README
¶
title: padlock v0.3.0 language_tabs:
- shell: Shell
- http: HTTP
- javascript: JavaScript
- ruby: Ruby
- python: Python
- php: PHP
- java: Java
- go: Go toc_footers: [] includes: [] search: false code_clipboard: true highlight_theme: darkula headingLevel: 2 generator: widdershins v4.0.1
padlock v0.3.0
Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.
External AuthN / AuthZ support service for REST API RBAC
Base URLs:
Management
User Management API liveness check
GET /v1/alive
Will return success to indicate user management REST API module is live
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | goutils.RestAPIBaseResponse |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
User Management API readiness check
GET /v1/ready
Will return success if user management REST API module is ready for use
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | goutils.RestAPIBaseResponse |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
List All Roles
GET /v1/role
List all roles the system is operating against
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"roles": {
"property1": {
"permissions": [
"string"
]
},
"property2": {
"permissions": [
"string"
]
}
},
"success": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | apis.RespListAllRoles |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
Get info on role
GET /v1/role/{roleName}
Query for information regarding one role, along with users assigned this role.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
| roleName | path | string | true | Role name |
Example responses
200 Response
{
"assigned_users": [
{
"created_at": "string",
"email": "string",
"first_name": "string",
"last_name": "string",
"updated_at": "string",
"user_id": "string",
"username": "string"
}
],
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"role": {
"permissions": [
"string"
]
},
"success": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | apis.RespRoleInfo |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
List all users
GET /v1/user
List all users currently managed by the system
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true,
"users": [
{
"created_at": "string",
"email": "string",
"first_name": "string",
"last_name": "string",
"updated_at": "string",
"user_id": "string",
"username": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | apis.RespListAllUsers |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
Define new user
POST /v1/user
Define a new user, and optionally assign roles to it
Body parameter
{
"roles": [
"string"
],
"user": {
"email": "string",
"first_name": "string",
"last_name": "string",
"user_id": "string",
"username": "string"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
| body | body | apis.ReqNewUserParams | true | New user information |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | goutils.RestAPIBaseResponse |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
Delete user
DELETE /v1/user/{userID}
Remove user from the system.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
| userID | path | string | true | User ID |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | goutils.RestAPIBaseResponse |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
Get info on user
GET /v1/user/{userID}
Query for information regarding one user.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
| userID | path | string | true | User ID |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true,
"user": {
"associatedPermission": [
"string"
],
"created_at": "string",
"email": "string",
"first_name": "string",
"last_name": "string",
"roles": [
"string"
],
"updated_at": "string",
"user_id": "string",
"username": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | apis.RespUserInfo |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
Update a user's info
PUT /v1/user/{userID}
Update an existing user's information
Body parameter
{
"email": "string",
"first_name": "string",
"last_name": "string",
"user_id": "string",
"username": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
| userID | path | string | true | User ID |
| body | body | models.UserConfig | true | Updated user information |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | goutils.RestAPIBaseResponse |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
Update a user's roles
PUT /v1/user/{userID}/roles
Change the user's roles to what caller requested
Body parameter
{
"roles": [
"string"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
| userID | path | string | true | User ID |
| body | body | apis.ReqNewUserRoles | true | User's new roles |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | goutils.RestAPIBaseResponse |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
Authorize
Check whether a REST API call is allowed
GET /v1/allow
