gocloak

package module
v4.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 9, 2020 License: Apache-2.0 Imports: 9 Imported by: 0

README

gocloak

codebeat badge Go Report Card Go Doc Build Status codecov FOSSA Status

golang keycloak client

This client is based on : go-keycloak

For Questions either raise an issue, or come to the gopher-slack into the channel #gocloak

If u are using the echo framework have a look at gocloak-echo

https://gopkg.in/nerzal/gocloak.v1

Contribution

(WIP) https://github.com/Nerzal/gocloak/wiki/Contribute

Usage

There are a lot of backward incompatible changes in v4:

  • all functions what create an object now return an ID of the created object. The return statement of those functions has been changed from (error) to (string, error)
  • All structures now use pointers instead of general types (bool -> *bool, string -> *string). It has been done to properly use omitempty tag, otherwise it was impossible to set a false value for any of the bool propertires.
Importing
	import "github.com/Nerzal/gocloak/v4"

or v3 (latest release is v3.10.0):

	import "github.com/Nerzal/gocloak/v3"
Create New User
	client := gocloak.NewClient("https://mycool.keycloak.instance")
	token, err := client.LoginAdmin("user", "password", "realmName")
	if err != nil {
		panic("Something wrong with the credentials or url")
	}
	user := gocloak.User{
		FirstName: "Bob",
		LastName:  "Uncle",
		EMail:     "something@really.wrong",
		Enabled:   true,
		Username:  "CoolGuy",
	}
	client.CreateUser(token.AccessToken, "realm", user)
	if err != nil {
		panic("Oh no!, failed to create user :(")
	}
Introspect Token
	client := gocloak.NewClient(hostname)
	token, err := client.LoginClient(clientid, clientSecret, realm)
	if err != nil {
		panic("Login failed:"+ err.Error())
	}

	rptResult, err := client.RetrospectToken(token.AccessToken, clientid, clientSecret, realm)
	if err != nil {
		panic("Inspection failed:"+ err.Error())
	}

	if !rptResult.Active {
		panic("Token is not active")
	}

	permissions := rptResult.Permissions
	//Do something with the permissions ;)

Features

// GoCloak holds all methods a client should fullfill
type GoCloak interface {
	Login(clientID string, clientSecret string, realm string, username string, password string) (*JWT, error)
	Logout(clientID, clientSecret, realm, refreshToken string) error
	LogoutPublicClient(clientID, realm, accessToken, refreshToken string) error
	LoginClient(clientID, clientSecret, realm string) (*JWT, error)
	LoginAdmin(username, password, realm string) (*JWT, error)
	RequestPermission(clientID string, clientSecret string, realm string, username string, password string, permission string) (*JWT, error)
	RefreshToken(refreshToken string, clientID, clientSecret, realm string) (*JWT, error)
	DecodeAccessToken(accessToken string, realm string) (*jwt.Token, *jwt.MapClaims, error)
	DecodeAccessTokenCustomClaims(accessToken string, realm string, claims jwt.Claims) (*jwt.Token, error)
	RetrospectToken(accessToken string, clientID, clientSecret string, realm string) (*RetrospecTokenResult, error)
	GetIssuer(realm string) (*IssuerResponse, error)
	GetCerts(realm string) (*CertResponse, error)
	GetServerInfo(accessToken string) (*ServerInfoRepesentation, error)
	GetUserInfo(accessToken string, realm string) (*UserInfo, error)
	SetPassword(token string, userID string, realm string, password string, temporary bool) error
	ExecuteActionsEmail(token string, realm string, params ExecuteActionsEmail) error

	CreateUser(token string, realm string, user User) (string, error)
	CreateGroup(accessToken string, realm string, group Group) error
	CreateChildGroup(token string, realm string, groupID string, group Group) (string, error)
	CreateClientRole(accessToken string, realm string, clientID string, role Role) error
	CreateClient(accessToken string, realm string, clientID Client) error
	CreateClientScope(accessToken string, realm string, scope ClientScope) error
	CreateComponent(accessToken string, realm string, component Component) error

	UpdateUser(accessToken string, realm string, user User) error
	UpdateGroup(accessToken string, realm string, updatedGroup Group) error
	UpdateRole(accessToken string, realm string, clientID string, role Role) error
	UpdateClient(accessToken string, realm string, updatedClient Client) error
	UpdateClientScope(accessToken string, realm string, scope ClientScope) error

	DeleteUser(accessToken string, realm, userID string) error
	DeleteComponent(accessToken string, realm, componentID string) error
	DeleteGroup(accessToken string, realm, groupID string) error
	DeleteClientRole(accessToken string, realm, clientID, roleName string) error
	DeleteClient(accessToken string, realm, clientID string) error
	DeleteClientScope(accessToken string, realm, scopeID string) error

	GetClient(accessToken string, realm string, clientID string) (*Client, error)
	GetClientsDefaultScopes(token string, realm string, clientID string) ([]*ClientScope, error)
	AddDefaultScopeToClient(token string, realm string, clientID string, scopeID string) error
	RemoveDefaultScopeFromClient(token string, realm string, clientID string, scopeID string) error
	GetClientsOptionalScopes(token string, realm string, clientID string) ([]*ClientScope, error)
	AddOptionalScopeToClient(token string, realm string, clientID string, scopeID string) error
	RemoveOptionalScopeFromClient(token string, realm string, clientID string, scopeID string) error
	GetDefaultOptionalClientScopes(token string, realm string) ([]*ClientScope, error)
	GetDefaultDefaultClientScopes(token string, realm string) ([]*ClientScope, error)
	GetClientScope(token string, realm string, scopeID string) (*ClientScope, error)
	GetClientScopes(token string, realm string) ([]*ClientScope, error)
	GetClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error)
	GetClientServiceAccount(token string, realm string, clientID string) (*User, error)
	RegenerateClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error)
	GetKeyStoreConfig(accessToken string, realm string) (*KeyStoreConfig, error)
	GetUserByID(accessToken string, realm string, userID string) (*User, error)
	GetUserCount(accessToken string, realm string) (int, error)
	GetUsers(accessToken string, realm string, params GetUsersParams) ([]*User, error)
	GetUserGroups(accessToken string, realm string, userID string) ([]*UserGroup, error)
	GetComponents(accessToken string, realm string) ([]*Component, error)
	GetGroups(accessToken string, realm string, params GetGroupsParams) ([]*Group, error)
	GetGroup(accessToken string, realm, groupID string) (*Group, error)
	GetGroupMembers(accessToken string, realm, groupID string, params GetGroupsParams) ([]*User, error)
	GetRoleMappingByGroupID(accessToken string, realm string, groupID string) (*MappingsRepresentation, error)
	GetRoleMappingByUserID(accessToken string, realm string, userID string) (*MappingsRepresentation, error)
	GetClientRoles(accessToken string, realm string, clientID string) ([]*Role, error)
	GetClientRole(token string, realm string, clientID string, roleName string) (*Role, error)
	GetClients(accessToken string, realm string, params GetClientsParams) ([]*Client, error)
	GetUsersByRoleName(token string, realm string, roleName string) ([]*User, error)
	UserAttributeContains(attributes map[string][]string, attribute string, value string) bool
	CreateClientProtocolMapper(token, realm, clientID string, mapper ProtocolMapperRepresentation) error
	DeleteClientProtocolMapper(token, realm, clientID, mapperID string) error

	// *** Realm Roles ***

	CreateRealmRole(token string, realm string, role Role) error
	GetRealmRole(token string, realm string, roleName string) (*Role, error)
	GetRealmRoles(accessToken string, realm string) ([]*Role, error)
	GetRealmRolesByUserID(accessToken string, realm string, userID string) ([]*Role, error)
	GetRealmRolesByGroupID(accessToken string, realm string, groupID string) ([]*Role, error)
	UpdateRealmRole(token string, realm string, roleName string, role Role) error
	DeleteRealmRole(token string, realm string, roleName string) error
	AddRealmRoleToUser(token string, realm string, userID string, roles []Role) error
	DeleteRealmRoleFromUser(token string, realm string, userID string, roles []Role) error
	AddRealmRoleComposite(token string, realm string, roleName string, roles []Role) error
	DeleteRealmRoleComposite(token string, realm string, roleName string, roles []Role) error

	// *** Realm ***

	GetRealm(token string, realm string) (*RealmRepresentation, error)
	GetRealms(token string) ([]*RealmRepresentation, error)
	CreateRealm(token string, realm RealmRepresentation) error
	DeleteRealm(token string, realm string) error
	ClearRealmCache(token string, realm string) error

	GetClientUserSessions(token, realm, clientID string) ([]*UserSessionRepresentation, error)
	GetClientOfflineSessions(token, realm, clientID string) ([]*UserSessionRepresentation, error)
	GetUserSessions(token, realm, userID string) ([]*UserSessionRepresentation, error)
	GetUserOfflineSessionsForClient(token, realm, userID, clientID string) ([]*UserSessionRepresentation, error)
}

developing & testing

For local testing you need to start a docker container. Simply run following commands prior to starting the tests:

docker pull quay.io/keycloak/keycloak
docker run -d \
	-e KEYCLOAK_USER=admin \
	-e KEYCLOAK_PASSWORD=secret \
	-e KEYCLOAK_IMPORT=/tmp/gocloak-realm.json \
	-v `pwd`/testdata/gocloak-realm.json:/tmp/gocloak-realm.json \
	-p 8080:8080 \
	--name gocloak-test \
	quay.io/keycloak/keycloak

go test

Or you can run the tests on you own keycloak:

export GOCLOAK_TEST_CONFIG=/path/to/gocloak/config.json

All resources created as a result of unit tests will be deleted, except for the test user defined in the configuration file.

To remove running docker container after completion of tests:

docker stop gocloak-test
docker rm gocloak-test

License

FOSSA Status

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BoolP

func BoolP(value bool) *bool

BoolP returns a pointer of a boolean variable

func Float32P

func Float32P(value float32) *float32

Float32P returns a pointer of a float32 variable

func Float64P

func Float64P(value float64) *float64

Float64P returns a pointer of a float64 variable

func GetQueryParams

func GetQueryParams(s interface{}) (map[string]string, error)

GetQueryParams converts the struct to map[string]string The fields tags must have `json:"<name>,string,omitempty"` format for all types, except strings The string fields must have: `json:"<name>,omitempty"`. The `json:"<name>,string,omitempty"` tag for string field will add additional double quotes. "string" tag allows to convert the non-string fields of a structure to map[string]string. "omitempty" allows to skip the fields with default values.

func Int32P

func Int32P(value int32) *int32

Int32P returns a pointer of an int32 variable

func Int64P

func Int64P(value int64) *int64

Int64P returns a pointer of an int64 variable

func IntP

func IntP(value int) *int

IntP returns a pointer of an integer variable

func IsObjectAlreadyExists

func IsObjectAlreadyExists(err error) bool

IsObjectAlreadyExists is a helper to verify tht the err is ObjectAlreadyExists

func NilOrEmpty

func NilOrEmpty(value *string) bool

NilOrEmpty returns true if string is empty or has a nil value

func PBool

func PBool(value *bool) bool

PBool returns a boolean value from a pointer

func PFloat32

func PFloat32(value *float32) float32

PFloat32 returns an flaot32 value from a pointer

func PFloat64

func PFloat64(value *float64) float64

PFloat64 returns an flaot64 value from a pointer

func PInt

func PInt(value *int) int

PInt returns an integer value from a pointer

func PInt32

func PInt32(value *int32) int32

PInt32 returns an int32 value from a pointer

func PInt64

func PInt64(value *int64) int64

PInt64 returns an int64 value from a pointer

func PString

func PString(value *string) string

PString returns a string value from a pointer

func StringP

func StringP(value string) *string

StringP returns a pointer of a string variable

Types

type APIError

type APIError struct {
	Code    int
	Message string
}

APIError represents an api error

func (APIError) Error

func (apiError APIError) Error() string

Error stringifies the APIError

type Access

type Access struct {
	ManageGroupMembership *bool `json:"manageGroupMembership"`
	View                  *bool `json:"view"`
	MapRoles              *bool `json:"mapRoles"`
	Impersonate           *bool `json:"impersonate"`
	Manage                *bool `json:"manage"`
}

Access represents access

type ActiveKeys

type ActiveKeys struct {
	HS256 *string `json:"HS256,omitempty"`
	RS256 *string `json:"RS256,omitempty"`
	AES   *string `json:"AES,omitempty"`
}

ActiveKeys holds the active keys

type Attributes

type Attributes struct {
	LDAPENTRYDN []string `json:"LDAP_ENTRY_DN,omitempty"`
	LDAPID      []string `json:"LDAP_ID,omitempty"`
}

Attributes holds Attributes

type CertResponse

type CertResponse struct {
	Keys []*CertResponseKey `json:"keys,omitempty"`
}

CertResponse is returned by the certs endpoint

type CertResponseKey

type CertResponseKey struct {
	Kid *string `json:"kid,omitempty"`
	Kty *string `json:"kty,omitempty"`
	Alg *string `json:"alg,omitempty"`
	Use *string `json:"use,omitempty"`
	N   *string `json:"n,omitempty"`
	E   *string `json:"e,omitempty"`
}

CertResponseKey is returned by the certs endpoint

type Client

type Client struct {
	Access                             map[string]interface{}          `json:"access,omitempty"`
	AdminURL                           *string                         `json:"adminUrl,omitempty"`
	Attributes                         map[string]string               `json:"attributes,omitempty"`
	AuthenticationFlowBindingOverrides map[string]string               `json:"authenticationFlowBindingOverrides,omitempty"`
	AuthorizationServicesEnabled       *bool                           `json:"authorizationServicesEnabled"`
	AuthorizationSettings              *ResourceServerRepresentation   `json:"authorizationSettings,omitempty"`
	BaseURL                            *string                         `json:"baseUrl,omitempty"`
	BearerOnly                         *bool                           `json:"bearerOnly"`
	ClientAuthenticatorType            *string                         `json:"clientAuthenticatorType,omitempty"`
	ClientID                           *string                         `json:"clientId,omitempty"`
	ConsentRequired                    *bool                           `json:"consentRequired"`
	DefaultClientScopes                []string                        `json:"defaultClientScopes,omitempty"`
	DefaultRoles                       []string                        `json:"defaultRoles,omitempty"`
	Description                        *string                         `json:"description,omitempty"`
	DirectAccessGrantsEnabled          *bool                           `json:"directAccessGrantsEnabled"`
	Enabled                            *bool                           `json:"enabled"`
	FrontChannelLogout                 *bool                           `json:"frontchannelLogout"`
	FullScopeAllowed                   *bool                           `json:"fullScopeAllowed"`
	ID                                 *string                         `json:"id,omitempty"`
	ImplicitFlowEnabled                *bool                           `json:"implicitFlowEnabled"`
	Name                               *string                         `json:"name,omitempty"`
	NodeReRegistrationTimeout          *int32                          `json:"nodeReRegistrationTimeout,omitempty"`
	NotBefore                          *int32                          `json:"notBefore,omitempty"`
	OptionalClientScopes               []string                        `json:"optionalClientScopes,omitempty"`
	Origin                             *string                         `json:"origin,omitempty"`
	Protocol                           *string                         `json:"protocol,omitempty"`
	ProtocolMappers                    []*ProtocolMapperRepresentation `json:"protocolMappers,omitempty"`
	PublicClient                       *bool                           `json:"publicClient"`
	RedirectURIs                       []string                        `json:"redirectUris,omitempty"`
	RegisteredNodes                    map[string]string               `json:"registeredNodes,omitempty"`
	RegistrationAccessToken            *string                         `json:"registrationAccessToken,omitempty"`
	RootURL                            *string                         `json:"rootUrl,omitempty"`
	Secret                             *string                         `json:"secret,omitempty"`
	ServiceAccountsEnabled             *bool                           `json:"serviceAccountsEnabled"`
	StandardFlowEnabled                *bool                           `json:"standardFlowEnabled"`
	SurrogateAuthRequired              *bool                           `json:"surrogateAuthRequired"`
	WebOrigins                         []string                        `json:"webOrigins,omitempty"`
}

Client is a ClientRepresentation

type ClientMappingsRepresentation

type ClientMappingsRepresentation struct {
	ID       *string `json:"id,omitempty"`
	Client   *string `json:"client,omitempty"`
	Mappings []*Role `json:"mappings,omitempty"`
}

ClientMappingsRepresentation is a client role mappings

type ClientScope

type ClientScope struct {
	ID                    *string                `json:"id,omitempty"`
	Name                  *string                `json:"name,omitempty"`
	Description           *string                `json:"description,omitempty"`
	Protocol              *string                `json:"protocol,omitempty"`
	ClientScopeAttributes *ClientScopeAttributes `json:"attributes,omitempty"`
	ProtocolMappers       []*ProtocolMappers     `json:"protocolMappers,omitempty"`
}

ClientScope is a ClientScope

type ClientScopeAttributes

type ClientScopeAttributes struct {
	ConsentScreenText      *string `json:"consent.screen.text,omitempty"`
	DisplayOnConsentScreen *string `json:"display.on.consent.screen,omitempty"`
	IncludeInTokenScope    *string `json:"include.in.token.scope,omitempty"`
}

ClientScopeAttributes are attributes of client scopes

type Component

type Component struct {
	ID              *string          `json:"id,omitempty"`
	Name            *string          `json:"name,omitempty"`
	ProviderID      *string          `json:"providerId,omitempty"`
	ProviderType    *string          `json:"providerType,omitempty"`
	ParentID        *string          `json:"parentId,omitempty"`
	ComponentConfig *ComponentConfig `json:"config,omitempty"`
	SubType         *string          `json:"subType,omitempty"`
}

Component is a component

type ComponentConfig

type ComponentConfig struct {
	Priority  []string `json:"priority,omitempty"`
	Algorithm []string `json:"algorithm,omitempty"`
}

ComponentConfig is a componentconfig

type CredentialRepresentation

type CredentialRepresentation struct {
	Algorithm         *string             `json:"algorithm,omitempty"`
	Config            *MultiValuedHashMap `json:"config,omitempty"`
	Counter           *int32              `json:"counter,omitempty"`
	CreatedDate       *int64              `json:"createdDate,omitempty"`
	Device            *string             `json:"device,omitempty"`
	Digits            *int32              `json:"digits,omitempty"`
	HashIterations    *int32              `json:"hashIterations,omitempty"`
	HashedSaltedValue *string             `json:"hashedSaltedValue,omitempty"`
	Period            *int32              `json:"period,omitempty"`
	Salt              *string             `json:"salt,omitempty"`
	Temporary         *bool               `json:"temporary"`
	Type              *string             `json:"type,omitempty"`
	Value             *string             `json:"value,omitempty"`
}

CredentialRepresentation represents credentials

type DecisionStrategy

type DecisionStrategy int

DecisionStrategy is an enum type for DecisionStrategy of PolicyRepresentation

const (
	AFFIRMATIVE DecisionStrategy = iota
	UNANIMOUS
	CONSENSUS
)

DecisionStrategy values

type ExecuteActionsEmail

type ExecuteActionsEmail struct {
	UserID      *string  `json:"-"`
	ClientID    *string  `json:"client_id,omitempty"`
	Lifespan    *int     `json:"lifespan,string,omitempty"`
	RedirectURI *string  `json:"redirect_uri,omitempty"`
	Actions     []string `json:"-"`
}

ExecuteActionsEmail represents parameters for executing action emails

type GetClientsParams

type GetClientsParams struct {
	ClientID     *string `json:"clientId,omitempty"`
	ViewableOnly *bool   `json:"viewableOnly,string"`
}

GetClientsParams represents the query parameters

type GetGroupsParams

type GetGroupsParams struct {
	First  *int    `json:"first,string,omitempty"`
	Max    *int    `json:"max,string,omitempty"`
	Search *string `json:"search,omitempty"`
	Full   *bool   `json:"full,string,omitempty"`
}

GetGroupsParams represents the optional parameters for getting groups

type GetUsersParams

type GetUsersParams struct {
	BriefRepresentation *bool   `json:"briefRepresentation,string"`
	Email               *string `json:"email,omitempty"`
	First               *int    `json:"first,string,omitempty"`
	FirstName           *string `json:"firstName,omitempty"`
	LastName            *string `json:"lastName,omitempty"`
	Max                 *int    `json:"max,string,omitempty"`
	Search              *string `json:"search,omitempty"`
	Username            *string `json:"username,omitempty"`
}

GetUsersParams represents the optional parameters for getting users

type GoCloak

type GoCloak interface {
	// RestyClient returns a resty client that gocloak uses
	RestyClient() *resty.Client
	// Sets the resty Client that gocloak uses
	SetRestyClient(restyClient *resty.Client)

