README
¶
gocloak
golang keycloak client
This client is based on : go-keycloak
For Questions either raise an issue, or come to the gopher-slack into the channel #gocloak
If u are using the echo framework have a look at gocloak-echo
Keycloak Version < 4.8
If you are using a Keycloak Server version <4.8 please use the V1.0 release of gocloak.
go get gopkg.in/nerzal/gocloak.v1
import "gopkg.in/nerzal/gocloak.v1"
https://gopkg.in/nerzal/gocloak.v1
Usage
Create New User
gocloak := gocloak.NewClient("https://mycool.keycloak.instance")
token, err := gocloak.LoginAdmin("user", "password", "realmName")
if err != nil {
panic("Something wrong with the credentials or url")
}
user := gocloak.User{
FirstName: "Bob",
LastName: "Uncle",
EMail: "something@really.wrong",
Enabled: true,
Username: "CoolGuy",
}
gocloak.CreateUser(token.AccessToken, "realm", user)
if err != nil {
panic("Oh no!, failed to create user :(")
}
Introspect Token
client := NewClient(hostname)
token, err := client.LoginClient(clientid, clientSecret, realm)
if err != nil {
panic("Login failed:"+ err.Error())
}
rptResult, err := client.RetrospectToken(token.AccessToken, clientid, clientSecret, realm)
if err != nil {
panic("Inspection failed:"+ err.Error())
}
if !rptResult.Active {
panic("Token is not active")
}
permissions := rptResult.Permissions
//Do something with the permissions ;)
Features
// GoCloak holds all methods a client should fullfill
type GoCloak interface {
Login(clientID string, clientSecret string, realm string, username string, password string) (*JWT, error)
Logout(clientID, clientSecret, realm, refreshToken string) error
LoginClient(clientID, clientSecret, realm string) (*JWT, error)
LoginAdmin(username, password, realm string) (*JWT, error)
RequestPermission(clientID string, clientSecret string, realm string, username string, password string, permission string) (*JWT, error)
RefreshToken(refreshToken string, clientID, clientSecret, realm string) (*JWT, error)
DecodeAccessToken(accessToken string, realm string) (*jwt.Token, *jwt.MapClaims, error)
DecodeAccessTokenCustomClaims(accessToken string, realm string, claims jwt.Claims) (*jwt.Token, error)
RetrospectToken(accessToken string, clientID, clientSecret string, realm string) (*RetrospecTokenResult, error)
GetIssuer(realm string) (*IssuerResponse, error)
GetCerts(realm string) (*CertResponse, error)
GetUserInfo(accessToken string, realm string) (*UserInfo, error)
SetPassword(token string, userID string, realm string, password string, temporary bool) error
ExecuteActionsEmail(token string, realm string, params ExecuteActionsEmail) error
CreateUser(token string, realm string, user User) (*string, error)
CreateGroup(accessToken string, realm string, group Group) error
CreateClientRole(accessToken string, realm string, clientID string, role Role) error
CreateClient(accessToken string, realm string, clientID Client) error
CreateClientScope(accessToken string, realm string, scope ClientScope) error
CreateComponent(accessToken string, realm string, component Component) error
UpdateUser(accessToken string, realm string, user User) error
UpdateGroup(accessToken string, realm string, group Group) error
UpdateRole(accessToken string, realm string, clientID string, role Role) error
UpdateClient(accessToken string, realm string, clientID Client) error
UpdateClientScope(accessToken string, realm string, scope ClientScope) error
DeleteUser(accessToken string, realm, userID string) error
DeleteComponent(accessToken string, realm, componentID string) error
DeleteGroup(accessToken string, realm, groupID string) error
DeleteClientRole(accessToken string, realm, clientID, roleName string) error
DeleteClient(accessToken string, realm, clientID string) error
DeleteClientScope(accessToken string, realm, scopeID string) error
GetClient(accessToken string, realm string, clientID string) (*Client, error)
GetClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error)
GetKeyStoreConfig(accessToken string, realm string) (*KeyStoreConfig, error)
GetUserByID(accessToken string, realm string, userID string) (*User, error)
GetUserCount(accessToken string, realm string) (int, error)
GetUsers(accessToken string, realm string, params GetUsersParams) (*[]User, error)
