Documentation ¶
Index ¶
- type AccessGrantRequest
- type AdminUserService
- type AuthenticationService
- type Client
- func NewConfidentialAdmin(httpClient *http.Client, baseURL string, realm string, hasOfflineAccess bool, ...) *Client
- func NewPublicAdmin(httpClient *http.Client, baseURL string, realm string, hasOfflineAccess bool, ...) *Client
- func NewServiceAccount(httpClient *http.Client, baseURL string, realm string, hasOfflineAccess bool, ...) *Client
- type Credential
- type ErrorResponse
- type FederatedIdentity
- type MultivaluedHashMap
- type OIDCToken
- type Response
- type UMAService
- type User
- type UserConsent
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessGrantRequest ¶
type AccessGrantRequest struct { GrantType string `url:"grant_type"` Scope string `url:"scope,omitempty"` Username string `url:"username,omitempty"` Password string `url:"password,omitempty"` ClientID string `url:"client_id"` ClientSecret string `url:"client_secret,omitempty"` }
AccessGrantRequest represents a request for grant type authentication
type AdminUserService ¶
type AdminUserService service
AdminUserService handles communication with keycloak user management
func (*AdminUserService) GetUserByID ¶
GetUserByID retrieves a user by ID
type AuthenticationService ¶
type AuthenticationService service
AuthenticationService handles communication with Keyloak authentication
func (*AuthenticationService) GetOIDCToken ¶
func (c *AuthenticationService) GetOIDCToken( ctx context.Context, grantReq *AccessGrantRequest, ) (*OIDCToken, *Response, error)
GetOIDCToken authenticates the access grant request
type Client ¶
type Client struct { // Services Authentication *AuthenticationService AdminUser *AdminUserService UMA *UMAService // contains filtered or unexported fields }
Client manages communication to Keycloak
func NewConfidentialAdmin ¶
func NewConfidentialAdmin( httpClient *http.Client, baseURL string, realm string, hasOfflineAccess bool, clientID string, clientSecret string, adminAccount string, adminPass string, ) *Client
NewConfidentialAdmin is targeted at users with elevated privileges who will be using a confidential client to authenticate against.
func NewPublicAdmin ¶
func NewPublicAdmin( httpClient *http.Client, baseURL string, realm string, hasOfflineAccess bool, clientID string, adminAccount string, adminPass string, ) *Client
NewPublicAdmin is targeted at users with elevated privileges who will be using a public client to authenticate against.
func NewServiceAccount ¶
func NewServiceAccount( httpClient *http.Client, baseURL string, realm string, hasOfflineAccess bool, clientID string, clientSecret string, ) *Client
NewServiceAccount is targeted at Service Accounts with elevated privileges
func (Client) AdminAccount ¶
AdminAccount returns the adminAccount value
func (Client) ClientSecret ¶
ClientSecret returns the clientSecret value
type Credential ¶
type Credential struct { Algorithm *string `json:"algorithm,omitempty"` Config *MultivaluedHashMap `json:"config,omitempty"` Counter *int32 `json:"counter,omitempty"` CreatedDate *int64 `json:"createdDate,omitempty"` Device *string `json:"device,omitempty"` Digits *int32 `json:"digits,omitempty"` HashIterations *int32 `json:"hashIterations,omitempty"` HashedSaltedValue *string `json:"hashedSaltedValue,omitempty"` Period *int32 `json:"period,omitempty"` Salt *string `json:"salt,omitempty"` Temporary *bool `json:"temporary,omitempty"` Type *string `json:"type,omitempty"` Value *string `json:"value,omitempty"` }
Credential represents the user's credentials type
type ErrorResponse ¶
ErrorResponse returns the error response from Keycloak
func (*ErrorResponse) Error ¶
func (r *ErrorResponse) Error() string
type FederatedIdentity ¶
type FederatedIdentity struct { IdentityProvider *string `json:"identityProvider,omitempty"` UserID *string `json:"userId,omitempty"` UserName *string `json:"userName,omitempty"` }
FederatedIdentity represents third party signups
type MultivaluedHashMap ¶
type MultivaluedHashMap struct { Empty *bool `json:"empty,omitempty"` LoadFactor *int32 `json:"loadFactor,omitempty"` Threshold *int32 `json:"threshold,omitempty"` }
MultivaluedHashMap ...
type OIDCToken ¶
type OIDCToken struct { AccessToken string `json:"access_token"` ExpiresIn int `json:"expires_in"` RefreshExpiresIn int `json:"refresh_expires_in"` RefreshToken string `json:"refresh_token"` TokenType string `json:"token_type"` NotBeforePolicy int `json:"not_before_policy"` SessionState string `json:"session_state"` Scope string `json:"scope"` }
OIDCToken represents a credential token to access keycloak
type UMAService ¶
type UMAService service
UMAService handles communication with Keycloak UMA
func (*UMAService) GetUMAUser ¶
func (c *UMAService) GetUMAUser( ctx context.Context, token string, v interface{}, ) (interface{}, *Response, error)
GetUMAUser allows user to view their token mappings. The provided interface is returned to be decoded on success.
type User ¶
type User struct { Access *map[string]interface{} `json:"access,omitempty"` Attributes *map[string]interface{} `json:"attributes,omitempty"` ClientConsents *[]UserConsent `json:"clientConsents,omitempty"` ClientRoles *map[string]interface{} `json:"clientRoles,omitempty"` CreatedTimestamp *int64 `json:"createdTimestamp,omitempty"` Credentials *[]Credential `json:"credentials,omitempty"` DisableableCredentialTypes *[]string `json:"disableableCredentialTypes,omitempty"` Email *string `json:"email,omitempty"` EmailVerified *bool `json:"emailVerified,omitempty"` Enabled *bool `json:"enabled,omitempty"` FederatedIdentities *[]FederatedIdentity `json:"federatedIdentities,omitempty"` FederationLink *string `json:"federationLink,omitempty"` FirstName *string `json:"firstName,omitempty"` Groups *[]string `json:"groups,omitempty"` ID *string `json:"id,omitempty"` LastName *string `json:"lastName,omitempty"` NotBefore *int32 `json:"notBefore,omitempty"` Origin *string `json:"origin,omitempty"` RealmRoles *[]string `json:"realmRoles,omitempty"` RequiredActions *[]string `json:"requiredActions,omitempty"` Self *string `json:"self,omitempty"` ServiceAccountClientID *string `json:"serviceAccountClientId,omitempty"` Username *string `json:"username,omitempty"` }
User represents the Keycloak user
type UserConsent ¶
type UserConsent struct { ClientID *string `json:"clientId,omitempty"` CreatedDate *int64 `json:"createdDate,omitempty"` GrantedClientRoles *map[string]interface{} `json:"grantedClientRoles,omitempty"` GrantedProtocolMappers *map[string]interface{} `json:"grantedProtocolMappers,omitempty"` GrantedRealmRoles *[]string `json:"grantedRealmRoles,omitempty"` LastUpdatedDate *int64 `json:"lastUpdatedDate,omitempty"` }
UserConsent represents scopes that have been consented
Directories ¶
Path | Synopsis |
---|---|
examples
|
|
access-grants
Package main provides an example for using an admin account or a service account to authorize against a client and query a user provided a 'query-users' role
|
Package main provides an example for using an admin account or a service account to authorize against a client and query a user provided a 'query-users' role |