apiproxy

package
v2.42.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 10, 2025 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ApiProxy 

type ApiProxy struct {
	// contains filtered or unexported fields
}

ApiProxy is a api proxy client instance.

func New 

func New(api restapi.Connector) *ApiProxy

New api proxy client constructor.

func (*ApiProxy) CreateApiTarget 

func (c *ApiProxy) CreateApiTarget(apiTarget *ApiTarget) (response.Identifier, error)

CreateApiTarget create a api target.

func (*ApiProxy) CreateCurrentUserClientCredential 

func (c *ApiProxy) CreateCurrentUserClientCredential(creds *ClientCredential) (response.Identifier, error)

CreateCurrentUserClientCredential create client crendetial for current user.

func (*ApiProxy) CreateUserClientCredential 

func (c *ApiProxy) CreateUserClientCredential(userID string, creds *ClientCredential) (response.Identifier, error)

CreateUserClientCredential create client crendetial for user by user id.

func (*ApiProxy) DeleteApiTarget 

func (c *ApiProxy) DeleteApiTarget(apiTargetID string) error

DeleteApiTarget delete api target by id.

func (*ApiProxy) DeleteCurrentUserClientCredential 

func (c *ApiProxy) DeleteCurrentUserClientCredential(credID string) error

DeleteCurrentUserClientCredential delete current user client credential by credential id.

func (*ApiProxy) DeleteUserClientCredential 

func (c *ApiProxy) DeleteUserClientCredential(userID, credID string) error

DeleteUserClientCredential delete user client credential by credential and user id.

func (*ApiProxy) GetApiProxyConfig 

func (c *ApiProxy) GetApiProxyConfig() (*ApiProxyAPIConf, error)

MARK: Config GetApiProxyConfig get api proxy config.

func (*ApiProxy) GetApiTarget 

func (c *ApiProxy) GetApiTarget(apiTargetID string) (*ApiTarget, error)

GetApiTarget get api target by id.

func (*ApiProxy) GetApiTargetTags 

func (c *ApiProxy) GetApiTargetTags(opts ...filters.Option) (*response.ResultSet[string], error)

GetApiTargetTags get api target tags.

func (*ApiProxy) GetApiTargets 

func (c *ApiProxy) GetApiTargets(opts ...filters.Option) (*response.ResultSet[ApiTarget], error)

MARK: Api Targets GetApiTargets get api targets.

func (*ApiProxy) GetCurrentUserClientCredential 

func (c *ApiProxy) GetCurrentUserClientCredential(credID string) (*ClientCredential, error)

GetCurrentUserClientCredential get current users client credential by credential id.

func (*ApiProxy) GetCurrentUserClientCredentialSecret 

func (c *ApiProxy) GetCurrentUserClientCredentialSecret(credID string) ([]byte, error)

GetCurrentUserClientCredentialSecret get current users client credential secret by credential id.

func (*ApiProxy) GetCurrentUserClientCredentials 

func (c *ApiProxy) GetCurrentUserClientCredentials(opts ...filters.Option) (*response.ResultSet[ClientCredential], error)

MARK: Current Users Client Credentials GetCurrentUserClientCredentials get current users client credentials.

func (*ApiProxy) GetUserClientCredential 

func (c *ApiProxy) GetUserClientCredential(userID, credID string) (*ClientCredential, error)

GetUserClientCredential get users client credential by credential and user id.

func (*ApiProxy) GetUserClientCredentialSecret 

func (c *ApiProxy) GetUserClientCredentialSecret(userID, credID string) ([]byte, error)

GetUserClientCredentialSecret get users client credential secret by credential and user id.

func (*ApiProxy) GetUserClientCredentials 

func (c *ApiProxy) GetUserClientCredentials(userID string, opts ...filters.Option) (*response.ResultSet[ClientCredential], error)

MARK: Users Client Credentials GetUserClientCredentials get users client credentials by user id.

func (*ApiProxy) SearchApiTargets 

func (c *ApiProxy) SearchApiTargets(search *ApiTargetSearchRequest, opts ...filters.Option) (*response.ResultSet[ApiTarget], error)

