Documentation ¶
Index ¶
- type APIError
- type Access
- type ActiveKeys
- type Attributes
- type BaseParams
- type CertResponse
- type CertResponseKey
- type Client
- type ClientMappingsRepresentation
- type ClientScope
- type ClientScopeAttributes
- type Component
- type ComponentConfig
- type CredentialRepresentation
- type ExecuteActionsEmail
- type GetClientsParams
- type GetGroupsParams
- type GetUsersParams
- type GoCloak
- type Group
- type IssuerResponse
- type JWT
- type Key
- type KeyStoreConfig
- type MappingsRepresentation
- type MultivaluedHashMap
- type ObjectAlreadyExists
- type ProtocolMappers
- type ProtocolMappersConfig
- type RealmRepresentation
- type RetrospecTokenResult
- type Role
- type SetPasswordRequest
- type User
- type UserGroup
- type UserInfo
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Access ¶
type Access struct { ManageGroupMembership bool `json:"manageGroupMembership"` View bool `json:"view"` MapRoles bool `json:"mapRoles"` Impersonate bool `json:"impersonate"` Manage bool `json:"manage"` }
Access represents access
type ActiveKeys ¶
type ActiveKeys struct { HS256 string `json:"HS256"` RS256 string `json:"RS256"` AES string `json:"AES"` }
ActiveKeys holds the active keys
type Attributes ¶
type Attributes struct { LDAPENTRYDN []string `json:"LDAP_ENTRY_DN"` LDAPID []string `json:"LDAP_ID"` }
Attributes holds Attributes
type BaseParams ¶
type BaseParams struct{}
BaseParams provides basic functionality for all QueryParams structures. The fields tags must have `json:"<name>,string,omitempty"` format. "string" tag allows to convert the structure to map[string]string. "omitempty" allows to skip the fields with default values.
func (BaseParams) GetQueryParams ¶
func (s BaseParams) GetQueryParams() (map[string]string, error)
GetQueryParams converts the struct to map[string]string
type CertResponse ¶
type CertResponse struct {
Keys []CertResponseKey `json:"keys"`
}
CertResponse is returned by the certs endpoint
type CertResponseKey ¶
type CertResponseKey struct { Kid string `json:"kid"` Kty string `json:"kty"` Alg string `json:"alg"` Use string `json:"use"` N string `json:"n"` E string `json:"e"` }
CertResponseKey is returned by the certs endpoint
type ClientMappingsRepresentation ¶
type ClientMappingsRepresentation struct { ID string `json:"id"` Client string `json:"client"` Mappings []Role `json:"mappings"` }
ClientMappingsRepresentation is a client role mappings
type ClientScope ¶
type ClientScope struct { ID string `json:"id"` Name string `json:"name"` Description string `json:"description"` Protocol string `json:"protocol"` ClientScopeAttributes ClientScopeAttributes `json:"attributes"` ProtocolMappers ProtocolMappers `json:"protocolMappers,omitempty"` }
ClientScope is a ClientScope
type ClientScopeAttributes ¶
type ClientScopeAttributes struct { ConsentScreenText string `json:"consent.screen.text"` DisplayOnConsentScreen string `json:"display.on.consent.screen"` }
ClientScopeAttributes are attributes of client scopes
type Component ¶
type Component struct { ID string `json:"id"` Name string `json:"name"` ProviderID string `json:"providerId"` ProviderType string `json:"providerType"` ParentID string `json:"parentId"` ComponentConfig ComponentConfig `json:"config"` SubType string `json:"subType,omitempty"` }
Component is a component
type ComponentConfig ¶
type ComponentConfig struct { Priority []string `json:"priority"` Algorithm []string `json:"algorithm"` }
ComponentConfig is a componentconfig
type CredentialRepresentation ¶
type CredentialRepresentation struct { Algorithm string `json:"algorithm"` Config MultivaluedHashMap `json:"config"` Counter int32 `json:"counter"` CreatedDate int64 `json:"createdDate"` Device string `json:"device"` Digits int32 `json:"digits"` HashIterations int32 `json:"hashIterations"` HashedSaltedValue string `json:"hashedSaltedValue"` Period int32 `json:"period"` Salt string `json:"salt"` Temporary bool `json:"temporary"` Type string `json:"type"` Value string `json:"value"` }
