Documentation ¶
Index ¶
- Constants
- Variables
- type AccessTokenRequest
- type AccessTokenResponse
- type AuthCodeFlowRequest
- type AuthCodeFlowResponse
- type Capabilities
- type Capability
- type ClientMetaData
- type CreateTransferCodeRequest
- type Error
- type EventEntry
- type EventHistory
- type ExchangeTransferCodeRequest
- type GeneralMytokenRequest
- type GrantTypeInfo
- type GrantTypeInfoResponse
- type GrantTypeRequest
- type IncludedProfiles
- type Mytoken
- type MytokenConfiguration
- type MytokenEntry
- type MytokenEntryTree
- type MytokenFromMytokenRequest
- type MytokenResponse
- type OIDCFlowRequest
- type OnlyTokenUpdateResponse
- type PollingCodeRequest
- type PollingInfo
- type Profile
- type Restriction
- type Restrictions
- type RevocationRequest
- type Rotation
- type SSHInfoResponse
- type SSHKeyAddFinalResponse
- type SSHKeyAddRequest
- type SSHKeyAddResponse
- type SSHKeyDeleteRequest
- type SSHKeyInfo
- type SSHKeyMetadata
- type SettingsMetaData
- type SupportedProviderConfig
- type TokenInfoRequest
- type TokenVersion
- type TokeninfoHistoryResponse
- type TokeninfoIntrospectResponse
- type TokeninfoListResponse
- type TokeninfoSubtokensResponse
- type TransferCodeResponse
- type UsedMytoken
- type UsedRestriction
Constants ¶
const ( ErrorStrInvalidRequest = "invalid_request" ErrorStrInvalidClient = "invalid_client" ErrorStrInvalidGrant = "invalid_grant" ErrorStrUnsupportedGrantType = "unsupported_grant_type" ErrorStrInvalidScope = "invalid_scope" ErrorStrInvalidToken = "invalid_token" ErrorStrInsufficientScope = "insufficient_scope" ErrorStrExpiredToken = "expired_token" ErrorStrAccessDenied = "access_denied" ErrorStrAuthorizationPending = "authorization_pending" )
Predefined OAuth2/OIDC errors
const ( ErrorStrInternal = "internal_server_error" ErrorStrOIDC = "oidc_error" ErrorStrNYI = "not_yet_implemented" ErrorStrInsufficientCapabilities = "insufficient_capabilities" ErrorStrUsageRestricted = "usage_restricted" )
Additional Mytoken errors
const ( ClientTypeWeb = "web" ClientTypeNative = "native" )
Client types
const ( GrantTypeMytoken = "mytoken" GrantTypeOIDCFlow = "oidc_flow" GrantTypePollingCode = "polling_code" GrantTypeTransferCode = "transfer_code" GrantTypeSSH = "ssh" )
GrantTypes
const ( ResponseTypeToken = "token" ResponseTypeShortToken = "short_token" ResponseTypeTransferCode = "transfer_code" )
ResponseTypes
const ( RestrictionClaimNotBefore = "nbf" RestrictionClaimExpiresAt = "exp" RestrictionClaimScope = "scope" RestrictionClaimAudiences = "audience" RestrictionClaimHosts = "hosts" RestrictionClaimGeoIPAllow = "geoip_allow" RestrictionClaimGeoIPDisallow = "geoip_disallow" RestrictionClaimUsagesAT = "usages_AT" RestrictionClaimUsagesOther = "usages_other" )
RestrictionClaims
const ( SSHMimetypeJson = "application/json" SSHMimetypeJsonBase64 = "application/json;base64" )
ssh payload mimetypes
const ( SSHRequestMytoken = "MT" SSHRequestAccessToken = "AT" SSHRequestTokenInfoIntrospect = "introspect" SSHRequestTokenInfoHistory = "history" SSHRequestTokenInfoSubtokens = "list-subtokens" SSHRequestTokenInfoListMytokens = "list-all-mytokens" )
ssh request types
const ( TokeninfoActionIntrospect = "introspect" TokeninfoActionEventHistory = "event_history" TokeninfoActionSubtokens = "subtokens" TokeninfoActionListMytokens = "list_mytokens" )
TokeninfoActions
const ( MOMIDValueThis = "this" MOMIDValueChildren = "children" )
const CapabilityReadOnlyPrefix = "read@"
const MinShortTokenLen = 32