Check whether a REST API call is allowed. The parameters of the call is passed in
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
| X-Forwarded-Host | header | string | true | Host of the API call to authorize |
| X-Forwarded-Uri | header | string | true | URI path of the API call to authorize |
| X-Forwarded-Method | header | string | true | HTTP method of the API call to authorize |
| X-Caller-UserID | header | string | true | ID of the user making the API call to authorize |
| X-Caller-Username | header | string | false | Username of the user making the API call to authorize |
| X-Caller-Firstname | header | string | false | First name / given name of the user making the API call to authorize |
| X-Caller-Lastname | header | string | false | Last name / surname / family name of the user making the API call to authorize |
| X-Caller-Email | header | string | false | Email of the user making the API call to authorize |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | goutils.RestAPIBaseResponse |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 403 | Forbidden | error | goutils.RestAPIBaseResponse |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
Authenticate
Authenticate a user
GET /v1/authenticate
Authticate a user by verifiying the bearer token provided
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| Padlock-Request-ID | header | string | false | User provided request ID to match against logs |
| Authorization | header | string | true | User must provide a bearer token |
Example responses
200 Response
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | success | goutils.RestAPIBaseResponse |
| 400 | Bad Request | error | goutils.RestAPIBaseResponse |
| 401 | Unauthorized | error | string |
| 403 | Forbidden | error | string |
| 404 | Not Found | error | string |
| 500 | Internal Server Error | error | goutils.RestAPIBaseResponse |
Schemas
apis.ReqNewUserParams
{
"roles": [
"string"
],
"user": {
"email": "string",
"first_name": "string",
"last_name": "string",
"user_id": "string",
"username": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| roles | [string] | false | none | Roles list the roles to assign to this user |
| user | models.UserConfig | true | none | User contains the new user parameters |
apis.ReqNewUserRoles
{
"roles": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| roles | [string] | false | none | Roles list the roles to assign to this user |
apis.RespListAllRoles
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"roles": {
"property1": {
"permissions": [
"string"
]
},
"property2": {
"permissions": [
"string"
]
}
},
"success": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| error | goutils.ErrorDetail | false | none | Error are details in case of errors |
| request_id | string | true | none | RequestID gives the request ID to match against logs |
| roles | object | true | none | Roles are the roles |
| » additionalProperties | common.UserRoleConfig | false | none | none |
| success | boolean | true | none | Success indicates whether the request was successful |
apis.RespListAllUsers
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true,
"users": [
{
"created_at": "string",
"email": "string",
"first_name": "string",
"last_name": "string",
"updated_at": "string",
"user_id": "string",
"username": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| error | goutils.ErrorDetail | false | none | Error are details in case of errors |
| request_id | string | true | none | RequestID gives the request ID to match against logs |
| success | boolean | true | none | Success indicates whether the request was successful |
| users | [models.UserInfo] | true | none | Users are the users in system |
apis.RespRoleInfo
{
"assigned_users": [
{
"created_at": "string",
"email": "string",
"first_name": "string",
"last_name": "string",
"updated_at": "string",
"user_id": "string",
"username": "string"
}
],
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"role": {
"permissions": [
"string"
]
},
"success": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| assigned_users | [models.UserInfo] | false | none | AssignedUsers is the list of users being assigned this role |
| error | goutils.ErrorDetail | false | none | Error are details in case of errors |
| request_id | string | true | none | RequestID gives the request ID to match against logs |
| role | common.UserRoleConfig | true | none | Role is info on this role |
| success | boolean | true | none | Success indicates whether the request was successful |
apis.RespUserInfo
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true,
"user": {
"associatedPermission": [
"string"
],
"created_at": "string",
"email": "string",
"first_name": "string",
"last_name": "string",
"roles": [
"string"
],
"updated_at": "string",
"user_id": "string",