CredentialRepresentation represents credentials
type ExecuteActionsEmail ¶
type ExecuteActionsEmail struct { BaseParams UserID string `json:"-"` ClientID string `json:"clientId,omitempty"` Lifespan int `json:"lifespan,string,omitempty"` RedirectURI string `json:"redirect_uri,omitempty"` Actions []string `json:"-"` }
ExecuteActionsEmail represents parameters for executing action emails
func (ExecuteActionsEmail) GetQueryParams ¶
func (s ExecuteActionsEmail) GetQueryParams() (map[string]string, error)
GetQueryParams converts the struct to map[string]string
type GetClientsParams ¶
type GetClientsParams struct { BaseParams ClientID string `json:"clientId,omitempty"` ViewableOnly bool `json:"viewableOnly,string,omitempty"` }
GetClientsParams represents the query parameters
func (GetClientsParams) GetQueryParams ¶
func (s GetClientsParams) GetQueryParams() (map[string]string, error)
GetQueryParams converts the struct to map[string]string
type GetGroupsParams ¶
type GetGroupsParams struct { BaseParams First int `json:"first,string,omitempty"` Max int `json:"max,string,omitempty"` Search string `json:"search,omitempty"` }
GetGroupsParams represents the optional parameters for getting groups
func (GetGroupsParams) GetQueryParams ¶
func (s GetGroupsParams) GetQueryParams() (map[string]string, error)
GetQueryParams converts the struct to map[string]string
type GetUsersParams ¶
type GetUsersParams struct { BaseParams BriefRepresentation *bool `json:"briefRepresentation,string,omitempty"` Email string `json:"email,omitempty"` First int `json:"first,string,omitempty"` FirstName string `json:"firstName,omitempty"` LastName string `json:"lastName,omitempty"` Max int `json:"max,string,omitempty"` Search string `json:"search,omitempty"` Username string `json:"username,omitempty"` }
GetUsersParams represents the optional parameters for getting users
func (GetUsersParams) GetQueryParams ¶
func (s GetUsersParams) GetQueryParams() (map[string]string, error)
GetQueryParams converts the struct to map[string]string
type GoCloak ¶
type GoCloak interface { // Login sends a request to the token endpoint using user and client credentials Login(clientID string, clientSecret string, realm string, username string, password string) (*JWT, error) // Logout sends a request to the logout endpoint using refresh token Logout(clientID, clientSecret, realm, refreshToken string) error // LoginClient sends a request to the token endpoint using client credentials LoginClient(clientID, clientSecret, realm string) (*JWT, error) // LoginAdmin login as admin LoginAdmin(username, password, realm string) (*JWT, error) // RequestPermisssion sends a request to the token endpoint with permission parameter RequestPermission(clientID string, clientSecret string, realm string, username string, password string, permission string) (*JWT, error) // RefreshToken used to refresh the token RefreshToken(refreshToken string, clientID, clientSecret, realm string) (*JWT, error) // DecodeAccessToken decodes the accessToken DecodeAccessToken(accessToken string, realm string) (*jwt.Token, *jwt.MapClaims, error) // DecodeAccessTokenCustomClaims decodes the accessToken and fills the given claims DecodeAccessTokenCustomClaims(accessToken string, realm string, claims jwt.Claims) (*jwt.Token, error) // DecodeAccessTokenCustomClaims calls the token introspection endpoint RetrospectToken(accessToken string, clientID, clientSecret string, realm string) (*RetrospecTokenResult, error) // GetIssuer calls the issuer endpoint for the given realm GetIssuer(realm string) (*IssuerResponse, error) // GetCerts gets the public keys for the given realm GetCerts(realm string) (*CertResponse, error) // GetUserInfo gets the user info for the given realm GetUserInfo(accessToken string, realm string) (*UserInfo, error) // SetPassword sets a new password for the user with the given id. Needs elevated privileges SetPassword(token string, userID string, realm