p *PasswordPoliciesService) UpdatePasswordPolicy(policy PasswordPolicy) (*PasswordPolicy, *Response, error)

UpdatePasswordPolicy updates a password policy

type PasswordPolicy added in v0.21.0 

type PasswordPolicy struct {
	ID                   string `json:"id,omitempty"`
	ManagingOrganization string `json:"managingOrganization"`
	ExpiryPeriodInDays   int    `json:"expiryPeriodInDays"`
	HistoryCount         int    `json:"historyCount"`
	Complexity           struct {
		MinLength       int `json:"minLength"`
		MaxLength       int `json:"maxLength"`
		MinNumerics     int `json:"minNumerics"`
		MinUpperCase    int `json:"minUpperCase"`
		MinLowerCase    int `json:"minLowerCase"`
		MinSpecialChars int `json:"minSpecialChars"`
	} `json:"complexity"`
	ChallengesEnabled bool             `json:"challengesEnabled"`
	ChallengePolicy   *ChallengePolicy `json:"challengePolicy,omitempty"`
	Meta              *Meta            `json:"meta,omitempty"`
}

type Period 

type Period struct {
	Description string `json:"description"`
	Start       string `json:"start"`
	End         string `json:"end"`
}

Period defines a given time period for use in Profile context

type Permission 

type Permission struct {
	ID          string `json:"id"`
	Name        string `json:"name"`
	Description string `json:"description"`
	Category    string `json:"category"`
	Type        string `json:"type"`
}

Permission represents a IAM Permission resource

type PermissionsService 

type PermissionsService struct {
	// contains filtered or unexported fields
}

PermissionsService provides operations on IAM Permissions resources

func (*PermissionsService) GetPermission 

func (p *PermissionsService) GetPermission(opt *GetPermissionOptions, options ...OptionFunc) (*Permission, *Response, error)

GetPermission looks up a permission based on GetPermissionOptions

func (*PermissionsService) GetPermissionByID 

func (p *PermissionsService) GetPermissionByID(id string) (*Permission, *Response, error)

GetPermissionByID looks up a permission by ID

func (*PermissionsService) GetPermissionByName 

func (p *PermissionsService) GetPermissionByName(name string) (*Permission, *Response, error)

GetPermissionByName looks up a permission by name

func (*PermissionsService) GetPermissions 

func (p *PermissionsService) GetPermissions(opt *GetPermissionOptions, options ...OptionFunc) (*[]Permission, *Response, error)

GetPermissions looks up permissions based on GetPermissionOptions

func (*PermissionsService) GetPermissionsByRoleID 

func (p *PermissionsService) GetPermissionsByRoleID(roleID string) (*[]Permission, *Response, error)

GetPermissionsByRoleID finds all permission which belong to the roleID

type Person 

type Person struct {
	ID string `json:"id,omitempty" validate:"omitempty"`
	// Pattern: ^((?![~`!#%^&*()+={}[\\]|/\\\\<>,;:\"'?])[\\S])*$
	LoginID                       string         `json:"loginId" validate:"required"`
	ResourceType                  string         `json:"resourceType,omitempty" validate:"required" enum:"Person"`
	Name                          Name           `json:"name" validate:"required"`
	Telecom                       []TelecomEntry `json:"telecom,omitempty" validate:"min=1"`
	Address                       []AddressEntry `json:"address,omitempty"`
	Description                   string         `json:"description,omitempty"`
	ManagingOrganization          string         `json:"managingOrganization,omitempty"`
	PreferredLanguage             string         `json:"preferredLanguage,omitempty"`
	PreferredCommunicationChannel string         `json:"preferredCommunicationChannel,omitempty"`
	IsAgeValidated                string         `json:"isAgeValidated,omitempty"`
	Password                      string         `json:"password,omitempty"`
	Disabled                      bool           `json:"disabled"`
	Loaded                        bool           `json:"-"`
}