MinShortTokenLen is the minimum length of a short token
const (
OIDCFlowAuthorizationCode = "authorization_code"
)
OIDCFlows
const TokenType = "mytoken"
TokenType is a constant that can be used for identifying mytokens and to distinguish them from OIDC tokens
Variables ¶
var ( ErrorUnknownIssuer = Error{ErrorStrInvalidRequest, "The provided issuer is not supported"} ErrorStateMismatch = Error{ErrorStrInvalidRequest, "State mismatched"} ErrorUnsupportedOIDCFlow = Error{ErrorStrInvalidGrant, "Unsupported oidc_flow"} ErrorUnsupportedGrantType = Error{ErrorStrInvalidGrant, "Unsupported grant_type"} ErrorBadTransferCode = Error{ErrorStrInvalidToken, "Bad polling or transfer code"} ErrorTransferCodeExpired = Error{ErrorStrExpiredToken, "polling or transfer code is expired"} ErrorAuthorizationPending = Error{ErrorStrAuthorizationPending, ""} ErrorConsentDeclined = Error{ErrorStrAccessDenied, "user declined consent"} ErrorNoRefreshToken = Error{ErrorStrOIDC, "Did not receive a refresh token"} ErrorInsufficientCapabilities = Error{ErrorStrInsufficientCapabilities, "The provided token does not have the required capability for this operation"} ErrorUsageRestricted = Error{ErrorStrUsageRestricted, "The restrictions of this token does not allow this usage"} ErrorNYI = Error{ErrorStrNYI, ""} )
Predefined errors
var ( CapabilityAT = Capability{ Name: "AT", Description: "Allows obtaining OpenID Connect Access Tokens.", } CapabilityCreateMT = Capability{ Name: "create_mytoken", Description: "Allows to create a new mytoken.", } CapabilitySettings = Capability{ Name: "settings", Description: "Allows read/write access to user settings.", } CapabilitySettingsRead = Capability{ Name: CapabilityReadOnlyPrefix + CapabilitySettings.Name, Description: "Allows read access to user settings.", } CapabilityGrants = Capability{ Name: CapabilitySettings.Name + ":grants", Description: "Allows read/write access to user grants.", } CapabilityGrantsRead = Capability{ Name: CapabilityReadOnlyPrefix + CapabilityGrants.Name, Description: "Allows read access to user grants.", } CapabilitySSHGrant = Capability{ Name: CapabilityGrants.Name + ":ssh", Description: "Allows read/write access to the ssh grant.", } CapabilitySSHGrantRead = Capability{ Name: CapabilityReadOnlyPrefix + CapabilitySSHGrant.Name, Description: "Allows read access to the ssh grant.", } CapabilityTokeninfo = Capability{ Name: "tokeninfo", Description: "Allows to obtain all information about this token.", } CapabilityTokeninfoIntrospect = Capability{ Name: subcapabilityName(CapabilityTokeninfo, "introspect"), Description: "Allows to obtain basic information about this token.", } CapabilityTokeninfoHistory = Capability{ Name: subcapabilityName(CapabilityTokeninfo, "history"), Description: "Allows to obtain the event history for this token and all subtokens.", } CapabilityTokeninfoSubtokens = Capability{ Name: subcapabilityName(CapabilityTokeninfo, "subtokens"), Description: "Allows to list a subtoken-tree for this token.", } CapabilityManageMTs = Capability{ Name: "manage_mytokens", Description: "Allows to manage (obtain metadata and revoke) all mytoken.", } CapabilityListMT = Capability{ Name: subcapabilityName(CapabilityManageMTs, "list"), Description: "Allows to list metadata about all mytokens.", } CapabilityRevokeAnyToken = Capability{ Name: subcapabilityName(CapabilityManageMTs, "revoke"), Description: "Allows to revoke any mytoken.", } CapabilityHistoryAnyToken = Capability{ Name: subcapabilityName(CapabilityManageMTs, "history"), Description: "Allows to obtain the event history for any token.", } )
