README
¶
gocloak
Golang Keycloak API Package
This client is based on: go-keycloak
For Questions either raise an issue, or come to the gopher-slack into the channel #gocloak
If u are using the echo framework have a look at gocloak-echo
Benchmarks: https://nerzal.github.io/gocloak/dev/bench/
Contribution
(WIP) https://github.com/Nerzal/gocloak/wiki/Contribute
Usage
There are a lot of backward incompatible changes in v4:
- all functions what create an object now return an ID of the created object. The return statement of those functions has been changed from (error) to (string, error)
- All structures now use pointers instead of general types (bool -> *bool, string -> *string). It has been done to properly use omitempty tag, otherwise it was impossible to set a false value for any of the bool propertires.
Importing
import "github.com/Nerzal/gocloak/v4"
or v3 (latest release is v3.10.0):
import "github.com/Nerzal/gocloak/v3"
Create New User
client := gocloak.NewClient("https://mycool.keycloak.instance")
token, err := client.LoginAdmin("user", "password", "realmName")
if err != nil {
panic("Something wrong with the credentials or url")
}
user := gocloak.User{
FirstName: "Bob",
LastName: "Uncle",
Email: "something@really.wrong",
Enabled: true,
Username: "CoolGuy",
}
client.CreateUser(token.AccessToken, "realm", user)
if err != nil {
panic("Oh no!, failed to create user :(")
}
Introspect Token
client := gocloak.NewClient(hostname)
token, err := client.LoginClient(clientid, clientSecret, realm)
if err != nil {
panic("Login failed:"+ err.Error())
}
rptResult, err := client.RetrospectToken(token.AccessToken, clientid, clientSecret, realm)
if err != nil {
panic("Inspection failed:"+ err.Error())
}
if !rptResult.Active {
panic("Token is not active")
}
permissions := rptResult.Permissions
//Do something with the permissions ;)
Features
// GoCloak holds all methods a client should fullfill
type GoCloak interface {
GetRequestingPartyToken(token, realm string, options RequestingPartyTokenOptions) (*JWT, error)
Login(clientID string, clientSecret string, realm string, username string, password string) (*JWT, error)
Logout(clientID, clientSecret, realm, refreshToken string) error
LogoutPublicClient(clientID, realm, accessToken, refreshToken string) error
LoginClient(clientID, clientSecret, realm string) (*JWT, error)
LoginAdmin(username, password, realm string) (*JWT, error)
RequestPermission(clientID string, clientSecret string, realm string, username string, password string, permission string) (*JWT, error)
RefreshToken(refreshToken string, clientID, clientSecret, realm string) (*JWT, error)
DecodeAccessToken(accessToken string, realm string) (*jwt.Token, *jwt.MapClaims, error)
DecodeAccessTokenCustomClaims(accessToken string, realm string, claims jwt.Claims) (*jwt.Token, error)
RetrospectToken(accessToken string, clientID, clientSecret string, realm string) (*RetrospecTokenResult, error)
GetIssuer(realm string) (*IssuerResponse, error)
GetCerts(realm string) (*CertResponse, error)
GetServerInfo(accessToken string) (*ServerInfoRepesentation, error)
GetUserInfo(accessToken string, realm string) (*UserInfo, error)
SetPassword(token string, userID string, realm string, password string, temporary bool) error
ExecuteActionsEmail(token string, realm string, params ExecuteActionsEmail) error
CreateUser(token string, realm string, user User) (string, error)
CreateGroup(accessToken string, realm string, group Group) error
CreateChildGroup(token string, realm string, groupID string, group Group) (string, error)
CreateClientRole(accessToken string, realm string, clientID string, role Role) error
CreateClient(accessToken string, realm string, clientID Client) error
CreateClientScope(accessToken string, realm string, scope ClientScope) error
CreateComponent(accessToken string, realm string, component Component) error
UpdateUser(accessToken string, realm string, user User) error
UpdateGroup(accessToken string, realm string, updatedGroup Group) error
UpdateRole(accessToken string, realm string, clientID string, role Role) error
UpdateClient(accessToken string, realm string, updatedClient Client) error
UpdateClientScope(accessToken string, realm string, scope ClientScope) error
DeleteUser(accessToken string, realm, userID string) error
DeleteComponent(accessToken string, realm, componentID string) error
DeleteGroup(accessToken string, realm, groupID string) error
DeleteClientRole(accessToken string, realm, clientID, roleName string) error
DeleteClient(accessToken string, realm, clientID string) error
DeleteClientScope(accessToken string, realm, scopeID string) error
GetClient(accessToken string, realm string, clientID string) (*Client, error)
GetClientsDefaultScopes(token string, realm string, clientID string) ([]*ClientScope, error)
AddDefaultScopeToClient(token string, realm string, clientID string, scopeID string) error
RemoveDefaultScopeFromClient(token string, realm string, clientID string, scopeID string) error
GetClientsOptionalScopes(token string, realm string, clientID string) ([]*ClientScope, error)
AddOptionalScopeToClient(token string, realm string, clientID string, scopeID string) error
RemoveOptionalScopeFromClient(token string, realm string, clientID string, scopeID string) error
GetDefaultOptionalClientScopes(token string, realm string) ([]*ClientScope, error)
GetDefaultDefaultClientScopes(token string, realm string) ([]*ClientScope, error)
GetClientScope(token string, realm string, scopeID string) (*ClientScope, error)
GetClientScopes(token string, realm string) ([]*ClientScope, error)
GetClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error)
GetClientServiceAccount(token string, realm string, clientID string) (*User, error)
RegenerateClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error)
GetKeyStoreConfig(accessToken string, realm string) (*KeyStoreConfig, error)
GetUserByID(accessToken string, realm string, userID string) (*User, error)
GetUserCount(accessToken string, realm string) (int, error)
GetUsers(accessToken string, realm string, params GetUsersParams) ([]*User, error)
GetUserGroups(accessToken string, realm string, userID string) ([]*UserGroup, error)
GetComponents(accessToken string, realm string) ([]*Component, error)
GetGroups(accessToken string, realm string, params GetGroupsParams) ([]*Group, error)
GetGroup(accessToken string, realm, groupID string) (*Group, error)
GetGroupMembers(accessToken string, realm, groupID string, params GetGroupsParams) ([]*User, error)
GetRoleMappingByGroupID(accessToken string, realm string, groupID string) (*MappingsRepresentation, error)
GetRoleMappingByUserID(accessToken string, realm string, userID string) (*MappingsRepresentation, error)
GetClientRoles(accessToken string, realm string, clientID string) ([]*Role, error)
GetClientRole(token string, realm string, clientID string, roleName string) (*Role, error)
GetClients(accessToken string, realm string, params GetClientsParams) ([]*Client, error)
AddClientRoleComposite(token string, realm string, roleID string, roles []Role) error
DeleteClientRoleComposite(token string, realm string, roleID string, roles []Role) error
GetUsersByRoleName(token string, realm string, roleName string) ([]*User, error)
GetUsersByClientRoleName(token string, realm string, clientID string, roleName string, params GetUsersByRoleParams) ([]*User, error)
UserAttributeContains(attributes map[string][]string, attribute string, value string) bool
CreateClientProtocolMapper(token, realm, clientID string, mapper ProtocolMapperRepresentation) error
DeleteClientProtocolMapper(token, realm, clientID, mapperID string) error
// *** Realm Roles ***
CreateRealmRole(token string, realm string, role Role) error
GetRealmRole(token string, realm string, roleName string) (*Role, error)
GetRealmRoles(accessToken string, realm string) ([]*Role, error)
