lockbox

package module
v0.0.0-...-cab5830 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 9, 2023 License: MIT Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// ScopesPolicyDenyAll is a constant for a scopes policy that denies
	// all use of the scope, with no exceptions.
	ScopesPolicyDenyAll = "DENY_ALL"

	// ScopesPolicyDefaultDeny is a constant for a scopes policy that
	// denies all use of the scope by default, with exceptions.
	ScopesPolicyDefaultDeny = "DEFAULT_DENY"

	// ScopesPolicyAllowAll is a constant for a scopes policy that allows
	// all use of the scope, with no exceptions.
	ScopesPolicyAllowAll = "ALLOW_ALL"

	// ScopesPolicyDefaultAllow is a constant for a scopes policy that
	// allows all use of the scope by default, with exceptions.
	ScopesPolicyDefaultAllow = "DEFAULT_ALLOW"
)

Variables

View Source 
var (
	// ErrAccountRequestMissingID is returned when a request requires an
	// ID, but none was set.
	ErrAccountRequestMissingID = errors.New("request must have the ID set")

	// ErrAccountRequestMissingProfileID is returned when a request
	// requires a profile ID, but none was set.
	ErrAccountRequestMissingProfileID = errors.New("request must have the ProfileID set")

	// ErrAccountAlreadyRegistered is returned when the account that is
	// being registered has already been registered.
	ErrAccountAlreadyRegistered = errors.New("that account has already been registered")

	// ErrAccountNotFound is returned when the requested account can't be
	// found.
	ErrAccountNotFound = errors.New("account not found")

	// ErrAccountAccessDenied is returned when the authenticating
	// credentials don't have access to the requested account.
	ErrAccountAccessDenied = errors.New("account access denied")

	// ErrProfileAccessDenied is returned when the authenticating
	// credentials don't have access to the requested profile.
	ErrProfileAccessDenied = errors.New("profile access denied")
)
View Source 
var (
	// ErrClientAlreadyExists is returned when the client being created
	// already exists.
	ErrClientAlreadyExists = errors.New("a client with that ID already exists")

	// ErrClientNotFound is returned when the client being requested can't
	// be found.
	ErrClientNotFound = errors.New("client not found")

	// ErrClientRedirectURINotFound is returned when the redirect URI being
	// requested can't be found.
	ErrClientRedirectURINotFound = errors.New("redirect URI not found")

	// ErrClientRequestMissingID is returned when a client request requires
	// an ID to be set, but no ID is set.
	ErrClientRequestMissingID = errors.New("request must have the ID set")

	// ErrClientRequestMissingRedirectURIID is returned when a client
	// request requires a RedirectURI ID to be set, but no RedirectURI ID
	// is set.
	ErrClientRequestMissingRedirectURIID = errors.New("request must have the URI ID set")
)
View Source 
var (
	// ErrNoAccessTokenSet is returned when the Client tries to use an
	// access token but is not configured with one
	ErrNoAccessTokenSet = errors.New("no access token set")

	// ErrNoRefreshTokenSet is returned when the Client tries to use a
	// refresh token but is not configured with one
	ErrNoRefreshTokenSet = errors.New("no refresh token set")

	// ErrNoClientIDSet is returned when the Client tries to use a client
	// ID but is not configured with one
	ErrNoClientIDSet = errors.New("no client ID set")

	// ErrNoClientSecretSet is returned when the Client tries to use a
	// client secret but is not configured with one
	ErrNoClientSecretSet = errors.New("no client secret set")

	// ErrNoClientRedirectURISet is returned when the Client tries to use a
	// redirect URI but is not configured with one
	ErrNoClientRedirectURISet = errors.New("no client redirect URI set")

	// ErrNoClientsHMACSecretSet is returned when the Client tries to make
	// an HMAC request to the clients service but is not configured with an
	// HMAC secret
	ErrNoClientsHMACSecretSet = errors.New("no HMAC secret for the clients service set")

