README
¶
go-uaa 
Overview
go-uaa is a client library for the UAA API. It is a go module.
Usage
Step 1: Add go-uaa As A Dependency
$ go mod init # optional
$ go get -u github.com/cloudfoundry-community/go-uaa
$ cat go.mod
module github.com/cloudfoundry-community/go-uaa/cmd/test
go 1.13
require github.com/cloudfoundry-community/go-uaa latest
Step 2: Construct and Use uaa.API
Construct a uaa.API by using uaa.New(target string, authOpt AuthenticationOption, opts ...Option):
- The target is the URL of your UAA API (for example, https://uaa.run.pivotal.io); do not include
/oauth/tokensuffix - You must choose one authentication method and supply it as the third argument. There are a number of authentication methods available:
uaa.WithClientCredentials(clientID string, clientSecret string, tokenFormat TokenFormat)uaa.WithPasswordCredentials(clientID string, clientSecret string, username string, password string, tokenFormat TokenFormat)uaa.WithAuthorizationCode(clientID string, clientSecret string, authorizationCode string, tokenFormat TokenFormat, redirectURL *url.URL)uaa.WithRefreshToken(clientID string, clientSecret string, refreshToken string, tokenFormat TokenFormat)uaa.WithToken(token *oauth2.Token)(this is the only authentication methods that cannot automatically refresh the token when it expires)
- You can optionally supply one or more options:
uaa.WithZoneID(zoneID string)if you want to specify your own zone IDuaa.WithClient(client *http.Client)if you want to specify your ownhttp.Clientuaa.WithSkipSSLValidation(skipSSLValidation bool)if you want to ignore SSL validation issues; this is not recommended, and you should instead ensure you trust the certificate authority that issues the certificates used by UAAuaa.WithUserAgent(userAgent string)if you want to supply your own user agent for requests to the UAA APIuaa.WithVerbosity(verbose bool)if you want to enable verbose logging
$ cat main.go
package main
import (
"log"
uaa "github.com/cloudfoundry-community/go-uaa"
)
func main() {
// construct the API
api, err := uaa.New(
"https://uaa.example.net",
uaa.WithClientCredentials("client-id", "client-secret", uaa.JSONWebToken),
)
if err != nil {
log.Fatal(err)
}
// use the API to fetch a user
user, err := api.GetUserByUsername("test@example.net", "uaa", "")
if err != nil {
log.Fatal(err)
}
log.Printf("Hello, %s\n", user.Name.GivenName)
}
Experimental
- For the foreseeable future, releases will be in the
v0.x.yrange - You should expect breaking changes until
v1.x.yreleases occur - Notifications of breaking changes will be made via release notes associated with each tag
- You should use
go moduleswith this package
Contributing
Pull requests welcome.
Documentation
¶
Index ¶
- Constants
- func BuildSubdomainURL(target string, zoneID string) (*url.URL, error)
- func BuildTargetURL(target string) (*url.URL, error)
- type API
- func (a *API) ActivateUser(userID string, userMetaVersion int) error
- func (a *API) AddGroupMember(groupID string, memberID string, entityType string, origin string) error
- func (a *API) ChangeClientSecret(id string, newSecret string) error
- func (a *API) CreateClient(client Client) (*Client, error)
- func (a *API) CreateGroup(group Group) (*Group, error)
- func (a *API) CreateIdentityZone(identityzone IdentityZone) (*IdentityZone, error)
- func (a *API) CreateMFAProvider(mfaprovider MFAProvider) (*MFAProvider, error)
- func (a *API) CreateUser(user User) (*User, error)
- func (a *API) Curl(path string, method string, data string, headers []string) (string, string, int, error)
- func (a *API) DeactivateUser(userID string, userMetaVersion int) error
- func (a *API) DeleteClient(clientID string) (*Client, error)
- func (a *API) DeleteGroup(groupID string) (*Group, error)
- func (a *API) DeleteIdentityZone(identityzoneID string) (*IdentityZone, error)
- func (a *API) DeleteMFAProvider(mfaproviderID string) (*MFAProvider, error)
- func (a *API) DeleteUser(userID string) (*User, error)
- func (a *API) GetClient(clientID string) (*Client, error)
- func (a *API) GetGroup(groupID string) (*Group, error)
- func (a *API) GetGroupByName(name string, attributes string) (*Group, error)
- func (a *API) GetIdentityZone(identityzoneID string) (*IdentityZone, error)
- func (a *API) GetInfo() (*Info, error)
- func (a *API) GetMFAProvider(mfaproviderID string) (*MFAProvider, error)
- func (a *API) GetMe() (*UserInfo, error)
- func (a *API) GetUser(userID string) (*User, error)
- func (a *API) GetUserByUsername(username, origin, attributes string) (*User, error)
- func (a *API) IsHealthy() (bool, error)
- func (a *API) Issuer() (string, error)
- func (a *API) ListAllClients(filter string, sortBy string, sortOrder SortOrder) ([]Client, error)
- func (a *API) ListAllGroupMappings(origin string) ([]GroupMapping, error)
- func (a *API) ListAllGroups(filter string, sortBy string, attributes string, sortOrder SortOrder) ([]Group, error)
- func (a *API) ListAllUsers(filter string, sortBy string, attributes string, sortOrder SortOrder) ([]User, error)
- func (a *API) ListClients(filter string, sortBy string, sortOrder SortOrder, startIndex int, ...) ([]Client, Page, error)
- func (a *API) ListGroupMappings(origin string, startIndex int, itemsPerPage int) ([]GroupMapping, Page, error)
- func (a *API) ListGroups(filter string, sortBy string, attributes string, sortOrder SortOrder, ...) ([]Group, Page, error)
- func (a *API) ListIdentityZones() ([]IdentityZone, error)
- func (a *API) ListMFAProviders() ([]MFAProvider, error)
- func (a *API) ListUsers(filter string, sortBy string, attributes string, sortOrder SortOrder, ...) ([]User, Page, error)
- func (a *API) MapGroup(groupID string, externalGroup string, origin string) error
- func (a *API) RemoveGroupMember(groupID string, memberID string, entityType string, origin string) error
- func (a *API) Token(ctx context.Context) (*oauth2.Token, error)
- func (a *API) TokenKey() (*JWK, error)
- func (a *API) TokenKeys() ([]JWK, error)
- func (a *API) UnmapGroup(groupID string, externalGroup string, origin string) error
- func (a *API) UpdateClient(client Client) (*Client, error)
- func (a *API) UpdateGroup(group Group) (*Group, error)
- func (a *API) UpdateIdentityZone(identityzone IdentityZone) (*IdentityZone, error)
- func (a *API) UpdateMFAProvider(mfaprovider MFAProvider) (*MFAProvider, error)
- func (a *API) UpdateUser(user User) (*User, error)
- type Approval
- type AuthenticationOption
- func WithAuthorizationCode(clientID string, clientSecret string, authorizationCode string, ...) AuthenticationOption
- func WithClientCredentials(clientID string, clientSecret string, tokenFormat TokenFormat) AuthenticationOption
- func WithNoAuthentication() AuthenticationOption
- func WithPasswordCredentials(clientID string, clientSecret string, username string, password string, ...) AuthenticationOption
- func WithRefreshToken(clientID string, clientSecret string, refreshToken string, ...) AuthenticationOption
- func WithToken(token *oauth2.Token) AuthenticationOption
- type Branding
- type CORSPolicy
- type Client
- type ClientSecretPolicy
- type Email
- type GrantType
- type Group
- type GroupMapping
- type GroupMember
- type IdentityZone
- type IdentityZoneConfig
- type IdentityZoneLinks
- type IdentityZoneMFAConfig
- type IdentityZoneUserConfig
- type Info
- type JWK
- type Keys
- type MFAProvider
- type MFAProviderConfig
- type Meta
- type OpenIDConfig
- type Option
- type Page
- type PhoneNumber
- type Prompt
- type RequestError
- type SAMLConfig
- type SAMLKey
- type SortOrder
- type TokenFormat
- type TokenPolicy
- type User
- type UserGroup
- type UserInfo
- type UserName
Constants ¶
const ( REFRESHTOKEN = GrantType("refresh_token") AUTHCODE = GrantType("authorization_code") IMPLICIT = GrantType("implicit") PASSWORD = GrantType("password") CLIENTCREDENTIALS = GrantType("client_credentials") )
Valid GrantType values.
const ( // SortAscending sorts in ascending order. SortAscending = SortOrder("ascending") // SortDescending sorts in descending order. SortDescending = SortOrder("descending") )
const ClientsEndpoint string = "/oauth/clients"
ClientsEndpoint is the path to the clients resource.
const GroupsEndpoint string = "/Groups"
GroupsEndpoint is the path to the groups resource.
const IdentityZonesEndpoint string = "/identity-zones"
IdentityZonesEndpoint is the path to the users resource.
const MFAProvidersEndpoint string = "/mfa-providers"
MFAProvidersEndpoint is the path to the MFA providers resource.
const UsersEndpoint string = "/Users"
UsersEndpoint is the path to the users resource.