string, password string, temporary bool) error // ExecuteActionsEmail executes an actions email ExecuteActionsEmail(token string, realm string, params ExecuteActionsEmail) error // CreateUser creates a new user CreateUser(token string, realm string, user User) (*string, error) // CreateGroup creates a new group CreateGroup(accessToken string, realm string, group Group) error // CreateClientRole creates a new role for a client CreateClientRole(accessToken string, realm string, clientID string, role Role) error // CreateClient creates a new client CreateClient(accessToken string, realm string, clientID Client) error // CreateClientScope creates a new clientScope CreateClientScope(accessToken string, realm string, scope ClientScope) error // CreateComponent creates a new component CreateComponent(accessToken string, realm string, component Component) error // UpdateUser updates the given user UpdateUser(accessToken string, realm string, user User) error // UpdateGroup updates the given group UpdateGroup(accessToken string, realm string, group Group) error // UpdateRole updates the given role UpdateRole(accessToken string, realm string, clientID string, role Role) error // UpdateClient updates the given client UpdateClient(accessToken string, realm string, clientID Client) error // UpdateClientScope updates the given clientScope UpdateClientScope(accessToken string, realm string, scope ClientScope) error // DeleteUser deletes the given user DeleteUser(accessToken string, realm, userID string) error // DeleteComponent deletes the given component DeleteComponent(accessToken string, realm, componentID string) error // DeleteGroup deletes the given group DeleteGroup(accessToken string, realm, groupID string) error // DeleteClientRole deletes the given role DeleteClientRole(accessToken string, realm, clientID, roleName string) error // DeleteClient deletes the given client DeleteClient(accessToken string, realm, clientID string) error // DeleteClientScope DeleteClientScope(accessToken string, realm, scopeID string) error // GetClient returns a client GetClient(accessToken string, realm string, clientID string) (*Client, error) // GetClientSecret returns a client's secret GetClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error) // GetKeyStoreConfig gets the keyStoreConfig GetKeyStoreConfig(accessToken string, realm string) (*KeyStoreConfig, error) // GetUserByID gets the user with the given id GetUserByID(accessToken string, realm string, userID string) (*User, error) // GetUser count returns the userCount of the given realm GetUserCount(accessToken string, realm string) (int, error) // GetUsers gets all users of the given realm GetUsers(accessToken string, realm string, params GetUsersParams) (*[]User, error) // GetUserGroups gets the groups of the given user GetUserGroups(accessToken string, realm string, userID string) (*[]UserGroup, error) // GetComponents gets components of the given realm GetComponents(accessToken string, realm string) (*[]Component, error) // GetGroups gets all groups of the given realm GetGroups(accessToken string, realm string, params GetGroupsParams) (*[]Group, error) // GetGroup gets the given group GetGroup(accessToken string, realm, groupID string) (*Group, error) // GetRoleMappingByGroupID gets the rolemapping for the given group id GetRoleMappingByGroupID(accessToken string, realm string, groupID string) (*MappingsRepresentation, error) // GetRoleMappingByUserID gets the rolemapping for the given user id GetRoleMappingByUserID(accessToken string, realm string, userID string) (*MappingsRepresentation, error) // GetClientRoles gets roles for the given client GetClientRoles(accessToken string, realm string, clientID string) (*[]Role, error) // GetClientRole get a role for the given client in a realm by role name GetClientRole(token string, realm string, clientID string, roleName string) (*Role, error) // GetClients gets the clients in the realm GetClients(accessToken string, realm