Defined Capabilities
var AllCapabilities = Capabilities{ CapabilityAT, CapabilityTokeninfo, CapabilityTokeninfoIntrospect, CapabilityTokeninfoHistory, CapabilityTokeninfoSubtokens, CapabilityManageMTs, CapabilityListMT, CapabilityRevokeAnyToken, CapabilityHistoryAnyToken, CapabilityCreateMT, CapabilitySettings, CapabilitySettingsRead, CapabilityGrants, CapabilityGrantsRead, CapabilitySSHGrant, CapabilitySSHGrantRead, }
AllCapabilities holds all defined Capabilities
var AllGrantTypes = [...]string{GrantTypeMytoken, GrantTypeOIDCFlow, GrantTypePollingCode, GrantTypeTransferCode, GrantTypeSSH}
AllGrantTypes holds all the GrantTypes
var AllRestrictionClaims = [...]string{ RestrictionClaimNotBefore, RestrictionClaimExpiresAt, RestrictionClaimScope, RestrictionClaimAudiences, RestrictionClaimHosts, RestrictionClaimGeoIPAllow, RestrictionClaimGeoIPDisallow, RestrictionClaimUsagesAT, RestrictionClaimUsagesOther, }
AllRestrictionClaims holds all the RestrictionClaims
var AllTokeninfoActions = [...]string{TokeninfoActionIntrospect, TokeninfoActionEventHistory, TokeninfoActionSubtokens, TokeninfoActionListMytokens}
AllTokeninfoActions holds all defined TokenInfo strings
var DefaultCapabilities = Capabilities{ CapabilityAT, CapabilityTokeninfo, }
DefaultCapabilities holds the default Capabilities
var TokenVer = TokenVersion{
Major: 0,
Minor: 6,
}
TokenVer is the current Mytoken TokenVersion
Functions ¶
This section is empty.
Types ¶
type AccessTokenRequest ¶
type AccessTokenRequest struct { Issuer string `json:"oidc_issuer,omitempty" form:"issuer" xml:"oidc_issuer"` GrantType string `json:"grant_type" form:"grant_type" xml:"grant_type"` Mytoken string `json:"mytoken" form:"mytoken" xml:"mytoken"` Scope string `json:"scope,omitempty" form:"scope" xml:"scope"` Audience string `json:"audience,omitempty" form:"audience" xml:"audience"` Comment string `json:"comment,omitempty" form:"comment" xml:"comment"` }
AccessTokenRequest holds an request for an access token
type AccessTokenResponse ¶
type AccessTokenResponse struct { AccessToken string `json:"access_token"` TokenType string `json:"token_type"` ExpiresIn int64 `json:"expires_in"` Scope string `json:"scope,omitempty"` Audiences []string `json:"audience,omitempty"` TokenUpdate *MytokenResponse `json:"token_update,omitempty"` }
AccessTokenResponse is the response to a access token request
type AuthCodeFlowRequest ¶
type AuthCodeFlowRequest struct { OIDCFlowRequest ClientType string `json:"client_type"` RedirectURI string `json:"redirect_uri"` }
AuthCodeFlowRequest holds a authorization code flow request
type AuthCodeFlowResponse ¶
type AuthCodeFlowResponse struct { ConsentURI string `json:"consent_uri"` PollingInfo }
AuthCodeFlowResponse is the response to an authorization code flow request
type Capabilities ¶
type Capabilities []Capability
Capabilities is a slice of Capability
func NewCapabilities ¶
func NewCapabilities(caps []string) (c Capabilities)
NewCapabilities casts a []string into Capabilities
func TightenCapabilities ¶
func TightenCapabilities(a, b Capabilities) (res Capabilities)
TightenCapabilities tightens two set of Capabilities into one new
func (Capabilities) Has ¶
func (c Capabilities) Has(a Capability) bool
Has checks if Capabilities slice contains the passed Capability
func (*Capabilities) Scan ¶
func (c *Capabilities) Scan(src interface{}) error
Scan implements the sql.Scanner interface.