Variables ¶
This section is empty.
Functions ¶
func BuildSubdomainURL ¶ added in v0.0.7
BuildSubdomainURL returns a URL that optionally includes the zone ID as a host prefix. If the target does not include a scheme, https will be used.
Types ¶
type API ¶ added in v0.0.7
type API struct {
Client *http.Client
TargetURL *url.URL
// contains filtered or unexported fields
}
API is a client to the UAA API.
func New ¶ added in v0.2.0
func New(target string, authOpt AuthenticationOption, opts ...Option) (*API, error)
func (*API) ActivateUser ¶ added in v0.0.7
ActivateUser activates the user with the given user ID http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#patch.
func (*API) AddGroupMember ¶ added in v0.0.8
func (a *API) AddGroupMember(groupID string, memberID string, entityType string, origin string) error
AddGroupMember adds the entity with the given memberID to the group with the given ID. If no entityType is supplied, the entityType (which can be "USER" or "GROUP") will be "USER". If no origin is supplied, the origin will be "uaa".
func (*API) ChangeClientSecret ¶ added in v0.0.8
ChangeClientSecret updates the secret with the given value for the client with the given id http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#change-secret.
func (*API) CreateClient ¶ added in v0.0.8
CreateClient creates the given client.
func (*API) CreateGroup ¶ added in v0.0.8
CreateGroup creates the given group.
func (*API) CreateIdentityZone ¶ added in v0.0.9
func (a *API) CreateIdentityZone(identityzone IdentityZone) (*IdentityZone, error)
CreateIdentityZone creates the given identityzone.
func (*API) CreateMFAProvider ¶ added in v0.0.10
func (a *API) CreateMFAProvider(mfaprovider MFAProvider) (*MFAProvider, error)
CreateMFAProvider creates the given mfaprovider.
func (*API) CreateUser ¶ added in v0.0.7
CreateUser creates the given user.
func (*API) Curl ¶ added in v0.0.8
func (a *API) Curl(path string, method string, data string, headers []string) (string, string, int, error)
Curl makes a request to the UAA API with the given path, method, data, and headers.
func (*API) DeactivateUser ¶ added in v0.0.7
DeactivateUser deactivates the user with the given user ID http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#patch.
func (*API) DeleteClient ¶ added in v0.0.8
DeleteClient deletes the client with the given client ID.
func (*API) DeleteGroup ¶ added in v0.0.8
DeleteGroup deletes the group with the given group ID.
func (*API) DeleteIdentityZone ¶ added in v0.0.9
func (a *API) DeleteIdentityZone(identityzoneID string) (*IdentityZone, error)
DeleteIdentityZone deletes the identityzone with the given identityzone ID.
func (*API) DeleteMFAProvider ¶ added in v0.0.10
func (a *API) DeleteMFAProvider(mfaproviderID string) (*MFAProvider, error)
DeleteMFAProvider deletes the mfaprovider with the given mfaprovider ID.
func (*API) DeleteUser ¶ added in v0.0.7
DeleteUser deletes the user with the given user ID.
func (*API) GetGroupByName ¶ added in v0.0.8
GetGroupByName gets the group with the given name http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#list-4.
func (*API) GetIdentityZone ¶ added in v0.0.9
func (a *API) GetIdentityZone(identityzoneID string) (*IdentityZone, error)
GetIdentityZone with the given identityzoneID.
func (*API) GetInfo ¶ added in v0.0.7
GetInfo gets server information http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#server-information-2.
func (*API) GetMFAProvider ¶ added in v0.0.10
func (a *API) GetMFAProvider(mfaproviderID string) (*MFAProvider, error)
GetMFAProvider with the given mfaproviderID.
func (*API) GetUserByUsername ¶ added in v0.0.7
GetUserByUsername gets the user with the given username http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#list-with-attribute-filtering.
func (*API) IsHealthy ¶ added in v0.0.8
IsHealthy returns true if the UAA is healthy, false if it is unhealthy, and an error if there is an issue making a request to the /healthz endpoint.