"username": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| error | goutils.ErrorDetail | false | none | Error are details in case of errors |
| request_id | string | true | none | RequestID gives the request ID to match against logs |
| success | boolean | true | none | Success indicates whether the request was successful |
| user | users.UserDetailsWithPermission | true | none | User is info on this user |
common.UserRoleConfig
{
"permissions": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| permissions | [string] | true | none | AssignedPermissions is the list of permissions assigned to a role |
goutils.ErrorDetail
{
"code": 0,
"detail": "string",
"message": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| code | integer | true | none | Code is the response code |
| detail | string | false | none | Detail is an optional descriptive message providing additional details on the error |
| message | string | false | none | Msg is an optional descriptive message |
goutils.RestAPIBaseResponse
{
"error": {
"code": 0,
"detail": "string",
"message": "string"
},
"request_id": "string",
"success": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| error | goutils.ErrorDetail | false | none | Error are details in case of errors |
| request_id | string | true | none | RequestID gives the request ID to match against logs |
| success | boolean | true | none | Success indicates whether the request was successful |
models.UserConfig
{
"email": "string",
"first_name": "string",
"last_name": "string",
"user_id": "string",
"username": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| string | false | none | Email is the user's email | |
| first_name | string | false | none | FirstName is the user's first name / given name |
| last_name | string | false | none | LastName is the user's last name / surname / family name |
| user_id | string | true | none | UserID is the user's ID |
| username | string | false | none | UserName is the username |
models.UserInfo
{
"created_at": "string",
"email": "string",
"first_name": "string",
"last_name": "string",
"updated_at": "string",
"user_id": "string",
"username": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| created_at | string | false | none | CreatedAt is when the user entry is created |
| string | false | none | Email is the user's email | |
| first_name | string | false | none | FirstName is the user's first name / given name |
| last_name | string | false | none | LastName is the user's last name / surname / family name |
| updated_at | string | false | none | UpdatedAt is when the user entry was last updated |
| user_id | string | true | none | UserID is the user's ID |
| username | string | false | none | UserName is the username |
users.UserDetailsWithPermission
{
"associatedPermission": [
"string"
],
"created_at": "string",
"email": "string",
"first_name": "string",
"last_name": "string",
"roles": [
"string"
],
"updated_at": "string",
"user_id": "string",
"username": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| associatedPermission | [string] | false | none | AssociatedPermission list of permissions the user has based on the roles associated with the user |
| created_at | string | false | none | CreatedAt is when the user entry is created |
| string | false | none | Email is the user's email | |
| first_name | string | false | none | FirstName is the user's first name / given name |
| last_name | string | false | none | LastName is the user's last name / surname / family name |
| roles | [string] | false | none | Roles are the roles associated with the user |
| updated_at | string | false | none | UpdatedAt is when the user entry was last updated |
| user_id | string | true | none | UserID is the user's ID |
| username | string | false | none | UserName is the username |
Documentation
¶
Index ¶
- func BuildAuthenticationServer(httpCfg common.APIServerConfig, openIDCfg common.OpenIDIssuerConfig, ...) (*http.Server, error)
- func BuildAuthorizationServer(httpCfg common.APIServerConfig, manager users.Management, ...) (*http.Server, error)
- func BuildMetricsCollectionServer(httpCfg common.HTTPServerConfig, metricsCollector goutils.MetricsCollector, ...) (*http.Server, error)
- func BuildUserManagementServer(httpCfg common.APIServerConfig, manager users.Management, ...) (*http.Server, error)
- type AuthenticationHandler
- type AuthenticationLivenessHandler
- func (h AuthenticationLivenessHandler) Alive(w http.ResponseWriter, r *http.Request)
- func (h AuthenticationLivenessHandler) AliveHandler() http.HandlerFunc
- func (h AuthenticationLivenessHandler) Ready(w http.ResponseWriter, r *http.Request)
- func (h AuthenticationLivenessHandler) ReadyHandler() http.HandlerFunc
- type AuthorizationHandler
- type AuthorizationLivenessHandler
- func (h AuthorizationLivenessHandler) Alive(w http.ResponseWriter, r *http.Request)
