keycloakb

package
v2.5.4+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 4, 2020 License: GPL-3.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// CredsIDNow identifies the condition for IDNow service
	CredsIDNow = configuration.CheckKeyIDNow
	// CredsPhysical identifies the condition for physical identification
	CredsPhysical = configuration.CheckKeyPhysical
)
View Source 
const (
	// KeyCorrelationID is histogram field for correlation ID
	KeyCorrelationID = "correlation_id"
)

Variables

View Source 
var (
	// ComponentName is the name of the component.
	ComponentName = "keycloak-bridge"
	// Version of the component.
	Version = "1.1"
)

Functions

func ConvertLegacyAttribute 

func ConvertLegacyAttribute(user *keycloak.UserRepresentation)

ConvertLegacyAttribute ensure that PII are located in the well named attributes

func ConvertMinutesShift 

func ConvertMinutesShift(value string) (int, error)

ConvertMinutesShift converts a string describing a timezone shift to a numeric value

func GenerateInitialCode 

func GenerateInitialCode(nbUpperCase int, nbDigits int, nbLowerCase int) string

GenerateInitialCode generates a code of the format UpperCase + digits + LowerCase

func GeneratePassword 

func GeneratePassword(policy *string, minLength int, userID string) (string, error)

GeneratePassword generates a password accoring to the policy or minimum length imposed

func GeneratePasswordFromKeycloakPolicy 

func GeneratePasswordFromKeycloakPolicy(policy string) (string, error)

GeneratePasswordFromKeycloakPolicy generates a random password respecting the keycloak password policy

func GeneratePasswordNoKeycloakPolicy 

func GeneratePasswordNoKeycloakPolicy(minLength int) string

GeneratePasswordNoKeycloakPolicy generates a password of a given length

func IsDateInThePast 

func IsDateInThePast(value *string) *bool

IsDateInThePast tells if a date is in the past or not

func LimitRate 

func LimitRate(e cs.Endpoint, limit int) endpoint.Endpoint

LimitRate adds a rate limit to an endpoint

func LogUnrecordedEvent 

func LogUnrecordedEvent(ctx context.Context, logger Logger, eventName string, errorMessage string, values ...string)

LogUnrecordedEvent logs the events that could not be reported in the DB

func MakeConfigurationDBModuleInstrumentingMW 

func MakeConfigurationDBModuleInstrumentingMW(h cm.Histogram) func(ConfigurationDBModule) ConfigurationDBModule

MakeConfigurationDBModuleInstrumentingMW makes an instrumenting middleware at module level.

func NewKeycloakAuthClient 

func NewKeycloakAuthClient(client KeycloakClient, logger Logger) security.KeycloakClient

NewKeycloakAuthClient creates an adaptor for Authorization management to access Keycloak

func NewRealmIDRetriever 

func NewRealmIDRetriever(kcClient KeycloakClient) middleware.IDRetriever

NewRealmIDRetriever is a tool use to convert a realm name in a realm ID

func NextDay 

func NextDay(ref time.Time) time.Time

NextDay returns a time.Time value of the provided time rounded to the next month of the associated locale

func NextHour 

func NextHour(ref time.Time) time.Time

NextHour returns a time.Time value of the provided time rounded to the next hour of the associated locale

func NextMonth 

func NextMonth(ref time.Time) time.Time

NextMonth returns a time.Time value of the provided time rounded to the next month of the associated locale

func ThisMonth 

func ThisMonth(ref time.Time) time.Time

ThisMonth returns a time.Time value of the provided time rounded to the beginning of the current month of the associated locale

func ToGoKitEndpoint 

func ToGoKitEndpoint(e cs.Endpoint) endpoint.Endpoint

ToGoKitEndpoint converts endpoints

Types

type AccreditationRepresentation 

type AccreditationRepresentation struct {
	Type       *string `json:"type,omitempty"`
	ExpiryDate *string `json:"expiryDate,omitempty"`
}

AccreditationRepresentation is a representation of accreditations

type AccreditationsModule 

type AccreditationsModule interface {
	GetUserAndPrepareAccreditations(ctx context.Context, accessToken, realmName, userID, condition string) (kc.UserRepresentation, int, error)
}

AccreditationsModule interface

func NewAccreditationsModule 

func NewAccreditationsModule(keycloakClient AccredsKeycloakClient, confDBModule AdminConfigurationDBModule, logger Logger) AccreditationsModule