func (*API) ListAllClients ¶ added in v0.0.8
ListAllClients retrieves UAA clients
func (*API) ListAllGroupMappings ¶ added in v0.2.0
func (a *API) ListAllGroupMappings(origin string) ([]GroupMapping, error)
ListAllGroups retrieves UAA groups
func (*API) ListAllGroups ¶ added in v0.0.8
func (a *API) ListAllGroups(filter string, sortBy string, attributes string, sortOrder SortOrder) ([]Group, error)
ListAllGroups retrieves UAA groups
func (*API) ListAllUsers ¶ added in v0.0.7
func (a *API) ListAllUsers(filter string, sortBy string, attributes string, sortOrder SortOrder) ([]User, error)
ListAllUsers retrieves UAA users
func (*API) ListClients ¶ added in v0.0.8
func (a *API) ListClients(filter string, sortBy string, sortOrder SortOrder, startIndex int, itemsPerPage int) ([]Client, Page, error)
ListClients with the given filter, sortBy, attributes, sortOrder, startIndex (1-based), and count (default 100). If successful, ListClients returns the clients and the total itemsPerPage of clients for all pages. If unsuccessful, ListClients returns the error.
func (*API) ListGroupMappings ¶ added in v0.2.0
func (*API) ListGroups ¶ added in v0.0.8
func (a *API) ListGroups(filter string, sortBy string, attributes string, sortOrder SortOrder, startIndex int, itemsPerPage int) ([]Group, Page, error)
ListGroups with the given filter, sortBy, attributes, sortOrder, startIndex (1-based), and count (default 100). If successful, ListGroups returns the groups and the total itemsPerPage of groups for all pages. If unsuccessful, ListGroups returns the error.
func (*API) ListIdentityZones ¶ added in v0.0.9
func (a *API) ListIdentityZones() ([]IdentityZone, error)
ListIdentityZones fetches all of the IdentityZone records. If successful, ListIdentityZones returns the identityzones If unsuccessful, ListIdentityZones returns the error.
func (*API) ListMFAProviders ¶ added in v0.0.10
func (a *API) ListMFAProviders() ([]MFAProvider, error)
ListMFAProviders fetches all of the MFAProvider records. If successful, ListMFAProviders returns the mfaproviders If unsuccessful, ListMFAProviders returns the error.
func (*API) ListUsers ¶ added in v0.0.7
func (a *API) ListUsers(filter string, sortBy string, attributes string, sortOrder SortOrder, startIndex int, itemsPerPage int) ([]User, Page, error)
ListUsers with the given filter, sortBy, attributes, sortOrder, startIndex (1-based), and count (default 100). If successful, ListUsers returns the users and the total itemsPerPage of users for all pages. If unsuccessful, ListUsers returns the error.
func (*API) RemoveGroupMember ¶ added in v0.0.10
func (a *API) RemoveGroupMember(groupID string, memberID string, entityType string, origin string) error
RemoveGroupMember removes the entity with the given memberID from the group with the given ID. If no entityType is supplied, the entityType (which can be "USER" or "GROUP") will be "USER". If no origin is supplied, the origin will be "uaa".
func (*API) TokenKey ¶ added in v0.0.8
TokenKey retrieves a JWK from the token_key endpoint (http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#token-key-s).
func (*API) TokenKeys ¶ added in v0.0.8
TokenKeys gets the JSON Web Token signing keys for the UAA server.
func (*API) UnmapGroup ¶ added in v0.2.0
func (*API) UpdateClient ¶ added in v0.0.8
UpdateClient updates the given client.
func (*API) UpdateGroup ¶ added in v0.0.8
UpdateGroup updates the given group.
func (*API) UpdateIdentityZone ¶ added in v0.0.9
func (a *API) UpdateIdentityZone(identityzone IdentityZone) (*IdentityZone, error)
UpdateIdentityZone updates the given identityzone.
func (*API) UpdateMFAProvider ¶ added in v0.0.10
func (a *API) UpdateMFAProvider(mfaprovider MFAProvider) (*MFAProvider, error)
UpdateMFAProvider updates the given mfaprovider.
type Approval ¶
type Approval struct {
UserID string `json:"userId,omitempty"`
ClientID string `json:"clientId,omitempty"`
Scope string `json:"scope,omitempty"`
Status string `json:"status,omitempty"`
LastUpdatedAt string `json:"lastUpdatedAt,omitempty"`
ExpiresAt string `json:"expiresAt,omitempty"`
}
Approval is a record of the user's explicit approval or rejection for an application's request for delegated permissions.