GetUserGroups(accessToken string, realm string, userID string) (*[]UserGroup, error)
GetComponents(accessToken string, realm string) (*[]Component, error)
GetGroups(accessToken string, realm string, params GetGroupsParams) (*[]Group, error)
GetGroup(accessToken string, realm, groupID string) (*Group, error)
GetRoleMappingByGroupID(accessToken string, realm string, groupID string) (*MappingsRepresentation, error)
GetRoleMappingByUserID(accessToken string, realm string, userID string) (*MappingsRepresentation, error)
GetClientRoles(accessToken string, realm string, clientID string) (*[]Role, error)
GetClientRole(token string, realm string, clientID string, roleName string) (*Role, error)
GetClients(accessToken string, realm string, params GetClientsParams) (*[]Client, error)
GetUsersByRoleName(token string, realm string, roleName string) (*[]User, error)
UserAttributeContains(attributes map[string][]string, attribute string, value string) bool
// *** Realm Roles ***
CreateRealmRole(token string, realm string, role Role) error
GetRealmRole(token string, realm string, roleName string) (*Role, error)
GetRealmRoles(accessToken string, realm string) (*[]Role, error)
GetRealmRolesByUserID(accessToken string, realm string, userID string) (*[]Role, error)
GetRealmRolesByGroupID(accessToken string, realm string, groupID string) (*[]Role, error)
UpdateRealmRole(token string, realm string, roleName string, role Role) error
DeleteRealmRole(token string, realm string, roleName string) error
AddRealmRoleToUser(token string, realm string, userID string, roles []Role) error
DeleteRealmRoleFromUser(token string, realm string, userID string, roles []Role) error
AddRealmRoleComposite(token string, realm string, roleName string, roles []Role) error
DeleteRealmRoleComposite(token string, realm string, roleName string, roles []Role) error
// *** Realm ***
GetRealm(token string, realm string) (*RealmRepresentation, error)
CreateRealm(token string, realm RealmRepresentation) error
}
developing & testing
For local testing you need to start a docker container. Simply run following commands prior to starting the tests:
docker pull jboss/keycloak
docker run -d -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=secret -e KEYCLOAK_IMPORT=/tmp/gocloak-realm.json -v `pwd`/testdata/gocloak-realm.json:/tmp/gocloak-realm.json -p 8080:8080 --name keycloak jboss/keycloak
go test
Or you can run the tests on you own keycloak:
export GOCLOAK_TEST_CONFIG=/path/to/gocloak/config.json
All resources created as a result of unit tests will be deleted, except for the test user defined in the configuration file.
Documentation
¶
Index ¶
- type APIError
- type Access
- type ActiveKeys
- type Attributes
- type BaseParams
- type CertResponse
- type CertResponseKey
- type Client
- type ClientMappingsRepresentation
- type ClientScope
- type ClientScopeAttributes
- type Component
- type ComponentConfig
- type CredentialRepresentation
- type ExecuteActionsEmail
- type GetClientsParams
- type GetGroupsParams
- type GetUsersParams
- type GoCloak
- type Group
- type IssuerResponse
- type JWT
- type Key
- type KeyStoreConfig
- type MappingsRepresentation
- type MultivaluedHashMap
- type ObjectAlreadyExists
- type ProtocolMappers
- type ProtocolMappersConfig
- type RealmRepresentation
- type RetrospecTokenResult
- type Role
- type SetPasswordRequest
- type User
- type UserGroup
- type UserInfo
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Access ¶
type Access struct {
ManageGroupMembership bool `json:"manageGroupMembership"`
View bool `json:"view"`
MapRoles bool `json:"mapRoles"`
Impersonate bool `json:"impersonate"`
Manage bool `json:"manage"`
}
Access represents access
type ActiveKeys ¶
type ActiveKeys struct {
HS256 string `json:"HS256"`
RS256 string `json:"RS256"`
AES string `json:"AES"`
}
ActiveKeys holds the active keys
type Attributes ¶
type Attributes struct {
LDAPENTRYDN []string `json:"LDAP_ENTRY_DN"`
LDAPID []string `json:"LDAP_ID"`
}
Attributes holds Attributes
type BaseParams ¶
type BaseParams struct{}
BaseParams provides basic functionality for all QueryParams structures. The fields tags must have `json:"<name>,string,omitempty"` format. "string" tag allows to convert the structure to map[string]string. "omitempty" allows to skip the fields with default values.
