onelogin

package
v0.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 11, 2021 License: GPL-3.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const HEADER_TAG = "header"

Variables

This section is empty.

Functions

func GenerateMfaSelect 

func GenerateMfaSelect(devices []MfaDevice) *[]MfaSelect

func SelectMfaDevice 

func SelectMfaDevice(mfaDevices []MfaDevice) int32

Types

type AccessTokenResponse 

type AccessTokenResponse struct {
	AccessToken string `json:"access_token"`
	CreatedAt   string `json:"created_at"`
	ExpiresIn   int64  `json:"expires_in"`
	TokenType   string `json:"token_type"`
	AccountId   int64  `json:"account_id"`
}

func (*AccessTokenResponse) ExpiresAt 

func (token *AccessTokenResponse) ExpiresAt() string

returns when our token expires

func (*AccessTokenResponse) IsExpired 

func (token *AccessTokenResponse) IsExpired() bool

returns true if the given OAuth2 token has expired

type MFA 

type MFA struct {

	// Fields when we need MFA
	StateToken  string        `json:"state_token"`
	Devices     []MfaDevice   `json:"devices"`
	CallbackUrl string        `json:"callback_url"`
	User        *OneLoginUser `json:"user"`
	// contains filtered or unexported fields
}

func (*MFA) OneLoginProtectPush 

func (mfa *MFA) OneLoginProtectPush(notify bool) (string, error)

returns json encoded result

func (*MFA) SetParam 

func (mfa *MFA) SetParam(key string, value string)

func (*MFA) SubmitMFA 

func (mfa *MFA) SubmitMFA(device_id int32, mfa_code int32) (string, error)

returns json encoded result

type MFAType 

type MFAType int32
const (
	MFAInvalid MFAType = iota
	MFAOneLoginPush
	MFACode
)

type MfaDevice 

type MfaDevice struct {
	DeviceType string `json:"device_type" header:"MFA Device Type"`
	DeviceId   int32  `json:"device_id" header:"MFA Device ID"`
}

func (MfaDevice) GetHeader 

func (mfa MfaDevice) GetHeader(fieldName string) (string, error)

type MfaSelect 

type MfaSelect struct {
	Select     string `header:"Select"`
	DeviceType string `header:"MFA Device Type"`
	DeviceId   int32  `header:"MFA Device ID"`
}

func (MfaSelect) GetHeader 

func (mfa MfaSelect) GetHeader(fieldName string) (string, error)

type OneLogin 

type OneLogin struct {
	Client      *resty.Client
	Cache       *OneLoginCache
	Url         string // api url for onelogin
	AccessToken string // generated via OAuth2.  Required for all other API calls

}

func NewOneLogin 

func NewOneLogin(clientid string, client_secret string, region string) (*OneLogin, error)

* Returns a new OneLogin struct with our AccessToken configured * * OneLogin OAuth2 tokens are good for 10hrs

func (*OneLogin) GetRateLimit 

func (o *OneLogin) GetRateLimit() (*RateLimit, error)

* There is a rate limit for generating auth tokens: * https://developers.onelogin.com/api-docs/2/oauth20-tokens/generate-tokens-2 * * This API call returns how many calls have been made. * Not valid with Authentication Only tokens

type OneLoginCache 

type OneLoginCache struct {
	Assertion   map[string]SAMLAssertion `json:"assertion"`
	AccessToken AccessTokenResponse      `json:"accesstoken"`
	// contains filtered or unexported fields
}

func LoadOneLoginCache 

func LoadOneLoginCache(filename string) *OneLoginCache

func (*OneLoginCache) GetAccessToken 

func (olc *OneLoginCache) GetAccessToken() (string, error)

func (*OneLoginCache) GetAssertion 

func (olc *OneLoginCache) GetAssertion(app_id uint32) (string, error)

func (*OneLoginCache) GetRoles 

func (ols *OneLoginCache) GetRoles(app_id uint32) ([]string, error)

func (*OneLoginCache) Save 

func (olc *OneLoginCache) Save() error

func (*OneLoginCache) SaveAccessToken 

func (olc *OneLoginCache) SaveAccessToken(token *AccessTokenResponse) error

func (*OneLoginCache) SaveAssertion 

func (olc *OneLoginCache) SaveAssertion(app_id uint32, assertion string) error

saves our assertion in our keychain

type OneLoginSAML 

type OneLoginSAML struct {
	OneLogin *OneLogin
	Response *SAMLResponse
}

func NewOneLoginSAML 

func NewOneLoginSAML(o *OneLogin) *OneLoginSAML

func (*OneLoginSAML) BuildSAMLInput 

func (ols *OneLoginSAML) BuildSAMLInput(app_id uint32, options SAMLInputOptions) (*sts.AssumeRoleWithSAMLInput, error)

func (*OneLoginSAML) GetAssertion 

func (ols *OneLoginSAML) GetAssertion(username string, password string, subdomain string, app_id uint32, ip string) (bool, error)

Returns true/false if MFA is required, list of devices is in ols.Response.Devices

func (*OneLoginSAML) GetMfaType 

func (ols *OneLoginSAML) GetMfaType(deviceId int32) (MFAType, error)

func (*OneLoginSAML) GetMfaTypeString 

func (ols *OneLoginSAML) GetMfaTypeString(deviceId int32) (string, error)

func (*OneLoginSAML) HasAssertion 

func (ols *OneLoginSAML) HasAssertion(app_id uint32) bool

func (*OneLoginSAML) OneLoginProtectPush 

func (ols *OneLoginSAML) OneLoginProtectPush(app_id uint32, tries uint32) (bool, error)

Returns true/false if we got our assertion

func (*OneLoginSAML) PromptMFA 

func (ols *OneLoginSAML) PromptMFA() (int32, error)

Returns the deviceId of a MFA device that the user selects

func (*OneLoginSAML) SubmitMFA 

func (ols *OneLoginSAML) SubmitMFA(deviceId int32, appid uint32) (bool, error)

Handles sending the MFA code or Push MFA. Returns true/false if we got our Assertion

func (*OneLoginSAML) SubmitMFACode 

func (ols *OneLoginSAML) SubmitMFACode(app_id uint32, device_id int32, mfa_code int32) (bool, error)

Returns true/false if we got our assertion

type OneLoginStatus 

type OneLoginStatus struct {
	Error   bool   `json:"error"`
	Code    uint16 `json:"code"`
	Type    string `json:"type"`
	Message string `json:"message"`
}

Common Status response

type OneLoginUser 

type OneLoginUser struct {
	Username  string `json:"username"`
	Email     string `json:"email"`
	Firstname string `json:"firstname"`
	Lastname  string `json:"lastname"`
	Id        int64  `json:"id"`
}

Not used by this code, but is common to many other API calls

type RateLimit 

type RateLimit struct {
	Status OneLoginStatus `json:"status"`
	Data   RateLimitData  `json:"data"`
}

type RateLimitData 

type RateLimitData struct {
	Limit     uint32 `json:"X-RateLimit-Limit"`
	Remaining uint32 `json:"X-RateLimit-Remaining"`
	Reset     uint32 `json:"X-RateLimit-Reset"`
}

type SAMLAssertion 

type SAMLAssertion struct {
	NotOnOrAfter int64    `json:"NotOnOrAfter"`
	Assertion    string   `json:"Assertion"`
	Roles        []string `json:"Roles"`
}

type SAMLInputOptions 

type SAMLInputOptions struct {
	Duration     *int64 `min:"900" type:"integer"` // seconds, default is 3600
	PrincipalArn string `min:"20" type:"string" required:"true"`
	RoleArn      string `min:"20" type:"string" required:"true"`
}

type SAMLResponse 

type SAMLResponse struct {
	// successful response
	Data    string        `json:"data"`
	Message string        `json:"message"`
	User    *OneLoginUser `json:"user"`

	// Fields when we need MFA
	StateToken  string      `json:"state_token"`
	Devices     []MfaDevice `json:"devices"`
	CallbackUrl string      `json:"callback_url"`
}

func (*SAMLResponse) NewMFA 

func (sr *SAMLResponse) NewMFA(o *OneLogin) *MFA

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.