type AuthenticationOption ¶ added in v0.3.0
type AuthenticationOption interface {
ApplyAuthentication(a *API)
}
func WithAuthorizationCode ¶ added in v0.3.0
func WithAuthorizationCode(clientID string, clientSecret string, authorizationCode string, tokenFormat TokenFormat, redirectURL *url.URL) AuthenticationOption
func WithClientCredentials ¶ added in v0.3.0
func WithClientCredentials(clientID string, clientSecret string, tokenFormat TokenFormat) AuthenticationOption
func WithNoAuthentication ¶ added in v0.3.0
func WithNoAuthentication() AuthenticationOption
func WithPasswordCredentials ¶ added in v0.3.0
func WithPasswordCredentials(clientID string, clientSecret string, username string, password string, tokenFormat TokenFormat) AuthenticationOption
func WithRefreshToken ¶ added in v0.3.0
func WithRefreshToken(clientID string, clientSecret string, refreshToken string, tokenFormat TokenFormat) AuthenticationOption
func WithToken ¶ added in v0.3.0
func WithToken(token *oauth2.Token) AuthenticationOption
type Branding ¶ added in v0.0.9
type Branding struct {
CompanyName string `json:"companyName,omitempty"`
ProductLogo string `json:"productLogo,omitempty"`
SquareLogo string `json:"squareLogo,omitempty"`
}
Branding is the branding for a UAA identity zone.
type CORSPolicy ¶ added in v0.0.9
type CORSPolicy struct {
XHRConfiguration struct {
AllowedOrigins []string `json:"allowedOrigins,omitempty"`
AllowedOriginPatterns []interface{} `json:"allowedOriginPatterns,omitempty"`
AllowedURIs []string `json:"allowedUris,omitempty"`
AllowedURIPatterns []interface{} `json:"allowedUriPatterns,omitempty"`
AllowedHeaders []string `json:"allowedHeaders,omitempty"`
AllowedMethods []string `json:"allowedMethods,omitempty"`
AllowedCredentials bool `json:"allowedCredentials,omitempty"`
MaxAge int `json:"maxAge,omitempty"`
} `json:"xhrConfiguration,omitempty"`
DefaultConfiguration struct {
AllowedOrigins []string `json:"allowedOrigins,omitempty"`
AllowedOriginPatterns []interface{} `json:"allowedOriginPatterns,omitempty"`
AllowedURIs []string `json:"allowedUris,omitempty"`
AllowedURIPatterns []interface{} `json:"allowedUriPatterns,omitempty"`
AllowedHeaders []string `json:"allowedHeaders,omitempty"`
AllowedMethods []string `json:"allowedMethods,omitempty"`
AllowedCredentials bool `json:"allowedCredentials,omitempty"`
MaxAge int `json:"maxAge,omitempty"`
} `json:"defaultConfiguration,omitempty"`
}
CORSPolicy is an identity zone CORSPolicy.
type Client ¶ added in v0.0.2
type Client struct {
ClientID string `json:"client_id,omitempty" generator:"id"`
AuthorizedGrantTypes []string `json:"authorized_grant_types,omitempty"`
RedirectURI []string `json:"redirect_uri,omitempty"`
Scope []string `json:"scope,omitempty"`
ResourceIDs []string `json:"resource_ids,omitempty"`
Authorities []string `json:"authorities,omitempty"`
AutoApproveRaw interface{} `json:"autoapprove,omitempty"`
AccessTokenValidity int64 `json:"access_token_validity,omitempty"`
RefreshTokenValidity int64 `json:"refresh_token_validity,omitempty"`
AllowedProviders []string `json:"allowedproviders,omitempty"`
DisplayName string `json:"name,omitempty"`
TokenSalt string `json:"token_salt,omitempty"`
CreatedWith string `json:"createdwith,omitempty"`
ApprovalsDeleted bool `json:"approvals_deleted,omitempty"`
RequiredUserGroups []string `json:"required_user_groups,omitempty"`
ClientSecret string `json:"client_secret,omitempty"`
LastModified int64 `json:"lastModified,omitempty"`
AllowPublic bool `json:"allowpublic,omitempty"`
}
Client is a UAA client http://docs.cloudfoundry.org/api/uaa/version/4.19.0/index.html#clients.
func (Client) AutoApprove ¶ added in v0.0.10
func (Client) Identifier ¶ added in v0.0.10
Identifier returns the field used to uniquely identify a Client.
