api

package

v0.15.14 Latest Latest Go to latest Published: Jan 18, 2024 License: AGPL-3.0 Imports: 50 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/common-fate/common-fate

Links

Open Source Insights

Documentation ¶

Overview ¶

The api package defines all of our REST API endpoints.

Index ¶

type API
- func New(ctx context.Context, opts Opts) (*API, error)
type AccessRuleService
type AccessService
type CacheService
type CognitoService
type HandlerService
type HealthcheckService
type InternalIdentityService
type ListProvidersArgFilterResponse
type Opts
type ProviderSetupService
type TargetService
type Workflow

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type API ¶

type API struct {
	// DB is the DynamoDB client which provides direct storage access.
	DB               ddb.Storage
	DeploymentConfig deploy.DeployConfigReader
	// Requests is the service which provides business logic for Access Requests.
	Access              AccessService
	Rules               AccessRuleService
	ProviderSetup       ProviderSetupService
	AccessHandlerClient ahtypes.ClientWithResponsesInterface
	AdminGroup          string
	IdentityProvider    string
	FrontendURL         string

	Cache          CacheService
	IdentitySyncer auth.IdentitySyncer
	// Set this to nil if cognito is not configured as the IDP for the deployment
	Cognito            CognitoService
	InternalIdentity   InternalIdentityService
	TargetService      TargetService
	HandlerService     HandlerService
	Workflow           Workflow
	HealthcheckService HealthcheckService
}

API holds all of our API endpoint handlers. We use a schema-first approach to ensure that the API meets our OpenAPI specification.

To add a new endpoint, follow the below steps:

1. Edit `openapi.yaml` in this repository.

2. Run `make generate` to update the generated handler code. The code is generated into types.gen.go, and the function signatures can be found on the ServerInterface interface.

3. You'll get a compilation error because API no longer meets the ServerInterface interface. The missing function will be your new endpoint. Implement the function on API, ensuring that the function signature matches the ServerInterface interface.

func New ¶

func New(ctx context.Context, opts Opts) (*API, error)

New creates a new API.

func (*API) AdminArchiveAccessRule ¶

func (a *API) AdminArchiveAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

func (*API) AdminCompleteProvidersetup ¶ added in v0.12.0

func (a *API) AdminCompleteProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Complete a ProviderSetup (POST /api/v1/admin/providersetups/{providersetupId}/complete)

func (*API) AdminCreateAccessRule ¶

func (a *API) AdminCreateAccessRule(w http.ResponseWriter, r *http.Request)

(POST /api/v1/admin/access-rules)

func (*API) AdminCreateGroup ¶ added in v0.12.0

func (a *API) AdminCreateGroup(w http.ResponseWriter, r *http.Request)

Create Group (POST /api/v1/admin/groups) Creates an internal group not connected to any identiy provider in dynamodb

func (*API) AdminCreateProvidersetup ¶ added in v0.12.0

func (a *API) AdminCreateProvidersetup(w http.ResponseWriter, r *http.Request)

Begin the setup process for a new Access Provider (POST /api/v1/admin/providersetups)

func (*API) AdminCreateTargetGroup ¶ added in v0.15.0

func (a *API) AdminCreateTargetGroup(w http.ResponseWriter, r *http.Request)

(POST /api/v1/target-groups)

func (*API) AdminCreateTargetGroupLink ¶ added in v0.15.0

func (a *API) AdminCreateTargetGroupLink(w http.ResponseWriter, r *http.Request, id string)

(POST /api/v1/target-groups/{id}/link)

func (*API) AdminCreateUser ¶ added in v0.12.0

func (a *API) AdminCreateUser(w http.ResponseWriter, r *http.Request)

Create User (POST /api/v1/admin/users)

func (*API) AdminDeleteGroup ¶

func (a *API) AdminDeleteGroup(w http.ResponseWriter, r *http.Request, groupId string)

