You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
199 lines
12 KiB
199 lines
12 KiB
package api
|
|
|
|
import (
|
|
"github.com/cloudtrust/keycloak-client"
|
|
"gopkg.in/h2non/gentleman.v2/plugins/body"
|
|
"gopkg.in/h2non/gentleman.v2/plugins/url"
|
|
)
|
|
|
|
const (
|
|
authenticationManagementPath = "/auth/admin/realms/:realm/authentication"
|
|
authenticationConfigPath = authenticationManagementPath + "/config/:id"
|
|
authenticationRequiredActionsPath = authenticationManagementPath + "/required-actions"
|
|
authenticationRequiredActionPath = authenticationRequiredActionsPath + "/:alias"
|
|
)
|
|
|
|
// GetAuthenticatorProviders returns a list of authenticator providers.
|
|
func (c *Client) GetAuthenticatorProviders(accessToken string, realmName string) ([]map[string]interface{}, error) {
|
|
var resp = []map[string]interface{}{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationManagementPath+"/authenticator-providers"), url.Param("realm", realmName))
|
|
return resp, err
|
|
}
|
|
|
|
// GetClientAuthenticatorProviders returns a list of client authenticator providers.
|
|
func (c *Client) GetClientAuthenticatorProviders(accessToken string, realmName string) ([]map[string]interface{}, error) {
|
|
var resp = []map[string]interface{}{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationManagementPath+"/client-authenticator-providers"), url.Param("realm", realmName))
|
|
return resp, err
|
|
}
|
|
|
|
// GetAuthenticatorProviderConfig returns the authenticator provider’s configuration description.
|
|
func (c *Client) GetAuthenticatorProviderConfig(accessToken string, realmName, providerID string) (keycloak.AuthenticatorConfigInfoRepresentation, error) {
|
|
var resp = keycloak.AuthenticatorConfigInfoRepresentation{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationManagementPath+"/config-description/:providerID"), url.Param("realm", realmName), url.Param("providerID", providerID))
|
|
return resp, err
|
|
}
|
|
|
|
// GetAuthenticatorConfig returns the authenticator configuration.
|
|
func (c *Client) GetAuthenticatorConfig(accessToken string, realmName, configID string) (keycloak.AuthenticatorConfigRepresentation, error) {
|
|
var resp = keycloak.AuthenticatorConfigRepresentation{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationConfigPath), url.Param("realm", realmName), url.Param("id", configID))
|
|
return resp, err
|
|
}
|
|
|
|
// UpdateAuthenticatorConfig updates the authenticator configuration.
|
|
func (c *Client) UpdateAuthenticatorConfig(accessToken string, realmName, configID string, config keycloak.AuthenticatorConfigRepresentation) error {
|
|
return c.put(accessToken, url.Path(authenticationConfigPath), url.Param("realm", realmName), url.Param("id", configID), body.JSON(config))
|
|
}
|
|
|
|
// DeleteAuthenticatorConfig deletes the authenticator configuration.
|
|
func (c *Client) DeleteAuthenticatorConfig(accessToken string, realmName, configID string) error {
|
|
return c.delete(accessToken, url.Path(authenticationConfigPath), url.Param("realm", realmName), url.Param("id", configID))
|
|
}
|
|
|
|
// CreateAuthenticationExecution add new authentication execution
|
|
func (c *Client) CreateAuthenticationExecution(accessToken string, realmName string, authExec keycloak.AuthenticationExecutionRepresentation) (string, error) {
|
|
return c.post(accessToken, nil, url.Path(authenticationManagementPath+"/executions"), url.Param("realm", realmName), body.JSON(authExec))
|
|
}
|
|
|
|
// DeleteAuthenticationExecution deletes the execution.
|
|
func (c *Client) DeleteAuthenticationExecution(accessToken string, realmName, executionID string) error {
|
|
return c.delete(accessToken, url.Path(authenticationManagementPath+"/executions/:id"), url.Param("realm", realmName), url.Param("id", executionID))
|
|
}
|
|
|
|
// UpdateAuthenticationExecution update execution with new configuration.
|
|
func (c *Client) UpdateAuthenticationExecution(accessToken string, realmName, executionID string, authConfig keycloak.AuthenticatorConfigRepresentation) error {
|
|
_, err := c.post(accessToken, nil, url.Path(authenticationManagementPath+"/executions/:id/config"), url.Param("realm", realmName), url.Param("id", executionID), body.JSON(authConfig))
|
|
return err
|
|
}
|
|
|
|
// LowerExecutionPriority lowers the execution’s priority.