	// GetToken returns a token
	GetToken(realm string, options TokenOptions) (*JWT, error)
	// Login sends a request to the token endpoint using user and client credentials
	Login(clientID, clientSecret, realm, username, password string) (*JWT, error)
	// Logout sends a request to the logout endpoint using refresh token
	Logout(clientID, clientSecret, realm, refreshToken string) error
	// LogoutPublicClient sends a request to the logout endpoint using refresh token
	LogoutPublicClient(clientID, realm, accessToken, refreshToken string) error
	// LoginClient sends a request to the token endpoint using client credentials
	LoginClient(clientID, clientSecret, realm string) (*JWT, error)
	// LoginAdmin login as admin
	LoginAdmin(username, password, realm string) (*JWT, error)
	// RequestPermission sends a request to the token endpoint with permission parameter
	RequestPermission(clientID, clientSecret, realm, username, password, permission string) (*JWT, error)
	// RefreshToken used to refresh the token
	RefreshToken(refreshToken string, clientID, clientSecret, realm string) (*JWT, error)
	// DecodeAccessToken decodes the accessToken
	DecodeAccessToken(accessToken string, realm string) (*jwt.Token, *jwt.MapClaims, error)
	// DecodeAccessTokenCustomClaims decodes the accessToken and fills the given claims
	DecodeAccessTokenCustomClaims(accessToken string, realm string, claims jwt.Claims) (*jwt.Token, error)
	// DecodeAccessTokenCustomClaims calls the token introspection endpoint
	RetrospectToken(accessToken string, clientID, clientSecret string, realm string) (*RetrospecTokenResult, error)
	// GetIssuer calls the issuer endpoint for the given realm
	GetIssuer(realm string) (*IssuerResponse, error)
	// GetCerts gets the public keys for the given realm
	GetCerts(realm string) (*CertResponse, error)
	// GetServerInfo returns the server info
	GetServerInfo(accessToken string) (*ServerInfoRepesentation, error)
	// GetUserInfo gets the user info for the given realm
	GetUserInfo(accessToken string, realm string) (*UserInfo, error)

	// ExecuteActionsEmail executes an actions email
	ExecuteActionsEmail(token string, realm string, params ExecuteActionsEmail) error

	// CreateGroup creates a new group
	CreateGroup(accessToken, realm string, group Group) (string, error)
	// CreateChildGroup creates a new child group
	CreateChildGroup(token string, realm string, groupID string, group Group) (string, error)
	// CreateClient creates a new client
	CreateClient(accessToken, realm string, clientID Client) (string, error)
	// CreateClientScope creates a new clientScope
	CreateClientScope(accessToken, realm string, scope ClientScope) (string, error)
	// CreateComponent creates a new component
	CreateComponent(accessToken, realm string, component Component) (string, error)

	// UpdateGroup updates the given group
	UpdateGroup(accessToken string, realm string, updatedGroup Group) error
	// UpdateRole updates the given role
	UpdateRole(accessToken string, realm string, clientID string, role Role) error
	// UpdateClient updates the given client
	UpdateClient(accessToken string, realm string, updatedClient Client) error
	// UpdateClientScope updates the given clientScope
	UpdateClientScope(accessToken string, realm string, scope ClientScope) error

	// DeleteComponent deletes the given component
	DeleteComponent(accessToken string, realm, componentID string) error
	// DeleteGroup deletes the given group
	DeleteGroup(accessToken string, realm, groupID string) error
	// DeleteClient deletes the given client
	DeleteClient(accessToken string, realm, clientID string) error
	// DeleteClientScope
	DeleteClientScope(accessToken string, realm, scopeID string) error

	// GetClient returns a client
	GetClient(accessToken string, realm string, clientID string) (*Client, error)
	// GetClientsDefaultScopes returns a list of the client's default scopes
	GetClientsDefaultScopes(token string, realm string, clientID string) ([]*ClientScope, error)
	// AddDefaultScopeToClient adds a client scope to the list of client's default scopes
	AddDefaultScopeToClient(token string, realm string, clientID string, scopeID string) error
	// RemoveDefaultScopeFromClient removes a client scope from the list of client's default scopes
	RemoveDefaultScopeFromClient(token string, realm string, clientID string, scopeID string) error
	// GetClientsOptionalScopes returns a list of the client's optional scopes
	GetClientsOptionalScopes(token string, realm string, clientID string) ([]*ClientScope, error)
	// AddOptionalScopeToClient adds a client scope to the list of client's optional scopes
	AddOptionalScopeToClient(token string, realm string, clientID string, scopeID string) error
	// RemoveOptionalScopeFromClient deletes a client scope from the list of client's optional scopes
	RemoveOptionalScopeFromClient(token string, realm string, clientID string, scopeID string) error
	// GetDefaultOptionalClientScopes returns a list of default realm optional scopes
	GetDefaultOptionalClientScopes(token string, realm string) ([]*ClientScope, error)
	// GetDefaultDefaultClientScopes returns a list of default realm default scopes
	GetDefaultDefaultClientScopes(token string, realm string) ([]*ClientScope, error)
	// GetClientScope returns a clientscope
	GetClientScope(token string, realm string, scopeID string) (*ClientScope, error)
	// GetClientScopes returns all client scopes
	GetClientScopes(token string, realm string) ([]*ClientScope, error)
	// GetClientScopeMappingClientRoles does return list of clients roles in specific Client Scope mapping
	GetClientScopeMappingClientRoles(token string, realm string, scopeID string, clientID string) ([]*Role, error)
	// AddClientScopeMappingClientRole does add clients roles to specific Client Scope mapping
	AddClientScopeMappingClientRoles(token string, realm string, scopeID string, clientID string, roles []*Role) error
	// GetClientSecret returns a client's secret
	GetClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error)
	// GetClientServiceAccount retrieves the service account "user" for a client if enabled
	GetClientServiceAccount(token string, realm string, clientID string) (*User, error)
	// RegenerateClientSecret creates a new client secret returning the updated CredentialRepresentation
	RegenerateClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error)
	// GetKeyStoreConfig gets the keyStoreConfig
	GetKeyStoreConfig(accessToken string, realm string) (*KeyStoreConfig, error)
	// GetComponents gets components of the given realm
	GetComponents(accessToken string, realm string) ([]*Component, error)
	// GetGroups gets all groups of the given realm
	GetGroups(accessToken string, realm string, params GetGroupsParams) ([]*Group, error)
	// GetGroup gets the given group
	GetGroup(accessToken string, realm, groupID string) (*Group, error)
	// GetGroupMembers get a list of users of group with id in realm
	GetGroupMembers(accessToken string, realm, groupID string, params GetGroupsParams) ([]*User, error)
	// GetRoleMappingByGroupID gets the rolemapping for the given group id
	GetRoleMappingByGroupID(accessToken string, realm string, groupID string) (*MappingsRepresentation, error)
	// GetRoleMappingByUserID gets the rolemapping for the given user id
	GetRoleMappingByUserID(accessToken string, realm string, userID string) (*MappingsRepresentation, error)
	// GetClients gets the clients in the realm
	GetClients(accessToken string, realm string, params GetClientsParams) ([]*Client, error)
	// GetClientOfflineSessions returns offline sessions associated with the client
	GetClientOfflineSessions(token, realm, clientID string) ([]*UserSessionRepresentation, error)
	// GetClientUserSessions returns user sessions associated with the client
	GetClientUserSessions(token, realm, clientID string) ([]*UserSessionRepresentation, error)
	// CreateClientProtocolMapper creates a protocol mapper in client scope
	CreateClientProtocolMapper(token, realm, clientID string, mapper ProtocolMapperRepresentation) (string, error)
	// DeleteClientProtocolMapper deletes a protocol mapper in client scope
	DeleteClientProtocolMapper(token, realm, clientID, mapperID string) error