	// ErrNoClientsHMACMaxSkewSet is returned when the Client tries to make
	// an HMAC request to the clients service but is not configured with an
	// HMAC max skew
	ErrNoClientsHMACMaxSkewSet = errors.New("no HMAC max skew for the clients service set")

	// ErrNoClientsHMACOrgKeySet is returned when the Client tries to make
	// an HMAC request to the clients service but is not configured with an
	// HMAC org key
	ErrNoClientsHMACOrgKeySet = errors.New("no HMAC org key for the clients service set")

	// ErrNoClientsHMACKeySet is returned when the Client tries to make an
	// HMAC request to the clients service but is not configured with an
	// HMAC key
	ErrNoClientsHMACKeySet = errors.New("no HMAC key for the clients service set")

	// ErrNoScopesHMACSecretSet is returned when the Client tries to make
	// an HMAC request to the scopes service but is not configured with an
	// HMAC secret
	ErrNoScopesHMACSecretSet = errors.New("no HMAC secret for the scopes service set")

	// ErrNoScopesHMACMaxSkewSet is returned when the Client tries to make
	// an HMAC request to the scopes service but is not configured with an
	// HMAC max skew
	ErrNoScopesHMACMaxSkewSet = errors.New("no HMAC max skew for the scopes service set")

	// ErrNoScopesHMACOrgKeySet is returned when the Client tries to make
	// an HMAC request to the scopes service but is not configured with an
	// HMAC org key
	ErrNoScopesHMACOrgKeySet = errors.New("no HMAC org key for the scopes service set")

	// ErrNoScopesHMACKeySet is returned when the Client tries to make an
	// HMAC request to the scopes service but is not configured with an
	// HMAC key
	ErrNoScopesHMACKeySet = errors.New("no HMAC key for the scopes service set")

	// ErrBothClientSecretAndRedirectURISet is return when the Client tries
	// to make a request using client credentials and both the redirect URI
	// and client secret are set
	ErrBothClientSecretAndRedirectURISet = errors.New("both client secret and redirect URI set")
)
View Source 
var (
	// ErrOAuth2RequestMissingEmail is returned when a request requires an
	// email, but none was set.
	ErrOAuth2RequestMissingEmail = errors.New("email must be set")

	// ErrOAuth2RequestMissingCode is returned when a request requires a
	// code, but none was set.
	ErrOAuth2RequestMissingCode = errors.New("code must be set")

	// ErrOAuth2RequestMissingToken is returned when a request requires a
	// token, but none is set.
	ErrOAuth2RequestMissingToken = errors.New("token must be set")

	// ErrInvalidGrantError is returned when a grant that is invalid, for
	// any reason, is used.
	ErrInvalidGrantError = errors.New("invalid grant")

	// ErrInvalidClientCredentialsError is returned when the client
	// credentials that were presented were invalid, for any reason.
	ErrInvalidClientCredentialsError = errors.New("invalid client credentials")

	// ErrUnsupportedResponseTypeError is returned when the server doesn't
	// recognize the response type that go-lockbox is requesting.
	ErrUnsupportedResponseTypeError = errors.New("unsupported response type; this is either a server or go-lockbox error")

	// ErrUnexpectedBody is returned if a response body is returned for a
	// request that doesn't expect a response.
	ErrUnexpectedBody = errors.New("unexpected body; this request shouldn't return a body, but it did, possibly an error we didn't expect or couldn't parse. This is either a server or go-lockbox error")
)
View Source 
var (
	// ErrServerError is returned when a server error is encountered while
	// making a request. Users typically can't do anything about these, and
	// they should be reported as bugs.
	ErrServerError = errors.New("server error")

	// ErrInvalidFormatError is returned when the server couldn't parse
	// the request as made. Users typically can't do anything about these,
	// and they should be reported as bugs against go-lockbox.
	ErrInvalidFormatError = errors.New("invalid request")

	// ErrInvalidRequestError is returned when the server rejected the
	// request, without giving more information as to why.
	ErrInvalidRequestError = errors.New("invalid request")

	// ErrUnauthorized is returned when a request is made that the Client
	// is not authorized to make. Check the credentials and try again.
	ErrUnauthorized = errors.New("unauthorized request")

	// ErrUnexpectedError is returned when a RequestError is returned in a
	// Response that the cliente doesn't know how to handle. This is
	// usually indicative of a bug in go-lockbox and an issue whould be
	// filed about it. The logs can provide more information on what the
	// error is.
	ErrUnexpectedError = errors.New("unexpected error in response")

	// ErrUnexpectedResponse is returned when a Response is returned that
	// doesn't make sense or that go-lockbox wasn't expecting. It's often
	// used in situations where ignoring it would cause a panic. This is
	// usually indicative of a bug in go-lockbox or the server, and an
	// issue should be filed about it. There's not much a caller can do
	// about these errors.
	ErrUnexpectedResponse = errors.New("unexpected response")
)
View Source 
var (
	// ErrScopeAlreadyExists is returned when the Scope being created
	// already exists in the scopes service.
	ErrScopeAlreadyExists = errors.New("a scope with that ID already exists")

	// ErrScopeNotFound is returned when the requested scope can't be found
	// in the scopes service.
	ErrScopeNotFound = errors.New("scope not found")

	// ErrScopeRequestMissingUserPolicy is returned when a request to the
	// scopes service requires a UserPolicy, and none is set.
	ErrScopeRequestMissingUserPolicy = errors.New("request must have the user policy set")

	// ErrScopeRequestMissingClientPolicy is returned when a request to the
	// scopes service requires a ClientPolicy, and none is set.
	ErrScopeRequestMissingClientPolicy = errors.New("request must have the client policy set")

	// ErrScopeRequestMissingID is returned when a request to the scopes
	// service requires an ID, and none is set.
	ErrScopeRequestMissingID = errors.New("request must have the ID set")

	// ErrScopeRequestInvalidUserPolicy is returned when a request to the
	// scopes service specifies an invalid user policy.
	ErrScopeRequestInvalidUserPolicy = errors.New("invalid user policy")

	// ErrScopeRequestInvalidClientPolicy is returned when a request to the
	// scopes service specifies an invalid client policy.
	ErrScopeRequestInvalidClientPolicy = errors.New("invalid client policy")
)

Functions

This section is empty.

Types

type APIClient 

type APIClient struct {
	ID           string    `json:"id,omitempty"`
	Name         string    `json:"name,omitempty"`
	Confidential bool      `json:"confidential"`
	CreatedAt    time.Time `json:"createdAt,omitempty"`
	CreatedBy    string    `json:"createdBy,omitempty"`
	CreatedByIP  string    `json:"createdByIP,omitempty"`
	Secret       string    `json:"secret,omitempty"`
}

APIClient is a Client from the clients service. It represents an API consumer that can make requests against Lockbox and the APIs it is authenticating for.

type Account 

type Account struct {
	ID             string    `json:"id,omitempty"`
	ProfileID      string    `json:"profileID,omitempty"`
	IsRegistration bool      `json:"isRegistration"`
	CreatedAt      time.Time `json:"createdAt,omitempty"`
	LastSeenAt     time.Time `json:"lastSeenAt,omitempty"`
	LastUsedAt     time.Time `json:"lastUsedAt,omitempty"`
}

Account is an Account from the accounts service. It represents a login method available to a user.

type AccountsService 

type AccountsService struct {
	BasePath string
	// contains filtered or unexported fields
}

AccountsService is the accounts service. Set the BasePath to modify where requests will be sent relative to the Client's base URL. AccountsService should only be instantiated by calling NewClient.

func (AccountsService) Create 

func (a AccountsService) Create(ctx context.Context, account Account) (Account, error)

Create registers a new Account in the accounts service. If ProfileID is empty, IsRegistration must be true. If IsRegistration is false, ProfileID must be set. ProfileID cannot be set while IsRegistration is true. If ProfileID is set, the request will be authenticated with the token credentials configured on the Client.

func (AccountsService) Delete 

func (a AccountsService) Delete(ctx context.Context, id string) error

Delete removes an Account from the accounts service. The request will be authenticated with the token credentials configured on the Client.

func (AccountsService) Get 

func (a AccountsService) Get(ctx context.Context, id string) (Account, error)

Get retrieves the Account specified by `id` from the accounts service. The request will be authenticated with the token credentials configured on the Client.

func (AccountsService) ListByProfileID 

func (a AccountsService) ListByProfileID(ctx context.Context, profileID string) ([]Account, error)

ListByProfileID returns a list of Accounts associated with profileID. The request will be authenticated with the token credentials configured on the Client.

type AuthMethod 

type AuthMethod interface {
	Apply(c *Client)
}

AuthMethod is a way of authenticating the Client. When constructing a Client, passed AuthMethods will configure the Client to authenticate with various services.

type AuthTokens 

type AuthTokens struct {
	Access  string
	Refresh string
}

AuthTokens configures the client with credentials necessary to authenticate against services that use token authentication, like services utilising Lockbox as an authentication service.

func (AuthTokens) Apply 

func (a AuthTokens) Apply(c *Client)

Apply configures the Client `c` with the access and refresh tokens in `a`.

type Client 

type Client struct {
	Accounts *AccountsService
	Clients  *ClientsService
	OAuth2   *OAuth2Service
	Scopes   *ScopesService
	// contains filtered or unexported fields
}

Client is an HTTP client that can make requests against Lockbox's various services and the services that use Lockbox for authentication.

func NewClient 

func NewClient(ctx context.Context, baseURL string, auth ...AuthMethod) (*Client, error)

NewClient returns a new client capable of interacting with Lockbox services. The baseURL specified should point to the URL that lockbox-apid is serving at. Any number of AuthMethods can be passed to configure the client, including none.

func (*Client) AddClientCredentials 

func (c *Client) AddClientCredentials(r *http.Request) error

AddClientCredentials adds the configured client credentials to `r`, authenticating the request. This is usually used for OAuth2 requests.

func (*Client) AddTokenCredentials 

func (c *Client) AddTokenCredentials(r *http.Request) error

AddTokenCredentials adds the configured tokens to `r` as credentials, authenticating the request.

func (*Client) AppendToUserAgent 

func (c *Client) AppendToUserAgent(s string)

AppendToUserAgent adds the string to the end of the User-Agent header that will be sent with requests from this client.

func (*Client) Do 

func (c *Client) Do(req *http.Request) (*http.Response, error)

Do executes an *http.Request using the *http.Client associated with `c`.

func (*Client) EnableLogs 

func (c *Client) EnableLogs()

EnableLogs turns on request and response logging for the client, for debugging purposes. This should probably not be called in production, as sensitive values will be logged.

func (*Client) GetTokens 

func (c *Client) GetTokens() (access, refresh string)

GetTokens retrieves the currently set access and refresh tokens for the Client. It is meant to be used to persist the tokens to avoid authenticating on every Client instantiation; there should be no other reason to interact with the tokens this way.

func (*Client) MakeClientsHMACRequest 

func (c *Client) MakeClientsHMACRequest(r *http.Request) error

MakeClientsHMACRequest signs an *http.Request so it can be executed against the Clients service.

func (*Client) MakeScopesHMACRequest 

func (c *Client) MakeScopesHMACRequest(r *http.Request) error

MakeScopesHMACRequest signs an *http.Request so it can be executed against the Scopes service.

func (*Client) NewRequest 

func (c *Client) NewRequest(ctx context.Context, method, path string, body io.Reader) (*http.Request, error)

NewRequest builds a new *http.Request against the specified `path`, using the configured base URL of the client.

func (*Client) PrependToUserAgent 

func (c *Client) PrependToUserAgent(s string)

PrependToUserAgent adds the string to the beginning of the User-Agent header that will be sent with requests from this client.