type ClientSecretPolicy ¶ added in v0.0.9
type ClientSecretPolicy struct {
MinLength int `json:"minLength,omitempty"`
MaxLength int `json:"maxLength,omitempty"`
RequireUpperCaseCharacter int `json:"requireUpperCaseCharacter,omitempty"`
RequireLowerCaseCharacter int `json:"requireLowerCaseCharacter,omitempty"`
RequireDigit int `json:"requireDigit,omitempty"`
RequireSpecialCharacter int `json:"requireSpecialCharacter,omitempty"`
}
ClientSecretPolicy is an identity zone client secret policy.
type Email ¶ added in v0.0.2
type Email struct {
Value string `json:"value,omitempty"`
Primary *bool `json:"primary,omitempty"`
}
Email is an email address.
type Group ¶ added in v0.0.2
type Group struct {
ID string `json:"id,omitempty"`
Meta *Meta `json:"meta,omitempty"`
DisplayName string `json:"displayName,omitempty"`
ZoneID string `json:"zoneId,omitempty"`
Description string `json:"description,omitempty"`
Members []GroupMember `json:"members,omitempty"`
Schemas []string `json:"schemas,omitempty"`
}
Group is a container for users and groups.
func (Group) Identifier ¶ added in v0.0.10
Identifier returns the field used to uniquely identify a Group.
type GroupMapping ¶ added in v0.2.0
type GroupMapping struct {
GroupID string `json:"groupId,omitempty"`
DisplayName string `json:"displayName,omitempty"`
ExternalGroup string `json:"externalGroup,omitempty"`
Origin string `json:"origin,omitempty"`
Meta *Meta `json:"meta,omitempty"`
Schemas []string `json:"schemas,omitempty"`
}
GroupMapping is a container for external group mapping
type GroupMember ¶ added in v0.0.2
type GroupMember struct {
Origin string `json:"origin,omitempty"`
Type string `json:"type,omitempty"`
Value string `json:"value,omitempty"`
}
GroupMember is a user or a group.
type IdentityZone ¶ added in v0.0.9
type IdentityZone struct {
ID string `json:"id,omitempty"`
Subdomain string `json:"subdomain"`
Config IdentityZoneConfig `json:"config"`
Name string `json:"name"`
Version int `json:"version,omitempty"`
Description string `json:"description,omitempty"`
Created int `json:"created,omitempty"`
LastModified int `json:"last_modified,omitempty"`
}
IdentityZone is a UAA identity zone. http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#identity-zones
func (IdentityZone) Identifier ¶ added in v0.0.10
func (iz IdentityZone) Identifier() string
Identifier returns the field used to uniquely identify an IdentityZone.
type IdentityZoneConfig ¶ added in v0.0.9
type IdentityZoneConfig struct {
ClientSecretPolicy *ClientSecretPolicy `json:"clientSecretPolicy,omitempty"`
TokenPolicy *TokenPolicy `json:"tokenPolicy,omitempty"`
SAMLConfig *SAMLConfig `json:"samlConfig,omitempty"`
CORSPolicy *CORSPolicy `json:"corsPolicy,omitempty"`
Links *IdentityZoneLinks `json:"links,omitempty"`
Prompts []Prompt `json:"prompts,omitempty"`
IDPDiscoveryEnabled *bool `json:"idpDiscoveryEnabled,omitempty"`
Branding *Branding `json:"branding,omitempty"`
AccountChooserEnabled *bool `json:"accountChooserEnabled,omitempty"`
UserConfig *IdentityZoneUserConfig `json:"userConfig,omitempty"`
MFAConfig *IdentityZoneMFAConfig `json:"mfaConfig,omitempty"`
}
IdentityZoneConfig is the configuration for an identity zone.
type IdentityZoneLinks ¶ added in v0.0.9
type IdentityZoneLinks struct {
Logout struct {
RedirectURL string `json:"redirectUrl,omitempty"`
RedirectParameterName string `json:"redirectParameterName,omitempty"`
DisableRedirectParameter bool `json:"disableRedirectParameter,omitempty"`
Whitelist []string `json:"whitelist,omitempty"`
} `json:"logout,omitempty"`
HomeRedirect string `json:"homeRedirect,omitempty"`
SelfService struct {
SelfServiceLinksEnabled bool `json:"selfServiceLinksEnabled,omitempty"`
Signup string `json:"signup,omitempty"`
Passwd string `json:"passwd,omitempty"`
} `json:"selfService,omitempty"`
}
IdentityZoneLinks is an identity zone link.