- func (h AuthorizationLivenessHandler) AliveHandler() http.HandlerFunc
- func (h AuthorizationLivenessHandler) Ready(w http.ResponseWriter, r *http.Request)
- func (h AuthorizationLivenessHandler) ReadyHandler() http.HandlerFunc
- type MethodHandlers
- type ReqNewUserParams
- type ReqNewUserRoles
- type RespListAllRoles
- type RespListAllUsers
- type RespRoleInfo
- type RespUserInfo
- type UserManagementHandler
- func (h UserManagementHandler) DefineUser(w http.ResponseWriter, r *http.Request)
- func (h UserManagementHandler) DefineUserHandler() http.HandlerFunc
- func (h UserManagementHandler) DeleteUser(w http.ResponseWriter, r *http.Request)
- func (h UserManagementHandler) DeleteUserHandler() http.HandlerFunc
- func (h UserManagementHandler) GetRole(w http.ResponseWriter, r *http.Request)
- func (h UserManagementHandler) GetRoleHandler() http.HandlerFunc
- func (h UserManagementHandler) GetUser(w http.ResponseWriter, r *http.Request)
- func (h UserManagementHandler) GetUserHandler() http.HandlerFunc
- func (h UserManagementHandler) ListAllRoles(w http.ResponseWriter, r *http.Request)
- func (h UserManagementHandler) ListAllRolesHandler() http.HandlerFunc
- func (h UserManagementHandler) ListAllUsers(w http.ResponseWriter, r *http.Request)
- func (h UserManagementHandler) ListAllUsersHandler() http.HandlerFunc
- func (h UserManagementHandler) UpdateUser(w http.ResponseWriter, r *http.Request)
- func (h UserManagementHandler) UpdateUserHandler() http.HandlerFunc
- func (h UserManagementHandler) UpdateUserRoles(w http.ResponseWriter, r *http.Request)
- func (h UserManagementHandler) UpdateUserRolesHandler() http.HandlerFunc
- type UserManagementLivenessHandler
- func (h UserManagementLivenessHandler) Alive(w http.ResponseWriter, r *http.Request)
- func (h UserManagementLivenessHandler) AliveHandler() http.HandlerFunc
- func (h UserManagementLivenessHandler) Ready(w http.ResponseWriter, r *http.Request)
- func (h UserManagementLivenessHandler) ReadyHandler() http.HandlerFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildAuthenticationServer ¶
func BuildAuthenticationServer( httpCfg common.APIServerConfig, openIDCfg common.OpenIDIssuerConfig, performIntrospection bool, tokenCache authenticate.TokenCache, authnConfig common.AuthenticationConfig, respHeaderParam common.AuthorizeRequestParamLocConfig, metrics goutils.HTTPRequestMetricHelper, ) (*http.Server, error)
BuildAuthenticationServer creates the authentication server
@param httpCfg common.HTTPConfig - HTTP server config @param openIDCfg common.OpenIDIssuerConfig - OpenID issuer configuration @parem performIntrospection bool - whether to perform introspection @param tokenCache authenticate.TokenCache - cache to reduce number of introspections @param authnConfig common.AuthenticationConfig - authentication submodule configuration @param respHeaderParam common.AuthorizeRequestParamLocConfig - config which indicates what response headers to output the user parameters on. @param metrics goutils.HTTPRequestMetricHelper - metric collection agent @return the http.Server
func BuildAuthorizationServer ¶
func BuildAuthorizationServer( httpCfg common.APIServerConfig, manager users.Management, requestMatcher match.RequestMatch, validateSupport common.CustomFieldValidator, checkHeaders common.AuthorizeRequestParamLocConfig, forUnknownUser common.UnknownUserActionConfig, metrics goutils.HTTPRequestMetricHelper, ) (*http.Server, error)
BuildAuthorizationServer creates the authorization server
@param httpCfg common.HTTPConfig - HTTP server config @param manager users.Management - core user management logic block @param requestMatcher match.RequestMatch - the request matcher @param validateSupport common.CustomFieldValidator - customer validator support object @param checkHeaders common.AuthorizeRequestParamLocConfig - param on which headers to search for parameters regarding a REST API to authorize. @param forUnknownUser common.UnknownUserActionConfig - param on how to handle new unknown user @param metrics goutils.HTTPRequestMetricHelper - metric collection agent @return the http.Server
func BuildMetricsCollectionServer ¶ added in v0.5.1
func BuildMetricsCollectionServer( httpCfg common.HTTPServerConfig, metricsCollector goutils.MetricsCollector, collectionEndpoint string, maxRESTRequests int, ) (*http.Server, error)
BuildMetricsCollectionServer create server to host metrics collection endpoint
@param httpCfg common.HTTPServerConfig - HTTP server configuration @param metricsCollector goutils.MetricsCollector - metrics collector @param collectionEndpoint string - endpoint to expose the metrics on @param maxRESTRequests int - max number fo parallel requests to support @returns HTTP server instance
func BuildUserManagementServer ¶
func BuildUserManagementServer( httpCfg common.APIServerConfig, manager users.Management, validateSupport common.CustomFieldValidator, metrics goutils.HTTPRequestMetricHelper, ) (*http.Server, error)