|
|
func (c *Client) LowerExecutionPriority(accessToken string, realmName, executionID string) error {
|
|
_, err := c.post(accessToken, nil, url.Path(authenticationManagementPath+"/executions/:id/lower-priority"), url.Param("realm", realmName), url.Param("id", executionID))
|
|
return err
|
|
}
|
|
|
|
// RaiseExecutionPriority raise the execution’s priority.
|
|
func (c *Client) RaiseExecutionPriority(accessToken string, realmName, executionID string) error {
|
|
_, err := c.post(accessToken, nil, url.Path(authenticationManagementPath+"/executions/:id/raise-priority"), url.Param("realm", realmName), url.Param("id", executionID))
|
|
return err
|
|
}
|
|
|
|
// CreateAuthenticationFlow creates a new authentication flow.
|
|
func (c *Client) CreateAuthenticationFlow(accessToken string, realmName string, authFlow keycloak.AuthenticationFlowRepresentation) error {
|
|
_, err := c.post(accessToken, nil, url.Path(authenticationManagementPath+"/flows"), url.Param("realm", realmName), body.JSON(authFlow))
|
|
return err
|
|
}
|
|
|
|
// GetAuthenticationFlows returns a list of authentication flows.
|
|
func (c *Client) GetAuthenticationFlows(accessToken string, realmName string) ([]keycloak.AuthenticationFlowRepresentation, error) {
|
|
var resp = []keycloak.AuthenticationFlowRepresentation{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationManagementPath+"/flows"), url.Param("realm", realmName))
|
|
return resp, err
|
|
}
|
|
|
|
// CopyExistingAuthenticationFlow copy the existing authentication flow under a new name.
|
|
// 'flowAlias' is the name of the existing authentication flow,
|
|
// 'newName' is the new name of the authentication flow.
|
|
func (c *Client) CopyExistingAuthenticationFlow(accessToken string, realmName, flowAlias, newName string) error {
|
|
var m = map[string]string{"newName": newName}
|
|
_, err := c.post(accessToken, nil, url.Path(authenticationManagementPath+"/flows/:flowAlias/copy"), url.Param("realm", realmName), url.Param("flowAlias", flowAlias), body.JSON(m))
|
|
return err
|
|
}
|
|
|
|
// GetAuthenticationExecutionForFlow returns the authentication executions for a flow.
|
|
func (c *Client) GetAuthenticationExecutionForFlow(accessToken string, realmName, flowAlias string) (keycloak.AuthenticationExecutionInfoRepresentation, error) {
|
|
var resp = keycloak.AuthenticationExecutionInfoRepresentation{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationManagementPath+"/flows/:flowAlias/executions"), url.Param("realm", realmName), url.Param("flowAlias", flowAlias))
|
|
return resp, err
|
|
}
|
|
|
|
// UpdateAuthenticationExecutionForFlow updates the authentication executions of a flow.
|
|
func (c *Client) UpdateAuthenticationExecutionForFlow(accessToken string, realmName, flowAlias string, authExecInfo keycloak.AuthenticationExecutionInfoRepresentation) error {
|
|
return c.put(accessToken, url.Path(authenticationManagementPath+"/flows/:flowAlias/executions"), url.Param("realm", realmName), url.Param("flowAlias", flowAlias), body.JSON(authExecInfo))
|
|
}
|
|
|
|
// CreateAuthenticationExecutionForFlow add a new authentication execution to a flow.
|
|
// 'flowAlias' is the alias of the parent flow.
|
|
func (c *Client) CreateAuthenticationExecutionForFlow(accessToken string, realmName, flowAlias, provider string) (string, error) {
|
|
var m = map[string]string{"provider": provider}
|
|
return c.post(accessToken, nil, url.Path(authenticationManagementPath+"/flows/:flowAlias/executions/execution"), url.Param("realm", realmName), url.Param("flowAlias", flowAlias), body.JSON(m))
|
|
}
|
|
|
|
// CreateFlowWithExecutionForExistingFlow add a new flow with a new execution to an existing flow.
|
|
// 'flowAlias' is the alias of the parent authentication flow.
|
|
func (c *Client) CreateFlowWithExecutionForExistingFlow(accessToken string, realmName, flowAlias, alias, flowType, provider, description string) (string, error) {
|
|
var m = map[string]string{"alias": alias, "type": flowType, "provider": provider, "description": description}
|
|
return c.post(accessToken, nil, url.Path(authenticationManagementPath+"/flows/:flowAlias/executions/flow"), url.Param("realm", realmName), url.Param("flowAlias", flowAlias), body.JSON(m))
|
|
}
|
|
|
|
// GetAuthenticationFlow gets the authentication flow for id.
|
|
func (c *Client) GetAuthenticationFlow(accessToken string, realmName, flowID string) (keycloak.AuthenticationFlowRepresentation, error) {
|
|
var resp = keycloak.AuthenticationFlowRepresentation{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationManagementPath+"/flows/:id"), url.Param("realm", realmName), url.Param("id", flowID))
|
|
return resp, err
|
|
}
|
|
|
|
// DeleteAuthenticationFlow deletes an authentication flow.
|
|
func (c *Client) DeleteAuthenticationFlow(accessToken string, realmName, flowID string) error {
|
|
return c.delete(accessToken, url.Path(authenticationManagementPath+"/flows/:id"), url.Param("realm", realmName), url.Param("id", flowID))
|
|
}
|
|
|
|
// GetFormActionProviders returns a list of form action providers.
|
|
func (c *Client) GetFormActionProviders(accessToken string, realmName string) ([]map[string]interface{}, error) {
|
|
var resp = []map[string]interface{}{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationManagementPath+"/form-action-providers"), url.Param("realm", realmName))
|
|
return resp, err
|
|
}
|
|
|
|
// GetFormProviders returns a list of form providers.
|
|
func (c *Client) GetFormProviders(accessToken string, realmName string) ([]map[string]interface{}, error) {
|
|
var resp = []map[string]interface{}{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationManagementPath+"/form-providers"), url.Param("realm", realmName))
|
|
return resp, err
|
|
}
|
|
|
|
// GetConfigDescriptionForClients returns the configuration descriptions for all clients.
|
|
func (c *Client) GetConfigDescriptionForClients(accessToken string, realmName string) (map[string]interface{}, error) {
|
|
var resp = map[string]interface{}{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationManagementPath+"/per-client-config-description"), url.Param("realm", realmName))
|
|
return resp, err
|
|
}
|
|
|
|
// RegisterRequiredAction register a new required action.
|
|
func (c *Client) RegisterRequiredAction(accessToken string, realmName, providerID, name string) error {
|
|
var m = map[string]string{"providerId": providerID, "name": name}
|
|
_, err := c.post(accessToken, nil, url.Path(authenticationManagementPath+"/register-required-action"), url.Param("realm", realmName), body.JSON(m))
|
|
return err
|
|
}
|
|
|
|
// GetRequiredActions returns a list of required actions.
|
|
func (c *Client) GetRequiredActions(accessToken string, realmName string) ([]keycloak.RequiredActionProviderRepresentation, error) {
|
|
var resp = []keycloak.RequiredActionProviderRepresentation{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationRequiredActionsPath), url.Param("realm", realmName))
|
|
return resp, err
|
|
}
|
|
|
|
// GetRequiredAction returns the required action for the alias.
|
|
func (c *Client) GetRequiredAction(accessToken string, realmName, actionAlias string) (keycloak.RequiredActionProviderRepresentation, error) {
|
|
var resp = keycloak.RequiredActionProviderRepresentation{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationRequiredActionPath), url.Param("realm", realmName), url.Param("alias", actionAlias))
|
|
return resp, err
|
|
}
|
|
|
|
// UpdateRequiredAction updates the required action.
|
|
func (c *Client) UpdateRequiredAction(accessToken string, realmName, actionAlias string, action keycloak.RequiredActionProviderRepresentation) error {
|
|
return c.put(accessToken, url.Path(authenticationRequiredActionPath), url.Param("realm", realmName), url.Param("alias", actionAlias), body.JSON(action))
|
|
}
|
|
|
|
// DeleteRequiredAction deletes the required action.
|
|
func (c *Client) DeleteRequiredAction(accessToken string, realmName, actionAlias string) error {
|
|
return c.delete(accessToken, url.Path(authenticationRequiredActionPath), url.Param("realm", realmName), url.Param("alias", actionAlias))
|
|
}
|
|
|
|
// GetUnregisteredRequiredActions returns a list of unregistered required actions.
|
|
func (c *Client) GetUnregisteredRequiredActions(accessToken string, realmName string) ([]map[string]interface{}, error) {
|
|
var resp = []map[string]interface{}{}
|
|
var err = c.get(accessToken, &resp, url.Path(authenticationManagementPath+"/unregistered-required-actions"), url.Param("realm", realmName))
|
|
return resp, err
|
|
}
|
|
|