Delete Group (DELETE /api/v1/admin/groups/{groupId})

func (*API) AdminDeleteHandler ¶ added in v0.15.0

func (a *API) AdminDeleteHandler(w http.ResponseWriter, r *http.Request, id string)

func (*API) AdminDeleteProvidersetup ¶ added in v0.12.0

func (a *API) AdminDeleteProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Delete an in-progress provider setup (DELETE /api/v1/admin/providersetups/{providersetupId})

func (*API) AdminDeleteTargetGroup ¶ added in v0.15.0

func (a *API) AdminDeleteTargetGroup(w http.ResponseWriter, r *http.Request, id string)

delete target group (DELETE /api/v1/admin/target-groups/{id})

func (*API) AdminGetAccessRule ¶

func (a *API) AdminGetAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

Returns a rule for a given ruleId (GET /api/v1/admin/access-rules/{ruleId})

func (*API) AdminGetAccessRuleVersion ¶

func (a *API) AdminGetAccessRuleVersion(w http.ResponseWriter, r *http.Request, ruleId string, version string)

Returns a rule for a given ruleId (GET /api/v1/access-rules/{ruleId}/versions/{version})

func (*API) AdminGetAccessRuleVersions ¶

func (a *API) AdminGetAccessRuleVersions(w http.ResponseWriter, r *http.Request, ruleId string)

func (*API) AdminGetDeploymentVersion ¶

func (a *API) AdminGetDeploymentVersion(w http.ResponseWriter, r *http.Request)

Get deployment version details (GET /api/v1/admin/deployment/version)

func (*API) AdminGetGroup ¶ added in v0.12.0

func (a *API) AdminGetGroup(w http.ResponseWriter, r *http.Request, groupId string)

Get Group Details (GET /api/v1/admin/groups/{groupId})

func (*API) AdminGetHandler ¶ added in v0.15.0

func (a *API) AdminGetHandler(w http.ResponseWriter, r *http.Request, id string)

Your GET endpoint (GET /api/v1/handlers/{id})

func (*API) AdminGetIdentityConfiguration ¶ added in v0.12.0

func (a *API) AdminGetIdentityConfiguration(w http.ResponseWriter, r *http.Request)

Get identity configuration (GET /api/v1/admin/identity)

func (*API) AdminGetProvider ¶ added in v0.12.0

func (a *API) AdminGetProvider(w http.ResponseWriter, r *http.Request, providerId string)

func (*API) AdminGetProviderArgs ¶ added in v0.12.0

func (a *API) AdminGetProviderArgs(w http.ResponseWriter, r *http.Request, providerId string)

func (*API) AdminGetProvidersetup ¶ added in v0.12.0

func (a *API) AdminGetProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Get an in-progress provider setup (GET /api/v1/admin/providersetups/{providersetupId})

func (*API) AdminGetProvidersetupInstructions ¶ added in v0.12.0

func (a *API) AdminGetProvidersetupInstructions(w http.ResponseWriter, r *http.Request, providersetupId string)

Get the setup instructions for an Access Provider (GET /api/v1/admin/providersetups/{providersetupId}/instructions)

func (*API) AdminGetRequest ¶

func (a *API) AdminGetRequest(w http.ResponseWriter, r *http.Request, requestId string)

Get a request (GET /api/v1/admin/requests/{requestId})

func (*API) AdminGetTargetGroup ¶ added in v0.15.0

func (a *API) AdminGetTargetGroup(w http.ResponseWriter, r *http.Request, id string)

Your GET endpoint (GET /api/v1/target-groups/{id})

func (*API) AdminHealthcheckHandlers ¶ added in v0.15.0

func (a *API) AdminHealthcheckHandlers(w http.ResponseWriter, r *http.Request)

func (*API) AdminListAccessRules ¶

func (a *API) AdminListAccessRules(w http.ResponseWriter, r *http.Request, params types.AdminListAccessRulesParams)

Returns a list of all Access Rules (GET /api/v1/admin/access-rules)

func (*API) AdminListGroups ¶ added in v0.12.0

func (a *API) AdminListGroups(w http.ResponseWriter, r *http.Request, params types.AdminListGroupsParams)

Lists all active groups (GET /api/v1/groups/)

func (*API) AdminListHandlers ¶ added in v0.15.0

func (a *API) AdminListHandlers(w http.ResponseWriter, r *http.Request)

Your GET endpoint (GET /api/v1/handlers)

func (*API) AdminListProviderArgOptions ¶ added in v0.12.0

func (a *API) AdminListProviderArgOptions(w http.ResponseWriter, r *http.Request, providerId string, argId string, params types.AdminListProviderArgOptionsParams)