BuildUserManagementServer creates the user management server
@param httpCfg common.HTTPConfig - HTTP server config @param manager users.Management - core user management logic block @param validateSupport common.CustomFieldValidator - customer validator support object @param metrics goutils.HTTPRequestMetricHelper - metric collection agent @return the http.Server
Types ¶
type AuthenticationHandler ¶
type AuthenticationHandler struct {
goutils.RestAPIHandler
// contains filtered or unexported fields
}
AuthenticationHandler the request authentication REST API handler
func (AuthenticationHandler) Authenticate ¶
func (h AuthenticationHandler) Authenticate(w http.ResponseWriter, r *http.Request)
Authenticate godoc @Summary Authenticate a user @Description Authticate a user by verifiying the bearer token provided @tags Authenticate @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Param Authorization header string true "User must provide a bearer token" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 401 {string} string "error" @Failure 403 {string} string "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/authenticate [get]
func (AuthenticationHandler) AuthenticateHandler ¶
func (h AuthenticationHandler) AuthenticateHandler() http.HandlerFunc
AuthenticateHandler Wrapper around Authenticate
type AuthenticationLivenessHandler ¶ added in v0.5.1
type AuthenticationLivenessHandler struct {
goutils.RestAPIHandler
}
AuthenticationLivenessHandler the request authentication REST API liveness handler
func (AuthenticationLivenessHandler) Alive ¶ added in v0.5.1
func (h AuthenticationLivenessHandler) Alive(w http.ResponseWriter, r *http.Request)
Alive godoc @Summary Authentication API liveness check @Description Will return success to indicate Authentication REST API module is live @tags Authenticate @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/alive [get]
func (AuthenticationLivenessHandler) AliveHandler ¶ added in v0.5.1
func (h AuthenticationLivenessHandler) AliveHandler() http.HandlerFunc
AliveHandler Wrapper around Alive
func (AuthenticationLivenessHandler) Ready ¶ added in v0.5.1
func (h AuthenticationLivenessHandler) Ready(w http.ResponseWriter, r *http.Request)
Ready godoc @Summary Authentication API readiness check @Description Will return success if Authentication REST API module is ready for use @tags Authenticate @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/ready [get]
func (AuthenticationLivenessHandler) ReadyHandler ¶ added in v0.5.1
func (h AuthenticationLivenessHandler) ReadyHandler() http.HandlerFunc
ReadyHandler Wrapper around Alive
type AuthorizationHandler ¶
type AuthorizationHandler struct {
goutils.RestAPIHandler
// contains filtered or unexported fields
}
AuthorizationHandler the request authorization REST API handler
func (AuthorizationHandler) Allow ¶
func (h AuthorizationHandler) Allow(w http.ResponseWriter, r *http.Request)
Allow godoc @Summary Check whether a REST API call is allowed @Description Check whether a REST API call is allowed. The parameters of the call is passed in via HTTP headers by the entity using this endpoint. The parameters listed in this comment section are the default headers the application will search for. But the headers to check can be configured via the "authorize.request_param_location" object of the application config. @tags Authorize @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Param X-Forwarded-Host header string true "Host of the API call to authorize" @Param X-Forwarded-Uri header string true "URI path of the API call to authorize" @Param X-Forwarded-Method header string true "HTTP method of the API call to authorize" @Param X-Caller-UserID header string true "ID of the user making the API call to authorize" @Param X-Caller-Username header string false "Username of the user making the API call to authorize" @Param X-Caller-Firstname header string false "First name / given name of the user making the API call to authorize" @Param X-Caller-Lastname header string false "Last name / surname / family name of the user making the API call to authorize" @Param X-Caller-Email header string false "Email of the user making the API call to authorize" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 403 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/allow [get]
func (AuthorizationHandler) AllowHandler ¶
func (h AuthorizationHandler) AllowHandler() http.HandlerFunc
AllowHandler Wrapper around Allow
func (AuthorizationHandler) ParamReadMiddleware ¶
func (h AuthorizationHandler) ParamReadMiddleware(next http.HandlerFunc) http.HandlerFunc
ParamReadMiddleware is a support middleware to be used with Mux to extract the mandatory parameters needed to authorize a REST API call and record it in the context.