NewAccreditationsModule creates an accreditations module

type AccredsKeycloakClient 

type AccredsKeycloakClient interface {
	UpdateUser(accessToken string, realmName, userID string, user kc.UserRepresentation) error
	GetUser(accessToken string, realmName, userID string) (kc.UserRepresentation, error)
	GetRealm(accessToken string, realmName string) (kc.RealmRepresentation, error)
}

AccredsKeycloakClient is the minimum Keycloak client interface for accreditations

type AdminConfigurationDBModule 

type AdminConfigurationDBModule interface {
	GetAdminConfiguration(context.Context, string) (configuration.RealmAdminConfiguration, error)
}

AdminConfigurationDBModule interface

type ConfigurationDBModule 

type ConfigurationDBModule interface {
	NewTransaction(context context.Context) (sqltypes.Transaction, error)
	StoreOrUpdateConfiguration(context.Context, string, configuration.RealmConfiguration) error
	GetConfiguration(context.Context, string) (configuration.RealmConfiguration, error)
	StoreOrUpdateAdminConfiguration(context.Context, string, configuration.RealmAdminConfiguration) error
	GetAdminConfiguration(context.Context, string) (configuration.RealmAdminConfiguration, error)
	GetBackOfficeConfiguration(context.Context, string, []string) (dto.BackOfficeConfiguration, error)
	DeleteBackOfficeConfiguration(context.Context, string, string, string, *string, *string) error
	InsertBackOfficeConfiguration(context.Context, string, string, string, string, []string) error
	GetAuthorizations(context context.Context, realmID string, groupName string) ([]configuration.Authorization, error)
	CreateAuthorization(context context.Context, authz configuration.Authorization) error
	DeleteAuthorizations(context context.Context, realmID string, groupName string) error
	DeleteAllAuthorizationsWithGroup(context context.Context, realmName, groupName string) error
}

ConfigurationDBModule is the interface of the configuration module.

func NewConfigurationDBModule 

func NewConfigurationDBModule(db sqltypes.CloudtrustDB, logger log.Logger, actions ...[]string) ConfigurationDBModule

NewConfigurationDBModule returns a ConfigurationDB module.

type EventsDBModule 

type EventsDBModule interface {
	GetEventsCount(context.Context, map[string]string) (int, error)
	GetEvents(context.Context, map[string]string) ([]api.AuditRepresentation, error)
	GetEventsSummary(context.Context) (api.EventSummaryRepresentation, error)
	GetLastConnection(context.Context, string) (int64, error)
	GetTotalConnectionsCount(context.Context, string, string) (int64, error)
	GetTotalConnectionsHoursCount(context.Context, string, *time.Location, int) ([][]int64, error)
	GetTotalConnectionsDaysCount(context.Context, string, *time.Location, int) ([][]int64, error)
	GetTotalConnectionsMonthsCount(context.Context, string, *time.Location, int) ([][]int64, error)
	GetLastConnections(context.Context, string, string) ([]api_stat.StatisticsConnectionRepresentation, error)
}

EventsDBModule is the interface of the audit events module.

func NewEventsDBModule 

func NewEventsDBModule(db sqltypes.CloudtrustDB) EventsDBModule

NewEventsDBModule returns an events database module.

type KeycloakClient 

type KeycloakClient interface {
	GetGroupsOfUser(accessToken string, realmName, userID string) ([]kc.GroupRepresentation, error)
	GetGroup(accessToken string, realmName, groupID string) (kc.GroupRepresentation, error)
	GetRealm(accessToken string, realmName string) (kc.RealmRepresentation, error)
}

KeycloakClient are methods from keycloak-client used by authorization manager

type Logger 

type Logger interface {
	Debug(ctx context.Context, keyvals ...interface{})
	Info(ctx context.Context, keyvals ...interface{})
	Warn(ctx context.Context, keyvals ...interface{})
	Error(ctx context.Context, keyvals ...interface{})
}

Logger interface for logging with level

type Scanner 

type Scanner interface {
	Scan(...interface{}) error
}

Scanner used to get data from SQL cursors

type UsersDBModule 

type UsersDBModule interface {
	StoreOrUpdateUser(ctx context.Context, realm string, user dto.DBUser) error
	GetUser(ctx context.Context, realm string, userID string) (*dto.DBUser, error)
	CreateCheck(ctx context.Context, realm string, userID string, check dto.DBCheck) error
	GetUserChecks(ctx context.Context, realm string, userID string) ([]dto.DBCheck, error)
}

UsersDBModule interface

func NewUsersDBModule 

func NewUsersDBModule(db sqltypes.CloudtrustDB, logger log.Logger) UsersDBModule

NewUsersDBModule returns a UsersDB module.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.