List provider arg options (GET /api/v1/admin/providers/{providerId}/args/{argId}/options)

func (*API) AdminListProviders ¶ added in v0.12.0

func (a *API) AdminListProviders(w http.ResponseWriter, r *http.Request)

func (*API) AdminListProvidersetups ¶ added in v0.12.0

func (a *API) AdminListProvidersetups(w http.ResponseWriter, r *http.Request)

List the provider setups in progress (GET /api/v1/admin/providersetups)

func (*API) AdminListRequests ¶

func (a *API) AdminListRequests(w http.ResponseWriter, r *http.Request, params types.AdminListRequestsParams)

"/api/v1/admin/requests"

func (*API) AdminListTargetGroups ¶ added in v0.15.0

func (a *API) AdminListTargetGroups(w http.ResponseWriter, r *http.Request)

Your GET endpoint (GET /api/v1/target-groups)

func (*API) AdminListTargetRoutes ¶ added in v0.15.0

func (a *API) AdminListTargetRoutes(w http.ResponseWriter, r *http.Request, id string)

Your GET endpoint (GET /api/v1/target-groups)

func (*API) AdminListUsers ¶ added in v0.12.0

func (a *API) AdminListUsers(w http.ResponseWriter, r *http.Request, params types.AdminListUsersParams)

Returns a list of users (GET /api/v1/users/)

func (*API) AdminRegisterHandler ¶ added in v0.15.0

func (a *API) AdminRegisterHandler(w http.ResponseWriter, r *http.Request)

(POST /api/v1/handlers)

func (*API) AdminRemoveTargetGroupLink ¶ added in v0.15.0

func (a *API) AdminRemoveTargetGroupLink(w http.ResponseWriter, r *http.Request, id string, params types.AdminRemoveTargetGroupLinkParams)

Unlink a target group deployment from its target group (POST /api/v1/target-groups/{id}/unlink)

func (*API) AdminSubmitProvidersetupStep ¶ added in v0.12.0

func (a *API) AdminSubmitProvidersetupStep(w http.ResponseWriter, r *http.Request, providersetupId string, stepIndex int)

Update the completion status for a Provider setup step (PUT /api/v1/admin/providersetups/{providersetupId}/steps/{stepIndex}/complete)

func (*API) AdminSyncIdentity ¶ added in v0.12.0

func (a *API) AdminSyncIdentity(w http.ResponseWriter, r *http.Request)

(POST /api/v1/admin/identity/sync)

func (*API) AdminUpdateAccessRule ¶

func (a *API) AdminUpdateAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

Update Access Rule (POST /api/v1/access-rules/{ruleId})

func (*API) AdminUpdateGroup ¶

func (a *API) AdminUpdateGroup(w http.ResponseWriter, r *http.Request, groupId string)

Update Group (PUT /api/v1/admin/groups/{id}) Updates an internal group not connected to any identiy provider in dynamodb

func (*API) AdminUpdateUser ¶ added in v0.12.0

func (a *API) AdminUpdateUser(w http.ResponseWriter, r *http.Request, userId string)

Update User (POST /api/v1/admin/users/{userId})

func (*API) AdminValidateProvidersetup ¶ added in v0.12.0

func (a *API) AdminValidateProvidersetup(w http.ResponseWriter, r *http.Request, providersetupId string)

Validate the configuration for a Provider Setup (POST /api/v1/admin/providersetups/{providersetupId}/validate)

func (*API) Handler ¶

func (a *API) Handler(r chi.Router) http.Handler

Handler returns a HTTP handler. Hander doesn't add any middleware. It is the caller's responsibility to add any middleware.

func (*API) UserCancelRequest ¶ added in v0.12.0

func (a *API) UserCancelRequest(w http.ResponseWriter, r *http.Request, requestId string)

func (*API) UserCreateFavorite ¶

func (a *API) UserCreateFavorite(w http.ResponseWriter, r *http.Request)

(POST /api/v1/favorites)

func (*API) UserCreateRequest ¶

func (a *API) UserCreateRequest(w http.ResponseWriter, r *http.Request)

Creates a request (POST /api/v1/requests/)

func (*API) UserDeleteFavorite ¶ added in v0.12.0

func (a *API) UserDeleteFavorite(w http.ResponseWriter, r *http.Request, id string)

(DELETE /api/v1/favorites/{id})

func (*API) UserGetAccessInstructions ¶ added in v0.12.0

func (a *API) UserGetAccessInstructions(w http.ResponseWriter, r *http.Request, requestId string)