func (*Client) RefreshTokens 

func (c *Client) RefreshTokens(ctx context.Context, scopes []string) error

RefreshTokens exchanges the token credentials configured on `c` for new token credentials, and configures `c` with the new token credentials.

type ClientCredentials 

type ClientCredentials struct {
	ID          string
	Secret      string
	RedirectURI string
}

ClientCredentials configures the client with credentials necessary to authenticate against services that use those credentials, like the oauth2 service.

func (ClientCredentials) Apply 

func (creds ClientCredentials) Apply(c *Client)

Apply configures the Client `c` with the client ID, client secret, and redirect URI set on `creds`.

type ClientsService 

type ClientsService struct {
	BasePath string
	// contains filtered or unexported fields
}

ClientsService is the clients service. Set the BasePath to modify where requests will be sent relative to the Client's base URL. ClientsService should only be instantiated by calling NewClient.

func (ClientsService) Create 

func (c ClientsService) Create(ctx context.Context, client APIClient) (APIClient, error)

Create registers a new APIClient in the clients service. The request will be authenticated with the client HMAC credentials set on the go-lockbox client.

func (ClientsService) CreateRedirectURIs 

func (c ClientsService) CreateRedirectURIs(ctx context.Context, id string, uris []RedirectURI) ([]RedirectURI, error)

CreateRedirectURIs configures the client specified by id in the clients service with new RedirectURIs. It authenticates using the client HMAC credentials in go-lockbox.

func (ClientsService) Delete 

func (c ClientsService) Delete(ctx context.Context, id string) error

Delete removes the client specified by id from the clients service. It is authenticated using the client HMAC credentials on the go-lockbox client.

func (ClientsService) DeleteRedirectURI 

func (c ClientsService) DeleteRedirectURI(ctx context.Context, clientID, uriID string) error

DeleteRedirectURI removes the RedirectURI specified by uriID from the client specified by clientID in the clients service. It authenticates using the client HMAC credentials in the go-lockbox client.

func (ClientsService) Get 

func (c ClientsService) Get(ctx context.Context, id string) (APIClient, error)

Get retrieves the APIClient specified by id from the clients service. It is authenticated using the client HMAC credentials on the go-lockbox client.

func (ClientsService) ListRedirectURIs 

func (c ClientsService) ListRedirectURIs(ctx context.Context, id string) ([]RedirectURI, error)

ListRedirectURIs returns the RedirectURIs configured for the client specified by id in the clients service. It authenticates using the client HMAC credentials in the go-lockbox client.

func (ClientsService) ResetSecret 

func (c ClientsService) ResetSecret(ctx context.Context, id string) (APIClient, error)

ResetSecret resets the client secret in the clients service for the client specified by id. It authenticates using the client HMAC credentials on the go-lockbox client.

type HMACAuth 

type HMACAuth struct {
	// MaxSkew is the maximum amount of clock skew to accept
	MaxSkew time.Duration
	// OrgKey is the organization key the service is using
	OrgKey string
	// Key is the key ID the service is using
	Key string
	// Secret is the HMAC secret the service is using
	Secret []byte
}

HMACAuth contains all the information necessary to authenticate against an HMAC-secured service, like the clients service.

type HMACCredentials 

type HMACCredentials struct {
	Clients HMACAuth
	Scopes  HMACAuth
}

HMACCredentials configures the Client with credentials necessary to authenticate against HMAC-secured endpoints, like the clients service.

func (HMACCredentials) Apply 

func (h HMACCredentials) Apply(c *Client)

Apply configures the Client `c` with the HMAC credentials set in `h`.

type OAuth2Response 

type OAuth2Response struct {
	AccessToken  string `json:"access_token,omitempty"`
	TokenType    string `json:"token_type,omitempty"`
	ExpiresIn    int    `json:"expires_in,omitempty"`
	RefreshToken string `json:"refresh_token,omitempty"`
	Scope        string `json:"scope,omitempty"`
	Error        string `json:"error,omitempty"`
}

OAuth2Response is used to represent all the information returned in the body of the response to an OAuth2 request.

func OAuth2ResponseFromParams 

func OAuth2ResponseFromParams(vals url.Values) (OAuth2Response, error)

OAuth2ResponseFromParams decodes the URL parameters passed in and returns an OAuth2Response from their values.

type OAuth2Service 

type OAuth2Service struct {
	BasePath string
	// contains filtered or unexported fields
}

OAuth2Service is the oauth2 service. Set the BasePath to modify where requests will be sent relative to the Client's base URL. OAuth2Service should only be instantiated by calling NewClient.

func (OAuth2Service) ExchangeEmailCode 

func (o OAuth2Service) ExchangeEmailCode(ctx context.Context, code string) (OAuth2Response, error)

ExchangeEmailCode uses the passed code, obtained from an authentication email, to obtain a new access token and refresh token from the oauth2 service.

func (OAuth2Service) ExchangeGoogleIDToken 

func (o OAuth2Service) ExchangeGoogleIDToken(ctx context.Context, token string, scopes []string) (OAuth2Response, error)

ExchangeGoogleIDToken uses the passed ID token from Google to obtain a new access token and refresh token from the oauth2 service.

func (OAuth2Service) ExchangeRefreshToken 

func (o OAuth2Service) ExchangeRefreshToken(ctx context.Context, token string, scopes []string) (OAuth2Response, error)

ExchangeRefreshToken uses the refresh token passed to obtain a new access token and refresh token from the oauth2 service.

func (OAuth2Service) SendEmail 

func (o OAuth2Service) SendEmail(ctx context.Context, email string, scopes []string) error

SendEmail requests an authentication email be sent to the specified email address to kick off the email login flow.

type RedirectURI 

type RedirectURI struct {
	ID          string    `json:"ID,omitempty"`
	URI         string    `json:"URI,omitempty"`
	IsBaseURI   bool      `json:"isBaseURI"`
	ClientID    string    `json:"clientID,omitempty"`
	CreatedAt   time.Time `json:"createdAt,omitempty"`
	CreatedBy   string    `json:"createdBy,omitempty"`
	CreatedByIP string    `json:"createdByIP,omitempty"`
}

RedirectURI is a URI that is registered to an APIClient as a URI that can be redirected to during the OAuth2 flow.

type RedirectURIIDConflictError 

type RedirectURIIDConflictError RedirectURI

RedirectURIIDConflictError is an error type indicating the RedirectURI that has an ID that already exists.

func (RedirectURIIDConflictError) Error 

func (e RedirectURIIDConflictError) Error() string

type RedirectURIURIMissingError 

type RedirectURIURIMissingError RedirectURI

RedirectURIURIMissingError is an error type indicating the RedirectURI that has no URI set when a URI is required.

func (RedirectURIURIMissingError) Error 

func (e RedirectURIURIMissingError) Error() string

type RequestError 

type RequestError struct {
	Slug   string `json:"error,omitempty"`
	Field  string `json:"field,omitempty"`
	Param  string `json:"param,omitempty"`
	Header string `json:"header,omitempty"`
}

RequestError describes an error that an HTTP request encountered, hopefully with enough information to point to a single root cause.

func (RequestError) Equal 

func (e RequestError) Equal(other RequestError) bool

Equal returns true if two RequestErrors should be considered equivalent.

type RequestErrors 

type RequestErrors []RequestError

RequestErrors is a collection of RequestErrors, describing all known errors with a request. It has its own type to facilitate helper methods.

func (RequestErrors) Contains 

func (e RequestErrors) Contains(err RequestError) bool

Contains returns true if the RequestError can be found in the RequestErrors.

func (RequestErrors) FieldMatches 

func (e RequestErrors) FieldMatches(slug string, reg *regexp.Regexp) [][]string

FieldMatches checks if any RequestError in e has the specified slug and a field that matches the passed regular expression.