func (BaseParams) GetQueryParams ¶
func (s BaseParams) GetQueryParams() (map[string]string, error)
GetQueryParams converts the struct to map[string]string
type CertResponse ¶
type CertResponse struct {
Keys []CertResponseKey `json:"keys"`
}
CertResponse is returned by the certs endpoint
type CertResponseKey ¶
type CertResponseKey struct {
Kid string `json:"kid"`
Kty string `json:"kty"`
Alg string `json:"alg"`
Use string `json:"use"`
N string `json:"n"`
E string `json:"e"`
}
CertResponseKey is returned by the certs endpoint
type ClientMappingsRepresentation ¶
type ClientMappingsRepresentation struct {
ID string `json:"id"`
Client string `json:"client"`
Mappings []Role `json:"mappings"`
}
ClientMappingsRepresentation is a client role mappings
type ClientScope ¶
type ClientScope struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Protocol string `json:"protocol"`
ClientScopeAttributes ClientScopeAttributes `json:"attributes"`
ProtocolMappers ProtocolMappers `json:"protocolMappers,omitempty"`
}
ClientScope is a ClientScope
type ClientScopeAttributes ¶
type ClientScopeAttributes struct {
ConsentScreenText string `json:"consent.screen.text"`
DisplayOnConsentScreen string `json:"display.on.consent.screen"`
}
ClientScopeAttributes are attributes of client scopes
type Component ¶
type Component struct {
ID string `json:"id"`
Name string `json:"name"`
ProviderID string `json:"providerId"`
ProviderType string `json:"providerType"`
ParentID string `json:"parentId"`
ComponentConfig ComponentConfig `json:"config"`
SubType string `json:"subType,omitempty"`
}
Component is a component
type ComponentConfig ¶
type ComponentConfig struct {
Priority []string `json:"priority"`
Algorithm []string `json:"algorithm"`
}
ComponentConfig is a componentconfig
type CredentialRepresentation ¶
type CredentialRepresentation struct {
Algorithm string `json:"algorithm"`
Config MultivaluedHashMap `json:"config"`
Counter int32 `json:"counter"`
CreatedDate int64 `json:"createdDate"`
Device string `json:"device"`
Digits int32 `json:"digits"`
HashIterations int32 `json:"hashIterations"`
HashedSaltedValue string `json:"hashedSaltedValue"`
Period int32 `json:"period"`
Salt string `json:"salt"`
Temporary bool `json:"temporary"`
Type string `json:"type"`
Value string `json:"value"`
}
CredentialRepresentation represents credentials
type ExecuteActionsEmail ¶
type ExecuteActionsEmail struct {
BaseParams
UserID string `json:"-"`
ClientID string `json:"clientId,omitempty"`
Lifespan int `json:"lifespan,string,omitempty"`
RedirectURI string `json:"redirect_uri,omitempty"`
Actions []string `json:"-"`
}
ExecuteActionsEmail represents parameters for executing action emails
func (ExecuteActionsEmail) GetQueryParams ¶
func (s ExecuteActionsEmail) GetQueryParams() (map[string]string, error)
GetQueryParams converts the struct to map[string]string
type GetClientsParams ¶
type GetClientsParams struct {
BaseParams
ClientID string `json:"clientId,omitempty"`
ViewableOnly bool `json:"viewableOnly,string,omitempty"`
}
GetClientsParams represents the query parameters
func (GetClientsParams) GetQueryParams ¶
func (s GetClientsParams) GetQueryParams() (map[string]string, error)
GetQueryParams converts the struct to map[string]string
type GetGroupsParams ¶
type GetGroupsParams struct {
BaseParams
First int `json:"first,string,omitempty"`
Max int `json:"max,string,omitempty"`
Search string `json:"search,omitempty"`
}
GetGroupsParams represents the optional parameters for getting groups
func (GetGroupsParams) GetQueryParams ¶
func (s GetGroupsParams) GetQueryParams() (map[string]string, error)
GetQueryParams converts the struct to map[string]string
type GetUsersParams ¶
type GetUsersParams struct {