string, params GetClientsParams) (*[]Client, error) // GetUsersByRoleName returns all users have a given role GetUsersByRoleName(token string, realm string, roleName string) (*[]User, error) // UserAttributeContains checks if the given attribute has the given value UserAttributeContains(attributes map[string][]string, attribute string, value string) bool // CreateRealmRole creates a role in a realm CreateRealmRole(token string, realm string, role Role) error // GetRealmRole returns a role from a realm by role's name GetRealmRole(token string, realm string, roleName string) (*Role, error) // GetRealmRoles get all roles of the given realm. It's an alias for the GetRoles function GetRealmRoles(accessToken string, realm string) (*[]Role, error) // GetRealmRolesByUserID returns all roles assigned to the given user GetRealmRolesByUserID(accessToken string, realm string, userID string) (*[]Role, error) // GetRealmRolesByGroupID returns all roles assigned to the given group GetRealmRolesByGroupID(accessToken string, realm string, groupID string) (*[]Role, error) // UpdateRealmRole updates a role in a realm UpdateRealmRole(token string, realm string, roleName string, role Role) error // DeleteRealmRole deletes a role in a realm by role's name DeleteRealmRole(token string, realm string, roleName string) error // AddRealmRoleToUser adds realm-level role mappings AddRealmRoleToUser(token string, realm string, userID string, roles []Role) error // DeleteRealmRoleFromUser deletes realm-level role mappings DeleteRealmRoleFromUser(token string, realm string, userID string, roles []Role) error // AddRealmRoleComposite adds roles as composite AddRealmRoleComposite(token string, realm string, roleName string, roles []Role) error // AddRealmRoleComposite adds roles as composite DeleteRealmRoleComposite(token string, realm string, roleName string, roles []Role) error // GetRealm returns top-level representation of the realm GetRealm(token string, realm string) (*RealmRepresentation, error) // CreateRealm creates a realm CreateRealm(token string, realm RealmRepresentation) error }
GoCloak holds all methods a client should fulfill
type Group ¶
type Group struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Path string `json:"path,omitempty"` SubGroups []interface{} `json:"subGroups,omitempty"` }
Group is a Group
type IssuerResponse ¶
type IssuerResponse struct { Realm string `json:"realm"` PublicKey string `json:"public_key"` TokenService string `json:"token-service"` AccountService string `json:"account-service"` TokensNotBefore int `json:"tokens-not-before"` }
IssuerResponse is returned by the issuer endpoint
type JWT ¶
type JWT struct { AccessToken string `json:"access_token"` ExpiresIn int `json:"expires_in"` RefreshExpiresIn int `json:"refresh_expires_in"` RefreshToken string `json:"refresh_token"` TokenType string `json:"token_type"` NotBeforePolicy int `json:"not-before-policy"` SessionState string `json:"session_state"` Scope string `json:"scope"` }
JWT is a JWT
type Key ¶
type Key struct { ProviderID string `json:"providerId"` ProviderPriority int `json:"providerPriority"` Kid string `json:"kid"` Status string `json:"status"` Type string `json:"type"` Algorithm string `json:"algorithm"` PublicKey string `json:"publicKey,omitempty"` Certificate string `json:"certificate,omitempty"` }
Key is a key
type KeyStoreConfig ¶
type KeyStoreConfig struct { ActiveKeys ActiveKeys `json:"active"` Key []Key `json:"keys"` }
KeyStoreConfig holds the keyStoreConfig
type MappingsRepresentation ¶
type MappingsRepresentation struct { ClientMappings map[string]ClientMappingsRepresentation `json:"clientMappings,omitempty"` RealmMappings []Role `json:"realmMappings,omitempty"` }
MappingsRepresentation is a representation of role mappings
type MultivaluedHashMap ¶
type MultivaluedHashMap struct { Empty bool `json:"empty"` LoadFactor float32 `json:"loadFactor"` Threshold int32 `json:"threshold"` }
MultivaluedHashMap represents something
type ObjectAlreadyExists ¶
type ObjectAlreadyExists struct{}
ObjectAlreadyExists is used when keycloak answers with 409
func (*ObjectAlreadyExists) Error ¶
func (o *ObjectAlreadyExists) Error() string
type ProtocolMappers ¶
type ProtocolMappers struct { ID string `json:"id"` Name string `json:"name"` Protocol string `json:"protocol"` ProtocolMapper string `json:"protocolMapper"` ConsentRequired bool `json:"consentRequired"` ProtocolMappersConfig ProtocolMappersConfig `json:"config"` }
ProtocolMappers are protocolmappers
type ProtocolMappersConfig ¶
type ProtocolMappersConfig struct { UserinfoTokenClaim string `json:"userinfo.token.claim"` UserAttribute string `json:"user.attribute"` IDTokenClaim string `json:"id.token.claim"` AccessTokenClaim string `json:"access.token.claim"` ClaimName string `json:"claim.name"` JSONTypeLabel string `json:"jsonType.label"` }
ProtocolMappersConfig is a config of a protocol mapper
type RealmRepresentation ¶
type RealmRepresentation struct { AccessCodeLifespan int `json:"accessCodeLifespan"` AccessCodeLifespanLogin int `json:"accessCodeLifespanLogin"` AccessCodeLifespanUserAction int `json:"accessCodeLifespanUserAction"` AccessTokenLifespan int `json:"accessTokenLifespan"` AccessTokenLifespanForImplicitFlow int `json:"accessTokenLifespanForImplicitFlow"` AccountTheme string `json:"accountTheme"` ActionTokenGeneratedByAdminLifespan int `json:"actionTokenGeneratedByAdminLifespan"` ActionTokenGeneratedByUserLifespan int `json:"actionTokenGeneratedByUserLifespan"` AdminEventsDetailsEnabled bool `json:"adminEventsDetailsEnabled"` AdminEventsEnabled bool `json:"adminEventsEnabled"` AdminTheme string `json:"adminTheme"` Attributes map[string]string `json:"attributes"` AuthenticationFlows []interface{} `json:"authenticationFlows"` AuthenticatorConfig []interface{} `json:"authenticatorConfig"` BrowserFlow string `json:"browserFlow"` BrowserSecurityHeaders map[string]string `json:"browserSecurityHeaders"` BruteForceProtected bool `json:"bruteForceProtected"` ClientAuthenticationFlow string `json:"clientAuthenticationFlow"` ClientScopeMappings map[string]string `json:"clientScopeMappings"` ClientScopes []interface{} `json:"clientScopes"` Clients []interface{} `json:"clients"` Components interface{} `json:"components"` DefaultDefaultClientScopes []string `json:"defaultDefaultClientScopes"` DefaultGroups []string `json:"defaultGroups"` DefaultLocale string `json:"defaultLocale"` DefaultOptionalClientScopes []string `json:"defaultOptionalClientScopes"` DefaultRoles []string `json:"defaultRoles"` DefaultSignatureAlgorithm string `json:"defaultSignatureAlgorithm"` DirectGrantFlow string `json:"directGrantFlow"` DisplayName string `json:"displayName"` DisplayNameHTML string `json:"displayNameHtml"` DockerAuthenticationFlow string `json:"dockerAuthenticationFlow"` DuplicateEmailsAllowed bool `json:"duplicateEmailsAllowed"` EditUsernameAllowed bool `json:"editUsernameAllowed"` EmailTheme string `json:"emailTheme"` Enabled bool `json:"enabled"` EnabledEventTypes []string `json:"enabledEventTypes"` EventsEnabled bool `json:"eventsEnabled"` EventsExpiration int64 `json:"eventsExpiration"` EventsListeners []string `json:"eventsListeners"` FailureFactor int `json:"failureFactor"` FederatedUsers []interface{} `json:"federatedUsers"` Groups []interface{} `json:"groups"` ID string `json:"id"` IdentityProviderMappers []interface{} `json:"identityProviderMappers"` IdentityProviders []interface{} `json:"identityProviders"` InternationalizationEnabled bool `json:"internationalizationEnabled"` KeycloakVersion string `json:"keycloakVersion"` LoginTheme string `json:"loginTheme"` LoginWithEmailAllowed bool `json:"loginWithEmailAllowed"` MaxDeltaTimeSeconds int `json:"maxDeltaTimeSeconds"` MaxFailureWaitSeconds int `json:"maxFailureWaitSeconds"` MinimumQuickLoginWaitSeconds int `json:"minimumQuickLoginWaitSeconds"` NotBefore int `json:"notBefore"` OfflineSessionIdleTimeout int `json:"offlineSessionIdleTimeout"` OfflineSessionMaxLifespan int `json:"offlineSessionMaxLifespan"` OfflineSessionMaxLifespanEnabled bool `json:"offlineSessionMaxLifespanEnabled"` OtpPolicyAlgorithm string `json:"otpPolicyAlgorithm"` OtpPolicyDigits int `json:"otpPolicyDigits"` OtpPolicyInitialCounter int `json:"otpPolicyInitialCounter"` OtpPolicyLookAheadWindow int `json:"otpPolicyLookAheadWindow"` OtpPolicyPeriod int `json:"otpPolicyPeriod"` OtpPolicyType string `json:"otpPolicyType"` OtpSupportedApplications []string `json:"otpSupportedApplications"` PasswordPolicy string `json:"passwordPolicy"` PermanentLockout bool `json:"permanentLockout"` ProtocolMappers []interface{} `json:"protocolMappers"` QuickLoginCheckMilliSeconds int64 `json:"quickLoginCheckMilliSeconds"` Realm string `json:"realm"` RefreshTokenMaxReuse int `json:"refreshTokenMaxReuse"` RegistrationAllowed bool `json:"registrationAllowed"` RegistrationEmailAsUsername bool `json:"registrationEmailAsUsername"` RegistrationFlow string `json:"registrationFlow"` RememberMe bool `json:"rememberMe"` RequiredActions []interface{} `json:"requiredActions"` ResetCredentialsFlow string `json:"resetCredentialsFlow"` ResetPasswordAllowed bool `json:"resetPasswordAllowed"` RevokeRefreshToken bool `json:"revokeRefreshToken"` Roles interface{} `json:"roles"` ScopeMappings []interface{} `json:"scopeMappings"` SMTPServer map[string]string `json:"smtpServer"` SslRequired string `json:"sslRequired"` SsoSessionIdleTimeout int `json:"ssoSessionIdleTimeout"` SsoSessionIdleTimeoutRememberMe int `json:"ssoSessionIdleTimeoutRememberMe"` SsoSessionMaxLifespan int `json:"ssoSessionMaxLifespan"` SsoSessionMaxLifespanRememberMe int `json:"ssoSessionMaxLifespanRememberMe"` SupportedLocales []string `json:"supportedLocales"` UserFederationMappers []interface{} `json:"userFederationMappers"` UserFederationProviders []interface{} `json:"userFederationProviders"` UserManagedAccessAllowed bool `json:"userManagedAccessAllowed"` Users []interface{} `json:"users"` VerifyEmail bool `json:"verifyEmail"` WaitIncrementSeconds int `json:"waitIncrementSeconds"` }
RealmRepresentation represent a realm
type RetrospecTokenResult ¶
type RetrospecTokenResult struct { Permissions map[string]string `json:"permissions,omitempty"` Exp int `json:"exp,omitempty"` Nbf int `json:"nbf,omitempty"` Iat int `json:"iat,omitempty"` Aud string `json:"aud,omitempty"` Active bool `json:"active,omitempty"` AuthTime int `json:"auth_time,omitempty"` Jti string `json:"jti,omitempty"` Type string `json:"typ,omitempty"` }
RetrospecTokenResult is returned when a token was checked
type Role ¶
type Role struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` ScopeParamRequired bool `json:"scopeParamRequired,omitempty"` Composite bool `json:"composite,omitempty"` ClientRole bool `json:"clientRole,omitempty"` ContainerID string `json:"containerId,omitempty"` Description string `json:"description,omitempty"` Attributes map[string][]string `json:"attributes,omitempty"` }
Role is a role
type SetPasswordRequest ¶
type SetPasswordRequest struct { Type string `json:"type"` Temporary bool `json:"temporary"` Password string `json:"value"` }
SetPasswordRequest sets a new password
type User ¶
type User struct { ID string `json:"id,omitempty"` CreatedTimestamp int64 `json:"createdTimestamp,omitempty"` Username string `json:"username,omitempty"` Enabled bool `json:"enabled,omitempty"` Totp bool `json:"totp,omitempty"` EmailVerified bool `json:"emailVerified,omitempty"` FirstName string `json:"firstName,omitempty"` LastName string `json:"lastName,omitempty"` Email string `json:"email,omitempty"` FederationLink string `json:"federationLink,omitempty"` Attributes map[string][]string `json:"attributes,omitempty"` DisableableCredentialTypes []interface{} `json:"disableableCredentialTypes,omitempty"` RequiredActions []interface{} `json:"requiredActions,omitempty"` Access map[string]bool `json:"access,omitempty"` }
User represents the Keycloak User Structure