type Response 

type Response struct {
	Accounts     []Account     `json:"accounts,omitempty"`
	Clients      []APIClient   `json:"clients,omitempty"`
	RedirectURIs []RedirectURI `json:"redirectURIs,omitempty"`
	Scopes       []Scope       `json:"scopes,omitempty"`
	Errors       RequestErrors `json:"errors,omitempty"`
}

Response is the standard response format we get back from every service, except the oauth2 service, which follows the standard.

type Scope 

type Scope struct {
	ID               string   `json:"id,omitempty"`
	UserPolicy       string   `json:"userPolicy,omitempty"`
	UserExceptions   []string `json:"userExceptions,omitempty"`
	ClientPolicy     string   `json:"clientPolicy,omitempty"`
	ClientExceptions []string `json:"clientExceptions,omitempty"`
	IsDefault        bool     `json:"isDefault"`
}

Scope is a permission from the scopes service. It can be attached to a session to authorize access to resources.

type ScopeChange 

type ScopeChange struct {
	UserPolicy       *string   `json:"userPolicy,omitempty"`
	UserExceptions   *[]string `json:"userExceptions,omitempty"`
	ClientPolicy     *string   `json:"clientPolicy,omitempty"`
	ClientExceptions *[]string `json:"clientExceptions,omitempty"`
	IsDefault        *bool     `json:"isDefault,omitempty"`
}

ScopeChange captures a modification to a Scope.

func (ScopeChange) SetClientExceptions 

func (s ScopeChange) SetClientExceptions(in []string) ScopeChange

SetClientExceptions returns a copy of `s` with the client exceptions set to `in`.

func (ScopeChange) SetClientPolicy 

func (s ScopeChange) SetClientPolicy(in string) ScopeChange

SetClientPolicy returns a copy of `s` with the client policy set to `in`.

func (ScopeChange) SetIsDefault 

func (s ScopeChange) SetIsDefault(in bool) ScopeChange

SetIsDefault returns a copy of `s` with the IsDefault property set to `in`.

func (ScopeChange) SetUserExceptions 

func (s ScopeChange) SetUserExceptions(in []string) ScopeChange

SetUserExceptions returns a copy of `s` with the user exceptions set to `in`.

func (ScopeChange) SetUserPolicy 

func (s ScopeChange) SetUserPolicy(in string) ScopeChange

SetUserPolicy returns a copy of `s` with the user policy set to `in`.

type ScopesService 

type ScopesService struct {
	BasePath string
	// contains filtered or unexported fields
}

ScopesService is the scopes service. Set the BasePath to modify where requests will be sent relative to the Client's base URL. ScopesService should only be instantiated by calling NewClient.

func (ScopesService) Create 

func (s ScopesService) Create(ctx context.Context, scope Scope) (Scope, error)

Create adds the passed Scope to the scopes service. It uses the scopes HMAC credentials in the client.

func (ScopesService) Delete 

func (s ScopesService) Delete(ctx context.Context, id string) error

Delete removes the Scope identified by ID from the scopes service. It uses the scopes HMAC credentials in the client to authenticate.

func (ScopesService) Get 

func (s ScopesService) Get(ctx context.Context, id string) (Scope, error)

Get returns the Scope specified by ID from the scopes service. It uses the scopes HMAC credentials in the client to authenticate.

func (ScopesService) GetByIDs 

func (s ScopesService) GetByIDs(ctx context.Context, ids []string) (map[string]Scope, error)

GetByIDs returns the Scopes specified by the passed IDs from the scopes service. It uses the scopes HMAC credentials in the client to authenticate. The result will be a map with a key of the scope's ID and the value being the Scope itself.

func (ScopesService) ListDefault 

func (s ScopesService) ListDefault(ctx context.Context) ([]Scope, error)

ListDefault returns the default set of Scopes from the scopes service. It uses the scopes HMAC credentials to authenticate.

func (ScopesService) Update 

func (s ScopesService) Update(ctx context.Context, id string, change ScopeChange) (Scope, error)

Update applies the specified change to the Scope identified by the passed ID in the scopes service. It uses the scopes HMAC credentials in the client to authenticate.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.