BaseParams
BriefRepresentation *bool `json:"briefRepresentation,string,omitempty"`
Email string `json:"email,omitempty"`
First int `json:"first,string,omitempty"`
FirstName string `json:"firstName,omitempty"`
LastName string `json:"lastName,omitempty"`
Max int `json:"max,string,omitempty"`
Search string `json:"search,omitempty"`
Username string `json:"username,omitempty"`
}
GetUsersParams represents the optional parameters for getting users
func (GetUsersParams) GetQueryParams ¶
func (s GetUsersParams) GetQueryParams() (map[string]string, error)
GetQueryParams converts the struct to map[string]string
type GoCloak ¶
type GoCloak interface {
// Login sends a request to the token endpoint using user and client credentials
Login(clientID string, clientSecret string, realm string, username string, password string) (*JWT, error)
// Logout sends a request to the logout endpoint using refresh token
Logout(clientID, clientSecret, realm, refreshToken string) error
// LoginClient sends a request to the token endpoint using client credentials
LoginClient(clientID, clientSecret, realm string) (*JWT, error)
// LoginAdmin login as admin
LoginAdmin(username, password, realm string) (*JWT, error)
// RequestPermisssion sends a request to the token endpoint with permission parameter
RequestPermission(clientID string, clientSecret string, realm string, username string, password string, permission string) (*JWT, error)
// RefreshToken used to refresh the token
RefreshToken(refreshToken string, clientID, clientSecret, realm string) (*JWT, error)
// DecodeAccessToken decodes the accessToken
DecodeAccessToken(accessToken string, realm string) (*jwt.Token, *jwt.MapClaims, error)
// DecodeAccessTokenCustomClaims decodes the accessToken and fills the given claims
DecodeAccessTokenCustomClaims(accessToken string, realm string, claims jwt.Claims) (*jwt.Token, error)
// DecodeAccessTokenCustomClaims calls the token introspection endpoint
RetrospectToken(accessToken string, clientID, clientSecret string, realm string) (*RetrospecTokenResult, error)
// GetIssuer calls the issuer endpoint for the given realm
GetIssuer(realm string) (*IssuerResponse, error)
// GetCerts gets the public keys for the given realm
GetCerts(realm string) (*CertResponse, error)
// GetUserInfo gets the user info for the given realm
GetUserInfo(accessToken string, realm string) (*UserInfo, error)
// SetPassword sets a new password for the user with the given id. Needs elevated privileges
SetPassword(token string, userID string, realm string, password string, temporary bool) error
// ExecuteActionsEmail executes an actions email
ExecuteActionsEmail(token string, realm string, params ExecuteActionsEmail) error
// CreateUser creates a new user
CreateUser(token string, realm string, user User) (*string, error)
// CreateGroup creates a new group
CreateGroup(accessToken string, realm string, group Group) error
// CreateClientRole creates a new role for a client
CreateClientRole(accessToken string, realm string, clientID string, role Role) error
// CreateClient creates a new client
CreateClient(accessToken string, realm string, clientID Client) error
// CreateClientScope creates a new clientScope
CreateClientScope(accessToken string, realm string, scope ClientScope) error
// CreateComponent creates a new component
CreateComponent(accessToken string, realm string, component Component) error
// UpdateUser updates the given user
UpdateUser(accessToken string, realm string, user User) error
// UpdateGroup updates the given group
UpdateGroup(accessToken string, realm string, group Group) error
// UpdateRole updates the given role
UpdateRole(accessToken string, realm string, clientID string, role Role) error