func (Capabilities) Strings ¶
func (c Capabilities) Strings() (s []string)
Strings returns a slice of strings for these capabilities
type Capability ¶
Capability is a capability string
func NewCapability ¶
func NewCapability(name string) Capability
NewCapability casts a string into a Capability
func (Capability) MarshalJSON ¶
func (c Capability) MarshalJSON() ([]byte, error)
MarshalJSON implements the json.Marshaler interface
func (*Capability) UnmarshalJSON ¶
func (c *Capability) UnmarshalJSON(data []byte) error
UnmarshalJSON implements the json.Unmarshaler interface
type ClientMetaData ¶
type ClientMetaData struct { IP string `db:"ip" json:"ip,omitempty"` UserAgent string `db:"user_agent" json:"user_agent,omitempty"` }
ClientMetaData hold information about the calling client
type CreateTransferCodeRequest ¶
type CreateTransferCodeRequest struct {
Mytoken string `json:"mytoken"`
}
CreateTransferCodeRequest is a request to create a new transfer code from an existing mytoken
type Error ¶
type Error struct { Error string `json:"error"` ErrorDescription string `json:"error_description,omitempty"` }
Error is an error object that is returned on the api when an error occurs
func (Error) CombinedMessage ¶
CombinedMessage returns an error string that combines the error with the error description
type EventEntry ¶
type EventEntry struct { Event string `db:"event" json:"event"` Time int64 `db:"time" json:"time"` Comment string `db:"comment" json:"comment,omitempty"` ClientMetaData `json:",inline"` MOMID string `json:"mom_id,omitempty"` }
EventEntry is a type holding information about an event
type EventHistory ¶
type EventHistory struct {
Events []EventEntry `json:"events"`
}
EventHistory is a slice of EventEntry
type ExchangeTransferCodeRequest ¶
type ExchangeTransferCodeRequest struct { GrantType string `json:"grant_type"` TransferCode string `json:"transfer_code"` }
ExchangeTransferCodeRequest is a request to exchange a transfer code for the mytoken
type GeneralMytokenRequest ¶
type GeneralMytokenRequest struct { Issuer string `json:"oidc_issuer,omitempty"` GrantType string `json:"grant_type,omitempty"` Restrictions Restrictions `json:"restrictions,omitempty"` Capabilities Capabilities `json:"capabilities,omitempty"` Name string `json:"name,omitempty"` ResponseType string `json:"response_type,omitempty"` MaxTokenLen int `json:"max_token_len,omitempty"` Rotation *Rotation `json:"rotation,omitempty"` ApplicationName string `json:"application_name,omitempty"` IncludedProfiles IncludedProfiles `json:"include,omitempty"` }
GeneralMytokenRequest is a type that holds all the information that all mytoken requests have in common. It should not be used directly as a request object
type GrantTypeInfo ¶
GrantTypeInfo is a struct holding information indicating if a grant type is enabled or not
type GrantTypeInfoResponse ¶
type GrantTypeInfoResponse struct { GrantTypes []GrantTypeInfo `json:"grant_types"` TokenUpdate *MytokenResponse `json:"token_update,omitempty"` }
type GrantTypeRequest ¶
type GrantTypeRequest struct { GrantType string `json:"grant_type" form:"grant_type" xml:"grant_type"` Mytoken string `json:"mytoken" form:"mytoken" xml:"mytoken"` }
GrantTypeRequest is a request object for grant type requests at the grant type settings endpoint. The same GrantTypeRequest struct is used for Enable and Disable requests
type IncludedProfiles ¶ added in v0.10.0
type IncludedProfiles []string
func NewIncludedProfiles ¶ added in v0.10.0
func NewIncludedProfiles(profiles ...string) IncludedProfiles
NewIncludedProfiles creates a new IncludedProfiles var from the past profile names
func (IncludedProfiles) MarshalJSON ¶ added in v0.10.0
func (i IncludedProfiles) MarshalJSON() ([]byte, error)
MarshalJSON implements the json.Marshaler interface
func (*IncludedProfiles) UnmarshalJSON ¶ added in v0.10.0
func (i *IncludedProfiles) UnmarshalJSON(bytes []byte) error
UnmarshalJSON implements the json.Unmarshaler interface
type Mytoken ¶
type Mytoken struct { Version TokenVersion `json:"ver"` TokenType string `json:"token_type"` Issuer string `json:"iss"` Subject string `json:"sub"` ExpiresAt int64 `json:"exp,omitempty"` NotBefore int64 `json:"nbf"` IssuedAt int64 `json:"iat"` AuthTime int64 `json:"auth_time"` ID string `json:"jti"` SeqNo uint64 `json:"seq_no"` Name string `json:"name,omitempty"` Audience string `json:"aud"` OIDCSubject string `json:"oidc_sub"` OIDCIssuer string `json:"oidc_iss"` Restrictions Restrictions `json:"restrictions,omitempty"` Capabilities Capabilities `json:"capabilities"` Rotation *Rotation `json:"rotation,omitempty"` }
Mytoken is a mytoken Mytoken
type MytokenConfiguration ¶
type MytokenConfiguration struct { Issuer string `json:"issuer"` AccessTokenEndpoint string `json:"access_token_endpoint"` MytokenEndpoint string `json:"mytoken_endpoint"` TokeninfoEndpoint string `json:"tokeninfo_endpoint,omitempty"` RevocationEndpoint string `json:"revocation_endpoint,omitempty"` UserSettingsEndpoint string `json:"usersettings_endpoint"` TokenTransferEndpoint string `json:"token_transfer_endpoint,omitempty"` ProfilesEndpoint string `json:"profiles_endpoint,omitempty"` JWKSURI string `json:"jwks_uri"` SSHKeys []SSHKeyMetadata `json:"ssh_keys,omitempty"` ProvidersSupported []SupportedProviderConfig `json:"providers_supported"` TokenSigningAlgValue string `json:"token_signing_alg_value"` TokenInfoEndpointActionsSupported []string `json:"tokeninfo_endpoint_actions_supported,omitempty"` AccessTokenEndpointGrantTypesSupported []string `json:"access_token_endpoint_grant_types_supported"` MytokenEndpointGrantTypesSupported []string `json:"mytoken_endpoint_grant_types_supported"` MytokenEndpointOIDCFlowsSupported []string `json:"mytoken_endpoint_oidc_flows_supported"` ResponseTypesSupported []string `json:"response_types_supported"` ServiceDocumentation string `json:"service_documentation,omitempty"` RestrictionClaimsSupported []string `json:"restriction_claims_supported"` Version string `json:"version,omitempty"` }
MytokenConfiguration holds information about a mytoken instance
type MytokenEntry ¶
type MytokenEntry struct { // The "Manage-Other-Mytokens-ID (MOMID) is used in requests to manage other mytokens than the one used for // authorization MOMID string `json:"mom_id"` Name string `json:"name,omitempty"` CreatedAt int64 `json:"created"` ExpiresAt int64 `json:"expires_at,omitempty"` ClientMetaData `json:",inline"` }
MytokenEntry holds the information of a MytokenEntry as stored in the database
type MytokenEntryTree ¶
type MytokenEntryTree struct { Token MytokenEntry `json:"token"` Children []MytokenEntryTree `json:"children,omitempty"` }
MytokenEntryTree is a tree of MytokenEntry
type MytokenFromMytokenRequest ¶
type MytokenFromMytokenRequest struct { GeneralMytokenRequest Mytoken string `json:"mytoken"` FailOnRestrictionsNotTighter bool `json:"error_on_restrictions,omitempty"` }
MytokenFromMytokenRequest is a request to create a new Mytoken from an existing Mytoken
type MytokenResponse ¶
type MytokenResponse struct { Mytoken string `json:"mytoken,omitempty"` MytokenType string `json:"mytoken_type"` TransferCode string `json:"transfer_code,omitempty"` MOMID string `json:"mom_id,omitempty"` ExpiresIn uint64 `json:"expires_in,omitempty"` Restrictions Restrictions `json:"restrictions,omitempty"` Capabilities Capabilities `json:"capabilities,omitempty"` Rotation *Rotation `json:"rotation,omitempty"` TokenUpdate *MytokenResponse `json:"token_update,omitempty"` }
MytokenResponse is a response to a mytoken request
type OIDCFlowRequest ¶
type OIDCFlowRequest struct { GeneralMytokenRequest OIDCFlow string `json:"oidc_flow"` }
OIDCFlowRequest holds the request for an OIDC Flow request
type OnlyTokenUpdateResponse ¶
type OnlyTokenUpdateResponse struct {
TokenUpdate *MytokenResponse `json:"token_update,omitempty"`
}
OnlyTokenUpdateResponse is a type for responses that do not contain any content except for a ( possibly) updated mytoken
type PollingCodeRequest ¶
type PollingCodeRequest struct { GrantType string `json:"grant_type"` PollingCode string `json:"polling_code"` }
PollingCodeRequest is a polling code request
type PollingInfo ¶
type PollingInfo struct { PollingCode string `json:"polling_code,omitempty"` PollingCodeExpiresIn int64 `json:"expires_in,omitempty"` PollingInterval int64 `json:"interval,omitempty"` }
PollingInfo holds all response information about polling codes
type Profile ¶ added in v0.10.0
type Profile struct { ID string `json:"id"` Name string `json:"name"` Payload json.RawMessage `json:"payload"` }
type Restriction ¶
type Restriction struct { NotBefore int64 `json:"nbf,omitempty"` ExpiresAt int64 `json:"exp,omitempty"` Scope string `json:"scope,omitempty"` Audiences []string `json:"audience,omitempty"` Hosts []string `json:"hosts,omitempty"` GeoIPAllow []string `json:"geoip_allow,omitempty"` GeoIPDisallow []string `json:"geoip_disallow,omitempty"` UsagesAT *int64 `json:"usages_AT,omitempty"` UsagesOther *int64 `json:"usages_other,omitempty"` IncludedProfiles IncludedProfiles `json:"include,omitempty"` }
Restriction describes a token usage restriction
type RevocationRequest ¶
type RevocationRequest struct { Token string `json:"token"` MOMID string `json:"mom_id,omitempty"` Recursive bool `json:"recursive,omitempty"` OIDCIssuer string `json:"oidc_issuer,omitempty"` }
RevocationRequest holds the information for a token revocation request
type Rotation ¶
type Rotation struct { OnAT bool `json:"on_AT,omitempty"` OnOther bool `json:"on_other,omitempty"` Lifetime uint64 `json:"lifetime,omitempty"` AutoRevoke bool `json:"auto_revoke,omitempty"` IncludedProfiles IncludedProfiles `json:"include,omitempty"` }
Rotation is a type describing how a mytoken might be rotated
type SSHInfoResponse ¶
type SSHInfoResponse struct { GrantEnabled bool `json:"grant_enabled"` SSHKeyInfo []SSHKeyInfo `json:"ssh_keys"` TokenUpdate *MytokenResponse `json:"token_update,omitempty"` }
type SSHKeyAddFinalResponse ¶
type SSHKeyAddFinalResponse struct { SSHUser string `json:"ssh_user"` SSHHostConfig string `json:"ssh_host_config,omitempty"` }
SSHKeyAddFinalResponse is a type for the final response for an SSHKeyAddRequest after the polling was successful
type SSHKeyAddRequest ¶
type SSHKeyAddRequest struct { Mytoken string `json:"mytoken" form:"mytoken" xml:"mytoken"` SSHKey string `json:"ssh_key" form:"ssh_key" xml:"ssh_key"` Name string `json:"name" form:"name" xml:"name"` Restrictions Restrictions `json:"restrictions" form:"restrictions" xml:"restrictions"` Capabilities Capabilities `json:"capabilities" form:"capabilities" xml:"capabilities"` GrantType string `json:"grant_type" form:"grant_type" xml:"grant_type"` }
type SSHKeyAddResponse ¶
type SSHKeyAddResponse struct { AuthCodeFlowResponse TokenUpdate *MytokenResponse `json:"token_update,omitempty"` }
SSHKeyAddResponse is a type for the (first) response to an SSHKeyAddRequest
type SSHKeyDeleteRequest ¶
type SSHKeyInfo ¶
type SSHKeyInfo struct { Name string `json:"name,omitempty"` SSHKey string `json:"ssh_key,omitempty"` // One of SSHKey and SSHKeyFingerprint MUST be given SSHKeyFingerprint string `json:"ssh_key_fp,omitempty"` // One of SSHKey and SSHKeyFingerprint MUST be given Created int64 `json:"created"` LastUsed *int64 `json:"last_used,omitempty"` }
type SSHKeyMetadata ¶
SSHKeyMetadata holds information about an ssh key
type SettingsMetaData ¶
type SettingsMetaData struct {
GrantTypeEndpoint string `json:"grant_type_endpoint"`
}
type SupportedProviderConfig ¶
type SupportedProviderConfig struct { Issuer string `json:"issuer"` Name string `json:"name,omitempty"` ScopesSupported []string `json:"scopes_supported"` }
SupportedProviderConfig holds information about a provider
type TokenInfoRequest ¶
type TokenInfoRequest struct { Action string `json:"action"` Mytoken string `json:"mytoken"` MOMIDs []string `json:"mom_ids,omitempty"` }
TokenInfoRequest is a type for requests to the tokeninfo endpoint
type TokenVersion ¶
TokenVersion is a type for the mytoken version
func (TokenVersion) MarshalJSON ¶
func (v TokenVersion) MarshalJSON() ([]byte, error)
MarshalJSON implements the json.Marshaler interface
func (*TokenVersion) UnmarshalJSON ¶
func (v *TokenVersion) UnmarshalJSON(data []byte) error
UnmarshalJSON implements the json.Unmarshaler interface
func (TokenVersion) Version ¶
func (v TokenVersion) Version() string
Version returns a version string
type TokeninfoHistoryResponse ¶
type TokeninfoHistoryResponse struct { EventHistory TokenUpdate *MytokenResponse `json:"token_update,omitempty"` }
TokeninfoHistoryResponse is a type for the response for a history request
type TokeninfoIntrospectResponse ¶
type TokeninfoIntrospectResponse struct { Valid bool `json:"valid"` TokenType string `json:"token_type"` Token UsedMytoken `json:"token"` }
TokeninfoIntrospectResponse is a type for the response for an introspect request
type TokeninfoListResponse ¶
type TokeninfoListResponse struct { Tokens []MytokenEntryTree `json:"mytokens"` TokenUpdate *MytokenResponse `json:"token_update,omitempty"` }
TokeninfoListResponse is a type for the response for a list request
type TokeninfoSubtokensResponse ¶
type TokeninfoSubtokensResponse struct { Tokens MytokenEntryTree `json:"mytokens"` TokenUpdate *MytokenResponse `json:"token_update,omitempty"` }
TokeninfoSubtokensResponse is a type for the response for a tree request
type TransferCodeResponse ¶
type TransferCodeResponse struct { MytokenType string `json:"mytoken_type"` TransferCode string `json:"transfer_code"` ExpiresIn uint64 `json:"expires_in"` }
TransferCodeResponse is the response to a transfer code request
type UsedMytoken ¶
type UsedMytoken struct { Mytoken `json:",inline"` Restrictions []UsedRestriction `json:"restrictions,omitempty"` }
UsedMytoken is a type for a Mytoken that has been used, it additionally has information how often it has been used
type UsedRestriction ¶
type UsedRestriction struct { Restriction `json:",inline"` UsagesATDone *int64 `json:"usages_AT_done,omitempty"` UsagesOtherDone *int64 `json:"usages_other_done,omitempty"` }
UsedRestriction is a type for a restriction that has been used and additionally has information how often it has been used
Source Files ¶
- SSHInfoResponse.go
- accessTokenRequest.go
- accessTokenResponse.go
- apiError.go
- authCodeFlowResponse.go
- authcodeFlowRequest.go
- capability.go
- clientMetaData.go
- eventHistory.go
- grantTypeInfoResponse.go
- grantTypeRequest.go
- grantTypes.go
- mytoken.go
- mytokenConfiguration.go
- mytokenEntry.go
- mytokenRequest.go
- mytokenResponse.go
- oidcFlow.go
- pollingCodeRequest.go
- profiles.go
- responseType.go
- restrictionClaim.go
- restrictions.go
- revocationRequest.go
- rotation.go
- settings.go
- sshKeyAddRequest.go
- sshKeyAddResponse.go
- sshKeyDeleteRequest.go
- sshPayloadTypes.go
- sshRequests.go
- tokenUpdate.go
- tokeninfoAction.go
- tokeninfoRequest.go
- tokeninfoResponses.go
- transfercodeRequest.go
- transfercodeResponse.go