Get Access Instructions (GET /api/v1/requests/{requestId}/access-instructions)

func (*API) UserGetAccessRule ¶

func (a *API) UserGetAccessRule(w http.ResponseWriter, r *http.Request, ruleId string)

Get Access Rule as an end user. (GET /api/v1/access-rules/{ruleId})

func (*API) UserGetAccessRuleApprovers ¶

func (a *API) UserGetAccessRuleApprovers(w http.ResponseWriter, r *http.Request, ruleId string)

func (*API) UserGetAccessToken ¶ added in v0.12.0

func (a *API) UserGetAccessToken(w http.ResponseWriter, r *http.Request, requestId string)

(GET /api/v1/requests/{requestId}/access-token)

func (*API) UserGetFavorite ¶

func (a *API) UserGetFavorite(w http.ResponseWriter, r *http.Request, id string)

(GET /api/v1/favorites/{id})

func (*API) UserGetMe ¶ added in v0.12.0

func (a *API) UserGetMe(w http.ResponseWriter, r *http.Request)

Get details for the current user (GET /api/v1/users/me)

func (*API) UserGetRequest ¶

func (a *API) UserGetRequest(w http.ResponseWriter, r *http.Request, requestId string)

Get a request (GET /api/v1/requests/{requestId})

func (*API) UserGetUser ¶ added in v0.12.0

func (a *API) UserGetUser(w http.ResponseWriter, r *http.Request, userId string)

Returns a user based on userId (GET /api/v1/users/{userId})

func (*API) UserListAccessRules ¶ added in v0.12.0

func (a *API) UserListAccessRules(w http.ResponseWriter, r *http.Request)

List Access Rules (GET /api/v1/access-rules)

func (*API) UserListFavorites ¶

func (a *API) UserListFavorites(w http.ResponseWriter, r *http.Request)

(GET /api/v1/favorites)

func (*API) UserListRequestEvents ¶ added in v0.12.0

func (a *API) UserListRequestEvents(w http.ResponseWriter, r *http.Request, requestId string)

func (*API) UserListRequests ¶

func (a *API) UserListRequests(w http.ResponseWriter, r *http.Request, params types.UserListRequestsParams)

List my requests (GET /api/v1/requests)

func (*API) UserListRequestsPast ¶

func (a *API) UserListRequestsPast(w http.ResponseWriter, r *http.Request, params types.UserListRequestsPastParams)

List my requests (GET /api/v1/requests/past)

func (*API) UserListRequestsUpcoming ¶

func (a *API) UserListRequestsUpcoming(w http.ResponseWriter, r *http.Request, params types.UserListRequestsUpcomingParams)

List my requests (GET /api/v1/requests/upcoming)

func (*API) UserLookupAccessRule ¶ added in v0.12.0

func (a *API) UserLookupAccessRule(w http.ResponseWriter, r *http.Request, params types.UserLookupAccessRuleParams)

Your GET endpoint (GET /api/v1/access-rules/lookup)

func (*API) UserReviewRequest ¶ added in v0.12.0

func (a *API) UserReviewRequest(w http.ResponseWriter, r *http.Request, requestId string)

Review a request (POST /api/v1/requests/{requestId}/review)

func (*API) UserRevokeRequest ¶ added in v0.12.0

func (a *API) UserRevokeRequest(w http.ResponseWriter, r *http.Request, requestID string)

func (*API) UserUpdateFavorite ¶ added in v0.12.0

func (a *API) UserUpdateFavorite(w http.ResponseWriter, r *http.Request, id string)

(PUT /api/v1/favorites/{id})

type AccessRuleService ¶

type AccessRuleService interface {
	ArchiveAccessRule(ctx context.Context, userID string, in rule.AccessRule) (*rule.AccessRule, error)
	CreateAccessRule(ctx context.Context, userID string, in types.CreateAccessRuleRequest) (*rule.AccessRule, error)
	LookupRule(ctx context.Context, opts rulesvc.LookupRuleOpts) ([]rulesvc.LookedUpRule, error)
	GetRule(ctx context.Context, ID string, user *identity.User, isAdmin bool) (*rule.GetAccessRuleResponse, error)
	UpdateRule(ctx context.Context, in *rulesvc.UpdateOpts) (*rule.AccessRule, error)
	RequestArguments(ctx context.Context, accessRuleTarget rule.Target) (map[string]types.RequestArgument, error)
}