// UpdateClient updates the given client
UpdateClient(accessToken string, realm string, clientID Client) error
// UpdateClientScope updates the given clientScope
UpdateClientScope(accessToken string, realm string, scope ClientScope) error
// DeleteUser deletes the given user
DeleteUser(accessToken string, realm, userID string) error
// DeleteComponent deletes the given component
DeleteComponent(accessToken string, realm, componentID string) error
// DeleteGroup deletes the given group
DeleteGroup(accessToken string, realm, groupID string) error
// DeleteClientRole deletes the given role
DeleteClientRole(accessToken string, realm, clientID, roleName string) error
// DeleteClient deletes the given client
DeleteClient(accessToken string, realm, clientID string) error
// DeleteClientScope
DeleteClientScope(accessToken string, realm, scopeID string) error
// GetClient returns a client
GetClient(accessToken string, realm string, clientID string) (*Client, error)
// GetClientSecret returns a client's secret
GetClientSecret(token string, realm string, clientID string) (*CredentialRepresentation, error)
// GetKeyStoreConfig gets the keyStoreConfig
GetKeyStoreConfig(accessToken string, realm string) (*KeyStoreConfig, error)
// GetUserByID gets the user with the given id
GetUserByID(accessToken string, realm string, userID string) (*User, error)
// GetUser count returns the userCount of the given realm
GetUserCount(accessToken string, realm string) (int, error)
// GetUsers gets all users of the given realm
GetUsers(accessToken string, realm string, params GetUsersParams) (*[]User, error)
// GetUserGroups gets the groups of the given user
GetUserGroups(accessToken string, realm string, userID string) (*[]UserGroup, error)
// GetComponents gets components of the given realm
GetComponents(accessToken string, realm string) (*[]Component, error)
// GetGroups gets all groups of the given realm
GetGroups(accessToken string, realm string, params GetGroupsParams) (*[]Group, error)
// GetGroup gets the given group
GetGroup(accessToken string, realm, groupID string) (*Group, error)
// GetRoleMappingByGroupID gets the rolemapping for the given group id
GetRoleMappingByGroupID(accessToken string, realm string, groupID string) (*MappingsRepresentation, error)
// GetRoleMappingByUserID gets the rolemapping for the given user id
GetRoleMappingByUserID(accessToken string, realm string, userID string) (*MappingsRepresentation, error)
// GetClientRoles gets roles for the given client
GetClientRoles(accessToken string, realm string, clientID string) (*[]Role, error)
// GetClientRole get a role for the given client in a realm by role name
GetClientRole(token string, realm string, clientID string, roleName string) (*Role, error)
// GetClients gets the clients in the realm
GetClients(accessToken string, realm string, params GetClientsParams) (*[]Client, error)
// GetUsersByRoleName returns all users have a given role
GetUsersByRoleName(token string, realm string, roleName string) (*[]User, error)
// UserAttributeContains checks if the given attribute has the given value
UserAttributeContains(attributes map[string][]string, attribute string, value string) bool
// CreateRealmRole creates a role in a realm
CreateRealmRole(token string, realm string, role Role) error
// GetRealmRole returns a role from a realm by role's name
GetRealmRole(token string, realm string, roleName string) (*Role, error)
// GetRealmRoles get all roles of the given realm. It's an alias for the GetRoles function
GetRealmRoles(accessToken string, realm string) (*[]Role, error)
// GetRealmRolesByUserID returns all roles assigned to the given user
GetRealmRolesByUserID(accessToken string, realm string, userID string) (*[]Role, error)
// GetRealmRolesByGroupID returns all roles assigned to the given group
GetRealmRolesByGroupID(accessToken string, realm string, groupID string) (*[]Role, error)
// UpdateRealmRole updates a role in a realm
UpdateRealmRole(token string, realm string, roleName string, role Role) error
// DeleteRealmRole deletes a role in a realm by role's name
DeleteRealmRole(token string, realm string, roleName string) error
// AddRealmRoleToUser adds realm-level role mappings
AddRealmRoleToUser(token string, realm string, userID string, roles []Role) error
// DeleteRealmRoleFromUser deletes realm-level role mappings
DeleteRealmRoleFromUser(token string, realm string, userID string, roles []Role) error
// AddRealmRoleComposite adds roles as composite
AddRealmRoleComposite(token string, realm string, roleName string, roles []Role) error
// AddRealmRoleComposite adds roles as composite
DeleteRealmRoleComposite(token string, realm string, roleName string, roles []Role) error
// GetRealm returns top-level representation of the realm
GetRealm(token string, realm string) (*RealmRepresentation, error)
// CreateRealm creates a realm
CreateRealm(token string, realm RealmRepresentation) error
}
GoCloak holds all methods a client should fulfill
type Group ¶
type Group struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Path string `json:"path,omitempty"`
SubGroups []interface{} `json:"subGroups,omitempty"`
}
Group is a Group
type IssuerResponse ¶
type IssuerResponse struct {
Realm string `json:"realm"`
PublicKey string `json:"public_key"`
TokenService string `json:"token-service"`
AccountService string `json:"account-service"`
TokensNotBefore int `json:"tokens-not-before"`
}
IssuerResponse is returned by the issuer endpoint
type JWT ¶
type JWT struct {
AccessToken string `json:"access_token"`
ExpiresIn int `json:"expires_in"`
RefreshExpiresIn int `json:"refresh_expires_in"`
RefreshToken string `json:"refresh_token"`
TokenType string `json:"token_type"`
NotBeforePolicy int `json:"not-before-policy"`
SessionState string `json:"session_state"`
Scope string `json:"scope"`
}
JWT is a JWT
type Key ¶
type Key struct {
ProviderID string `json:"providerId"`
ProviderPriority int `json:"providerPriority"`
Kid string `json:"kid"`
Status string `json:"status"`
Type string `json:"type"`
Algorithm string `json:"algorithm"`
PublicKey string `json:"publicKey,omitempty"`
Certificate string `json:"certificate,omitempty"`
}
Key is a key
type KeyStoreConfig ¶
type KeyStoreConfig struct {
ActiveKeys ActiveKeys `json:"active"`
Key []Key `json:"keys"`
}
KeyStoreConfig holds the keyStoreConfig
type MappingsRepresentation ¶
type MappingsRepresentation struct {
ClientMappings map[string]ClientMappingsRepresentation `json:"clientMappings,omitempty"`
RealmMappings []Role `json:"realmMappings,omitempty"`
}
MappingsRepresentation is a representation of role mappings
type MultivaluedHashMap ¶
type MultivaluedHashMap struct {
Empty bool `json:"empty"`
LoadFactor float32 `json:"loadFactor"`
Threshold int32 `json:"threshold"`
}
MultivaluedHashMap represents something
type ObjectAlreadyExists ¶
type ObjectAlreadyExists struct{}
ObjectAlreadyExists is used when keycloak answers with 409
func (*ObjectAlreadyExists) Error ¶
func (o *ObjectAlreadyExists) Error() string
type ProtocolMappers ¶
type ProtocolMappers struct {
ID string `json:"id"`
Name string `json:"name"`
Protocol string `json:"protocol"`
ProtocolMapper string `json:"protocolMapper"`
ConsentRequired bool `json:"consentRequired"`
ProtocolMappersConfig ProtocolMappersConfig `json:"config"`
}
ProtocolMappers are protocolmappers
type ProtocolMappersConfig ¶
type ProtocolMappersConfig struct {
UserinfoTokenClaim string `json:"userinfo.token.claim"`
UserAttribute string `json:"user.attribute"`
IDTokenClaim string `json:"id.token.claim"`
AccessTokenClaim string `json:"access.token.claim"`
ClaimName string `json:"claim.name"`
JSONTypeLabel string `json:"jsonType.label"`
}
ProtocolMappersConfig is a config of a protocol mapper
type RealmRepresentation ¶
type RealmRepresentation struct {
AccessCodeLifespan int `json:"accessCodeLifespan"`
AccessCodeLifespanLogin int `json:"accessCodeLifespanLogin"`
AccessCodeLifespanUserAction int `json:"accessCodeLifespanUserAction"`
AccessTokenLifespan int `json:"accessTokenLifespan"`
AccessTokenLifespanForImplicitFlow int `json:"accessTokenLifespanForImplicitFlow"`
AccountTheme string `json:"accountTheme"`
ActionTokenGeneratedByAdminLifespan int `json:"actionTokenGeneratedByAdminLifespan"`
ActionTokenGeneratedByUserLifespan int `json:"actionTokenGeneratedByUserLifespan"`
AdminEventsDetailsEnabled bool `json:"adminEventsDetailsEnabled"`
AdminEventsEnabled bool `json:"adminEventsEnabled"`
AdminTheme string `json:"adminTheme"`
Attributes map[string]string `json:"attributes"`
AuthenticationFlows []interface{} `json:"authenticationFlows"`
AuthenticatorConfig []interface{} `json:"authenticatorConfig"`
BrowserFlow string `json:"browserFlow"`
BrowserSecurityHeaders map[string]string `json:"browserSecurityHeaders"`
BruteForceProtected bool `json:"bruteForceProtected"`
ClientAuthenticationFlow string `json:"clientAuthenticationFlow"`
ClientScopeMappings map[string]string `json:"clientScopeMappings"`
ClientScopes []interface{} `json:"clientScopes"`
Clients []interface{} `json:"clients"`
Components interface{} `json:"components"`
DefaultDefaultClientScopes []string `json:"defaultDefaultClientScopes"`
DefaultGroups []string `json:"defaultGroups"`
DefaultLocale string `json:"defaultLocale"`
DefaultOptionalClientScopes []string `json:"defaultOptionalClientScopes"`
DefaultRoles []string `json:"defaultRoles"`
DefaultSignatureAlgorithm string `json:"defaultSignatureAlgorithm"`
DirectGrantFlow string `json:"directGrantFlow"`
DisplayName string `json:"displayName"`
DisplayNameHTML string `json:"displayNameHtml"`
DockerAuthenticationFlow string `json:"dockerAuthenticationFlow"`
DuplicateEmailsAllowed bool `json:"duplicateEmailsAllowed"`
EditUsernameAllowed bool `json:"editUsernameAllowed"`
EmailTheme string `json:"emailTheme"`
Enabled bool `json:"enabled"`
EnabledEventTypes []string `json:"enabledEventTypes"`
EventsEnabled bool `json:"eventsEnabled"`
EventsExpiration int64 `json:"eventsExpiration"`
EventsListeners []string `json:"eventsListeners"`
FailureFactor int `json:"failureFactor"`
FederatedUsers []interface{} `json:"federatedUsers"`
Groups []interface{} `json:"groups"`
ID string `json:"id"`
IdentityProviderMappers []interface{} `json:"identityProviderMappers"`
IdentityProviders []interface{} `json:"identityProviders"`
InternationalizationEnabled bool `json:"internationalizationEnabled"`
KeycloakVersion string `json:"keycloakVersion"`
LoginTheme string `json:"loginTheme"`
LoginWithEmailAllowed bool `json:"loginWithEmailAllowed"`
MaxDeltaTimeSeconds int `json:"maxDeltaTimeSeconds"`
MaxFailureWaitSeconds int `json:"maxFailureWaitSeconds"`
MinimumQuickLoginWaitSeconds int `json:"minimumQuickLoginWaitSeconds"`
NotBefore int `json:"notBefore"`
OfflineSessionIdleTimeout int `json:"offlineSessionIdleTimeout"`
OfflineSessionMaxLifespan int `json:"offlineSessionMaxLifespan"`
OfflineSessionMaxLifespanEnabled bool `json:"offlineSessionMaxLifespanEnabled"`
OtpPolicyAlgorithm string `json:"otpPolicyAlgorithm"`
OtpPolicyDigits int `json:"otpPolicyDigits"`
OtpPolicyInitialCounter int `json:"otpPolicyInitialCounter"`