GetRealmRolesByUserID(accessToken string, realm string, userID string) ([]*Role, error)
GetRealmRolesByGroupID(accessToken string, realm string, groupID string) ([]*Role, error)
UpdateRealmRole(token string, realm string, roleName string, role Role) error
DeleteRealmRole(token string, realm string, roleName string) error
AddRealmRoleToUser(token string, realm string, userID string, roles []Role) error
DeleteRealmRoleFromUser(token string, realm string, userID string, roles []Role) error
AddRealmRoleComposite(token string, realm string, roleName string, roles []Role) error
DeleteRealmRoleComposite(token string, realm string, roleName string, roles []Role) error
// *** Client Roles ***
AddClientRoleToGroup(token string, realm string, clientID string, groupID string, roles []Role) error
DeleteClientRoleFromGroup(token string, realm string, clientID string, groupID string, roles []Role) error
GetClientRolesByUserID(token string, realm string, clientID string, userID string) ([]*Role, error)
GetClientRolesByGroupID(token string, realm string, clientID string, groupID string) ([]*Role, error)
GetCompositeClientRolesByUserID(token string, realm string, clientID string, userID string) ([]*Role, error)
GetCompositeClientRolesByGroupID(token string, realm string, clientID string, groupID string) ([]*Role, error)
// *** Realm ***
GetRealm(token string, realm string) (*RealmRepresentation, error)
GetRealms(token string) ([]*RealmRepresentation, error)
CreateRealm(token string, realm RealmRepresentation) error
DeleteRealm(token string, realm string) error
ClearRealmCache(token string, realm string) error
ClearUserCache(token string, realm string) error
ClearKeysCache(token string, realm string) error
GetClientUserSessions(token, realm, clientID string) ([]*UserSessionRepresentation, error)
GetClientOfflineSessions(token, realm, clientID string) ([]*UserSessionRepresentation, error)
GetUserSessions(token, realm, userID string) ([]*UserSessionRepresentation, error)
GetUserOfflineSessionsForClient(token, realm, userID, clientID string) ([]*UserSessionRepresentation, error)
// *** Protection API ***
GetResource(token string, realm string, clientID string, resourceID string) (*Resource, error)
GetResources(token string, realm string, clientID string) ([]*Resource, error)
CreateResource(token string, realm string, clientID string, resource Resource) (*Resource, error)
UpdateResource(token string, realm string, clientID string, resource Resource) error
DeleteResource(token string, realm string, clientID string, resourceID string) error
GetScope(token string, realm string, clientID string, scopeID string) (*ScopeRepresentation, error)
GetScopes(token string, realm string, clientID string, params GetScopeParams) ([]*ScopeRepresentation, error)
CreateScope(token string, realm string, clientID string, scope ScopeRepresentation) (*ScopeRepresentation, error)
UpdateScope(token string, realm string, clientID string, resource ScopeRepresentation) error
DeleteScope(token string, realm string, clientID string, scopeID string) error
GetPolicy(token string, realm string, clientID string, policyID string) (*PolicyRepresentation, error)
GetPolicies(token string, realm string, clientID string, params GetPolicyParams) ([]*PolicyRepresentation, error)
CreatePolicy(token string, realm string, clientID string, policy PolicyRepresentation) (*PolicyRepresentation, error)
UpdatePolicy(token string, realm string, clientID string, policy PolicyRepresentation) error
DeletePolicy(token string, realm string, clientID string, policyID string) error
GetPermission(token string, realm string, clientID string, permissionID string) (*PermissionRepresentation, error)
GetPermissions(token string, realm string, clientID string, params GetPermissionParams) ([]*PermissionRepresentation, error)
CreatePermission(token string, realm string, clientID string, permission PermissionRepresentation) (*PermissionRepresentation, error)
UpdatePermission(token string, realm string, clientID string, permission PermissionRepresentation) error
DeletePermission(token string, realm string, clientID string, permissionID string) error
}
developing & testing
For local testing you need to start a docker container. Simply run following commands prior to starting the tests:
docker pull quay.io/keycloak/keycloak
docker run -d \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=secret \
-e KEYCLOAK_IMPORT=/tmp/gocloak-realm.json \
-v `pwd`/testdata/gocloak-realm.json:/tmp/gocloak-realm.json \
-p 8080:8080 \
--name gocloak-test \
quay.io/keycloak/keycloak
go test
Or you can run the tests on you own keycloak:
export GOCLOAK_TEST_CONFIG=/path/to/gocloak/config.json
All resources created as a result of unit tests will be deleted, except for the test user defined in the configuration file.
To remove running docker container after completion of tests:
docker stop gocloak-test
docker rm gocloak-test
License
Documentation
¶
Index ¶
- func BoolP(value bool) *bool
- func Float32P(value float32) *float32
- func Float64P(value float64) *float64
- func GetQueryParams(s interface{}) (map[string]string, error)
- func Int32P(value int32) *int32
- func Int64P(value int64) *int64
- func IntP(value int) *int
- func IsObjectAlreadyExists(err error) bool
- func NilOrEmpty(value *string) bool
- func PBool(value *bool) bool
- func PFloat32(value *float32) float32
- func PFloat64(value *float64) float64
- func PInt(value *int) int
- func PInt32(value *int32) int32
- func PInt64(value *int64) int64
- func PString(value *string) string
- func StringP(value string) *string
- type APIError
- type Access
- type ActiveKeys
- type AggregatedPolicyRepresentation
- type Attributes
- type CertResponse
- type CertResponseKey
- type Client
- type ClientMappingsRepresentation
- type ClientPolicyRepresentation
- type ClientScope
- type ClientScopeAttributes
- type Component
- type ComponentConfig
- type CredentialRepresentation
- type DecisionStrategy
- type ExecuteActionsEmail
- type GetClientsParams
- type GetGroupsParams
- type GetPermissionParams
- type GetPolicyParams
- type GetResourceParams
- type GetScopeParams
- type GetUsersByRoleParams
- type GetUsersParams
- type GoCloak
- type Group
- type GroupDefinition
- type GroupPolicyRepresentation
- type HTTPErrorResponse
- type IdentityProviderRepresentation
- type IssuerResponse
- type JSPolicyRepresentation
- type JWT
- type Key
- type KeyStoreConfig
- type Logic
- type MappingsRepresentation
- type MemoryInfoRepresentation
- type MultiValuedHashMap
- type ObjectAlreadyExists
- type PermissionRepresentation
- type PolicyEnforcementMode
- type PolicyRepresentation
- type ProtocolMapperRepresentation
- type ProtocolMappers
- type ProtocolMappersConfig
- type RealmRepresentation
- type RequestingPartyTokenOptions
- type ResourceOwnerRepresentation
- type ResourcePermission
- type ResourceRepresentation
- type ResourceServerRepresentation
- type RetrospecTokenResult
- type Role
- type RoleDefinition
- type RolePolicyRepresentation
- type ScopeRepresentation
- type ServerInfoRepesentation
- type SetPasswordRequest
- type StringOrArray
- type SystemInfoRepresentation
- type TimePolicyRepresentation
- type TokenOptions
- type User
- type UserGroup
- type UserInfo
- type UserPolicyRepresentation
- type UserSessionRepresentation
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetQueryParams ¶
GetQueryParams converts the struct to map[string]string The fields tags must have `json:"<name>,string,omitempty"` format for all types, except strings The string fields must have: `json:"<name>,omitempty"`. The `json:"<name>,string,omitempty"` tag for string field will add additional double quotes. "string" tag allows to convert the non-string fields of a structure to map[string]string. "omitempty" allows to skip the fields with default values.
func IsObjectAlreadyExists ¶
IsObjectAlreadyExists is a helper to verify tht the err is ObjectAlreadyExists
func NilOrEmpty ¶
NilOrEmpty returns true if string is empty or has a nil value
Types ¶
type Access ¶
type Access struct {
ManageGroupMembership *bool `json:"manageGroupMembership"`
View *bool `json:"view"`
MapRoles *bool `json:"mapRoles"`
Impersonate *bool `json:"impersonate"`
Manage *bool `json:"manage"`
}
Access represents access
type ActiveKeys ¶
type ActiveKeys struct {
HS256 *string `json:"HS256,omitempty"`
RS256 *string `json:"RS256,omitempty"`
AES *string `json:"AES,omitempty"`
}
ActiveKeys holds the active keys
type AggregatedPolicyRepresentation ¶
type AggregatedPolicyRepresentation struct {
Policies []string `json:"policies,omitempty"`
}
AggregatedPolicyRepresentation represents aggregated policies
type Attributes ¶
type Attributes struct {
LDAPENTRYDN []string `json:"LDAP_ENTRY_DN,omitempty"`
LDAPID []string `json:"LDAP_ID,omitempty"`
}
Attributes holds Attributes
type CertResponse ¶
type CertResponse struct {
Keys []*CertResponseKey `json:"keys,omitempty"`
}
CertResponse is returned by the certs endpoint
type CertResponseKey ¶
type CertResponseKey struct {
Kid *string `json:"kid,omitempty"`
Kty *string `json:"kty,omitempty"`
Alg *string `json:"alg,omitempty"`
Use *string `json:"use,omitempty"`
N *string `json:"n,omitempty"`
E *string `json:"e,omitempty"`
}
CertResponseKey is returned by the certs endpoint
type Client ¶
type Client struct {
Access map[string]interface{} `json:"access,omitempty"`
AdminURL *string `json:"adminUrl,omitempty"`
Attributes map[string]string `json:"attributes,omitempty"`
AuthenticationFlowBindingOverrides map[string]string `json:"authenticationFlowBindingOverrides,omitempty"`
AuthorizationServicesEnabled *bool `json:"authorizationServicesEnabled"`
AuthorizationSettings *ResourceServerRepresentation `json:"authorizationSettings,omitempty"`
BaseURL *string `json:"baseUrl,omitempty"`
BearerOnly *bool `json:"bearerOnly"`
ClientAuthenticatorType *string `json:"clientAuthenticatorType,omitempty"`
ClientID *string `json:"clientId,omitempty"`
ConsentRequired *bool `json:"consentRequired"`
DefaultClientScopes []string `json:"defaultClientScopes,omitempty"`
DefaultRoles []string `json:"defaultRoles,omitempty"`
Description *string `json:"description,omitempty"`
DirectAccessGrantsEnabled *bool `json:"directAccessGrantsEnabled"`
Enabled *bool `json:"enabled"`
FrontChannelLogout *bool `json:"frontchannelLogout"`
FullScopeAllowed *bool `json:"fullScopeAllowed"`
ID *string `json:"id,omitempty"`
ImplicitFlowEnabled *bool `json:"implicitFlowEnabled"`
Name *string `json:"name,omitempty"`
NodeReRegistrationTimeout *int32 `json:"nodeReRegistrationTimeout,omitempty"`
NotBefore *int32 `json:"notBefore,omitempty"`
OptionalClientScopes []string `json:"optionalClientScopes,omitempty"`
Origin *string `json:"origin,omitempty"`
Protocol *string `json:"protocol,omitempty"`
ProtocolMappers []*ProtocolMapperRepresentation `json:"protocolMappers,omitempty"`
PublicClient *bool `json:"publicClient"`
RedirectURIs []string `json:"redirectUris,omitempty"`
RegisteredNodes map[string]string `json:"registeredNodes,omitempty"`
RegistrationAccessToken *string `json:"registrationAccessToken,omitempty"`
RootURL *string `json:"rootUrl,omitempty"`
Secret *string `json:"secret,omitempty"`
ServiceAccountsEnabled *bool `json:"serviceAccountsEnabled"`
StandardFlowEnabled *bool `json:"standardFlowEnabled"`
SurrogateAuthRequired *bool `json:"surrogateAuthRequired"`
WebOrigins []string `json:"webOrigins,omitempty"`
}
Client is a ClientRepresentation
type ClientMappingsRepresentation ¶
type ClientMappingsRepresentation struct {
ID *string `json:"id,omitempty"`
Client *string `json:"client,omitempty"`
Mappings []*Role `json:"mappings,omitempty"`
}
ClientMappingsRepresentation is a client role mappings
type ClientPolicyRepresentation ¶
type ClientPolicyRepresentation struct {
Clients []string `json:"clients,omitempty"`
}
ClientPolicyRepresentation represents client based policies
type ClientScope ¶
type ClientScope struct {
ID *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
Description *string `json:"description,omitempty"`
Protocol *string `json:"protocol,omitempty"`
ClientScopeAttributes *ClientScopeAttributes `json:"attributes,omitempty"`
ProtocolMappers []*ProtocolMappers `json:"protocolMappers,omitempty"`
}
ClientScope is a ClientScope
type ClientScopeAttributes ¶
type ClientScopeAttributes struct {
ConsentScreenText *string `json:"consent.screen.text,omitempty"`
DisplayOnConsentScreen *string `json:"display.on.consent.screen,omitempty"`
IncludeInTokenScope *string `json:"include.in.token.scope,omitempty"`
}
ClientScopeAttributes are attributes of client scopes
type Component ¶
type Component struct {
ID *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
ProviderID *string `json:"providerId,omitempty"`
ProviderType *string `json:"providerType,omitempty"`
ParentID *string `json:"parentId,omitempty"`
ComponentConfig *ComponentConfig `json:"config,omitempty"`
SubType *string `json:"subType,omitempty"`
}
Component is a component
type ComponentConfig ¶
type ComponentConfig struct {
Priority []string `json:"priority,omitempty"`
Algorithm []string `json:"algorithm,omitempty"`
}
ComponentConfig is a componentconfig
type CredentialRepresentation ¶
type CredentialRepresentation struct {
Algorithm *string `json:"algorithm,omitempty"`
Config *MultiValuedHashMap `json:"config,omitempty"`
Counter *int32 `json:"counter,omitempty"`
CreatedDate *int64 `json:"createdDate,omitempty"`
Device *string `json:"device,omitempty"`
Digits *int32 `json:"digits,omitempty"`
HashIterations *int32 `json:"hashIterations,omitempty"`
HashedSaltedValue *string `json:"hashedSaltedValue,omitempty"`
Period *int32 `json:"period,omitempty"`
Salt *string `json:"salt,omitempty"`
Temporary *bool `json:"temporary"`
Type *string `json:"type,omitempty"`
Value *string `json:"value,omitempty"`
}
CredentialRepresentation represents credentials
type DecisionStrategy ¶
type DecisionStrategy string
DecisionStrategy is an enum type for DecisionStrategy of PolicyRepresentation
var ( AFFIRMATIVE *DecisionStrategy = DecisionStrategyP("AFFIRMATIVE") UNANIMOUS *DecisionStrategy = DecisionStrategyP("UNANIMOUS") CONSENSUS *DecisionStrategy = DecisionStrategyP("CONSENSUS") )
DecisionStrategy values
func DecisionStrategyP ¶
func DecisionStrategyP(value DecisionStrategy) *DecisionStrategy
DecisionStrategyP returns a pointer for a DecisionStrategy value
type ExecuteActionsEmail ¶
type ExecuteActionsEmail struct {
UserID *string `json:"-"`
ClientID *string `json:"client_id,omitempty"`
Lifespan *int `json:"lifespan,string,omitempty"`
RedirectURI *string `json:"redirect_uri,omitempty"`
Actions []string `json:"-"`
}
ExecuteActionsEmail represents parameters for executing action emails
type GetClientsParams ¶
type GetClientsParams struct {
ClientID *string `json:"clientId,omitempty"`
ViewableOnly *bool `json:"viewableOnly,string"`
}
GetClientsParams represents the query parameters
type GetGroupsParams ¶
type GetGroupsParams struct {
First *int `json:"first,string,omitempty"`
Max *int `json:"max,string,omitempty"`
Search *string `json:"search,omitempty"`
Full *bool `json:"full,string,omitempty"`
}
GetGroupsParams represents the optional parameters for getting groups
type GetPermissionParams ¶
type GetPermissionParams struct {
First *int `json:"first,omitempty"`
Max *int `json:"max,omitempty"`
Name *string `json:"name,omitempty"`
Resource *string `json:"resource,omitempty"`
Scope *string `json:"scope,omitempty"`
Type *string `json:"type,omitempty"`
}
GetPermissionParams represents the optional parameters for getting permissions
type GetPolicyParams ¶
type GetPolicyParams struct {
First *int `json:"first,omitempty"`
Max *int `json:"max,omitempty"`
Name *string `json:"name,omitempty"`
Permission *bool `json:"permission,omitempty"`
Type *string `json:"type,omitempty"`
}
GetPolicyParams represents the optional parameters for getting policies TODO: more policy params?
type GetResourceParams ¶
type GetResourceParams struct {
Deep *bool `json:"deep,omitempty"`
First *int `json:"first,omitempty"`
Max *int `json:"max,omitempty"`
Name *string `json:"name,omitempty"`
Owner *string `json:"owner,omitempty"`
Type *string `json:"type,omitempty"`
URI *string `json:"uri,omitempty"`
Scope *string `json:"scope,omitempty"`
}
GetResourceParams represents the optional parameters for getting resources
type GetScopeParams ¶
type GetScopeParams struct {
Deep *bool `json:"deep,omitempty"`
First *int `json:"first,omitempty"`
Max *int `json:"max,omitempty"`
Name *string `json:"name,omitempty"`
}
GetScopeParams represents the optional parameters for getting scopes
type GetUsersByRoleParams ¶
type GetUsersByRoleParams struct {
First *int `json:"first,string,omitempty"`
Max *int `json:"max,string,omitempty"`
}
GetUsersByRoleParams represents the optional parameters for getting users by role
type GetUsersParams ¶
type GetUsersParams struct {
BriefRepresentation *bool `json:"briefRepresentation,string"`
Email *string `json:"email,omitempty"`
First *int `json:"first,string,omitempty"`
FirstName *string `json:"firstName,omitempty"`
LastName *string `json:"lastName,omitempty"`
Max *int `json:"max,string,omitempty"`
Search *string `json:"search,omitempty"`
Username *string `json:"username,omitempty"`
}
GetUsersParams represents the optional parameters for getting users
type GoCloak ¶
type GoCloak interface {
// RestyClient returns a resty client that gocloak uses
RestyClient() *resty.Client
// Sets the resty Client that gocloak uses
SetRestyClient(restyClient *resty.Client)
// GetToken returns a token
GetToken(realm string, options TokenOptions) (*JWT, error)
// GetRequestingPartyToken returns a requesting party token with permissions granted by the server
GetRequestingPartyToken(token, realm string, options RequestingPartyTokenOptions) (*JWT, error)
// Login sends a request to the token endpoint using user and client credentials
Login(clientID, clientSecret, realm, username, password string) (*JWT, error)
// Logout sends a request to the logout endpoint using refresh token
Logout(clientID, clientSecret, realm, refreshToken string) error
// LogoutPublicClient sends a request to the logout endpoint using refresh token
LogoutPublicClient(clientID, realm, accessToken, refreshToken string) error
// LoginClient sends a request to the token endpoint using client credentials
LoginClient(clientID, clientSecret, realm string) (*JWT, error)
// LoginAdmin login as admin
LoginAdmin(username, password, realm string) (*JWT, error)
// RefreshToken used to refresh the token
RefreshToken(refreshToken string, clientID, clientSecret, realm string) (*JWT, error)
// DecodeAccessToken decodes the accessToken
DecodeAccessToken(accessToken string, realm string) (*jwt.Token, *jwt.MapClaims, error)
// DecodeAccessTokenCustomClaims decodes the accessToken and fills the given claims
DecodeAccessTokenCustomClaims(accessToken string, realm string, claims jwt.Claims) (*jwt.Token, error)
// DecodeAccessTokenCustomClaims calls the token introspection endpoint
RetrospectToken(accessToken string, clientID, clientSecret string, realm string) (*RetrospecTokenResult, error)
// GetIssuer calls the issuer endpoint for the given realm
GetIssuer(realm string) (*IssuerResponse, error)
// GetCerts gets the public keys for the given realm
GetCerts(realm string) (*CertResponse, error)
// GetServerInfo returns the server info
GetServerInfo(accessToken string) (*ServerInfoRepesentation, error)
// GetUserInfo gets the user info for the given realm
GetUserInfo(accessToken string, realm string) (*UserInfo, error)
// ExecuteActionsEmail executes an actions email
ExecuteActionsEmail(token string, realm string, params ExecuteActionsEmail) error
// CreateGroup creates a new group
CreateGroup(accessToken, realm string, group Group) (string, error)
// CreateChildGroup creates a new child group
CreateChildGroup(token string, realm string, groupID string, group Group) (string, error)
// CreateClient creates a new client
CreateClient(accessToken, realm string, clientID Client) (string, error)
// CreateClientScope creates a new clientScope
CreateClientScope(accessToken, realm string, scope ClientScope) (string, error)
// CreateComponent creates a new component
CreateComponent(accessToken, realm string, component Component) (string, error)
// UpdateGroup updates the given group
UpdateGroup(accessToken string, realm string, updatedGroup Group) error
// UpdateRole updates the given role
UpdateRole(accessToken string, realm string, clientID string, role Role) error
// UpdateClient updates the given client
UpdateClient(accessToken string, realm string, updatedClient Client) error
// UpdateClientScope updates the given clientScope
UpdateClientScope(accessToken string, realm string, scope ClientScope) error
// DeleteComponent deletes the given component
DeleteComponent(accessToken string, realm, componentID string) error
// DeleteGroup deletes the given group
DeleteGroup(accessToken string, realm, groupID string) error
// DeleteClient deletes the given client
DeleteClient(accessToken string, realm, clientID string) error
// DeleteClientScope
DeleteClientScope(accessToken string, realm, scopeID string) error
// GetClient returns a client
GetClient(accessToken string, realm string, clientID string) (*Client, error)
// GetClientsDefaultScopes returns a list of the client's default scopes
GetClientsDefaultScopes(token string, realm string, clientID string) ([]*ClientScope, error)
// AddDefaultScopeToClient adds a client scope to the list of client's default scopes
AddDefaultScopeToClient(token string, realm string, clientID string, scopeID string) error
// RemoveDefaultScopeFromClient removes a client scope from the list of client's default scopes
RemoveDefaultScopeFromClient(token string, realm string, clientID string, scopeID string) error
// GetClientsOptionalScopes returns a list of the client's optional scopes
GetClientsOptionalScopes(token string, realm string, clientID string) ([]*ClientScope, error)
// AddOptionalScopeToClient adds a client scope to the list of client's optional scopes
AddOptionalScopeToClient(token string, realm string, clientID string, scopeID string) error
// RemoveOptionalScopeFromClient deletes a client scope from the list of client's optional scopes
RemoveOptionalScopeFromClient(token string, realm string, clientID string, scopeID string) error
// GetDefaultOptionalClientScopes returns a list of default realm optional scopes
GetDefaultOptionalClientScopes(token string, realm string) ([]*ClientScope, error)
// GetDefaultDefaultClientScopes returns a list of default realm default scopes
GetDefaultDefaultClientScopes(token string, realm string) ([]*ClientScope, error)
// GetClientScope returns a clientscope
GetClientScope(token string, realm string, scopeID string) (*ClientScope, error)
// GetClientScopes returns all client scopes
GetClientScopes(token string, realm string) ([]*ClientScope, error)
// GetClientSecret returns a client's secret
GetClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error)
// GetClientServiceAccount retrieves the service account "user" for a client if enabled
GetClientServiceAccount(token string, realm string, clientID string) (*User, error)
// RegenerateClientSecret creates a new client secret returning the updated CredentialRepresentation
RegenerateClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error)
// GetKeyStoreConfig gets the keyStoreConfig
GetKeyStoreConfig(accessToken string, realm string) (*KeyStoreConfig, error)
// GetComponents gets components of the given realm
GetComponents(accessToken string, realm string) ([]*Component, error)
// GetGroups gets all groups of the given realm
GetGroups(accessToken string, realm string, params GetGroupsParams) ([]*Group, error)
// GetGroup gets the given group
GetGroup(accessToken string, realm, groupID string) (*Group, error)
// GetGroupMembers get a list of users of group with id in realm
GetGroupMembers(accessToken string, realm, groupID string, params GetGroupsParams) ([]*User, error)
// GetRoleMappingByGroupID gets the rolemapping for the given group id
GetRoleMappingByGroupID(accessToken string, realm string, groupID string) (*MappingsRepresentation, error)
// GetRoleMappingByUserID gets the rolemapping for the given user id
GetRoleMappingByUserID(accessToken string, realm string, userID string) (*MappingsRepresentation, error)
// GetClients gets the clients in the realm
GetClients(accessToken string, realm string, params GetClientsParams) ([]*Client, error)
// GetClientOfflineSessions returns offline sessions associated with the client
GetClientOfflineSessions(token, realm, clientID string) ([]*UserSessionRepresentation, error)
// GetClientUserSessions returns user sessions associated with the client
GetClientUserSessions(token, realm, clientID string) ([]*UserSessionRepresentation, error)
// CreateClientProtocolMapper creates a protocol mapper in client scope
CreateClientProtocolMapper(token, realm, clientID string, mapper ProtocolMapperRepresentation) (string, error)
// DeleteClientProtocolMapper deletes a protocol mapper in client scope
DeleteClientProtocolMapper(token, realm, clientID, mapperID string) error
// UserAttributeContains checks if the given attribute has the given value
UserAttributeContains(attributes map[string][]string, attribute string, value string) bool
// CreateRealmRole creates a role in a realm
CreateRealmRole(token, realm string, role Role) (string, error)
// GetRealmRole returns a role from a realm by role's name
GetRealmRole(token string, realm string, roleName string) (*Role, error)
// GetRealmRoles get all roles of the given realm. It's an alias for the GetRoles function
GetRealmRoles(accessToken string, realm string) ([]*Role, error)
// GetRealmRolesByUserID returns all roles assigned to the given user
GetRealmRolesByUserID(accessToken string, realm string, userID string) ([]*Role, error)
// GetRealmRolesByGroupID returns all roles assigned to the given group
GetRealmRolesByGroupID(accessToken string, realm string, groupID string) ([]*Role, error)
// UpdateRealmRole updates a role in a realm
UpdateRealmRole(token string, realm string, roleName string, role Role) error
// DeleteRealmRole deletes a role in a realm by role's name
DeleteRealmRole(token string, realm string, roleName string) error
// AddRealmRoleToUser adds realm-level role mappings
AddRealmRoleToUser(token string, realm string, userID string, roles []Role) error
// DeleteRealmRoleFromUser deletes realm-level role mappings
DeleteRealmRoleFromUser(token string, realm string, userID string, roles []Role) error
// AddRealmRoleComposite adds roles as composite
AddRealmRoleComposite(token string, realm string, roleName string, roles []Role) error
// AddRealmRoleComposite adds roles as composite
DeleteRealmRoleComposite(token string, realm string, roleName string, roles []Role) error
// AddClientRoleToUser adds a client role to the user
AddClientRoleToUser(token string, realm string, clientID string, userID string, roles []Role) error
// AddClientRoleToGroup adds a client role to the group
AddClientRoleToGroup(token string, realm string, clientID string, groupID string, roles []Role) error
// CreateClientRole creates a new role for a client
CreateClientRole(accessToken, realm, clientID string, role Role) (string, error)
// DeleteClientRole deletes the given role
DeleteClientRole(accessToken, realm, clientID, roleName string) error
// DeleteClientRoleFromUser removes a client role from from the user
DeleteClientRoleFromUser(token string, realm string, clientID string, userID string, roles []Role) error
// DeleteClientRoleFromGroup removes a client role from from the group
DeleteClientRoleFromGroup(token string, realm string, clientID string, groupID string, roles []Role) error
// GetClientRoles gets roles for the given client
GetClientRoles(accessToken string, realm string, clientID string) ([]*Role, error)
// GetRealmRolesByUserID returns all client roles assigned to the given user
GetClientRolesByUserID(token string, realm string, clientID string, userID string) ([]*Role, error)
// GetClientRolesByGroupID returns all client roles assigned to the given group
GetClientRolesByGroupID(token string, realm string, clientID string, groupID string) ([]*Role, error)
// GetCompositeClientRolesByUserID returns all client roles and composite roles assigned to the given user
GetCompositeClientRolesByUserID(token string, realm string, clientID string, userID string) ([]*Role, error)
// GetCompositeClientRolesByGroupID returns all client roles and composite roles assigned to the given group
GetCompositeClientRolesByGroupID(token string, realm string, clientID string, groupID string) ([]*Role, error)
// GetClientRole get a role for the given client in a realm by role name
GetClientRole(token string, realm string, clientID string, roleName string) (*Role, error)
// AddClientRoleComposite adds roles as composite
AddClientRoleComposite(token string, realm string, roleID string, roles []Role) error
// DeleteClientRoleComposite deletes composites from a role
DeleteClientRoleComposite(token string, realm string, roleID string, roles []Role) error
// GetRealm returns top-level representation of the realm
GetRealm(token string, realm string) (*RealmRepresentation, error)
// GetRealms returns top-level representation of all realms
GetRealms(token string) ([]*RealmRepresentation, error)
// CreateRealm creates a realm
CreateRealm(token string, realm RealmRepresentation) (string, error)
// DeleteRealm removes a realm
DeleteRealm(token string, realm string) error
// ClearRealmCache clears realm cache
ClearRealmCache(token string, realm string) error
// ClearUserCache clears realm cache
ClearUserCache(token string, realm string) error
// ClearKeysCache clears realm cache
ClearKeysCache(token string, realm string) error
// *** Users ***
// CreateUser creates a new user
CreateUser(token string, realm string, user User) (string, error)
// DeleteUser deletes the given user
DeleteUser(accessToken string, realm, userID string) error
// GetUserByID gets the user with the given id
GetUserByID(accessToken string, realm string, userID string) (*User, error)
// GetUser count returns the userCount of the given realm
GetUserCount(accessToken string, realm string) (int, error)
// GetUsers gets all users of the given realm
GetUsers(accessToken string, realm string, params GetUsersParams) ([]*User, error)
// GetUserGroups gets the groups of the given user
GetUserGroups(accessToken string, realm string, userID string) ([]*UserGroup, error)
// GetUsersByRoleName returns all users have a given role
GetUsersByRoleName(token string, realm string, roleName string) ([]*User, error)
// GetUsersByClientRoleName returns all users have a given client role
GetUsersByClientRoleName(token string, realm string, clientID string, roleName string, params GetUsersByRoleParams) ([]*User, error)
// SetPassword sets a new password for the user with the given id. Needs elevated privileges
SetPassword(token string, userID string, realm string, password string, temporary bool) error
// UpdateUser updates the given user
UpdateUser(accessToken string, realm string, user User) error
// AddUserToGroup puts given user to given group
AddUserToGroup(token string, realm string, userID string, groupID string) error
// DeleteUserFromGroup deletes given user from given group
DeleteUserFromGroup(token string, realm string, userID string, groupID string) error
// GetUserSessions returns user sessions associated with the user
GetUserSessions(token, realm, userID string) ([]*UserSessionRepresentation, error)
// GetUserOfflineSessionsForClient returns offline sessions associated with the user and client
GetUserOfflineSessionsForClient(token, realm, userID, clientID string) ([]*UserSessionRepresentation, error)
// *** Identity Provider **
// CreateIdentityProvider creates an identity provider in a realm
CreateIdentityProvider(token string, realm string, providerRep IdentityProviderRepresentation) (string, error)
// GetIdentityProviders gets identity providers in a realm
GetIdentityProviders(token string, realm string) ([]*IdentityProviderRepresentation, error)
// GetIdentityProvider gets the identity provider in a realm
GetIdentityProvider(token string, realm string, alias string) (*IdentityProviderRepresentation, error)
// UpdateIdentityProvider updates the identity provider in a realm
UpdateIdentityProvider(token string, realm string, alias string, providerRep IdentityProviderRepresentation) error
// DeleteIdentityProvider deletes the identity provider in a realm
DeleteIdentityProvider(token string, realm string, alias string) error
// *** Protection API ***
// GetResource returns a client's resource with the given id
GetResource(token string, realm string, clientID string, resourceID string) (*ResourceRepresentation, error)
// GetResources a returns resources associated with the client
GetResources(token string, realm string, clientID string, params GetResourceParams) ([]*ResourceRepresentation, error)
// CreateResource creates a resource associated with the client
CreateResource(token string, realm string, clientID string, resource ResourceRepresentation) (*ResourceRepresentation, error)
// UpdateResource updates a resource associated with the client
UpdateResource(token string, realm string, clientID string, resource ResourceRepresentation) error
// DeleteResource deletes a resource associated with the client
DeleteResource(token string, realm string, clientID string, resourceID string) error
// GetScope returns a client's scope with the given id
GetScope(token string, realm string, clientID string, scopeID string) (*ScopeRepresentation, error)
// GetScopes returns scopes associated with the client
GetScopes(token string, realm string, clientID string, params GetScopeParams) ([]*ScopeRepresentation, error)
// CreateScope creates a scope associated with the client
CreateScope(token string, realm string, clientID string, scope ScopeRepresentation) (*ScopeRepresentation, error)
// UpdateScope updates a scope associated with the client
UpdateScope(token string, realm string, clientID string, resource ScopeRepresentation) error
// DeleteScope deletes a scope associated with the client
DeleteScope(token string, realm string, clientID string, scopeID string) error
// GetPolicy returns a client's policy with the given id
GetPolicy(token string, realm string, clientID string, policyID string) (*PolicyRepresentation, error)
// GetPolicies returns policies associated with the client
GetPolicies(token string, realm string, clientID string, params GetPolicyParams) ([]*PolicyRepresentation, error)
// CreatePolicy creates a policy associated with the client
CreatePolicy(token string, realm string, clientID string, policy PolicyRepresentation) (*PolicyRepresentation, error)
// UpdatePolicy updates a policy associated with the client
UpdatePolicy(token string, realm string, clientID string, policy PolicyRepresentation) error
// DeletePolicy deletes a policy associated with the client
DeletePolicy(token string, realm string, clientID string, policyID string) error
// GetPermission returns a client's permission with the given id
GetPermission(token string, realm string, clientID string, permissionID string) (*PermissionRepresentation, error)
// GetPermissions returns permissions associated with the client
GetPermissions(token string, realm string, clientID string, params GetPermissionParams) ([]*PermissionRepresentation, error)
// CreatePermission creates a permission associated with the client
CreatePermission(token string, realm string, clientID string, permission PermissionRepresentation) (*PermissionRepresentation, error)
// UpdatePermission updates a permission associated with the client
UpdatePermission(token string, realm string, clientID string, permission PermissionRepresentation) error
// DeletePermission deletes a permission associated with the client
DeletePermission(token string, realm string, clientID string, permissionID string) error
}
GoCloak holds all methods a client should fulfill
type Group ¶
type Group struct {
ID *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
Path *string `json:"path,omitempty"`
SubGroups []*Group `json:"subGroups,omitempty"`
Attributes map[string][]string `json:"attributes,omitempty"`
Access map[string]bool `json:"access,omitempty"`
ClientRoles map[string][]string `json:"clientRoles,omitempty"`
RealmRoles []string `json:"realmRoles,omitempty"`
}
Group is a Group
type GroupDefinition ¶
type GroupDefinition struct {
ID *string `json:"id"`
Path *string `json:"path,omitempty"`
ExtendChildren *bool `json:"extendChildren,omitempty"`
}
GroupDefinition represents a group in a GroupPolicyRepresentation
type GroupPolicyRepresentation ¶
type GroupPolicyRepresentation struct {
Groups []*GroupDefinition `json:"groups,omitempty"`
GroupsClaim *string `json:"groupsClaim,omitempty"`
}
GroupPolicyRepresentation represents group based policies
type HTTPErrorResponse ¶
type HTTPErrorResponse struct {
ErrorMessage string `json:"errorMessage,omitempty"`
Error string `json:"error,omitempty"`
}
HTTPErrorResponse is a model of an error response
type IdentityProviderRepresentation ¶
type IdentityProviderRepresentation struct {
AddReadTokenRoleOnCreate *bool `json:"addReadTokenRoleOnCreate,omitempty"`
Alias *string `json:"alias,omitempty"`
Config map[string]string `json:"config,omitempty"`
DisplayName *string `json:"displayName,omitempty"`
Enabled *bool `json:"enabled,omitempty"`
FirstBrokerLoginFlowAlias *string `json:"firstBrokerLoginFlowAlias,omitempty"`
InternalID *string `json:"internalId,omitempty"`
LinkOnly *bool `json:"linkOnly,omitempty"`
PostBrokerLoginFlowAlias *string `json:"postBrokerLoginFlowAlias,omitempty"`
ProviderID *string `json:"providerId,omitempty"`
StoreToken *bool `json:"storeToken,omitempty"`
TrustEmail *bool `json:"trustEmail,omitempty"`
}
IdentityProviderRepresentation represents an identity provider
type IssuerResponse ¶
type IssuerResponse struct {
Realm *string `json:"realm,omitempty"`
PublicKey *string `json:"public_key,omitempty"`
TokenService *string `json:"token-service,omitempty"`
AccountService *string `json:"account-service,omitempty"`
TokensNotBefore *int `json:"tokens-not-before,omitempty"`
}
IssuerResponse is returned by the issuer endpoint
type JSPolicyRepresentation ¶
type JSPolicyRepresentation struct {
Code *string `json:"code,omitempty"`
}
JSPolicyRepresentation represents js based policies
type JWT ¶
type JWT struct {
AccessToken string `json:"access_token"`
IDToken string `json:"id_token"`
ExpiresIn int `json:"expires_in"`
RefreshExpiresIn int `json:"refresh_expires_in"`
RefreshToken string `json:"refresh_token"`
TokenType string `json:"token_type"`
NotBeforePolicy int `json:"not-before-policy"`
SessionState string `json:"session_state"`
Scope string `json:"scope"`
}
JWT is a JWT
type Key ¶
type Key struct {
ProviderID *string `json:"providerId,omitempty"`
ProviderPriority *int `json:"providerPriority,omitempty"`
Kid *string `json:"kid,omitempty"`
Status *string `json:"status,omitempty"`
Type *string `json:"type,omitempty"`
Algorithm *string `json:"algorithm,omitempty"`
PublicKey *string `json:"publicKey,omitempty"`
Certificate *string `json:"certificate,omitempty"`
}
Key is a key
type KeyStoreConfig ¶
type KeyStoreConfig struct {
ActiveKeys *ActiveKeys `json:"active,omitempty"`
Key []*Key `json:"keys,omitempty"`
}
KeyStoreConfig holds the keyStoreConfig
type MappingsRepresentation ¶
type MappingsRepresentation struct {
ClientMappings map[string]*ClientMappingsRepresentation `json:"clientMappings,omitempty"`
RealmMappings []*Role `json:"realmMappings,omitempty"`
}
MappingsRepresentation is a representation of role mappings
type MemoryInfoRepresentation ¶
type MemoryInfoRepresentation struct {
Free *int `json:"free,omitempty"`
FreeFormated *string `json:"freeFormated,omitempty"`
FreePercentage *int `json:"freePercentage,omitempty"`
Total *int `json:"total,omitempty"`
TotalFormated *string `json:"totalFormated,omitempty"`
Used *int `json:"used,omitempty"`
UsedFormated *string `json:"usedFormated,omitempty"`
}
MemoryInfoRepresentation represents a memory info
type MultiValuedHashMap ¶
type MultiValuedHashMap struct {
Empty *bool `json:"empty"`
LoadFactor *float32 `json:"loadFactor,omitempty"`
Threshold *int32 `json:"threshold,omitempty"`
}
MultiValuedHashMap represents something
type ObjectAlreadyExists ¶
type ObjectAlreadyExists struct {
ErrorMessage string
}
ObjectAlreadyExists is used when keycloak answers with 409
func (*ObjectAlreadyExists) Error ¶
func (e *ObjectAlreadyExists) Error() string
type PermissionRepresentation ¶
type PermissionRepresentation struct {
DecisionStrategy *DecisionStrategy `json:"decisionStrategy,omitempty"`
Description *string `json:"description,omitempty"`
ID *string `json:"id,omitempty"`
Logic *Logic `json:"logic,omitempty"`
Name *string `json:"name,omitempty"`
Policies []string `json:"policies,omitempty"`
Resources []string `json:"resources,omitempty"`
ResourceType *string `json:"resource_type,omitempty"`
Scopes []string `json:"scopes,omitempty"`
Type *string `json:"type,omitempty"`
}
PermissionRepresentation is a representation of a Permission
type PolicyEnforcementMode ¶
type PolicyEnforcementMode int
PolicyEnforcementMode is an enum type for PolicyEnforcementMode of ResourceServerRepresentation
const ( ENFORCING PolicyEnforcementMode = iota PERMISSIVE DISABLED )
PolicyEnforcementMode values
type PolicyRepresentation ¶
type PolicyRepresentation struct {
Config map[string]string `json:"config,omitempty"`
DecisionStrategy *DecisionStrategy `json:"decisionStrategy,omitempty"`
Description *string `json:"description,omitempty"`
ID *string `json:"id,omitempty"`
Logic *Logic `json:"logic,omitempty"`
Name *string `json:"name,omitempty"`
Owner *string `json:"owner,omitempty"`
Policies []string `json:"policies,omitempty"`
Resources []string `json:"resources,omitempty"`
Scopes []string `json:"scopes,omitempty"`
Type *string `json:"type,omitempty"`
RolePolicyRepresentation
JSPolicyRepresentation
ClientPolicyRepresentation
TimePolicyRepresentation
UserPolicyRepresentation
AggregatedPolicyRepresentation
GroupPolicyRepresentation
}
PolicyRepresentation is a representation of a Policy
type ProtocolMapperRepresentation ¶
type ProtocolMapperRepresentation struct {
Config map[string]string `json:"config,omitempty"`
ID *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
Protocol *string `json:"protocol,omitempty"`
ProtocolMapper *string `json:"protocolMapper,omitempty"`
}
ProtocolMapperRepresentation represents....
type ProtocolMappers ¶
type ProtocolMappers struct {
ID *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
Protocol *string `json:"protocol,omitempty"`
ProtocolMapper *string `json:"protocolMapper,omitempty"`
ConsentRequired *bool `json:"consentRequired"`
ProtocolMappersConfig *ProtocolMappersConfig `json:"config,omitempty"`
}
ProtocolMappers are protocolmappers
type ProtocolMappersConfig ¶
type ProtocolMappersConfig struct {
UserinfoTokenClaim *string `json:"userinfo.token.claim,omitempty"`
UserAttribute *string `json:"user.attribute,omitempty"`
IDTokenClaim *string `json:"id.token.claim,omitempty"`
AccessTokenClaim *string `json:"access.token.claim,omitempty"`
ClaimName *string `json:"claim.name,omitempty"`
ClaimValue *string `json:"claim.value,omitempty"`
JSONTypeLabel *string `json:"jsonType.label,omitempty"`
Multivalued *string `json:"multivalued,omitempty"`
UsermodelClientRoleMappingClientID *string `json:"usermodel.clientRoleMapping.clientId,omitempty"`
IncludedClientAudience *string `json:"included.client.audience,omitempty"`
}
ProtocolMappersConfig is a config of a protocol mapper
type RealmRepresentation ¶
type RealmRepresentation struct {
AccessCodeLifespan *int `json:"accessCodeLifespan,omitempty"`
AccessCodeLifespanLogin *int `json:"accessCodeLifespanLogin,omitempty"`
AccessCodeLifespanUserAction *int `json:"accessCodeLifespanUserAction,omitempty"`
AccessTokenLifespan *int `json:"accessTokenLifespan,omitempty"`
AccessTokenLifespanForImplicitFlow *int `json:"accessTokenLifespanForImplicitFlow,omitempty"`
AccountTheme *string `json:"accountTheme,omitempty"`
ActionTokenGeneratedByAdminLifespan *int `json:"actionTokenGeneratedByAdminLifespan,omitempty"`
ActionTokenGeneratedByUserLifespan *int `json:"actionTokenGeneratedByUserLifespan,omitempty"`
AdminEventsDetailsEnabled *bool `json:"adminEventsDetailsEnabled"`
AdminEventsEnabled *bool `json:"adminEventsEnabled"`
AdminTheme *string `json:"adminTheme,omitempty"`
Attributes map[string]string `json:"attributes,omitempty"`
AuthenticationFlows []interface{} `json:"authenticationFlows,omitempty"`
AuthenticatorConfig []interface{} `json:"authenticatorConfig,omitempty"`
BrowserFlow *string `json:"browserFlow,omitempty"`
BrowserSecurityHeaders map[string]string `json:"browserSecurityHeaders,omitempty"`
BruteForceProtected *bool `json:"bruteForceProtected"`
ClientAuthenticationFlow *string `json:"clientAuthenticationFlow,omitempty"`
ClientScopeMappings map[string]string `json:"clientScopeMappings,omitempty"`
ClientScopes []*ClientScope `json:"clientScopes,omitempty"`
Clients []*Client `json:"clients,omitempty"`
Components interface{} `json:"components,omitempty"`
DefaultDefaultClientScopes []string `json:"defaultDefaultClientScopes,omitempty"`
DefaultGroups []string `json:"defaultGroups,omitempty"`
DefaultLocale *string `json:"defaultLocale,omitempty"`
DefaultOptionalClientScopes []string `json:"defaultOptionalClientScopes,omitempty"`
DefaultRoles []string `json:"defaultRoles,omitempty"`
DefaultSignatureAlgorithm *string `json:"defaultSignatureAlgorithm,omitempty"`
DirectGrantFlow *string `json:"directGrantFlow,omitempty"`
DisplayName *string `json:"displayName,omitempty"`
DisplayNameHTML *string `json:"displayNameHtml,omitempty"`
DockerAuthenticationFlow *string `json:"dockerAuthenticationFlow,omitempty"`
DuplicateEmailsAllowed *bool `json:"duplicateEmailsAllowed"`
EditUsernameAllowed *bool `json:"editUsernameAllowed"`
EmailTheme *string `json:"emailTheme,omitempty"`
Enabled *bool `json:"enabled"`
EnabledEventTypes []string `json:"enabledEventTypes,omitempty"`
EventsEnabled *bool `json:"eventsEnabled"`
EventsExpiration *int64 `json:"eventsExpiration,omitempty"`
EventsListeners []string `json:"eventsListeners,omitempty"`
FailureFactor *int `json:"failureFactor,omitempty"`
FederatedUsers []interface{} `json:"federatedUsers,omitempty"`
Groups []interface{} `json:"groups,omitempty"`
ID *string `json:"id,omitempty"`
IdentityProviderMappers []interface{} `json:"identityProviderMappers,omitempty"`
IdentityProviders []interface{} `json:"identityProviders,omitempty"`
InternationalizationEnabled *bool `json:"internationalizationEnabled"`
KeycloakVersion *string `json:"keycloakVersion,omitempty"`
LoginTheme *string `json:"loginTheme,omitempty"`
LoginWithEmailAllowed *bool `json:"loginWithEmailAllowed"`
MaxDeltaTimeSeconds *int `json:"maxDeltaTimeSeconds,omitempty"`
MaxFailureWaitSeconds *int `json:"maxFailureWaitSeconds,omitempty"`
MinimumQuickLoginWaitSeconds *int `json:"minimumQuickLoginWaitSeconds,omitempty"`
NotBefore *int `json:"notBefore,omitempty"`
OfflineSessionIdleTimeout *int `json:"offlineSessionIdleTimeout,omitempty"`
OfflineSessionMaxLifespan *int `json:"offlineSessionMaxLifespan,omitempty"`
OfflineSessionMaxLifespanEnabled *bool `json:"offlineSessionMaxLifespanEnabled"`
OtpPolicyAlgorithm *string `json:"otpPolicyAlgorithm,omitempty"`
OtpPolicyDigits *int `json:"otpPolicyDigits,omitempty"`
OtpPolicyInitialCounter *int `json:"otpPolicyInitialCounter,omitempty"`
OtpPolicyLookAheadWindow *int `json:"otpPolicyLookAheadWindow,omitempty"`
OtpPolicyPeriod *int `json:"otpPolicyPeriod,omitempty"`
OtpPolicyType *string `json:"otpPolicyType,omitempty"`
OtpSupportedApplications []string `json:"otpSupportedApplications,omitempty"`
PasswordPolicy *string `json:"passwordPolicy,omitempty"`
PermanentLockout *bool `json:"permanentLockout"`
ProtocolMappers []interface{} `json:"protocolMappers,omitempty"`
QuickLoginCheckMilliSeconds *int64 `json:"quickLoginCheckMilliSeconds,omitempty"`
Realm *string `json:"realm,omitempty"`
RefreshTokenMaxReuse *int `json:"refreshTokenMaxReuse,omitempty"`
RegistrationAllowed *bool `json:"registrationAllowed"`
RegistrationEmailAsUsername *bool `json:"registrationEmailAsUsername"`
RegistrationFlow *string `json:"registrationFlow,omitempty"`
RememberMe *bool `json:"rememberMe"`
RequiredActions []interface{} `json:"requiredActions,omitempty"`
ResetCredentialsFlow *string `json:"resetCredentialsFlow,omitempty"`
ResetPasswordAllowed *bool `json:"resetPasswordAllowed"`
RevokeRefreshToken *bool `json:"revokeRefreshToken"`
Roles interface{} `json:"roles,omitempty"`
ScopeMappings []interface{} `json:"scopeMappings,omitempty"`
SMTPServer map[string]string `json:"smtpServer,omitempty"`
SslRequired *string `json:"sslRequired,omitempty"`
SsoSessionIdleTimeout *int `json:"ssoSessionIdleTimeout,omitempty"`
SsoSessionIdleTimeoutRememberMe *int `json:"ssoSessionIdleTimeoutRememberMe,omitempty"`
SsoSessionMaxLifespan *int `json:"ssoSessionMaxLifespan,omitempty"`
SsoSessionMaxLifespanRememberMe *int `json:"ssoSessionMaxLifespanRememberMe,omitempty"`
SupportedLocales []string `json:"supportedLocales,omitempty"`
UserFederationMappers []interface{} `json:"userFederationMappers,omitempty"`
UserFederationProviders []interface{} `json:"userFederationProviders,omitempty"`
UserManagedAccessAllowed *bool `json:"userManagedAccessAllowed"`
Users []*User `json:"users,omitempty"`
VerifyEmail *bool `json:"verifyEmail"`
WaitIncrementSeconds *int `json:"waitIncrementSeconds,omitempty"`
}
RealmRepresentation represent a realm
type RequestingPartyTokenOptions ¶
type RequestingPartyTokenOptions struct {
GrantType *string `json:"grant_type"`
Ticket *string `json:"ticket,omitempty"`
ClaimToken *string `json:"claim_token,omitempty"`
ClaimTokenFormat *string `json:"claim_token_format,omitempty"`
RPT *string `json:"rpt,omitempty"`
Permissions []string `json:"-"`
Audience *string `json:"audience,omitempty"`
ResponseIncludeResourceName *bool `json:"response_include_resource_name,string"`
ResponsePermissionsLimit *uint32 `json:"response_permissions_limit,omitempty"`
SubmitRequest *bool `json:"submit_request,string,omitempty"`
ResponseMode *string `json:"response_mode,omitempty"`
}
RequestingPartyTokenOptions represents the options to obtain a requesting party token
func (*RequestingPartyTokenOptions) FormData ¶
func (t *RequestingPartyTokenOptions) FormData() map[string]string
FormData returns a map of options to be used in SetFormData function
type ResourceOwnerRepresentation ¶
ResourceOwnerRepresentation represents a resource's owner
type ResourcePermission ¶
type ResourcePermission struct {
RSID *string `json:"rsid,omitempty"`
ResourceID *string `json:"resource_id,omitempty"`
RSName *string `json:"rsname,omitempty"`
Scopes []string `json:"scopes,omitempty"`
ResourceScopes []string `json:"resource_scopes,omitempty"`
}
ResourcePermission represents a permission granted to a resource
type ResourceRepresentation ¶
type ResourceRepresentation struct {
ID *string `json:"_id,omitempty"` //TODO: is marked "_optional" in template, input error or deliberate?