type IdentityZoneMFAConfig ¶ added in v0.0.9
type IdentityZoneMFAConfig struct {
Enabled *bool `json:"enabled,omitempty"`
ProviderName string `json:"providerName,omitempty"`
}
IdentityZoneMFAConfig is the MFA configuration for an identity zone.
type IdentityZoneUserConfig ¶ added in v0.0.9
type IdentityZoneUserConfig struct {
DefaultGroups []string `json:"defaultGroups,omitempty"`
}
IdentityZoneUserConfig is the user configuration for an identity zone.
type Info ¶
type Info struct {
App uaaApp `json:"app"`
Links uaaLinks `json:"links"`
Prompts map[string][]string `json:"prompts"`
ZoneName string `json:"zone_name"`
EntityID string `json:"entityID"`
CommitID string `json:"commit_id"`
Timestamp string `json:"timestamp"`
IdpDefinitions map[string]string `json:"idpDefinitions"`
}
Info is information about the UAA server.
type JWK ¶
type JWK struct {
Kty string `json:"kty"`
E string `json:"e,omitempty"`
Use string `json:"use"`
Kid string `json:"kid"`
Alg string `json:"alg"`
Value string `json:"value"`
N string `json:"n,omitempty"`
}
JWK represents a JSON Web Key (https://tools.ietf.org/html/rfc7517).
type MFAProvider ¶ added in v0.0.10
type MFAProvider struct {
ID string `json:"id,omitempty"`
Name string `json:"name"`
IdentityZoneID string `json:"identityZoneId,omitempty"`
Config MFAProviderConfig `json:"config"`
Type string `json:"type"`
Created int `json:"created,omitempty"`
LastModified int `json:"last_modified,omitempty"`
}
MFAProvider is a UAA MFA provider http://docs.cloudfoundry.org/api/uaa/version/4.19.0/index.html#get-2
func (MFAProvider) Identifier ¶ added in v0.0.10
func (m MFAProvider) Identifier() string
Identifier returns the field used to uniquely identify a MFAProvider.
type MFAProviderConfig ¶ added in v0.0.10
type MFAProviderConfig struct {
Issuer string `json:"issuer,omitempty"`
ProviderDescription string `json:"providerDescription,omitempty"`
}
MFAProviderConfig is configuration for an MFA provider
type Meta ¶ added in v0.0.2
type Meta struct {
Version int `json:"version,omitempty"`
Created string `json:"created,omitempty"`
LastModified string `json:"lastModified,omitempty"`
}
Meta describes the version and timestamps for a resource.
type OpenIDConfig ¶ added in v0.3.2
type OpenIDConfig struct {
Issuer string `json:"issuer"`
}
type Option ¶ added in v0.3.0
type Option interface {
Apply(a *API)
}
func WithClient ¶ added in v0.3.0
func WithSkipSSLValidation ¶ added in v0.3.0
func WithTransport ¶ added in v0.3.1
func WithTransport(transport http.RoundTripper) Option
func WithUserAgent ¶ added in v0.3.0
func WithVerbosity ¶ added in v0.3.0
func WithZoneID ¶ added in v0.3.0
type Page ¶ added in v0.0.7
type Page struct {
StartIndex int `json:"startIndex"`
ItemsPerPage int `json:"itemsPerPage"`
TotalResults int `json:"totalResults"`
}
Page represents a page of information returned from the UAA API.
type PhoneNumber ¶
type PhoneNumber struct {
Value string `json:"value"`
}
PhoneNumber is a phone number for a user.
type Prompt ¶ added in v0.0.9
type Prompt struct {
Name string `json:"name,omitempty"`
Type string `json:"type,omitempty"`
Text string `json:"text,omitempty"`
}
Prompt is a UAA prompt.
type RequestError ¶ added in v0.2.5
func (RequestError) Error ¶ added in v0.2.5
func (r RequestError) Error() string
type SAMLConfig ¶ added in v0.0.9
type SAMLConfig struct {
AssertionSigned bool `json:"assertionSigned,omitempty"`
RequestSigned bool `json:"requestSigned,omitempty"`
WantAssertionSigned bool `json:"wantAssertionSigned,omitempty"`
WantAuthnRequestSigned bool `json:"wantAuthnRequestSigned,omitempty"`
AssertionTimeToLiveSeconds int `json:"assertionTimeToLiveSeconds,omitempty"`
ActiveKeyID string `json:"activeKeyId,omitempty"`
Keys map[string]SAMLKey `json:"keys,omitempty"`
DisableInResponseToCheck bool `json:"disableInResponseToCheck,omitempty"`
}
SAMLConfig is an identity zone SAMLConfig.