OtpPolicyLookAheadWindow int `json:"otpPolicyLookAheadWindow"`
OtpPolicyPeriod int `json:"otpPolicyPeriod"`
OtpPolicyType string `json:"otpPolicyType"`
OtpSupportedApplications []string `json:"otpSupportedApplications"`
PasswordPolicy string `json:"passwordPolicy"`
PermanentLockout bool `json:"permanentLockout"`
ProtocolMappers []interface{} `json:"protocolMappers"`
QuickLoginCheckMilliSeconds int64 `json:"quickLoginCheckMilliSeconds"`
Realm string `json:"realm"`
RefreshTokenMaxReuse int `json:"refreshTokenMaxReuse"`
RegistrationAllowed bool `json:"registrationAllowed"`
RegistrationEmailAsUsername bool `json:"registrationEmailAsUsername"`
RegistrationFlow string `json:"registrationFlow"`
RememberMe bool `json:"rememberMe"`
RequiredActions []interface{} `json:"requiredActions"`
ResetCredentialsFlow string `json:"resetCredentialsFlow"`
ResetPasswordAllowed bool `json:"resetPasswordAllowed"`
RevokeRefreshToken bool `json:"revokeRefreshToken"`
Roles interface{} `json:"roles"`
ScopeMappings []interface{} `json:"scopeMappings"`
SMTPServer map[string]string `json:"smtpServer"`
SslRequired string `json:"sslRequired"`
SsoSessionIdleTimeout int `json:"ssoSessionIdleTimeout"`
SsoSessionIdleTimeoutRememberMe int `json:"ssoSessionIdleTimeoutRememberMe"`
SsoSessionMaxLifespan int `json:"ssoSessionMaxLifespan"`
SsoSessionMaxLifespanRememberMe int `json:"ssoSessionMaxLifespanRememberMe"`
SupportedLocales []string `json:"supportedLocales"`
UserFederationMappers []interface{} `json:"userFederationMappers"`
UserFederationProviders []interface{} `json:"userFederationProviders"`
UserManagedAccessAllowed bool `json:"userManagedAccessAllowed"`
Users []interface{} `json:"users"`
VerifyEmail bool `json:"verifyEmail"`
WaitIncrementSeconds int `json:"waitIncrementSeconds"`
}
RealmRepresentation represent a realm
type RetrospecTokenResult ¶
type RetrospecTokenResult struct {
Permissions map[string]string `json:"permissions,omitempty"`
Exp int `json:"exp,omitempty"`
Nbf int `json:"nbf,omitempty"`
Iat int `json:"iat,omitempty"`
Aud string `json:"aud,omitempty"`
Active bool `json:"active,omitempty"`
AuthTime int `json:"auth_time,omitempty"`
Jti string `json:"jti,omitempty"`
Type string `json:"typ,omitempty"`
}
RetrospecTokenResult is returned when a token was checked
type Role ¶
type Role struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
ScopeParamRequired bool `json:"scopeParamRequired,omitempty"`
Composite bool `json:"composite,omitempty"`
ClientRole bool `json:"clientRole,omitempty"`
ContainerID string `json:"containerId,omitempty"`
Description string `json:"description,omitempty"`
Attributes map[string][]string `json:"attributes,omitempty"`
}
Role is a role
type SetPasswordRequest ¶
type SetPasswordRequest struct {
Type string `json:"type"`
Temporary bool `json:"temporary"`
Password string `json:"value"`
}
SetPasswordRequest sets a new password
type User ¶
type User struct {
ID string `json:"id,omitempty"`
CreatedTimestamp int64 `json:"createdTimestamp,omitempty"`
Username string `json:"username,omitempty"`
Enabled bool `json:"enabled,omitempty"`
Totp bool `json:"totp,omitempty"`
EmailVerified bool `json:"emailVerified,omitempty"`
FirstName string `json:"firstName,omitempty"`
LastName string `json:"lastName,omitempty"`
Email string `json:"email,omitempty"`
FederationLink string `json:"federationLink,omitempty"`
Attributes map[string][]string `json:"attributes,omitempty"`
DisableableCredentialTypes []interface{} `json:"disableableCredentialTypes,omitempty"`
RequiredActions []interface{} `json:"requiredActions,omitempty"`
Access map[string]bool `json:"access,omitempty"`
}
User represents the Keycloak User Structure
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.