AccessRuleService can create and get rules

type AccessService ¶

type AccessService interface {
	CreateRequests(ctx context.Context, in accesssvc.CreateRequestsOpts) ([]accesssvc.CreateRequestResult, error)
	AddReviewAndGrantAccess(ctx context.Context, opts accesssvc.AddReviewOpts) (*accesssvc.AddReviewResult, error)
	CancelRequest(ctx context.Context, opts accesssvc.CancelRequestOpts) error
	CreateFavorite(ctx context.Context, in accesssvc.CreateFavoriteOpts) (*access.Favorite, error)
	UpdateFavorite(ctx context.Context, in accesssvc.UpdateFavoriteOpts) (*access.Favorite, error)
}

RequestServices can create Access Requests.

type CacheService ¶

type CacheService interface {
	RefreshCachedProviderArgOptions(ctx context.Context, providerId string, argId string) (bool, []cache.ProviderOption, []cache.ProviderArgGroupOption, error)
	LoadCachedProviderArgOptions(ctx context.Context, providerId string, argId string) (bool, []cache.ProviderOption, []cache.ProviderArgGroupOption, error)
}

type CognitoService ¶

type CognitoService interface {
	AdminCreateUser(ctx context.Context, in cognitosvc.CreateUserOpts) (*identity.User, error)
	AdminUpdateUserGroups(ctx context.Context, in cognitosvc.UpdateUserGroupsOpts) (*identity.User, error)
}

type HandlerService ¶ added in v0.15.0

type HandlerService interface {
	RegisterHandler(ctx context.Context, req types.RegisterHandlerRequest) (*handler.Handler, error)
	DeleteHandler(ctx context.Context, handler *handler.Handler) error
}

type HealthcheckService ¶ added in v0.15.0

type HealthcheckService interface {
	Check(ctx context.Context) error
}

type InternalIdentityService ¶

type InternalIdentityService interface {
	UpdateGroup(ctx context.Context, group identity.Group, in types.CreateGroupRequest) (*identity.Group, error)
	CreateGroup(ctx context.Context, in types.CreateGroupRequest) (*identity.Group, error)
	UpdateUserGroups(ctx context.Context, user identity.User, groups []string) (*identity.User, error)
	DeleteGroup(ctx context.Context, group identity.Group) error
}

type ListProvidersArgFilterResponse ¶

type ListProvidersArgFilterResponse struct {
	Options []ahTypes.Option `json:"options"`
}

type Opts ¶

type Opts struct {
	Log                    *zap.SugaredLogger
	AccessHandlerClient    ahtypes.ClientWithResponsesInterface
	ProviderRegistryClient registry_types.ClientWithResponsesInterface
	EventSender            *gevent.Sender
	IdentitySyncer         auth.IdentitySyncer
	DeploymentConfig       deploy.DeployConfigReader
	DynamoTable            string
	PaginationKMSKeyARN    string
	AdminGroup             string
	TemplateData           psetup.TemplateData
	DeploymentSuffix       string
	CognitoUserPoolID      string
	IDPType                string
	AdminGroupID           string
	StateMachineARN        string
	FrontendURL            string
}

type ProviderSetupService ¶

type ProviderSetupService interface {
	Create(ctx context.Context, providerType string, existingProviders deploy.ProviderMap, r providerregistry.ProviderRegistry) (*providersetup.Setup, error)
	CompleteStep(ctx context.Context, setupID string, stepIndex int, body types.ProviderSetupStepCompleteRequest) (*providersetup.Setup, error)
}

ProviderSetupService contains business logic for managing the guided provider setup workflows.

type TargetService ¶ added in v0.15.0

type TargetService interface {
	CreateGroup(ctx context.Context, targetGroup types.CreateTargetGroupRequest) (*target.Group, error)
	CreateRoute(ctx context.Context, group string, req types.CreateTargetGroupLink) (*target.Route, error)
	DeleteGroup(ctx context.Context, group *target.Group) error
}

type Workflow ¶ added in v0.15.0

type Workflow interface {
	Revoke(ctx context.Context, request access.Request, revokerID string, revokerEmail string) (*access.Request, error)
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mocks Package mocks is a generated GoMock package.	Package mocks is a generated GoMock package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL