okta

Documentation

Overview

Package okta provides Okta API client for group and user management. Uses OAuth 2.0 with private key authentication.

Index

• Variables
• func FilterEnabledGroups(groups []oktasdk.Group, enabledNames []string) []oktasdk.Group
• func WithCertPool(ctx context.Context, pool *x509.CertPool) context.Context
• type Client
  • func NewClient(cfg *ClientConfig) (*Client, error)
  • func NewClientWithContext(ctx context.Context, cfg *ClientConfig) (*Client, error)
  • func (c *Client) GetAPIClient() *okta.APIClient
  • func (c *Client) GetGroupByName(ctx context.Context, name string) (*okta.Group, error)
  • func (c *Client) GetGroupInfo(ctx context.Context, groupName string) (*domain.GroupInfo, error)
  • func (c *Client) GetGroupMembers(ctx context.Context, groupID string) (*domain.GroupMembersResult, error)
  • func (c *Client) GetGroupsByPattern(ctx context.Context, pattern string) ([]*domain.GroupInfo, error)
  • func (c *Client) ListGroups(ctx context.Context) ([]okta.Group, error)
• type ClientConfig

Variables

var DefaultScopes = []string{"okta.groups.read", "okta.users.read"}

DefaultScopes defines the required OAuth scopes for the Okta API. these scopes are necessary for group sync functionality.

Functions

func FilterEnabledGroups

func FilterEnabledGroups(groups []oktasdk.Group, enabledNames []string) []oktasdk.Group

FilterEnabledGroups filters Okta groups to only those in the enabled list. returns all groups if enabled list is empty.

func WithCertPool

func WithCertPool(ctx context.Context, pool *x509.CertPool) context.Context

WithCertPool returns a new context with the given TLS certificate pool. used by integration tests to inject self-signed certs.

Types

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client wraps the Okta SDK client with custom configuration. implements domain.OktaClient.

func NewClient

func NewClient(cfg *ClientConfig) (*Client, error)

NewClient creates an Okta client with background context.

func NewClientWithContext

func NewClientWithContext(ctx context.Context, cfg *ClientConfig) (*Client, error)

NewClientWithContext creates an Okta client with OAuth 2.0 private key authentication. supports custom TLS certificate pools via context for testing.

func (*Client) GetAPIClient

func (c *Client) GetAPIClient() *okta.APIClient

GetAPIClient returns the underlying Okta SDK API client.

func (*Client) GetGroupByName

func (c *Client) GetGroupByName(ctx context.Context, name string) (*okta.Group, error)

GetGroupByName searches for an Okta group by exact name match. paginates through results in case the group is not on the first page.

func (*Client) GetGroupInfo

func (c *Client) GetGroupInfo(ctx context.Context, groupName string) (*domain.GroupInfo, error)

GetGroupInfo fetches details for a single Okta group by name.

func (*Client) GetGroupMembers

func (c *Client) GetGroupMembers(ctx context.Context, groupID string) (*domain.GroupMembersResult, error)

GetGroupMembers fetches GitHub usernames for all active members of an Okta group. paginates through all members. only includes users with status "ACTIVE" to exclude suspended/deprovisioned users. skips users without a GitHub username in their profile and tracks them separately.

func (*Client) GetGroupsByPattern

func (c *Client) GetGroupsByPattern(ctx context.Context, pattern string) ([]*domain.GroupInfo, error)

GetGroupsByPattern fetches all Okta groups matching a regex pattern.

func (*Client) ListGroups

func (c *Client) ListGroups(ctx context.Context) ([]okta.Group, error)

ListGroups fetches all Okta groups with pagination.

type ClientConfig

type ClientConfig struct {
	Domain          string
	ClientID        string
	PrivateKey      []byte
	PrivateKeyID    string
	Scopes          []string
	GitHubUserField string
	BaseURL         string
	Logger          *slog.Logger
}

ClientConfig contains Okta client configuration.