	// UserAttributeContains checks if the given attribute has the given value
	UserAttributeContains(attributes map[string][]string, attribute string, value string) bool

	// CreateRealmRole creates a role in a realm
	CreateRealmRole(token, realm string, role Role) (string, error)
	// GetRealmRole returns a role from a realm by role's name
	GetRealmRole(token string, realm string, roleName string) (*Role, error)
	// GetRealmRoles get all roles of the given realm. It's an alias for the GetRoles function
	GetRealmRoles(accessToken string, realm string) ([]*Role, error)
	// GetRealmRolesByUserID returns all roles assigned to the given user
	GetRealmRolesByUserID(accessToken string, realm string, userID string) ([]*Role, error)
	// GetRealmRolesByGroupID returns all roles assigned to the given group
	GetRealmRolesByGroupID(accessToken string, realm string, groupID string) ([]*Role, error)
	// UpdateRealmRole updates a role in a realm
	UpdateRealmRole(token string, realm string, roleName string, role Role) error
	// DeleteRealmRole deletes a role in a realm by role's name
	DeleteRealmRole(token string, realm string, roleName string) error
	// AddRealmRoleToUser adds realm-level role mappings
	AddRealmRoleToUser(token string, realm string, userID string, roles []Role) error
	// DeleteRealmRoleFromUser deletes realm-level role mappings
	DeleteRealmRoleFromUser(token string, realm string, userID string, roles []Role) error
	// AddRealmRoleComposite adds roles as composite
	AddRealmRoleComposite(token string, realm string, roleName string, roles []Role) error
	// AddRealmRoleComposite adds roles as composite
	DeleteRealmRoleComposite(token string, realm string, roleName string, roles []Role) error

	// AddClientRoleToUser adds a client role to the user
	AddClientRoleToUser(token string, realm string, clientID string, userID string, roles []Role) error
	// AddClientRoleToGroup adds a client role to the group
	AddClientRoleToGroup(token string, realm string, clientID string, groupID string, roles []Role) error
	// CreateClientRole creates a new role for a client
	CreateClientRole(accessToken, realm, clientID string, role Role) (string, error)
	// DeleteClientRole deletes the given role
	DeleteClientRole(accessToken, realm, clientID, roleName string) error
	// DeleteClientRoleFromUser removes a client role from from the user
	DeleteClientRoleFromUser(token string, realm string, clientID string, userID string, roles []Role) error
	// GetClientRoles gets roles for the given client
	GetClientRoles(accessToken string, realm string, clientID string) ([]*Role, error)
	// GetClientRole get a role for the given client in a realm by role name
	GetClientRole(token string, realm string, clientID string, roleName string) (*Role, error)

	// GetRealm returns top-level representation of the realm
	GetRealm(token string, realm string) (*RealmRepresentation, error)
	// GetRealms returns top-level representation of all realms
	GetRealms(token string) ([]*RealmRepresentation, error)
	// CreateRealm creates a realm
	CreateRealm(token string, realm RealmRepresentation) (string, error)
	// DeleteRealm removes a realm
	DeleteRealm(token string, realm string) error
	// ClearRealmCache clears realm cache
	ClearRealmCache(token string, realm string) error

	// *** Users ***
	// CreateUser creates a new user
	CreateUser(token string, realm string, user User) (string, error)
	// DeleteUser deletes the given user
	DeleteUser(accessToken string, realm, userID string) error
	// GetUserByID gets the user with the given id
	GetUserByID(accessToken string, realm string, userID string) (*User, error)
	// GetUser count returns the userCount of the given realm
	GetUserCount(accessToken string, realm string) (int, error)
	// GetUsers gets all users of the given realm
	GetUsers(accessToken string, realm string, params GetUsersParams) ([]*User, error)
	// GetUserGroups gets the groups of the given user
	GetUserGroups(accessToken string, realm string, userID string) ([]*UserGroup, error)
	// GetUsersByRoleName returns all users have a given role
	GetUsersByRoleName(token string, realm string, roleName string) ([]*User, error)
	// SetPassword sets a new password for the user with the given id. Needs elevated privileges
	SetPassword(token string, userID string, realm string, password string, temporary bool) error
	// UpdateUser updates the given user
	UpdateUser(accessToken string, realm string, user User) error
	// AddUserToGroup puts given user to given group
	AddUserToGroup(token string, realm string, userID string, groupID string) error
	// DeleteUserFromGroup deletes given user from given group
	DeleteUserFromGroup(token string, realm string, userID string, groupID string) error
	// GetUserSessions returns user sessions associated with the user
	GetUserSessions(token, realm, userID string) ([]*UserSessionRepresentation, error)
	// GetUserOfflineSessionsForClient returns offline sessions associated with the user and client
	GetUserOfflineSessionsForClient(token, realm, userID, clientID string) ([]*UserSessionRepresentation, error)
}

GoCloak holds all methods a client should fulfill

func NewClient

func NewClient(basePath string) GoCloak

NewClient creates a new Client

type Group

type Group struct {
	ID          *string             `json:"id,omitempty"`
	Name        *string             `json:"name,omitempty"`
	Path        *string             `json:"path,omitempty"`
	SubGroups   []*Group            `json:"subGroups,omitempty"`
	Attributes  map[string][]string `json:"attributes,omitempty"`
	Access      map[string]bool     `json:"access,omitempty"`
	ClientRoles map[string][]string `json:"clientRoles,omitempty"`
	RealmRoles  []string            `json:"realmRoles,omitempty"`
}

Group is a Group

type HTTPErrorResponse

type HTTPErrorResponse struct {
	ErrorMessage string `json:"errorMessage,omitempty"`
	Error        string `json:"error,omitempty"`
}

HTTPErrorResponse is a model of an error response

type IssuerResponse

type IssuerResponse struct {
	Realm           *string `json:"realm,omitempty"`
	PublicKey       *string `json:"public_key,omitempty"`
	TokenService    *string `json:"token-service,omitempty"`
	AccountService  *string `json:"account-service,omitempty"`
	TokensNotBefore *int    `json:"tokens-not-before,omitempty"`
}

IssuerResponse is returned by the issuer endpoint

type JWT

type JWT struct {
	AccessToken      string `json:"access_token"`
	IDToken          string `json:"id_token"`
	ExpiresIn        int    `json:"expires_in"`
	RefreshExpiresIn int    `json:"refresh_expires_in"`
	RefreshToken     string `json:"refresh_token"`
	TokenType        string `json:"token_type"`
	NotBeforePolicy  int    `json:"not-before-policy"`
	SessionState     string `json:"session_state"`
	Scope            string `json:"scope"`
}

JWT is a JWT

type Key

type Key struct {
	ProviderID       *string `json:"providerId,omitempty"`
	ProviderPriority *int    `json:"providerPriority,omitempty"`
	Kid              *string `json:"kid,omitempty"`
	Status           *string `json:"status,omitempty"`
	Type             *string `json:"type,omitempty"`
	Algorithm        *string `json:"algorithm,omitempty"`
	PublicKey        *string `json:"publicKey,omitempty"`
	Certificate      *string `json:"certificate,omitempty"`
}