@param next http.HandlerFunc - the core request handler function @return middleware http.HandlerFunc
type AuthorizationLivenessHandler ¶ added in v0.5.1
type AuthorizationLivenessHandler struct {
goutils.RestAPIHandler
// contains filtered or unexported fields
}
AuthorizationLivenessHandler the request authorization REST API liveness handler
func (AuthorizationLivenessHandler) Alive ¶ added in v0.5.1
func (h AuthorizationLivenessHandler) Alive(w http.ResponseWriter, r *http.Request)
Alive godoc @Summary Authorization API liveness check @Description Will return success to indicate authorization REST API module is live @tags Authorize @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/alive [get]
func (AuthorizationLivenessHandler) AliveHandler ¶ added in v0.5.1
func (h AuthorizationLivenessHandler) AliveHandler() http.HandlerFunc
AliveHandler Wrapper around Alive
func (AuthorizationLivenessHandler) Ready ¶ added in v0.5.1
func (h AuthorizationLivenessHandler) Ready(w http.ResponseWriter, r *http.Request)
Ready godoc @Summary Authorization API readiness check @Description Will return success if authorization REST API module is ready for use @tags Authorize @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/ready [get]
func (AuthorizationLivenessHandler) ReadyHandler ¶ added in v0.5.1
func (h AuthorizationLivenessHandler) ReadyHandler() http.HandlerFunc
ReadyHandler Wrapper around Alive
type MethodHandlers ¶
type MethodHandlers map[string]http.HandlerFunc
MethodHandlers DICT of method-endpoint handler
type ReqNewUserParams ¶
type ReqNewUserParams struct {
// User contains the new user parameters
User models.UserConfig `json:"user" validate:"required,dive"`
// Roles list the roles to assign to this user
Roles []string `json:"roles" validate:"omitempty,dive,role_name"`
}
ReqNewUserParams is the API request with information on a new user
type ReqNewUserRoles ¶
type ReqNewUserRoles struct {
// Roles list the roles to assign to this user
Roles []string `json:"roles" validate:"omitempty,dive,role_name"`
}
ReqNewUserRoles is the new roles to be assigned to the user
type RespListAllRoles ¶
type RespListAllRoles struct {
goutils.RestAPIBaseResponse
// Roles are the roles
Roles map[string]common.UserRoleConfig `json:"roles" validate:"required,dive"`
}
RespListAllRoles is the API response listing all roles the system is operating against
type RespListAllUsers ¶
type RespListAllUsers struct {
goutils.RestAPIBaseResponse
// Users are the users in system
Users []models.UserInfo `json:"users" validate:"required,dive"`
}
RespListAllUsers is the API response listing all the users the system is managing
type RespRoleInfo ¶
type RespRoleInfo struct {
goutils.RestAPIBaseResponse
// Role is info on this role
Role common.UserRoleConfig `json:"role" validate:"required,dive"`
// AssignedUsers is the list of users being assigned this role
AssignedUsers []models.UserInfo `json:"assigned_users,omitempty" validate:"omitempty"`
}
RespRoleInfo is the API response giving info on one role
type RespUserInfo ¶
type RespUserInfo struct {
goutils.RestAPIBaseResponse
// User is info on this user
User users.UserDetailsWithPermission `json:"user" validate:"required,dive"`
}
RespUserInfo is the API response giving info on one user
type UserManagementHandler ¶
type UserManagementHandler struct {
goutils.RestAPIHandler
// contains filtered or unexported fields
}
UserManagementHandler the user / role management REST API handler
func (UserManagementHandler) DefineUser ¶
func (h UserManagementHandler) DefineUser(w http.ResponseWriter, r *http.Request)
DefineUser godoc @Summary Define new user @Description Define a new user, and optionally assign roles to it @tags Management @Accept json @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Param userInfo body ReqNewUserParams true "New user information" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/user [post]
func (UserManagementHandler) DefineUserHandler ¶
func (h UserManagementHandler) DefineUserHandler() http.HandlerFunc
DefineUserHandler Wrapper around DefineUser
func (UserManagementHandler) DeleteUser ¶
func (h UserManagementHandler) DeleteUser(w http.ResponseWriter, r *http.Request)
DeleteUser godoc @Summary Delete user @Description Remove user from the system. @tags Management @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Param userID path string true "User ID" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/user/{userID} [delete]
func (UserManagementHandler) DeleteUserHandler ¶
func (h UserManagementHandler) DeleteUserHandler() http.HandlerFunc
DeleteUserHandler Wrapper around DeleteUser
func (UserManagementHandler) GetRole ¶
func (h UserManagementHandler) GetRole(w http.ResponseWriter, r *http.Request)
GetRole godoc @Summary Get info on role @Description Query for information regarding one role, along with users assigned this role. @tags Management @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Param roleName path string true "Role name" @Success 200 {object} RespRoleInfo "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/role/{roleName} [get]
func (UserManagementHandler) GetRoleHandler ¶
func (h UserManagementHandler) GetRoleHandler() http.HandlerFunc
GetRoleHandler Wrapper around GetRole
func (UserManagementHandler) GetUser ¶
func (h UserManagementHandler) GetUser(w http.ResponseWriter, r *http.Request)
GetUser godoc @Summary Get info on user @Description Query for information regarding one user. @tags Management @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Param userID path string true "User ID" @Success 200 {object} RespUserInfo "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/user/{userID} [get]
func (UserManagementHandler) GetUserHandler ¶
func (h UserManagementHandler) GetUserHandler() http.HandlerFunc
GetUserHandler Wrapper around GetUser
func (UserManagementHandler) ListAllRoles ¶
func (h UserManagementHandler) ListAllRoles(w http.ResponseWriter, r *http.Request)
ListAllRoles godoc @Summary List All Roles @Description List all roles the system is operating against @tags Management @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Success 200 {object} RespListAllRoles "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/role [get]
func (UserManagementHandler) ListAllRolesHandler ¶
func (h UserManagementHandler) ListAllRolesHandler() http.HandlerFunc
ListAllRolesHandler Wrapper around ListAllRoles
func (UserManagementHandler) ListAllUsers ¶
func (h UserManagementHandler) ListAllUsers(w http.ResponseWriter, r *http.Request)
ListAllUsers godoc @Summary List all users @Description List all users currently managed by the system @tags Management @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Success 200 {object} RespListAllUsers "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/user [get]
func (UserManagementHandler) ListAllUsersHandler ¶
func (h UserManagementHandler) ListAllUsersHandler() http.HandlerFunc
ListAllUsersHandler Wrapper around ListAllUsers
func (UserManagementHandler) UpdateUser ¶
func (h UserManagementHandler) UpdateUser(w http.ResponseWriter, r *http.Request)
UpdateUser godoc @Summary Update a user's info @Description Update an existing user's information @tags Management @Accept json @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Param userID path string true "User ID" @Param userInfo body models.UserConfig true "Updated user information" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/user/{userID} [put]
func (UserManagementHandler) UpdateUserHandler ¶
func (h UserManagementHandler) UpdateUserHandler() http.HandlerFunc
UpdateUserHandler Wrapper around UpdateUser
func (UserManagementHandler) UpdateUserRoles ¶
func (h UserManagementHandler) UpdateUserRoles(w http.ResponseWriter, r *http.Request)
UpdateUserRoles godoc @Summary Update a user's roles @Description Change the user's roles to what caller requested @tags Management @Accept json @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Param userID path string true "User ID" @Param roles body ReqNewUserRoles true "User's new roles" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/user/{userID}/roles [put]
func (UserManagementHandler) UpdateUserRolesHandler ¶
func (h UserManagementHandler) UpdateUserRolesHandler() http.HandlerFunc
UpdateUserRolesHandler Wrapper around UpdateUserRoles
type UserManagementLivenessHandler ¶ added in v0.5.1
type UserManagementLivenessHandler struct {
goutils.RestAPIHandler
// contains filtered or unexported fields
}
UserManagementLivenessHandler the user / role management REST API liveness handler
func (UserManagementLivenessHandler) Alive ¶ added in v0.5.1
func (h UserManagementLivenessHandler) Alive(w http.ResponseWriter, r *http.Request)
Alive godoc @Summary User Management API liveness check @Description Will return success to indicate user management REST API module is live @tags Management @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/alive [get]
func (UserManagementLivenessHandler) AliveHandler ¶ added in v0.5.1
func (h UserManagementLivenessHandler) AliveHandler() http.HandlerFunc
AliveHandler Wrapper around Alive
func (UserManagementLivenessHandler) Ready ¶ added in v0.5.1
func (h UserManagementLivenessHandler) Ready(w http.ResponseWriter, r *http.Request)
Ready godoc @Summary User Management API readiness check @Description Will return success if user management REST API module is ready for use @tags Management @Produce json @Param Padlock-Request-ID header string false "User provided request ID to match against logs" @Success 200 {object} goutils.RestAPIBaseResponse "success" @Failure 400 {object} goutils.RestAPIBaseResponse "error" @Failure 404 {string} string "error" @Failure 500 {object} goutils.RestAPIBaseResponse "error" @Router /v1/ready [get]
func (UserManagementLivenessHandler) ReadyHandler ¶ added in v0.5.1
func (h UserManagementLivenessHandler) ReadyHandler() http.HandlerFunc
ReadyHandler Wrapper around Alive
Source Files