federation

package
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 14, 2023 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Overview

Package federation provides information and interaction with OS-FEDERATION API for the Openstack Identity service.

Example to List Mappings

allPages, err := federation.ListMappings(identityClient).AllPages()
if err != nil {
	panic(err)
}
allMappings, err := federation.ExtractMappings(allPages)
if err != nil {
	panic(err)
}

Example to Create Mappings

createOpts := federation.CreateMappingOpts{
	Rules: []federation.MappingRule{
		{
			Local: []federation.RuleLocal{
				{
					User: &federation.RuleUser{
						Name: "{0}",
					},
				},
				{
					Group: &federation.Group{
						ID: "0cd5e9",
					},
				},
			},
			Remote: []federation.RuleRemote{
				{
					Type: "UserName",
				},
				{
					Type: "orgPersonType",
					NotAnyOf: []string{
						"Contractor",
						"Guest",
					},
				},
			},
		},
	},
}

createdMapping, err := federation.CreateMapping(identityClient, "ACME", createOpts).Extract()
if err != nil {
	panic(err)
}

Example to Get a Mapping

mapping, err := federation.GetMapping(identityClient, "ACME").Extract()
if err != nil {
	panic(err)
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ListMappings

func ListMappings(client *gophercloud.ServiceClient) pagination.Pager

ListMappings enumerates the mappings.

Types

type CreateMappingOpts

type CreateMappingOpts struct {
	// The list of rules used to map remote users into local users
	Rules []MappingRule `json:"rules"`
}

UpdateMappingOpts provides options for creating a mapping.

func (CreateMappingOpts) ToMappingCreateMap

func (opts CreateMappingOpts) ToMappingCreateMap() (map[string]interface{}, error)

ToMappingCreateMap formats a CreateMappingOpts into a create request.

type CreateMappingOptsBuilder

type CreateMappingOptsBuilder interface {
	ToMappingCreateMap() (map[string]interface{}, error)
}

CreateMappingOptsBuilder allows extensions to add additional parameters to the Create request.

type CreateMappingResult

type CreateMappingResult struct {
	// contains filtered or unexported fields
}

CreateMappingResult is the response from a CreateMapping operation. Call its Extract method to interpret it as a Mapping.

func CreateMapping

func CreateMapping(client *gophercloud.ServiceClient, mappingID string, opts CreateMappingOptsBuilder) (r CreateMappingResult)

CreateMapping creates a new Mapping.

func (CreateMappingResult) Extract

func (c CreateMappingResult) Extract() (*Mapping, error)

Extract interprets any mappingResult as a Mapping.

type Domain

type Domain struct {
	// Domain ID
	// This is mutually exclusive with Name.
	ID string `json:"id,omitempty"`

	// Domain Name
	// This is mutually exclusive with ID.
	Name string `json:"name,omitempty"`
}

type GetMappingResult

type GetMappingResult struct {
	// contains filtered or unexported fields
}

GetMappingResult is the response from a GetMapping operation. Call its Extract method to interpret it as a Mapping.

func GetMapping

func GetMapping(client *gophercloud.ServiceClient, mappingID string) (r GetMappingResult)

GetMapping retrieves details on a single mapping, by ID.

func (GetMappingResult) Extract

func (c GetMappingResult) Extract() (*Mapping, error)

Extract interprets any mappingResult as a Mapping.

type Group

type Group struct {
	// Group ID to which the rule should match.
	// This is mutually exclusive with Name and Domain.
	ID string `json:"id,omitempty"`

	// Group Name to which the rule should match.
	// This is mutually exclusive with ID.
	Name string `json:"name,omitempty"`

	// Group Domain to which the rule should match.
	// This is mutually exclusive with ID.
	Domain *Domain `json:"domain,omitempty"`
}

type Mapping

type Mapping struct {
	// The Federation Mapping unique ID
	ID string `json:"id"`

	// Links contains referencing links to the limit.
	Links map[string]interface{} `json:"links"`

	// The list of rules used to map remote users into local users
	Rules []MappingRule `json:"rules"`
}

Mapping a set of rules to map federation protocol attributes to Identity API objects.

func ExtractMappings

func ExtractMappings(r pagination.Page) ([]Mapping, error)

ExtractMappings returns a slice of Mappings contained in a single page of results.

type MappingRule

type MappingRule struct {
	// References a local Identity API resource, such as a group or user to which the remote attributes will be mapped.
	Local []RuleLocal `json:"local"`

	// Each object contains a rule for mapping remote attributes to Identity API concepts.
	Remote []RuleRemote `json:"remote"`
}

type MappingsPage

type MappingsPage struct {
	pagination.LinkedPageBase
}

MappingsPage is a single page of Mapping results.

func (MappingsPage) IsEmpty

func (c MappingsPage) IsEmpty() (bool, error)

IsEmpty determines whether or not a page of Mappings contains any results.

func (MappingsPage) NextPageURL

func (c MappingsPage) NextPageURL() (string, error)

NextPageURL extracts the "next" link from the links section of the result.

type RuleLocal

type RuleLocal struct {
	// Domain to which the remote attributes will be matched.
	Domain *Domain `json:"domain,omitempty"`

	// Group to which the remote attributes will be matched.
	Group *Group `json:"group,omitempty"`

	// Group IDs to which the remote attributes will be matched.
	GroupIDs string `json:"group_ids,omitempty"`

	// Groups to which the remote attributes will be matched.
	Groups string `json:"groups,omitempty"`

	// Projects to which the remote attributes will be matched.
	Projects []RuleProject `json:"projects,omitempty"`

	// User to which the remote attributes will be matched.
	User *RuleUser `json:"user,omitempty"`
}

type RuleProject

type RuleProject struct {
	// Project name
	Name string `json:"name,omitempty"`

	// Project roles
	Roles []RuleProjectRole `json:"roles,omitempty"`
}

type RuleProjectRole

type RuleProjectRole struct {
	// Role name
	Name string `json:"name,omitempty"`
}

type RuleRemote

type RuleRemote struct {
	// Type represents an assertion type keyword.
	Type string `json:"type"`

	// If true, then each string will be evaluated as a regular expression search against the remote attribute type.
	Regex *bool `json:"regex,omitempty"`

	// The rule is matched only if any of the specified strings appear in the remote attribute type.
	// This is mutually exclusive with NotAnyOf.
	AnyOneOf []string `json:"any_one_of,omitempty"`

	// The rule is not matched if any of the specified strings appear in the remote attribute type.
	// This is mutually exclusive with AnyOneOf.
	NotAnyOf []string `json:"not_any_of,omitempty"`

	// The rule works as a filter, removing any specified strings that are listed there from the remote attribute type.
	// This is mutually exclusive with Whitelist.
	Blacklist []string `json:"blacklist,omitempty"`

	// The rule works as a filter, allowing only the specified strings in the remote attribute type to be passed ahead.
	// This is mutually exclusive with Blacklist.
	Whitelist []string `json:"whitelist,omitempty"`
}

type RuleUser

type RuleUser struct {
	// User domain
	Domain *Domain `json:"domain,omitempty"`

	// User email
	Email string `json:"email,omitempty"`

	// User ID
	ID string `json:"id,omitempty"`

	// User name
	Name string `json:"name,omitempty"`

	// User type
	Type *UserType `json:"type,omitempty"`
}

type UserType

type UserType string
const (
	UserTypeEphemeral UserType = "ephemeral"
	UserTypeLocal     UserType = "local"
)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL