Documentation
¶
Index ¶
- Constants
- Variables
- func ExtractServerCert(host string, port int) ([]byte, error)
- func FixJson(data []byte, st interface{}) error
- func GetEndpointUrl(endpointName string) string
- func GetSessionRestUrl(services []Services) (string, string, error)
- func IsFileExist(filePath string) bool
- func NewADConnector() (*ldap.Conn, error)
- func ProcessSessions(sessions *IseSessions, timeStampFilePath string, ...) error
- func SessionListener(secret, restUrl, timeStampFilePath string, controller *Controller, ...) error
- func SetupCloseHandler()
- func ValidateUsernamePassword() error
- type AccessSecretInput
- type AccessSecretOutput
- type AccountActivate
- type AllUsers
- type Attributes
- type Config
- type Controller
- type CreateClient
- type FUIDController
- func (f *FUIDController) GetTLSConfig() (*tls.Config, error)
- func (f *FUIDController) GetUser(userNTLMIdentity string) (*FUIDUser, error)
- func (f *FUIDController) PostUser(userEntity *LdapElement, sess *Sessions, displayProcess bool) error
- func (f *FUIDController) PutUser(user *FUIDUser, sess *Sessions, displayProcess bool) error
- func (f *FUIDController) SendRequest(endPoint, parameters string, requestBody interface{}, requestMethod string) (*http.Response, error)
- func (f *FUIDController) UserManager(sess *Sessions, displayProcess bool) error
- type FUIDUser
- type ISEClient
- type IseSessions
- type KeyValue
- type LdapElement
- type LdapEntity
- type ReadSessionInput
- type ServiceLookupInput
- type ServiceLookupOutput
- type ServiceProperties
- type Services
- type Sessions
Constants ¶
View Source
const ( RequestTimeoutValue = 5 //the timeout in seconds for ISE requests AccessLanguage = "application/json" ContentType = "application/json" PxGridCreateClientEndPoint = "pxgrid/control/AccountCreate" PxGridAccountActivateEndPoint = "pxgrid/control/AccountActivate" ServiceLookup = "pxgrid/control/ServiceLookup" ServiceLookupSessions = "com.cisco.ise.session" AccessSecretEndpoint = "pxgrid/control/AccessSecret" NoServiceAvailable = "no service available" Enabled = "ENABLED" GetSessionEndpoint = "getSessions" //FUID UserNtlmIdentityEndpoint = "user/ntlm-identity" UserEndpoint = "user" FuidAllUsers = "users" AUTHENTICATED = "AUTHENTICATED" AUTHENTICATING = "AUTHENTICATING" POSTURED = "POSTURED" DISCONNECTED = "DISCONNECTED" ChangeTypeAdd = "add" ChangeTypeModify = "modify" ChangeTypeDelete = "delete" )
Variables ¶
View Source
var (
NotFound error = errors.New("User Not Found in FUID Database")
)
Functions ¶
func GetEndpointUrl ¶
func GetSessionRestUrl ¶
GetSessionRestUrl extract the Session REST API URL from a service
func IsFileExist ¶
func NewADConnector ¶
func NewADConnector() (*ldap.Conn, error)
func ProcessSessions ¶
func ProcessSessions(sessions *IseSessions, timeStampFilePath string, fuidController *FUIDController, displayProcess bool) error
ProcessSessions process list of session events
func SessionListener ¶
func SessionListener(secret, restUrl, timeStampFilePath string, controller *Controller, fuidController *FUIDController, displayProcess bool) error
SessionListener listen to session events
func SetupCloseHandler ¶
func SetupCloseHandler()
func ValidateUsernamePassword ¶
func ValidateUsernamePassword() error
ValidateUsernamePassword ensure the yaml config file contains ISE Credentials
Types ¶
type AccessSecretInput ¶
type AccessSecretInput struct {
PeerNodeName string `json:"peerNodeName"`
}
type AccessSecretOutput ¶
type AccessSecretOutput struct {
Secret string `json:"secret"`
}
func AccessSecret ¶
func AccessSecret(peerNodeName string, controller *Controller) (*AccessSecretOutput, error)
AccessSecret return an access secret for a service provider
type AccountActivate ¶
type Attributes ¶
type Controller ¶
type Controller struct {
// contains filtered or unexported fields
}
func GetController ¶
func GetController() (*Controller, error)
func NewControl ¶
func NewControl(config *Config) (*Controller, error)
NewControl create a new controller for ISE API
func (*Controller) GetTlsConfig ¶
func (c *Controller) GetTlsConfig() *tls.Config
GetTlsConfig return the controller TLS config
func (*Controller) ReadSessions ¶
func (c *Controller) ReadSessions(secret, url string, requestBody interface{}) (*http.Response, error)
ReadSessions Read session events from PxGrid
func (*Controller) SendRequest ¶
func (c *Controller) SendRequest(url string, requestBody interface{}, requestMethod string, requireAuth bool) (*http.Response, error)
SendRequest Send request to ISE API
type CreateClient ¶
type CreateClient struct {
NodeName string `json:"nodeName"`
}
func (*CreateClient) AccountActivate ¶
func (c *CreateClient) AccountActivate(controller *Controller) (*AccountActivate, error)
AccountActivate Activate ISE Client Account
func (*CreateClient) Create ¶
func (c *CreateClient) Create(controller *Controller) (*ISEClient, error)
Create create a ISE Client Account
type FUIDController ¶
type FUIDController struct {
// contains filtered or unexported fields
}
func NewFUIDController ¶
func NewFUIDController() (*FUIDController, error)
NewFUIDController Create a Controller for FUID API
func (*FUIDController) GetTLSConfig ¶
func (f *FUIDController) GetTLSConfig() (*tls.Config, error)
GetTLSConfig Get TLS Config for FUID API
func (*FUIDController) GetUser ¶
func (f *FUIDController) GetUser(userNTLMIdentity string) (*FUIDUser, error)
GetUser Search for a specific use in FUID Database
func (*FUIDController) PostUser ¶
func (f *FUIDController) PostUser(userEntity *LdapElement, sess *Sessions, displayProcess bool) error
PostUser Create a user in FUID Database.
func (*FUIDController) PutUser ¶
func (f *FUIDController) PutUser(user *FUIDUser, sess *Sessions, displayProcess bool) error
PutUser Update a user's IP addresses and Groups
func (*FUIDController) SendRequest ¶
func (f *FUIDController) SendRequest(endPoint, parameters string, requestBody interface{}, requestMethod string) (*http.Response, error)
SendRequest send a request to FUID API
func (*FUIDController) UserManager ¶
func (f *FUIDController) UserManager(sess *Sessions, displayProcess bool) error
UserManager manager a session, if your is not exists in FUID database, create it, otherwise update the user IP Addresses ang Groups
type FUIDUser ¶
type FUIDUser struct {
Dn string `json:"dn,omitempty"`
ChangeType string `json:"changetype,omitempty"`
SAMAccountName string `json:"sAMAccountName,omitempty"`
NTLMIdentity string `json:"NTLMIdentity,omitempty"`
Mail string `json:"mail,omitempty"`
Ipv4Addresses []string `json:"ipv4_addresses,omitempty"`
Ipv6Addresses []string `json:"ipv6_addresses,omitempty"`
ObjectGUID string `json:"objectGUID,omitempty"`
Groups []string `json:"groups,omitempty"`
Timestamp string `json:"timestamp,omitempty"`
}
type IseSessions ¶
type IseSessions struct {
Sessions []Sessions `json:"sessions"`
}
type LdapElement ¶
type LdapElement struct {
DN string `json:"DN"`
Attributes Attributes
}
LdapElement holds the DN and Attributes of an LDAP/AD entry.
func GetLdapElement ¶
func GetLdapElement(username string, ldapConnector *ldap.Conn) (*LdapElement, error)
func HandleElement ¶
func HandleElement(element LdapEntity) (*LdapElement, error)
type LdapEntity ¶
type ReadSessionInput ¶
func GetLatestSessionTimeStamp ¶
func GetLatestSessionTimeStamp(timeStampFilePAth string) (*ReadSessionInput, error)
GetLatestSessionTimeStamp get the timestamp for the latest processed session
type ServiceLookupInput ¶
type ServiceLookupInput struct {
Name string `json:"name"`
}
type ServiceLookupOutput ¶
type ServiceLookupOutput struct {
Services []Services `json:"services"`
}
func ServiceLookupRequest ¶
func ServiceLookupRequest(serviceName string, controller *Controller) (*ServiceLookupOutput, error)
type ServiceProperties ¶
type ServiceProperties struct {
SessionTopic string `json:"sessionTopic,omitempty"`
GroupTopic string `json:"groupTopic,omitempty"`
WsPubSubService string `json:"wsPubsubService,omitempty"`
RestBaseURL string `json:"restBaseURL,omitempty"`
RestBaseUrl string `json:"restBaseUrl,omitempty"`
WsUrl string `json:"wsUrl"`
}
type Services ¶
type Services struct {
Name string `json:"name,omitempty"`
NodeName string `json:"nodeName,omitempty"`
Properties ServiceProperties `json:"properties,omitempty"`
}
type Sessions ¶
type Sessions struct {
Timestamp *time.Time `json:"timestamp"`
State string `json:"state"`
Username string `json:"userName"`
CallingStationId string `json:"callingStationId"`
IpAddresses []string `json:"ipAddresses"`
MacAddress string `json:"macAddress"`
NasIpAddress string `json:"nasIpAddress"`
NasIdentifier string `json:"nasIdentifier"`
AdNormalizedUser string `json:"adNormalizedUser"`
AdUserDomainName string `json:"adUserDomainName"`
AdUserNetBiosName string `json:"adUserNetBiosName"`
AdUserResolvedIdentities string `json:"adUserResolvedIdentities"`
AdUserResolvedDns string `json:"adUserResolvedDns"`
AdUserQualifiedName string `json:"adUserQualifiedName"`
AdUserSamAccountName string `json:"adUserSamAccountName"`
Providers []string `json:"providers"`
EndpointCheckResult string `json:"endpointCheckResult"`
IdentitySourcePortStart int `json:"identitySourcePortStart"`
IdentitySourcePortEnd int `json:"identitySourcePortEnd"`
IdentitySourcePortFirst int `json:"identitySourcePortFirst"`
IsMachineAuthentication string `json:"isMachineAuthentication"`
NetworkDeviceProfileName string `json:"networkDeviceProfileName"`
MdmRegistered bool `json:"mdmRegistered"`
MdmCompliant bool `json:"mdmCompliant"`
MdmDiskEncrypted bool `json:"mdmDiskEncrypted"`
MdmJailBroken bool `json:"mdmJailBroken"`
MdmPinLocked bool `json:"mdmPinLocked"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.