Key is a key

type KeyStoreConfig

type KeyStoreConfig struct {
	ActiveKeys *ActiveKeys `json:"active,omitempty"`
	Key        []*Key      `json:"keys,omitempty"`
}

KeyStoreConfig holds the keyStoreConfig

type Logic

type Logic int

Logic is an enum type for Logic of PolicyRepresentation

const (
	POSITIVE Logic = iota
	NEGATIVE
)

Logic values

type MappingsRepresentation

type MappingsRepresentation struct {
	ClientMappings map[string]*ClientMappingsRepresentation `json:"clientMappings,omitempty"`
	RealmMappings  []*Role                                  `json:"realmMappings,omitempty"`
}

MappingsRepresentation is a representation of role mappings

type MemoryInfoRepresentation

type MemoryInfoRepresentation struct {
	Free           *int    `json:"free,omitempty"`
	FreeFormated   *string `json:"freeFormated,omitempty"`
	FreePercentage *int    `json:"freePercentage,omitempty"`
	Total          *int    `json:"total,omitempty"`
	TotalFormated  *string `json:"totalFormated,omitempty"`
	Used           *int    `json:"used,omitempty"`
	UsedFormated   *string `json:"usedFormated,omitempty"`
}

MemoryInfoRepresentation represents a memory info

type MultiValuedHashMap

type MultiValuedHashMap struct {
	Empty      *bool    `json:"empty"`
	LoadFactor *float32 `json:"loadFactor,omitempty"`
	Threshold  *int32   `json:"threshold,omitempty"`
}

MultiValuedHashMap represents something

type ObjectAlreadyExists

type ObjectAlreadyExists struct {
	ErrorMessage string
}

ObjectAlreadyExists is used when keycloak answers with 409

func (*ObjectAlreadyExists) Error

func (e *ObjectAlreadyExists) Error() string

type PolicyEnforcementMode

type PolicyEnforcementMode int

PolicyEnforcementMode is an enum type for PolicyEnforcementMode of ResourceServerRepresentation

const (
	ENFORCING PolicyEnforcementMode = iota
	PERMISSIVE
	DISABLED
)

PolicyEnforcementMode values

type PolicyRepresentation

type PolicyRepresentation struct {
	Config           map[string]string `json:"config,omitempty"`
	DecisionStrategy *DecisionStrategy `json:"decisionStrategy,omitempty"`
	Description      *string           `json:"description,omitempty"`
	ID               *string           `json:"id,omitempty"`
	Logic            *Logic            `json:"logic,omitempty"`
	Name             *string           `json:"name,omitempty"`
	Owner            *string           `json:"owner,omitempty"`
	Policies         []string          `json:"policies,omitempty"`
	Resources        []string          `json:"resources,omitempty"`
	Scopes           []string          `json:"scopes,omitempty"`
	Type             *string           `json:"type,omitempty"`
}

PolicyRepresentation is a representation of a Policy

type ProtocolMapperRepresentation

type ProtocolMapperRepresentation struct {
	Config         map[string]string `json:"config,omitempty"`
	ID             *string           `json:"id,omitempty"`
	Name           *string           `json:"name,omitempty"`
	Protocol       *string           `json:"protocol,omitempty"`
	ProtocolMapper *string           `json:"protocolMapper,omitempty"`
}

ProtocolMapperRepresentation represents....

type ProtocolMappers

type ProtocolMappers struct {
	ID                    *string                `json:"id,omitempty"`
	Name                  *string                `json:"name,omitempty"`
	Protocol              *string                `json:"protocol,omitempty"`
	ProtocolMapper        *string                `json:"protocolMapper,omitempty"`
	ConsentRequired       *bool                  `json:"consentRequired"`
	ProtocolMappersConfig *ProtocolMappersConfig `json:"config,omitempty"`
}

ProtocolMappers are protocolmappers

type ProtocolMappersConfig

type ProtocolMappersConfig struct {
	UserinfoTokenClaim                 *string `json:"userinfo.token.claim,omitempty"`
	UserAttribute                      *string `json:"user.attribute,omitempty"`
	IDTokenClaim                       *string `json:"id.token.claim,omitempty"`
	AccessTokenClaim                   *string `json:"access.token.claim,omitempty"`
	ClaimName                          *string `json:"claim.name,omitempty"`
	ClaimValue                         *string `json:"claim.value,omitempty"`
	JSONTypeLabel                      *string `json:"jsonType.label,omitempty"`
	Multivalued                        *string `json:"multivalued,omitempty"`
	UsermodelClientRoleMappingClientID *string `json:"usermodel.clientRoleMapping.clientId,omitempty"`
	IncludedClientAudience             *string `json:"included.client.audience,omitempty"`
}