type SAMLKey ¶ added in v0.0.9
type SAMLKey struct {
Key string `json:"key,omitempty"`
Passphrase string `json:"passphrase,omitempty"`
Certificate string `json:"certificate,omitempty"`
}
SAMLKey is an identity zone SAML key.
type SortOrder ¶ added in v0.0.2
type SortOrder string
SortOrder defines the sort order when listing users or groups.
type TokenFormat ¶
type TokenFormat int
TokenFormat is the format of a token.
const ( OpaqueToken TokenFormat = iota JSONWebToken )
Valid TokenFormat values.
func (TokenFormat) String ¶ added in v0.0.7
func (t TokenFormat) String() string
type TokenPolicy ¶ added in v0.0.9
type TokenPolicy struct {
AccessTokenValidity int `json:"accessTokenValidity,omitempty"`
RefreshTokenValidity int `json:"refreshTokenValidity,omitempty"`
JWTRevocable bool `json:"jwtRevocable,omitempty"`
RefreshTokenUnique bool `json:"refreshTokenUnique,omitempty"`
RefreshTokenFormat string `json:"refreshTokenFormat,omitempty"`
ActiveKeyID string `json:"activeKeyId,omitempty"`
}
TokenPolicy is an identity zone token policy.
type User ¶ added in v0.0.2
type User struct {
ID string `json:"id,omitempty"`
Password string `json:"password,omitempty"`
ExternalID string `json:"externalId,omitempty"`
Meta *Meta `json:"meta,omitempty"`
Username string `json:"userName,omitempty"`
Name *UserName `json:"name,omitempty"`
Emails []Email `json:"emails,omitempty"`
Groups []UserGroup `json:"groups,omitempty"`
Approvals []Approval `json:"approvals,omitempty"`
PhoneNumbers []PhoneNumber `json:"phoneNumbers,omitempty"`
Active *bool `json:"active,omitempty"`
Verified *bool `json:"verified,omitempty"`
Origin string `json:"origin,omitempty"`
ZoneID string `json:"zoneId,omitempty"`
PasswordLastModified string `json:"passwordLastModified,omitempty"`
PreviousLogonTime int `json:"previousLogonTime,omitempty"`
LastLogonTime int `json:"lastLogonTime,omitempty"`
Schemas []string `json:"schemas,omitempty"`
}
User is a UAA user http://docs.cloudfoundry.org/api/uaa/version/4.14.0/index.html#get-3.
func (User) Identifier ¶ added in v0.0.10
Identifier returns the field used to uniquely identify a User.
type UserGroup ¶ added in v0.0.2
type UserGroup struct {
Value string `json:"value,omitempty"`
Display string `json:"display,omitempty"`
Type string `json:"type,omitempty"`
}
UserGroup is a group that a user belongs to.
type UserInfo ¶ added in v0.0.2
type UserInfo struct {
UserID string `json:"user_id"`
Sub string `json:"sub"`
Username string `json:"user_name"`
GivenName string `json:"given_name"`
FamilyName string `json:"family_name"`
Email string `json:"email"`
PhoneNumber string `json:"phone_number"`
PreviousLoginTime int64 `json:"previous_logon_time"`
Name string `json:"name"`
}
UserInfo is a protected resource required for OpenID Connect compatibility. The response format is defined here: https://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse.
Source Files
¶
- api.go
- clients.go
- contains.go
- curl.go
- generated_client.go
- generated_group.go
- generated_identityzone.go
- generated_mfaprovider.go
- generated_user.go
- groups.go
- health.go
- identity_zones.go
- info.go
- issuer.go
- me.go
- mfa_provider.go
- page.go
- request_errors.go
- roundtrip.go
- sort.go
- token_key.go
- token_keys.go
- uaa_transport.go
- url.go
- users.go
Directories
¶
| Path | Synopsis |
|---|---|
|
Package passwordcredentials implements the OAuth2.0 "password credentials" token flow.
|
Package passwordcredentials implements the OAuth2.0 "password credentials" token flow. |