Person represents an IAM user resource

type Profile 

type Profile struct {
	ID                            string     `json:"-"`
	GivenName                     string     `json:"givenName"`
	MiddleName                    string     `json:"middleName"`
	FamilyName                    string     `json:"familyName"`
	BirthDay                      *time.Time `json:"birthDay,omitempty"`
	DisplayName                   string     `json:"displayName,omitempty"`
	Gender                        string     `json:"gender,omitempty" enum:"Male|Female"`
	Country                       string     `json:"country,omitempty"`
	Contact                       Contact    `json:"contact,omitempty"`
	Addresses                     []Address  `json:"addresses,omitempty"`
	Disabled                      *bool      `json:"disabled,omitempty"`
	PreferredLanguage             string     `json:"preferredLanguage,omitempty"`
	PreferredCommunicationChannel string     `json:"preferredCommunicationChannel,omitempty"`
	VerifiedMobilePhoneStatus     string     `json:"verifiedMobilePhoneStatus,omitempty"`
	EmailVerifiedStatus           string     `json:"emailVerifiedStatus,omitempty"`
	MustChangePassword            string     `json:"mustChangePassword,omitempty"`
}

Profile describes the response from legacy User APIs The response does not correspond to the object that is used to create a user

func (*Profile) MergeUser added in v0.36.0 

func (p *Profile) MergeUser(user *User)

MergeUser merges User into legacy Profile

func (*Profile) PruneBlankAddresses added in v0.36.2 

func (p *Profile) PruneBlankAddresses()

PruneBlankAddresses removes addresses which are blank

type Proposition 

type Proposition struct {
	ID                string `json:"id,omitempty"`
	Name              string `json:"name"`
	Description       string `json:"description"`
	OrganizationID    string `json:"organizationId"`
	GlobalReferenceID string `json:"globalReferenceId"`
}

Proposition represents an IAM Proposition entity

type PropositionStatus added in v0.86.0 

type PropositionStatus struct {
	Schemas        []string `json:"schemas"`
	ID             string   `json:"id"`
	Status         string   `json:"status"`
	TotalResources int      `json:"totalResources"`
	Meta           *Meta    `json:"meta"`
}

PropositionStatus holds the status of a delete Proposition operation

type PropositionsService 

type PropositionsService struct {
	// contains filtered or unexported fields
}

PropositionsService implements actions on IAM Proposition entities

func (*PropositionsService) CreateProposition 

func (p *PropositionsService) CreateProposition(prop Proposition) (*Proposition, *Response, error)

CreateProposition creates a Proposition

func (*PropositionsService) DeleteProposition added in v0.86.0 

func (p *PropositionsService) DeleteProposition(prop Proposition) (bool, *Response, error)

func (*PropositionsService) DeleteStatus added in v0.86.0 

func (p *PropositionsService) DeleteStatus(id string) (*PropositionStatus, *Response, error)

DeleteStatus returns the status of a delete operation on an organization

func (*PropositionsService) GetProposition 

func (p *PropositionsService) GetProposition(opt *GetPropositionsOptions, options ...OptionFunc) (*Proposition, *Response, error)

GetProposition find a Proposition based on the GetPropositions values

func (*PropositionsService) GetPropositionByID 

func (p *PropositionsService) GetPropositionByID(id string) (*Proposition, *Response, error)

GetPropositionByID retrieves an Proposition by its ID

func (*PropositionsService) GetPropositions 

func (p *PropositionsService) GetPropositions(opt *GetPropositionsOptions, options ...OptionFunc) (*[]Proposition, *Response, error)

GetPropositions search for an Proposition entity based on the GetPropositions values

type ProviderCredentials added in v0.46.0 

type ProviderCredentials struct {
	Token string `json:"token" validate:"required"`
}

type ProviderProperties added in v0.46.0 

type ProviderProperties struct {
	SID        string `json:"sid" validate:"required"`
	Endpoint   string `json:"endpoint" validate:"required"`
	FromNumber string `json:"fromNumber" validate:"required"`
}

type Reference 

type Reference struct {
	Reference string `json:"reference"`
}

Reference holds a reference

type Resource 

type Resource struct {
	LoginID          string `json:"loginId,omitempty"`
	ConfirmationCode string `json:"confirmationCode,omitempty"`
	OldPassword      string `json:"oldPassword,omitempty"`
	NewPassword      string `json:"newPassword,omitempty"`
	Context          string `json:"context,omitempty"`
}

Resource holds a resource

type Response 

type Response struct {
	*http.Response
}

Response is a HSDP IAM API response. This wraps the standard http.Response returned from HSDP IAM and provides convenient access to things like errors

func (*Response) StatusCode added in v0.73.0 

func (r *Response) StatusCode() int

type Role 

type Role struct {
	ID                   string `json:"id,omitempty"`
	Name                 string `json:"name"`
	Description          string `json:"description"`
	ManagingOrganization string `json:"managingOrganization"`
}

Role represents an IAM resource

type RoleResponse added in v0.51.0 

type RoleResponse map[string]interface{}

type RoleSharingPolicy added in v0.72.0 

type RoleSharingPolicy struct {
	SharingPolicy        string `json:"sharingPolicy"`
	Purpose              string `json:"purpose"`
	TargetOrganizationID string `json:"targetOrganizationId"`
	InternalID           string `json:"internalId,omitempty"`
	SourceOrganizationID string `json:"sourceOrganizationId,omitempty"`
	RoleName             string `json:"roleName,omitempty"`
	RoleID               string `json:"roleId,omitempty"`
	Meta                 *Meta  `json:"meta,omitempty"`
}

RoleSharingPolicy describes a role sharing policy

type RolesService 

type RolesService struct {
	// contains filtered or unexported fields
}

RolesService provides operations on IAM roles resources

func (*RolesService) AddRolePermission 

func (p *RolesService) AddRolePermission(role Role, permission string) (RoleResponse, *Response, error)

func (*RolesService) ApplySharingPolicy added in v0.72.0 

func (p *RolesService) ApplySharingPolicy(role Role, policy RoleSharingPolicy) (*RoleSharingPolicy, *Response, error)

func (*RolesService) CreateRole 

func (p *RolesService) CreateRole(name, description, managingOrganization string) (*Role, *Response, error)

CreateRole creates a Role

func (*RolesService) DeleteRole 

func (p *RolesService) DeleteRole(role Role) (RoleResponse, *Response, error)

DeleteRole deletes the given Role

func (*RolesService) GetRoleByID 

func (p *RolesService) GetRoleByID(roleID string) (*Role, *Response, error)

GetRoleByID retrieves a role by ID

func (*RolesService) GetRolePermissions 

func (p *RolesService) GetRolePermissions(role Role) (*[]string, *Response, error)

GetRolePermissions retrieves the permissions associated with the Role

func (*RolesService) GetRoles added in v0.23.0 

func (p *RolesService) GetRoles(opt *GetRolesOptions) (*[]Role, *Response, error)

GetRoles retries based on GetRolesOptions

func (*RolesService) GetRolesByGroupID 

func (p *RolesService) GetRolesByGroupID(groupID string) (*[]Role, *Response, error)

GetRolesByGroupID retrieves Roles based on group ID

func (*RolesService) ListSharingPolicies added in v0.72.0 

func (p *RolesService) ListSharingPolicies(role Role, opt *ListSharingPoliciesOptions) (*[]RoleSharingPolicy, *Response, error)

func (*RolesService) RemoveRolePermission 

func (p *RolesService) RemoveRolePermission(role Role, permission string) (RoleResponse, *Response, error)

RemoveRolePermission removes the permission from the Role

func (*RolesService) RemoveSharingPolicy added in v0.72.0 

func (p *RolesService) RemoveSharingPolicy(role Role, policy RoleSharingPolicy) (*RoleSharingPolicy, *Response, error)

type SCIMCoreUser added in v0.77.3 

type SCIMCoreUser struct {
	UserName          string      `json:"userName,omitempty"`
	DisplayName       string      `json:"displayName,omitempty"`
	Name              SCIMName    `json:"name,omitempty"`
	PreferredLanguage string      `json:"preferredLanguage,omitempty"`
	Locale            string      `json:"locale,omitempty"`
	Emails            []Attribute `json:"emails,omitempty"`
	PhoneNumbers      []Attribute `json:"phoneNumbers,omitempty"`
}

type SCIMDevice added in v0.77.3 

type SCIMDevice struct {
	LoginID string `json:"loginId,omitempty"`
}

type SCIMGetGroupOptions added in v0.77.3 

type SCIMGetGroupOptions struct {
	IncludeGroupMembersType *string `url:"includeGroupMembersType,omitempty"`
	GroupMembersStartIndex  *int    `url:"groupMembersStartIndex,omitempty"`
	GroupMembersCount       *int    `url:"groupMembersCount,omitempty"`
	ExcludedAttributes      *string `url:"excludedAttributes,omitempty"`
	Attributes              *string `url:"attributes,omitempty"`
}

SCIMGetGroupOptions describes the query fields to use for querying SCIM Groups

type SCIMGroup added in v0.77.3 

type SCIMGroup struct {
	Schemas        []string       `json:"schemas"`
	ID             string         `json:"id"`
	DisplayName    string         `json:"displayName"`
	ExtensionGroup ExtensionGroup `json:"urn:ietf:params:scim:schemas:extension:philips:hsdp:2.0:Group"`
	Meta           *Meta          `json:"meta,omitempty"`
}

SCIMGroup is the resource returned when getting group resources

type SCIMListResource added in v0.77.3 

type SCIMListResource struct {
	Schemas      []string  `json:"schemas"`
	ID           string    `json:"id"`
	Organization Attribute `json:"organization,omitempty"`
	Application  Attribute `json:"application,omitempty"`
	Active       bool      `json:"active,omitempty"`
	SCIMCoreUser
	SCIMService
	SCIMDevice
	ExtensionUser ExtensionUser `json:"urn:ietf:params:scim:schemas:extension:philips:hsdp:2.0:User,omitempty"`
}

type SCIMListResponse added in v0.77.3 

type SCIMListResponse struct {
	Schemas      []string           `json:"schemas"`
	TotalResults int                `json:"totalResults"`
	StartIndex   int                `json:"startIndex"`
	ItemsPerPage int                `json:"itemsPerPage"`
	Resources    []SCIMListResource `json:"Resources"`
}

type SCIMName added in v0.77.3 

type SCIMName struct {
	FullName   string `json:"fullName,omitempty"`
	FamilyName string `json:"familyName,omitempty"`
	GivenName  string `json:"givenName,omitempty"`
	MiddleName string `json:"middleName,omitempty"`
}

type SCIMService added in v0.77.3 

type SCIMService struct {
	ServiceId string     `json:"serviceId,omitempty"`
	ExpiresOn *time.Time `json:"expiresOn,omitempty"`
}

type SMSGateway added in v0.46.0 

type SMSGateway struct {
	Schemas          []string            `json:"schemas" validate:"required"`
	ID               string              `json:"id,omitempty"`
	Organization     OrganizationValue   `json:"organization" validate:"required"`
	ExternalID       string              `json:"externalId,omitempty"`
	Provider         string              `json:"provider" validate:"required,oneof=twilio"`
	Properties       ProviderProperties  `json:"properties"`
	Credentials      ProviderCredentials `json:"credentials" validate:"required"`
	Active           bool                `json:"active"`
	ActivationExpiry int                 `json:"activationExpiry" validate:"required,min=1,max=43200"`
	Meta             *Meta               `json:"meta,omitempty"`
}

SMSGateway represents a IAM SMS gateway resource

type SMSGatewaysService added in v0.46.0 

type SMSGatewaysService struct {
	// contains filtered or unexported fields
}

SMSGatewaysService represents the SMS related services for IAM

func (*SMSGatewaysService) CreateSMSGateway added in v0.46.0 

func (o *SMSGatewaysService) CreateSMSGateway(gw SMSGateway) (*SMSGateway, *Response, error)

CreateSMSGateway creates a SMS gateway for IAM

func (*SMSGatewaysService) DeleteSMSGateway added in v0.46.0 

func (o *SMSGatewaysService) DeleteSMSGateway(gw SMSGateway) (bool, *Response, error)

DeleteSMSGateway deletes the SMS gateway

func (*SMSGatewaysService) GetSMSGateway added in v0.46.0 

func (o *SMSGatewaysService) GetSMSGateway(opt *GetSMSGatewayOptions, options ...OptionFunc) (*SMSGateway, *Response, error)

GetSMSGateway retrieves an SMS gateway based on the GetSMSGatewayOptions parameters.

func (*SMSGatewaysService) GetSMSGatewayByID added in v0.46.0 

func (o *SMSGatewaysService) GetSMSGatewayByID(id string) (*SMSGateway, *Response, error)

GetSMSGatewayByID retrieves an SMS gateway by ID

func (*SMSGatewaysService) UpdateSMSGateway added in v0.46.0 

func (o *SMSGatewaysService) UpdateSMSGateway(gw SMSGateway) (*SMSGateway, *Response, error)

UpdateSMSGateway updates the SMS gateway

type SMSTemplate added in v0.46.0 

type SMSTemplate struct {
	Schemas      []string          `json:"schemas" validate:"required"`
	ID           string            `json:"id,omitempty"`
	Organization OrganizationValue `json:"organization" validate:"required"`
	ExternalID   string            `json:"externalId,omitempty"`
	Type         string            `json:"type" validate:"required,oneof=PHONE_VERIFICATION MFA_OTP PASSWORD_RECOVERY PASSWORD_FAILED_ATTEMPTS"`
	Message      string            `json:"message" validate:"required"`
	Locale       string            `json:"locale,omitempty"`
	Meta         *Meta             `json:"meta,omitempty"`
}

type SMSTemplatesService added in v0.46.0 

type SMSTemplatesService struct {
	// contains filtered or unexported fields
}

SMSTemplatesService represents the SMS template related services for IAM

func (*SMSTemplatesService) CreateSMSTemplate added in v0.46.0 

func (o *SMSTemplatesService) CreateSMSTemplate(template SMSTemplate) (*SMSTemplate, *Response, error)

CreateSMSTemplate creates a SMS template for IAM

func (*SMSTemplatesService) DeleteSMSTemplate added in v0.46.0 

func (o *SMSTemplatesService) DeleteSMSTemplate(template SMSTemplate) (bool, *Response, error)

DeleteSMSTemplate deletes the SMS template

func (*SMSTemplatesService) GetSMSTemplate added in v0.46.0 

func (o *SMSTemplatesService) GetSMSTemplate(opt *GetSMSTemplateOptions, options ...OptionFunc) (*SMSTemplate, *Response, error)

GetSMSTemplate retrieves an organization based on the GetSMSTemplateOptions parameters.

func (*SMSTemplatesService) GetSMSTemplateByID added in v0.46.0 

func (o *SMSTemplatesService) GetSMSTemplateByID(id string) (*SMSTemplate, *Response, error)

GetSMSTemplateByID retrieves an SMS template by ID

func (*SMSTemplatesService) UpdateSMSTemplate added in v0.46.1 

func (o *SMSTemplatesService) UpdateSMSTemplate(template SMSTemplate) (*SMSTemplate, *Response, error)

UpdateSMSTemplate updates the SMS template

type Service 

type Service struct {
	ID                  string   `json:"id,omitempty"`
	Name                string   `json:"name"`
	Description         string   `json:"description"`
	ApplicationID       string   `json:"applicationId"`
	Validity            int      `json:"validity,omitempty"`
	ServiceID           string   `json:"serviceId,omitempty"`
	OrganizationID      string   `json:"organizationId,omitempty"`
	ExpiresOn           string   `json:"expiresOn,omitempty"`
	PrivateKey          string   `json:"privateKey,omitempty"`
	Scopes              []string `json:"scopes,omitempty"`
	DefaultScopes       []string `json:"defaultScopes,omitempty"`
	AccessTokenLifetime int      `json:"-"` // This is only settable in PUT :(
}

Service represents a IAM service resource

func (*Service) GenerateJWT added in v0.49.0 

func (s *Service) GenerateJWT(accessTokenEndpoint string) (signedString string, err error)

GenerateJWT returns a JWT which can be exchanged for access token

func (*Service) Valid added in v0.40.0 

func (s *Service) Valid() bool

Valid checks if a service is usable

type ServiceUpdateRequest added in v0.62.0 

type ServiceUpdateRequest struct {
	AccessTokenLifetime int    `json:"accessTokenLifetime"`
	Description         string `json:"description"`
}

type ServiceUpdateResponse added in v0.62.0 

type ServiceUpdateResponse struct {
	Service
	TokenValidity int `json:"tokenValidity"`
}

type ServicesService 

type ServicesService struct {
	// contains filtered or unexported fields
}

ServicesService provides operations on IAM Sessions resources

func (*ServicesService) AddScopes 

func (p *ServicesService) AddScopes(service Service, scopes []string, defaultScopes []string) (bool, *Response, error)

AddScopes add scopes to the service

func (*ServicesService) CreateService 

func (p *ServicesService) CreateService(service Service) (*Service, *Response, error)

CreateService creates a Service

func (*ServicesService) DeleteService 

func (p *ServicesService) DeleteService(service Service) (bool, *Response, error)

DeleteService deletes the given Service

func (*ServicesService) GetService 

func (p *ServicesService) GetService(opt *GetServiceOptions, options ...OptionFunc) (*Service, *Response, error)

GetService looks up a services based on GetServiceOptions

func (*ServicesService) GetServiceByID 

func (p *ServicesService) GetServiceByID(id string) (*Service, *Response, error)

GetServiceByID looks up a service by ID

func (*ServicesService) GetServiceByName 

func (p *ServicesService) GetServiceByName(name string) (*Service, *Response, error)

GetServiceByName looks up a service by name

func (*ServicesService) GetServices 

func (p *ServicesService) GetServices(opt *GetServiceOptions, options ...OptionFunc) (*[]Service, *Response, error)

GetServices looks up services based on GetServiceOptions

func (*ServicesService) GetServicesByApplicationID 

func (p *ServicesService) GetServicesByApplicationID(applicationID string) (*[]Service, *Response, error)

GetServicesByApplicationID finds all services which belong to the applicationID

func (*ServicesService) RemoveScopes 

func (p *ServicesService) RemoveScopes(service Service, scopes []string, defaultScopes []string) (bool, *Response, error)

RemoveScopes add scopes to the service

func (*ServicesService) UpdateService added in v0.62.0 

func (p *ServicesService) UpdateService(service Service) (*ServiceUpdateResponse, *Response, error)

UpdateService updates some fields of the given Service A user with any of the following permissions can update the service token validity: SERVICE.WRITE HSDP_IAM_ORGANIZATION.MGMT Only the description and accessTokenLifetime values can be updated

func (*ServicesService) UpdateServiceCertificate added in v0.37.0 

func (p *ServicesService) UpdateServiceCertificate(service Service, privateKey *rsa.PrivateKey, options ...CertificateOptionFunc) (*Service, *Response, error)

UpdateServiceCertificate updates the associated certificate of the service

func (*ServicesService) UpdateServiceCertificateDER added in v0.46.0 

func (p *ServicesService) UpdateServiceCertificateDER(service Service, derBytes []byte) (*Service, *Response, error)

UpdateServiceCertificateDER updates the associated certificate of the service using raw DER

type TelecomEntry 

type TelecomEntry struct {
	System string `json:"system" enum:"mobile|fax|email|url"`
	Value  string `json:"value"`
}

TelecomEntry entity

type TokenRefresher added in v0.43.0 

type TokenRefresher interface {
	TokenRefresh() error
}

type User added in v0.14.0 

type User struct {
	PreferredLanguage             string             `json:"preferredLanguage"`
	PreferredCommunicationChannel string             `json:"preferredCommunicationChannel,omitempty"`
	EmailAddress                  string             `json:"emailAddress"`
	PhoneNumber                   string             `json:"phoneNumber,omitempty"`
	ID                            string             `json:"id"`
	LoginID                       string             `json:"loginId"`
	Name                          Name               `json:"name"`
	ManagingOrganization          string             `json:"managingOrganization"`
	PasswordStatus                UserPasswordStatus `json:"passwordStatus"`
	Memberships                   []UserMembership   `json:"memberships,omitempty"`
	AccountStatus                 UserAccountStatus  `json:"accountStatus"`
	ConsentedApps                 []string           `json:"consentedApps,omitempty"`
	Delegations                   UserDelegation     `json:"delegations,omitempty"`
}

User represents a user profile in IAM

type UserAccountStatus added in v0.46.2 

type UserAccountStatus struct {
	LastLoginTime          time.Time `json:"lastLoginTime"`
	MFAStatus              string    `json:"mfaStatus"`
	EmailVerified          bool      `json:"emailVerified"`
	PhoneVerified          bool      `json:"phoneVerified"`
	MustChangePassword     bool      `json:"mustChangePassword"`
	Disabled               bool      `json:"disabled"`
	AccountLockedOn        time.Time `json:"accountLockedOn"`
	AccountLockedUntil     time.Time `json:"accountLockedUntil"`
	NumberOfInvalidAttempt int       `json:"numberOfInvalidAttempt"`
	LastInvalidAttemptedOn time.Time `json:"lastInvalidAttemptedOn"`
}

type UserDelegation added in v0.46.2 

type UserDelegation struct {
	Granted  []UserDelegator `json:"granted"`
	Received []UserDelegator `json:"received"`
}

type UserDelegator added in v0.46.2 

type UserDelegator struct {
	DelegateeID string `json:"delegateeId"`
	ValidFrom   string `json:"validFrom"`
	ValidUntil  string `json:"validUntil"`
}

type UserError added in v0.13.0 

type UserError struct {
	User string
	Err  error
}

func (*UserError) Error added in v0.13.0 

func (e *UserError) Error() string

func (*UserError) Unwrap added in v0.13.0 

func (e *UserError) Unwrap() error

type UserList 

type UserList struct {
	UserUUIDs   []string
	PageNumber  int
	PageSize    int
	HasNextPage bool
}

UserList holds a paginated lists of users

type UserMembership added in v0.46.2 

type UserMembership struct {
	OrganizationID   string   `json:"organizationId"`
	OrganizationName string   `json:"organizationName"`
	Roles            []string `json:"roles"`
	Groups           []string `json:"groups"`
}

type UserPasswordStatus added in v0.46.2 

type UserPasswordStatus struct {
	PasswordExpiresOn time.Time `json:"passwordExpiresOn"`
	PasswordChangedOn time.Time `json:"passwordChangedOn"`
}

type UsersService 

type UsersService struct {
	// contains filtered or unexported fields
}

UsersService provides operations on IAM User resources

func (*UsersService) ChangeLoginID added in v0.14.0 

func (u *UsersService) ChangeLoginID(user Person, newLoginID string) (bool, *Response, error)

ChangeLoginID changes the loginID Link: https://www.hsdp.io/documentation/identity-and-access-management-iam/api-documents/resource-reference-api/user-api-v2#/User%20Management/post_User__id___change_loginid

func (*UsersService) ChangePassword 

func (u *UsersService) ChangePassword(loginID, oldPassword, newPassword string) (bool, *Response, error)

ChangePassword changes the password. The current pasword must be provided as well.

func (*UsersService) CreateUser 

func (u *UsersService) CreateUser(person Person) (*User, *Response, error)

CreateUser creates a new IAM user.

func (*UsersService) DeleteUser added in v0.14.0 

func (u *UsersService) DeleteUser(person Person) (bool, *Response, error)

DeleteUser deletes the IAM user.

func (*UsersService) GetAllUsers added in v0.39.0 

func (u *UsersService) GetAllUsers(opts *GetUserOptions, options ...OptionFunc) ([]string, *Response, error)

GetAllUsers retrieves all users based on GetUserOptions

func (*UsersService) GetUserByID 

func (u *UsersService) GetUserByID(uuid string) (*User, *Response, error)

GetUserByID looks up a user by UUID

func (*UsersService) GetUserIDByLoginID 

func (u *UsersService) GetUserIDByLoginID(loginID string) (string, *Response, error)

GetUserIDByLoginID looks up the UUID of a user by LoginID (email address)

func (*UsersService) GetUsers 

func (u *UsersService) GetUsers(opts *GetUserOptions, options ...OptionFunc) (*UserList, *Response, error)

GetUsers looks up users by search criteria specified in GetUserOptions

func (*UsersService) LegacyGetUserByUUID added in v0.36.0 

func (u *UsersService) LegacyGetUserByUUID(uuid string) (*Profile, *Response, error)

LegacyGetUserByUUID looks the a user by UUID using the legacy API

func (*UsersService) LegacyGetUserIDByLoginID added in v0.25.0 

func (u *UsersService) LegacyGetUserIDByLoginID(loginID string) (string, *Response, error)

LegacyGetUserIDByLoginID looks up the UUID of a user by LoginID (email address)

func (*UsersService) LegacyUpdateUser added in v0.36.0 

func (u *UsersService) LegacyUpdateUser(profile Profile) (*Profile, *Response, error)

LegacyUpdateUser updates the user profile

func (*UsersService) ResendActivation 

func (u *UsersService) ResendActivation(loginID string) (bool, *Response, error)

ResendActivation re-sends an activation email to the given user

func (*UsersService) SetMFA 

func (u *UsersService) SetMFA(userID string, activate bool) (bool, *Response, error)

SetMFA activate Multi-Factor-Authentication for the given UUID. See also SetMFAByLoginID.

func (*UsersService) SetMFAByLoginID 

func (u *UsersService) SetMFAByLoginID(loginID string, activate bool) (bool, *Response, error)

SetMFAByLoginID enabled Multi-Factor-Authentication for the given user. Only OrgAdmins can do this.

func (*UsersService) SetPassword 

func (u *UsersService) SetPassword(loginID, confirmationCode, newPassword, context string) (bool, *Response, error)

SetPassword sets the password of a user given a correct confirmation code

func (*UsersService) Unlock 

func (u *UsersService) Unlock(userID string) (bool, *Response, error)

Unlock unlocks a user account with the given UserID

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.