tokens

package
v1.0.26 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2021 License: Apache-2.0 Imports: 3 Imported by: 0

Documentation

Overview

Package tokens provides information and interaction with the token API resource for the OpenStack Identity service.

For more information, see: http://developer.openstack.org/api-ref-identity-v3.html#tokens-v3

Example to Create a Token From a Username and Password 

authOptions := tokens.AuthOptions{
	UserID:   "username",
	Password: "password",
}

token, err := tokens.Create(identityClient, authOptions).ExtractToken()
if err != nil {
	panic(err)
}

Example to Create a Token From a Username, Password, and Domain 

authOptions := tokens.AuthOptions{
	UserID:   "username",
	Password: "password",
	DomainID: "default",
}

token, err := tokens.Create(identityClient, authOptions).ExtractToken()
if err != nil {
	panic(err)
}

authOptions = tokens.AuthOptions{
	UserID:     "username",
	Password:   "password",
	DomainName: "default",
}

token, err = tokens.Create(identityClient, authOptions).ExtractToken()
if err != nil {
	panic(err)
}

Example to Create a Token From a Token 

authOptions := tokens.AuthOptions{
	TokenID: "token_id",
}

token, err := tokens.Create(identityClient, authOptions).ExtractToken()
if err != nil {
	panic(err)
}

Example to Create a Token from a Username and Password with Project ID Scope 

scope := tokens.Scope{
	ProjectID: "0fe36e73809d46aeae6705c39077b1b3",
}

authOptions := tokens.AuthOptions{
	Scope:    &scope,
	UserID:   "username",
	Password: "password",
}

token, err = tokens.Create(identityClient, authOptions).ExtractToken()
if err != nil {
	panic(err)
}

Example to Create a Token from a Username and Password with Domain ID Scope 

scope := tokens.Scope{
	DomainID: "default",
}

authOptions := tokens.AuthOptions{
	Scope:    &scope,
	UserID:   "username",
	Password: "password",
}

token, err = tokens.Create(identityClient, authOptions).ExtractToken()
if err != nil {
	panic(err)
}

Example to Create a Token from a Username and Password with Project Name Scope 

scope := tokens.Scope{
	ProjectName: "project_name",
	DomainID:    "default",
}

authOptions := tokens.AuthOptions{
	Scope:    &scope,
	UserID:   "username",
	Password: "password",
}

token, err = tokens.Create(identityClient, authOptions).ExtractToken()
if err != nil {
	panic(err)
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Validate 

func Validate(c *gophercloud.ServiceClient, token string) (bool, error)

Validate determines if a specified token is valid or not.

Types

type AgencyTokenBody added in v1.0.25 

type AgencyTokenBody struct {
	AssumedBy    *AssumeBy      `json:"assumed_by",omitempty`
	CatalogEntry []CatalogEntry `json:"catalog"`
	Domain       *Domain        `json:"domain",omitempty`
	ExpiresAt    time.Time      `json:"expires_at"`
	IssuedAt     time.Time      `json:"issued_at"`
	Methods      []string       `json:"methods"`
	Project      *Project       `json:"project",omitempty`
	Roles        []Role         `json:"roles"`
	User         *User          `json:"user",omitempty`
}

type AgencyTokenOptions added in v1.0.25 

type AgencyTokenOptions struct {
	Auth AuthReq `json:"auth,omitempty"`
}

func (*AgencyTokenOptions) ToTokenV3AgencyCreateMap added in v1.0.25 

func (agencyTokenOptions *AgencyTokenOptions) ToTokenV3AgencyCreateMap() (map[string]interface{}, error)

type AssumeBy added in v1.0.25 

type AssumeBy struct {
	User User `json:"user"`
}

type AssumeRoleReq added in v1.0.25 

type AssumeRoleReq struct {
	DomainID   string `json:"domain_id,omitempty"`
	DomainName string `json:"domain_name,omitempty"`
	XroleName  string `json:"xrole_name,omitempty"`
}

type AuthOptionAgencytBuilder added in v1.0.25 

type AuthOptionAgencytBuilder interface {
	ToTokenV3AgencyCreateMap() (map[string]interface{}, error)
}

type AuthOptionPwdtBuilder added in v1.0.25 

type AuthOptionPwdtBuilder interface {
	ToTokenV3PwdCreateMap() (map[string]interface{}, error)
}

type AuthOptionsBuilder 

type AuthOptionsBuilder interface {
	// ToTokenV3CreateMap assembles the Create request body, returning an error
	// if parameters are missing or inconsistent.
	ToTokenV3CreateMap(map[string]interface{}) (map[string]interface{}, error)
	ToTokenV3ScopeMap() (map[string]interface{}, error)
	CanReauth() bool
}

AuthOptionsBuilder provides the ability for extensions to add additional parameters to TokenOptions. Extensions must satisfy all required methods.

type AuthReq added in v1.0.25 

type AuthReq struct {
	Identity *IdentityReq `json:"identity,omitempty"`
	Scope    *ScopeReq    `json:"scope,omitempty"`
}

type CatalogEntry 

type CatalogEntry struct {
	// Service ID
	ID string `json:"id"`

	// Name will contain the provider-specified name for the service.
	Name string `json:"name"`

	// Type will contain a type string if OpenStack defines a type for the
	// service. Otherwise, for provider-specific services, the provider may
	// assign their own type strings.
	Type string `json:"type"`

	// Endpoints will let the caller iterate over all the different endpoints that
	// may exist for the service.
	Endpoints []Endpoint `json:"endpoints"`
}

CatalogEntry provides a type-safe interface to an Identity API V3 service catalog listing. Each class of service, such as cloud DNS or block storage services, could have multiple CatalogEntry representing it (one by interface type, e.g public, admin or internal).

Note: when looking for the desired service, try, whenever possible, to key off the type field. Otherwise, you'll tie the representation of the service to a specific provider.

type CreateResult 

type CreateResult struct {
	// contains filtered or unexported fields
}

CreateResult is the response from a Create request. Use ExtractToken() to interpret it as a Token, or ExtractServiceCatalog() to interpret it as a service catalog.

func Create 

func Create(c *gophercloud.ServiceClient, opts AuthOptionsBuilder) (r CreateResult)

Create authenticates and either generates a new token, or changes the Scope of an existing token.

func CreateTokenByAgency added in v1.0.25 

func CreateTokenByAgency(c *gophercloud.ServiceClient, opts AgencyTokenOptions, nocatalog string) (r CreateResult)

func CreateTokenByPassword added in v1.0.25 

func CreateTokenByPassword(c *gophercloud.ServiceClient, opts PwdTokenOptions, nocatalog string) (r CreateResult)

func (CreateResult) Extract 

func (r CreateResult) Extract() (*Token, error)

Extract is a shortcut for ExtractToken. This function is deprecated and still present for backward compatibility.

func (CreateResult) ExtractAgencyTokenBody added in v1.0.25 

func (r CreateResult) ExtractAgencyTokenBody() (*AgencyTokenBody, error)

func (CreateResult) ExtractInto 

func (r CreateResult) ExtractInto(v interface{}) error

func (CreateResult) ExtractProject 

func (r CreateResult) ExtractProject() (*Project, error)

ExtractProject returns Project to which User is authorized.

func (CreateResult) ExtractRoles 

func (r CreateResult) ExtractRoles() ([]Role, error)

ExtractRoles returns Roles to which User is authorized.

func (CreateResult) ExtractServiceCatalog 

func (r CreateResult) ExtractServiceCatalog() (*ServiceCatalog, error)

ExtractServiceCatalog returns the ServiceCatalog that was generated along with the user's Token.

func (CreateResult) ExtractToken 

func (r CreateResult) ExtractToken() (*Token, error)

ExtractToken interprets a commonResult as a Token.

func (CreateResult) ExtractTokenBody added in v1.0.25 

func (r CreateResult) ExtractTokenBody() (*TokenBody, error)

func (CreateResult) ExtractUser 

func (r CreateResult) ExtractUser() (*User, error)

ExtractUser returns the User that is the owner of the Token.

type Domain 

type Domain struct {
	ID   string `json:"id"`
	Name string `json:"name"`
}

Domain provides information about the domain to which this token grants access.

type DomainReq added in v1.0.25 

type DomainReq struct {
	ID   string `json:"id,omitempty"`
	Name string `json:"name,omitempty"`
}

type Endpoint 

type Endpoint struct {
	ID        string `json:"id"`
	Region    string `json:"region"`
	Interface string `json:"interface"`
	URL       string `json:"url"`
	RegionId  string `json:"region_id"`
}

Endpoint represents a single API endpoint offered by a service. It matches either a public, internal or admin URL. If supported, it contains a region specifier, again if provided. The significance of the Region field will depend upon your provider.

type GetResult 

type GetResult struct {
	// contains filtered or unexported fields
}

GetResult is the response from a Get request. Use ExtractToken() to interpret it as a Token, or ExtractServiceCatalog() to interpret it as a service catalog.

func Get 

func Get(c *gophercloud.ServiceClient, token string) (r GetResult)

Get validates and retrieves information about another token.

func ValidateToken added in v1.0.25 

func ValidateToken(c *gophercloud.ServiceClient, token string, nocatalog string) (r GetResult)

func (GetResult) Extract 

func (r GetResult) Extract() (*Token, error)

Extract is a shortcut for ExtractToken. This function is deprecated and still present for backward compatibility.

func (GetResult) ExtractAgencyTokenBody added in v1.0.25 

func (r GetResult) ExtractAgencyTokenBody() (*AgencyTokenBody, error)

func (GetResult) ExtractInto 

func (r GetResult) ExtractInto(v interface{}) error

func (GetResult) ExtractProject 

func (r GetResult) ExtractProject() (*Project, error)

ExtractProject returns Project to which User is authorized.

func (GetResult) ExtractRoles 

func (r GetResult) ExtractRoles() ([]Role, error)

ExtractRoles returns Roles to which User is authorized.

func (GetResult) ExtractServiceCatalog 

func (r GetResult) ExtractServiceCatalog() (*ServiceCatalog, error)

ExtractServiceCatalog returns the ServiceCatalog that was generated along with the user's Token.

func (GetResult) ExtractToken 

func (r GetResult) ExtractToken() (*Token, error)

ExtractToken interprets a commonResult as a Token.

func (GetResult) ExtractTokenBody added in v1.0.25 

func (r GetResult) ExtractTokenBody() (*TokenBody, error)

func (GetResult) ExtractUser 

func (r GetResult) ExtractUser() (*User, error)

ExtractUser returns the User that is the owner of the Token.

type IdentityReq added in v1.0.25 

type IdentityReq struct {
	Methods    []string       `json:"methods,omitempty"`
	Password   *PasswordReq   `json:"password,omitempty"`
	Totp       *TotpReq       `json:"totp,omitempty"`
	AssumeRole *AssumeRoleReq `json:"assume_role",omitempty`
}

type PasswordReq added in v1.0.25 

type PasswordReq struct {
	User UserReq `json:"user,omitempty"`
}

type Project 

type Project struct {
	Domain Domain `json:"domain"`
	ID     string `json:"id"`
	Name   string `json:"name"`
}

Project provides information about project to which User is authorized.

type ProjectReq added in v1.0.25 

type ProjectReq struct {
	ID   string `json:"id,omitempty"`
	Name string `json:"name,omitempty"`
}

type PwdTokenOptions added in v1.0.25 

type PwdTokenOptions struct {
	Auth *AuthReq `json:"auth,omitempty"`
}

func (*PwdTokenOptions) ToTokenV3PwdCreateMap added in v1.0.25 

func (pwdTokenOpts *PwdTokenOptions) ToTokenV3PwdCreateMap() (map[string]interface{}, error)

type RevokeResult 

type RevokeResult struct {
	// contains filtered or unexported fields
}

RevokeResult is response from a Revoke request.

func Revoke 

func Revoke(c *gophercloud.ServiceClient, token string) (r RevokeResult)

Revoke immediately makes specified token invalid.

func (RevokeResult) Extract 

func (r RevokeResult) Extract() (*Token, error)

Extract is a shortcut for ExtractToken. This function is deprecated and still present for backward compatibility.

func (RevokeResult) ExtractAgencyTokenBody added in v1.0.25 

func (r RevokeResult) ExtractAgencyTokenBody() (*AgencyTokenBody, error)

func (RevokeResult) ExtractInto 

func (r RevokeResult) ExtractInto(v interface{}) error

func (RevokeResult) ExtractProject 

func (r RevokeResult) ExtractProject() (*Project, error)

ExtractProject returns Project to which User is authorized.

func (RevokeResult) ExtractRoles 

func (r RevokeResult) ExtractRoles() ([]Role, error)

ExtractRoles returns Roles to which User is authorized.

func (RevokeResult) ExtractServiceCatalog 

func (r RevokeResult) ExtractServiceCatalog() (*ServiceCatalog, error)

ExtractServiceCatalog returns the ServiceCatalog that was generated along with the user's Token.

func (RevokeResult) ExtractToken 

func (r RevokeResult) ExtractToken() (*Token, error)

ExtractToken interprets a commonResult as a Token.