ProtocolMappersConfig is a config of a protocol mapper

type RealmRepresentation

type RealmRepresentation struct {
	AccessCodeLifespan                  *int              `json:"accessCodeLifespan,omitempty"`
	AccessCodeLifespanLogin             *int              `json:"accessCodeLifespanLogin,omitempty"`
	AccessCodeLifespanUserAction        *int              `json:"accessCodeLifespanUserAction,omitempty"`
	AccessTokenLifespan                 *int              `json:"accessTokenLifespan,omitempty"`
	AccessTokenLifespanForImplicitFlow  *int              `json:"accessTokenLifespanForImplicitFlow,omitempty"`
	AccountTheme                        *string           `json:"accountTheme,omitempty"`
	ActionTokenGeneratedByAdminLifespan *int              `json:"actionTokenGeneratedByAdminLifespan,omitempty"`
	ActionTokenGeneratedByUserLifespan  *int              `json:"actionTokenGeneratedByUserLifespan,omitempty"`
	AdminEventsDetailsEnabled           *bool             `json:"adminEventsDetailsEnabled"`
	AdminEventsEnabled                  *bool             `json:"adminEventsEnabled"`
	AdminTheme                          *string           `json:"adminTheme,omitempty"`
	Attributes                          map[string]string `json:"attributes,omitempty"`
	AuthenticationFlows                 []interface{}     `json:"authenticationFlows,omitempty"`
	AuthenticatorConfig                 []interface{}     `json:"authenticatorConfig,omitempty"`
	BrowserFlow                         *string           `json:"browserFlow,omitempty"`
	BrowserSecurityHeaders              map[string]string `json:"browserSecurityHeaders,omitempty"`
	BruteForceProtected                 *bool             `json:"bruteForceProtected"`
	ClientAuthenticationFlow            *string           `json:"clientAuthenticationFlow,omitempty"`
	ClientScopeMappings                 map[string]string `json:"clientScopeMappings,omitempty"`
	ClientScopes                        []*ClientScope    `json:"clientScopes,omitempty"`
	Clients                             []*Client         `json:"clients,omitempty"`
	Components                          interface{}       `json:"components,omitempty"`
	DefaultDefaultClientScopes          []string          `json:"defaultDefaultClientScopes,omitempty"`
	DefaultGroups                       []string          `json:"defaultGroups,omitempty"`
	DefaultLocale                       *string           `json:"defaultLocale,omitempty"`
	DefaultOptionalClientScopes         []string          `json:"defaultOptionalClientScopes,omitempty"`
	DefaultRoles                        []string          `json:"defaultRoles,omitempty"`
	DefaultSignatureAlgorithm           *string           `json:"defaultSignatureAlgorithm,omitempty"`
	DirectGrantFlow                     *string           `json:"directGrantFlow,omitempty"`
	DisplayName                         *string           `json:"displayName,omitempty"`
	DisplayNameHTML                     *string           `json:"displayNameHtml,omitempty"`
	DockerAuthenticationFlow            *string           `json:"dockerAuthenticationFlow,omitempty"`
	DuplicateEmailsAllowed              *bool             `json:"duplicateEmailsAllowed"`
	EditUsernameAllowed                 *bool             `json:"editUsernameAllowed"`
	EmailTheme                          *string           `json:"emailTheme,omitempty"`
	Enabled                             *bool             `json:"enabled"`
	EnabledEventTypes                   []string          `json:"enabledEventTypes,omitempty"`
	EventsEnabled                       *bool             `json:"eventsEnabled"`
	EventsExpiration                    *int64            `json:"eventsExpiration,omitempty"`
	EventsListeners                     []string          `json:"eventsListeners,omitempty"`
	FailureFactor                       *int              `json:"failureFactor,omitempty"`
	FederatedUsers                      []interface{}     `json:"federatedUsers,omitempty"`
	Groups                              []interface{}     `json:"groups,omitempty"`
	ID                                  *string           `json:"id,omitempty"`
	IdentityProviderMappers             []interface{}     `json:"identityProviderMappers,omitempty"`
	IdentityProviders                   []interface{}     `json:"identityProviders,omitempty"`
	InternationalizationEnabled         *bool             `json:"internationalizationEnabled"`
	KeycloakVersion                     *string           `json:"keycloakVersion,omitempty"`
	LoginTheme                          *string           `json:"loginTheme,omitempty"`
	LoginWithEmailAllowed               *bool             `json:"loginWithEmailAllowed"`
	MaxDeltaTimeSeconds                 *int              `json:"maxDeltaTimeSeconds,omitempty"`
	MaxFailureWaitSeconds               *int              `json:"maxFailureWaitSeconds,omitempty"`
	MinimumQuickLoginWaitSeconds        *int              `json:"minimumQuickLoginWaitSeconds,omitempty"`
	NotBefore                           *int              `json:"notBefore,omitempty"`
	OfflineSessionIdleTimeout           *int              `json:"offlineSessionIdleTimeout,omitempty"`
	OfflineSessionMaxLifespan           *int              `json:"offlineSessionMaxLifespan,omitempty"`
	OfflineSessionMaxLifespanEnabled    *bool             `json:"offlineSessionMaxLifespanEnabled"`
	OtpPolicyAlgorithm                  *string           `json:"otpPolicyAlgorithm,omitempty"`
	OtpPolicyDigits                     *int              `json:"otpPolicyDigits,omitempty"`
	OtpPolicyInitialCounter             *int              `json:"otpPolicyInitialCounter,omitempty"`
	OtpPolicyLookAheadWindow            *int              `json:"otpPolicyLookAheadWindow,omitempty"`
	OtpPolicyPeriod                     *int              `json:"otpPolicyPeriod,omitempty"`
	OtpPolicyType                       *string           `json:"otpPolicyType,omitempty"`
	OtpSupportedApplications            []string          `json:"otpSupportedApplications,omitempty"`
	PasswordPolicy                      *string           `json:"passwordPolicy,omitempty"`
	PermanentLockout                    *bool             `json:"permanentLockout"`
	ProtocolMappers                     []interface{}     `json:"protocolMappers,omitempty"`
	QuickLoginCheckMilliSeconds         *int64            `json:"quickLoginCheckMilliSeconds,omitempty"`
	Realm                               *string           `json:"realm,omitempty"`
	RefreshTokenMaxReuse                *int              `json:"refreshTokenMaxReuse,omitempty"`
	RegistrationAllowed                 *bool             `json:"registrationAllowed"`
	RegistrationEmailAsUsername         *bool             `json:"registrationEmailAsUsername"`
	RegistrationFlow                    *string           `json:"registrationFlow,omitempty"`
	RememberMe                          *bool             `json:"rememberMe"`
	RequiredActions                     []interface{}     `json:"requiredActions,omitempty"`
	ResetCredentialsFlow                *string           `json:"resetCredentialsFlow,omitempty"`
	ResetPasswordAllowed                *bool             `json:"resetPasswordAllowed"`
	RevokeRefreshToken                  *bool             `json:"revokeRefreshToken"`
	Roles                               interface{}       `json:"roles,omitempty"`
	ScopeMappings                       []interface{}     `json:"scopeMappings,omitempty"`
	SMTPServer                          map[string]string `json:"smtpServer,omitempty"`
	SslRequired                         *string           `json:"sslRequired,omitempty"`
	SsoSessionIdleTimeout               *int              `json:"ssoSessionIdleTimeout,omitempty"`
	SsoSessionIdleTimeoutRememberMe     *int              `json:"ssoSessionIdleTimeoutRememberMe,omitempty"`
	SsoSessionMaxLifespan               *int              `json:"ssoSessionMaxLifespan,omitempty"`
	SsoSessionMaxLifespanRememberMe     *int              `json:"ssoSessionMaxLifespanRememberMe,omitempty"`
	SupportedLocales                    []string          `json:"supportedLocales,omitempty"`
	UserFederationMappers               []interface{}     `json:"userFederationMappers,omitempty"`
	UserFederationProviders             []interface{}     `json:"userFederationProviders,omitempty"`
	UserManagedAccessAllowed            *bool             `json:"userManagedAccessAllowed"`
	Users                               []*User           `json:"users,omitempty"`
	VerifyEmail                         *bool             `json:"verifyEmail"`
	WaitIncrementSeconds                *int              `json:"waitIncrementSeconds,omitempty"`
}

RealmRepresentation represent a realm

type ResourceRepresentation

type ResourceRepresentation struct {
	ID                 *string                `json:"id,omitempty"` //TODO: is marked "_optional" in template, input error or deliberate?
	Attributes         map[string]string      `json:"attributes,omitempty"`
	DisplayName        *string                `json:"displayName,omitempty"`
	IconURI            *string                `json:"icon_uri,omitempty"` //TODO: With "_" because that's how it's written down in the template
	Name               *string                `json:"name,omitempty"`
	OwnerManagedAccess *bool                  `json:"ownerManagedAccess"`
	Scopes             []*ScopeRepresentation `json:"scopes,omitempty"`
	Type               *string                `json:"type,omitempty"`
	URIs               []string               `json:"uris,omitempty"`
}

ResourceRepresentation is a representation of a Resource

type ResourceServerRepresentation

type ResourceServerRepresentation struct {
	AllowRemoteResourceManagement *bool                     `json:"allowRemoteResourceManagement"`
	ClientID                      *string                   `json:"clientId,omitempty"`
	ID                            *string                   `json:"id,omitempty"`
	Name                          *string                   `json:"name,omitempty"`
	Policies                      []*PolicyRepresentation   `json:"policies,omitempty"`
	PolicyEnforcementMode         *PolicyEnforcementMode    `json:"policyEnforcementMode,omitempty"`
	Resources                     []*ResourceRepresentation `json:"resources,omitempty"`
	Scopes                        []*ScopeRepresentation    `json:"scopes,omitempty"`
}

ResourceServerRepresentation represents the resources of a Server

type RetrospecTokenResult

type RetrospecTokenResult struct {
	Permissions map[string]string `json:"permissions,omitempty"`
	Exp         *int              `json:"exp,omitempty"`
	Nbf         *int              `json:"nbf,omitempty"`
	Iat         *int              `json:"iat,omitempty"`
	Aud         *StringOrArray    `json:"aud,omitempty"`
	Active      *bool             `json:"active"`
	AuthTime    *int              `json:"auth_time,omitempty"`
	Jti         *string           `json:"jti,omitempty"`
	Type        *string           `json:"typ,omitempty"`
}

RetrospecTokenResult is returned when a token was checked

type Role

type Role struct {
	ID                 *string             `json:"id,omitempty"`
	Name               *string             `json:"name,omitempty"`
	ScopeParamRequired *bool               `json:"scopeParamRequired"`
	Composite          *bool               `json:"composite"`
	ClientRole         *bool               `json:"clientRole"`
	ContainerID        *string             `json:"containerId,omitempty"`
	Description        *string             `json:"description,omitempty"`
	Attributes         map[string][]string `json:"attributes,omitempty"`
}

Role is a role

type ScopeRepresentation

type ScopeRepresentation struct {
	DisplayName *string                   `json:"displayName,omitempty"`
	IconURI     *string                   `json:"iconUri,omitempty"`
	ID          *string                   `json:"id,omitempty"`
	Name        *string                   `json:"name,omitempty"`
	Policies    []*PolicyRepresentation   `json:"policies,omitempty"`
	Resources   []*ResourceRepresentation `json:"resources,omitempty"`
}

ScopeRepresentation is a represents a Scope

type ServerInfoRepesentation

type ServerInfoRepesentation struct {
	SystemInfo *SystemInfoRepresentation `json:"systemInfo,omitempty"`
	MemoryInfo *MemoryInfoRepresentation `json:"memoryInfo"`
}

ServerInfoRepesentation represents a server info

type SetPasswordRequest

type SetPasswordRequest struct {
	Type      *string `json:"type,omitempty"`
	Temporary *bool   `json:"temporary"`
	Password  *string `json:"value,omitempty"`
}

SetPasswordRequest sets a new password

type StringOrArray

type StringOrArray []string

StringOrArray represents a value that can either be a string or an array of strings

func (*StringOrArray) MarshalJSON

func (s *StringOrArray) MarshalJSON() ([]byte, error)

MarshalJSON converts the array of strings to a JSON array or JSON string if there is only one item in the array

func (*StringOrArray) UnmarshalJSON

func (s *StringOrArray) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshals a string or an array object from a JSON array or a JSON string

type SystemInfoRepresentation

type SystemInfoRepresentation struct {
	FileEncoding   *string `json:"fileEncoding"`
	JavaHome       *string `json:"javaHome"`
	JavaRuntime    *string `json:"javaRuntime,omitempty"`
	JavaVendor     *string `json:"javaVendor,omitempty"`
	JavaVersion    *string `json:"javaVersion,omitempty"`
	JavaVM         *string `json:"javaVm,omitempty"`
	JavaVMVersion  *string `json:"javaVmVersion,omitempty"`
	OSArchitecture *string `json:"osArchitecture,omitempty"`
	OSName         *string `json:"osName,omitempty"`
	OSVersion      *string `json:"osVersion,omitempty"`
	ServerTime     *string `json:"serverTime,omitempty"`
	Uptime         *string `json:"uptime,omitempty"`
	UptimeMillis   *int    `json:"uptimeMillis,omitempty"`
	UserDir        *string `json:"userDir,omitempty"`
	UserLocale     *string `json:"userLocale,omitempty"`
	UserName       *string `json:"userName,omitempty"`
	UserTimezone   *string `json:"userTimezone,omitempty"`
	Version        *string `json:"version,omitempty"`
}

SystemInfoRepresentation represents a system info

type TokenOptions

type TokenOptions struct {
	ClientID      *string  `json:"client_id"`
	ClientSecret  *string  `json:"-"`
	GrantType     *string  `json:"grant_type"`
	RefreshToken  *string  `json:"refresh_token,omitempty"`
	Scopes        []string `json:"-"`
	Scope         *string  `json:"scope,omitempty"`
	ResponseTypes []string `json:"-"`
	ResponseType  *string  `json:"response_type,omitempty"`
	Permission    *string  `json:"permission,omitempty"`
	Username      *string  `json:"username,omitempty"`
	Password      *string  `json:"password,omitempty"`
}

TokenOptions represents the options to obtain a token

func (*TokenOptions) FormData

func (t *TokenOptions) FormData() map[string]string

FormData returns a map of options to be used in SetFormData function

type User

type User struct {
	ID                         *string                     `json:"id,omitempty"`
	CreatedTimestamp           *int64                      `json:"createdTimestamp,omitempty"`
	Username                   *string                     `json:"username,omitempty"`
	Enabled                    *bool                       `json:"enabled"`
	Totp                       *bool                       `json:"totp"`
	EmailVerified              *bool                       `json:"emailVerified"`
	FirstName                  *string                     `json:"firstName,omitempty"`
	LastName                   *string                     `json:"lastName,omitempty"`
	Email                      *string                     `json:"email,omitempty"`
	FederationLink             *string                     `json:"federationLink,omitempty"`
	Attributes                 map[string][]string         `json:"attributes,omitempty"`
	DisableableCredentialTypes []interface{}               `json:"disableableCredentialTypes,omitempty"`
	RequiredActions            []string                    `json:"requiredActions,omitempty"`
	Access                     map[string]bool             `json:"access"`
	ClientRoles                map[string][]string         `json:"clientRoles,omitempty"`
	RealmRoles                 []string                    `json:"realmRoles,omitempty"`
	ServiceAccountClientID     *string                     `json:"serviceAccountClientId,omitempty"`
	Credentials                []*CredentialRepresentation `json:"credentials,omitempty"`
}

User represents the Keycloak User Structure

type UserGroup

type UserGroup struct {
	ID   *string `json:"id,omitempty"`
	Name *string `json:"name,omitempty"`
	Path *string `json:"path,omitempty"`
}

UserGroup is a UserGroup

type UserInfo

type UserInfo struct {
	Sub               *string     `json:"sub,omitempty"`
	EmailVerified     *bool       `json:"email_verified"`
	Address           interface{} `json:"address,omitempty"`
	PreferredUsername *string     `json:"preferred_username,omitempty"`
	Email             *string     `json:"email,omitempty"`
}

UserInfo is returned by the userinfo endpoint

type UserSessionRepresentation

type UserSessionRepresentation struct {
	Clients    map[string]string `json:"clients,omitempty"`
	ID         *string           `json:"id,omitempty"`
	IPAddress  *string           `json:"ipAddress,omitempty"`
	LastAccess *int64            `json:"lastAccess,omitempty"`
	Start      *int64            `json:"start,omitempty"`
	UserID     *string           `json:"userId,omitempty"`
	Username   *string           `json:"username,omitempty"`
}

UserSessionRepresentation represents a list of user's sessions

Directories

Path Synopsis
pkg
jwx

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL