Add path for attack-detection, handle errors with errors package

Gopkg.lock

@@ -19,6 +19,12 @@
   revision = "925541529c1fa6821df4e44ce2723319eb2be768"
   version = "v1.0.0"
 
+[[projects]]
+  name = "github.com/pkg/errors"
+  packages = ["."]
+  revision = "645ef00459ed84a119197bfb8d8205042c6df63d"
+  version = "v0.8.0"
+
 [[projects]]
   name = "github.com/pmezard/go-difflib"
   packages = ["difflib"]
@@ -31,6 +37,12 @@
   packages = [".","cacheobject"]
   revision = "0dec1b30a0215bb68605dfc568e8855066c9202d"
 
+[[projects]]
+  name = "github.com/spf13/pflag"
+  packages = ["."]
+  revision = "e57e3eeb33f795204c1ca35f56c44f83227c6e66"
+  version = "v1.0.0"
+
 [[projects]]
   name = "github.com/stretchr/testify"
   packages = ["assert","require"]
@@ -82,6 +94,6 @@
 [solve-meta]
   analyzer-name = "dep"
   analyzer-version = 1
-  inputs-digest = "5771516553a6ddbd4ae08c137169a7ca8437e019d877ae76413fbb7191e491ee"
+  inputs-digest = "bcd4dc5f3937d83e106e1a9999b3a7f5a9544ba495a3375c920688c9e73afce8"
   solver-name = "gps-cdcl"
   solver-version = 1

attack_detection.go

@@ -0,0 +1,27 @@
+package keycloak
+
+import (
+	"gopkg.in/h2non/gentleman.v2/plugins/url"
+)
+
+const (
+	attackDetectionPath   = "/auth/admin/realms/:realm/attack-detection/brute-force/users"
+	attackDetectionIDPath = attackDetectionPath + "/:id"
+)
+
+// ClearAllLoginFailures clears any user login failures for all users. This can release temporary disabled users.
+func (c *Client) ClearAllLoginFailures(realmName string) error {
+	return c.delete(url.Path(attackDetectionPath), url.Param("realm", realmName))
+}
+
+// GetAttackDetectionStatus gets the status of a username in brute force detection.
+func (c *Client) GetAttackDetectionStatus(realmName, userID string) (map[string]interface{}, error) {
+	var resp = map[string]interface{}{}
+	var err = c.get(&resp, url.Path(attackDetectionIDPath), url.Param("realm", realmName), url.Param("id", userID))
+	return resp, err
+}
+
+// ClearUserLoginFailures clear any user login failures for the user. This can release temporary disabled user.
+func (c *Client) ClearUserLoginFailures(realmName, userID string) error {
+	return c.delete(url.Path(attackDetectionIDPath), url.Param("realm", realmName), url.Param("id", userID))
+}

client_test.go

@@ -1 +0,0 @@
-package keycloak

client.go → keycloak_client.go

@@ -9,6 +9,7 @@ import (
 	"time"
 
 	oidc "github.com/coreos/go-oidc"
+	"github.com/pkg/errors"
 	"gopkg.in/h2non/gentleman.v2"
 	"gopkg.in/h2non/gentleman.v2/plugin"
 	"gopkg.in/h2non/gentleman.v2/plugins/query"
@@ -39,7 +40,7 @@ func New(config Config) (*Client, error) {
 		var err error
 		u, err = url.Parse(config.Addr)
 		if err != nil {
-			return nil, fmt.Errorf("could not parse URL: %v", err)
+			return nil, errors.Wrap(err, "could not parse URL")
 		}
 	}
 
@@ -59,7 +60,7 @@ func New(config Config) (*Client, error) {
 		var issuer = fmt.Sprintf("%s/auth/realms/master", u.String())
 		oidcProvider, err = oidc.NewProvider(context.Background(), issuer)
 		if err != nil {
-			return nil, fmt.Errorf("could not create oidc provider: %v", err)
+			return nil, errors.Wrap(err, "could not create oidc provider")
 		}
 	}
 
@@ -88,7 +89,7 @@ func (c *Client) getToken() error {
 		var err error
 		resp, err = req.Do()
 		if err != nil {
-			return fmt.Errorf("could not get token: %v", err)
+			return errors.Wrap(err, "could not get token")
 		}
 	}
 	defer resp.Close()
@@ -98,7 +99,7 @@ func (c *Client) getToken() error {
 		var err error
 		err = resp.JSON(&unmarshalledBody)
 		if err != nil {
-			return fmt.Errorf("could not unmarshal response: %v", err)
+			return errors.Wrap(err, "could not unmarshal response")
 		}
 	}
 
@@ -134,7 +135,7 @@ func (c *Client) get(data interface{}, plugins ...plugin.Plugin) error {
 		var err error
 		resp, err = req.Do()
 		if err != nil {
-			return fmt.Errorf("could not get response: %v", err)
+			return errors.Wrap(err, "could not get response")
 		}
 
 		switch {
@@ -143,7 +144,7 @@ func (c *Client) get(data interface{}, plugins ...plugin.Plugin) error {
 			if err = c.verifyToken(); err != nil {
 				var err = c.getToken()
 				if err != nil {
-					return fmt.Errorf("could not get token: %v", err)
+					return errors.Wrap(err, "could not get token: %v")
 				}
 			}
 			return c.get(data, plugins...)
@@ -166,7 +167,7 @@ func (c *Client) post(plugins ...plugin.Plugin) error {
 		var err error
 		resp, err = req.Do()
 		if err != nil {
-			return fmt.Errorf("could not get response: %v", err)
+			return errors.Wrap(err, "could not get response")
 		}
 
 		switch {
@@ -175,7 +176,7 @@ func (c *Client) post(plugins ...plugin.Plugin) error {
 			if err = c.verifyToken(); err != nil {
 				var err = c.getToken()
 				if err != nil {
-					return fmt.Errorf("could not get token: %v", err)
+					return errors.Wrap(err, "could not get token")
 				}
 			}
 			return c.post(plugins...)
@@ -198,7 +199,7 @@ func (c *Client) delete(plugins ...plugin.Plugin) error {
 		var err error
 		resp, err = req.Do()
 		if err != nil {
-			return fmt.Errorf("could not get response: %v", err)
+			return errors.Wrap(err, "could not get response")
 		}
 
 		switch {
@@ -207,7 +208,7 @@ func (c *Client) delete(plugins ...plugin.Plugin) error {
 			if err = c.verifyToken(); err != nil {
 				var err = c.getToken()
 				if err != nil {
-					return fmt.Errorf("could not get token: %v", err)
+					return errors.Wrap(err, "could not get token")
 				}
 			}
 			return c.delete(plugins...)
@@ -230,7 +231,7 @@ func (c *Client) put(plugins ...plugin.Plugin) error {
 		var err error
 		resp, err = req.Do()
 		if err != nil {
-			return fmt.Errorf("could not get response: %v", err)
+			return errors.Wrap(err, "could not get response")
 		}
 
 		switch {
@@ -239,7 +240,7 @@ func (c *Client) put(plugins ...plugin.Plugin) error {
 			if err = c.verifyToken(); err != nil {
 				var err = c.getToken()
 				if err != nil {
-					return fmt.Errorf("could not get token: %v", err)
+					return errors.Wrap(err, "could not get token: %v")
 				}
 			}
 			return c.put(plugins...)