func (RevokeResult) ExtractTokenBody added in v1.0.25 

func (r RevokeResult) ExtractTokenBody() (*TokenBody, error)

func (RevokeResult) ExtractUser 

func (r RevokeResult) ExtractUser() (*User, error)

ExtractUser returns the User that is the owner of the Token.

type Role 

type Role struct {
	ID   string `json:"id"`
	Name string `json:"name"`
}

Role provides information about roles to which User is authorized.

type Scope 

type Scope struct {
	ProjectID   string
	ProjectName string
	DomainID    string
	DomainName  string
}

Scope allows a created token to be limited to a specific domain or project.

type ScopeReq added in v1.0.25 

type ScopeReq struct {
	Domain  *DomainReq  `json:"domain,omitempty"`
	Project *ProjectReq `json:"project,omitempty"`
}

type ServiceCatalog 

type ServiceCatalog struct {
	Entries []CatalogEntry `json:"catalog"`
}

ServiceCatalog provides a view into the service catalog from a previous, successful authentication.

type Token 

type Token struct {
	// ID is the issued token.
	ID string `json:"id"`

	// ExpiresAt is the timestamp at which this token will no longer be accepted.
	ExpiresAt time.Time `json:"expires_at"`
}

Token is a string that grants a user access to a controlled set of services in an OpenStack provider. Each Token is valid for a set length of time.

type TokenBody added in v1.0.25 

type TokenBody struct {
	CatalogEntry []CatalogEntry `json:"catalog"`
	Domain       *Domain        `json:"domain",omitempty`
	ExpiresAt    time.Time      `json:"expires_at"`
	IssuedAt     time.Time      `json:"issued_at"`
	Methods      []string       `json:"methods"`
	Project      *Project       `json:"project",omitempty`
	Roles        []Role         `json:"roles"`
	User         *User          `json:"user",omitempty`
}

type TokenOptions 

type TokenOptions struct {
	// IdentityEndpoint specifies the HTTP endpoint that is required to work with
	// the Identity API of the appropriate version. While it's ultimately needed
	// by all of the identity services, it will often be populated by a
	// provider-level function.
	IdentityEndpoint string `json:"-"`

	// Username is required if using Identity V2 API. Consult with your provider's
	// control panel to discover your account's username. In Identity V3, either
	// UserID or a combination of Username and DomainID or DomainName are needed.
	Username string `json:"username,omitempty"`
	UserID   string `json:"id,omitempty"`

	Password string `json:"password,omitempty"`

	// At most one of DomainID and DomainName must be provided if using Username
	// with Identity V3. Otherwise, either are optional.
	DomainID   string `json:"-"`
	DomainName string `json:"name,omitempty"`

	// AllowReauth should be set to true if you grant permission for Gophercloud
	// to cache your credentials in memory, and to allow Gophercloud to attempt
	// to re-authenticate automatically if/when your token expires.  If you set
	// it to false, it will not cache these settings, but re-authentication will
	// not be possible.  This setting defaults to false.
	AllowReauth bool `json:"-"`

	// TokenID allows users to authenticate (possibly as another user) with an
	// authentication token ID.
	TokenID string `json:"-"`

	Scope Scope `json:"-"`
}

TokenOptions represents options for authenticating a user.

func (*TokenOptions) CanReauth 

func (opts *TokenOptions) CanReauth() bool

func (*TokenOptions) ToTokenV3CreateMap 

func (opts *TokenOptions) ToTokenV3CreateMap(scope map[string]interface{}) (map[string]interface{}, error)

ToTokenV3CreateMap builds a request body from TokenOptions.

func (*TokenOptions) ToTokenV3ScopeMap 

func (opts *TokenOptions) ToTokenV3ScopeMap() (map[string]interface{}, error)

ToTokenV3CreateMap builds a scope request body from TokenOptions.

type TotpReq added in v1.0.25 

type TotpReq struct {
	User UserReq `json:"user,omitempty"`
}

type User 

type User struct {
	Domain            Domain `json:"domain"`
	ID                string `json:"id"`
	Name              string `json:"name"`
	PasswordExpiresAt string `json:"password_expires_at"`
}

User represents a user resource that exists in the Identity Service.

type UserReq added in v1.0.25 

type UserReq struct {
	ID       string    `json:"id,omitempty"`
	Name     string    `json:"name,omitempty"`
	Password string    `json:"password"`
	Domain   DomainReq `json:"domain,omitempty"`
	PassCode string    `json:"passcode"`
}

Source Files

View all Source files

Directories

Path Synopsis
tokens unit tests
 tokens unit tests

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.