Attributes map[string][]string `json:"attributes,omitempty"`
DisplayName *string `json:"displayName,omitempty"`
IconURI *string `json:"icon_uri,omitempty"` //TODO: With "_" because that's how it's written down in the template
Name *string `json:"name,omitempty"`
Owner *ResourceOwnerRepresentation `json:"owner"`
OwnerManagedAccess *bool `json:"ownerManagedAccess"`
Scopes []*ScopeRepresentation `json:"scopes,omitempty"`
Type *string `json:"type,omitempty"`
URIs []string `json:"uris,omitempty"`
}
ResourceRepresentation is a representation of a Resource
type ResourceServerRepresentation ¶
type ResourceServerRepresentation struct {
AllowRemoteResourceManagement *bool `json:"allowRemoteResourceManagement"`
ClientID *string `json:"clientId,omitempty"`
ID *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
Policies []*PolicyRepresentation `json:"policies,omitempty"`
PolicyEnforcementMode *PolicyEnforcementMode `json:"policyEnforcementMode,omitempty"`
Resources []*ResourceRepresentation `json:"resources,omitempty"`
Scopes []*ScopeRepresentation `json:"scopes,omitempty"`
}
ResourceServerRepresentation represents the resources of a Server
type RetrospecTokenResult ¶
type RetrospecTokenResult struct {
Permissions []*ResourcePermission `json:"permissions,omitempty"`
Exp *int `json:"exp,omitempty"`
Nbf *int `json:"nbf,omitempty"`
Iat *int `json:"iat,omitempty"`
Aud *StringOrArray `json:"aud,omitempty"`
Active *bool `json:"active"`
AuthTime *int `json:"auth_time,omitempty"`
Jti *string `json:"jti,omitempty"`
Type *string `json:"typ,omitempty"`
}
RetrospecTokenResult is returned when a token was checked
type Role ¶
type Role struct {
ID *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
ScopeParamRequired *bool `json:"scopeParamRequired"`
Composite *bool `json:"composite"`
ClientRole *bool `json:"clientRole"`
ContainerID *string `json:"containerId,omitempty"`
Description *string `json:"description,omitempty"`
Attributes map[string][]string `json:"attributes,omitempty"`
}
Role is a role
type RoleDefinition ¶
RoleDefinition represents a role in a RolePolicyRepresentation
type RolePolicyRepresentation ¶
type RolePolicyRepresentation struct {
Roles []*RoleDefinition `json:"roles,omitempty"`
}
RolePolicyRepresentation represents role based policies
type ScopeRepresentation ¶
type ScopeRepresentation struct {
DisplayName *string `json:"displayName,omitempty"`
IconURI *string `json:"iconUri,omitempty"`
ID *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
Policies []*PolicyRepresentation `json:"policies,omitempty"`
Resources []*ResourceRepresentation `json:"resources,omitempty"`
}
ScopeRepresentation is a represents a Scope
type ServerInfoRepesentation ¶
type ServerInfoRepesentation struct {
SystemInfo *SystemInfoRepresentation `json:"systemInfo,omitempty"`
MemoryInfo *MemoryInfoRepresentation `json:"memoryInfo"`
}
ServerInfoRepesentation represents a server info
type SetPasswordRequest ¶
type SetPasswordRequest struct {
Type *string `json:"type,omitempty"`
Temporary *bool `json:"temporary"`
Password *string `json:"value,omitempty"`
}
SetPasswordRequest sets a new password
type StringOrArray ¶
type StringOrArray []string
StringOrArray represents a value that can either be a string or an array of strings
func (*StringOrArray) MarshalJSON ¶
func (s *StringOrArray) MarshalJSON() ([]byte, error)
MarshalJSON converts the array of strings to a JSON array or JSON string if there is only one item in the array
func (*StringOrArray) UnmarshalJSON ¶
func (s *StringOrArray) UnmarshalJSON(data []byte) error
UnmarshalJSON unmarshals a string or an array object from a JSON array or a JSON string
type SystemInfoRepresentation ¶
type SystemInfoRepresentation struct {
FileEncoding *string `json:"fileEncoding"`
JavaHome *string `json:"javaHome"`
JavaRuntime *string `json:"javaRuntime,omitempty"`
JavaVendor *string `json:"javaVendor,omitempty"`
JavaVersion *string `json:"javaVersion,omitempty"`
JavaVM *string `json:"javaVm,omitempty"`
JavaVMVersion *string `json:"javaVmVersion,omitempty"`
OSArchitecture *string `json:"osArchitecture,omitempty"`
OSName *string `json:"osName,omitempty"`
OSVersion *string `json:"osVersion,omitempty"`
ServerTime *string `json:"serverTime,omitempty"`
Uptime *string `json:"uptime,omitempty"`
UptimeMillis *int `json:"uptimeMillis,omitempty"`
UserDir *string `json:"userDir,omitempty"`
UserLocale *string `json:"userLocale,omitempty"`
UserName *string `json:"userName,omitempty"`
UserTimezone *string `json:"userTimezone,omitempty"`
Version *string `json:"version,omitempty"`
}
SystemInfoRepresentation represents a system info
type TimePolicyRepresentation ¶
type TimePolicyRepresentation struct {
NotBefore *string `json:"notBefore,omitempty"`
NotOnOrAfter *string `json:"notOnOrAfter,omitempty"`
DayMonth *string `json:"dayMonth,omitempty"`
DayMonthEnd *string `json:"dayMonthEnd,omitempty"`
Month *string `json:"month,omitempty"`
MonthEnd *string `json:"monthEnd,omitempty"`
Year *string `json:"year,omitempty"`
YearEnd *string `json:"yearEnd,omitempty"`
Hour *string `json:"hour,omitempty"`
HourEnd *string `json:"hourEnd,omitempty"`
Minute *string `json:"minute,omitempty"`
MinuteEnd *string `json:"minuteEnd,omitempty"`
}
TimePolicyRepresentation represents time based policies
type TokenOptions ¶
type TokenOptions struct {
ClientID *string `json:"client_id"`
ClientSecret *string `json:"-"`
GrantType *string `json:"grant_type"`
RefreshToken *string `json:"refresh_token,omitempty"`
Scopes []string `json:"-"`
Scope *string `json:"scope,omitempty"`
ResponseTypes []string `json:"-"`
ResponseType *string `json:"response_type,omitempty"`
Permission *string `json:"permission,omitempty"`
Username *string `json:"username,omitempty"`
Password *string `json:"password,omitempty"`
}
TokenOptions represents the options to obtain a token
func (*TokenOptions) FormData ¶
func (t *TokenOptions) FormData() map[string]string
FormData returns a map of options to be used in SetFormData function
type User ¶
type User struct {
ID *string `json:"id,omitempty"`
CreatedTimestamp *int64 `json:"createdTimestamp,omitempty"`
Username *string `json:"username,omitempty"`
Enabled *bool `json:"enabled"`
Totp *bool `json:"totp"`
EmailVerified *bool `json:"emailVerified"`
FirstName *string `json:"firstName,omitempty"`
LastName *string `json:"lastName,omitempty"`
Email *string `json:"email,omitempty"`
FederationLink *string `json:"federationLink,omitempty"`
Attributes map[string][]string `json:"attributes,omitempty"`
DisableableCredentialTypes []interface{} `json:"disableableCredentialTypes,omitempty"`
RequiredActions []string `json:"requiredActions,omitempty"`
Access map[string]bool `json:"access"`
ClientRoles map[string][]string `json:"clientRoles,omitempty"`
RealmRoles []string `json:"realmRoles,omitempty"`
ServiceAccountClientID *string `json:"serviceAccountClientId,omitempty"`
Credentials []*CredentialRepresentation `json:"credentials,omitempty"`
}
User represents the Keycloak User Structure
type UserGroup ¶
type UserGroup struct {
ID *string `json:"id,omitempty"`
Name *string `json:"name,omitempty"`
Path *string `json:"path,omitempty"`
}
UserGroup is a UserGroup
type UserInfo ¶
type UserInfo struct {
Sub *string `json:"sub,omitempty"`
EmailVerified *bool `json:"email_verified"`
Address interface{} `json:"address,omitempty"`
PreferredUsername *string `json:"preferred_username,omitempty"`
Email *string `json:"email,omitempty"`
}
UserInfo is returned by the userinfo endpoint
type UserPolicyRepresentation ¶
type UserPolicyRepresentation struct {
Users []string `json:"users,omitempty"`
}
UserPolicyRepresentation represents user based policies
type UserSessionRepresentation ¶
type UserSessionRepresentation struct {
Clients map[string]string `json:"clients,omitempty"`
ID *string `json:"id,omitempty"`
IPAddress *string `json:"ipAddress,omitempty"`
LastAccess *int64 `json:"lastAccess,omitempty"`
Start *int64 `json:"start,omitempty"`
UserID *string `json:"userId,omitempty"`
Username *string `json:"username,omitempty"`
}
UserSessionRepresentation represents a list of user's sessions
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.