SearchApiTargets search api targets.

func (*ApiProxy) Status 

func (c *ApiProxy) Status() (*response.ServiceStatus, error)

MARK: Status Status get api proxy microservice status.

func (*ApiProxy) UpdateApiTarget 

func (c *ApiProxy) UpdateApiTarget(apiTargetID string, apiTarget *ApiTarget) error

UpdateApiTarget update api target by id.

func (*ApiProxy) UpdateCurrentUserClientCredential 

func (c *ApiProxy) UpdateCurrentUserClientCredential(credID string, cred *ClientCredential) error

UpdateCurrentUserClientCredential update current user client credential by credential id.

func (*ApiProxy) UpdateUserClientCredential 

func (c *ApiProxy) UpdateUserClientCredential(userID, credID string, cred *ClientCredential) error

UpdateUserClientCredential update user client credential by credential and user id.

type ApiProxyAPIConf 

type ApiProxyAPIConf struct {
	Addresses     []string                   `json:"addresses,omitempty"`
	CACertificate *ApiProxyCACertificateInfo `json:"ca_certificate,omitempty"`
	Chain         string                     `json:"ca_certificate_chain,omitempty"`
}

ApiProxyAPIConf response for GetApiProxyConfig()

type ApiProxyCACertificateInfo 

type ApiProxyCACertificateInfo struct {
	Subject           string `json:"subject,omitempty"`
	Issuer            string `json:"issuer,omitempty"`
	Serial            string `json:"serial,omitempty"`
	NotBefore         string `json:"not_before,omitempty"`
	NotAfter          string `json:"not_after,omitempty"`
	FingerPrintSHA1   string `json:"fingerprint_sha1,omitempty"`
	FingerPrintSHA256 string `json:"fingerprint_sha256,omitempty"`
}

ApiProxyCACertificateInfo api proxy x509 CA certificate information

type ApiTarget 

type ApiTarget struct {
	// ID is the unique UUID for the API target, if set must be a valid UUID
	ID string `json:"id"`

	// Name is a unique human readable name for the API target. Required; Not empty; Trimmed.
	Name string `json:"name"`

	// Comment is an optional human readable comment. Trimmed.
	Comment string `json:"comment,omitempty"`

	// Tags are optional tags for the API target. Trimmed entries; empty tags rejected.
	Tags []string `json:"tags"`

	// AccessGroupID specifies the access group the API target is associated to. if set must be a valid UUID
	AccessGroupID string `json:"access_group_id"`

	// Roles are the required roles which grant access to the API target
	Roles []RoleHandle `json:"roles"`

	// AuthorizedEndpoints specify the address, scheme, method and path patterns
	// for matching requests. A request must match at least one authorized
	// endpoint to be authorized.
	AuthorizedEndpoints []ApiTargetEndpoint `json:"authorized_endpoints"`

	// UnauthorizedEndpoints specify the address, scheme, method and path
	// patterns for matching requests. An authorized request must not match any
	// unauthorized endpoint.
	UnauthorizedEndpoints []ApiTargetEndpoint `json:"unauthorized_endpoints"`

	// TLSTrustAnchors specify optional X.509 certificate trust anchors for
	// validating the api target TLS server certificates. These trust anchors
	// are used together with trust anchors configured in the host OS, in
	// api-proxy settings and in the access group.
	TLSTrustAnchors string `json:"tls_trust_anchors,omitempty"`

	// TLSInsecureSkipVerify turns off the api target TLS server certificate
	// validation. It should be used with great caution and only when strictly needed.
	TLSInsecureSkipVerify bool `json:"tls_insecure_skip_verify,omitempty"`

	// TargetCredential specifies the credentials used for authenticating to the api target.
	TargetCredential TargetCredential `json:"target_credential"` // Credential validated according to selected type.

	// Disabled specifies whether this api target is enabled or not. All request
	// to disabled api targets are rejected.
	// Can be one of NOT_DISABLED, BY_ADMIN, BY_LICENSE.
	Disabled string `json:"disabled"`

	// AuditEnabled specifies whether to session record requests to this target api.
	AuditEnabled bool `json:"audit_enabled,omitempty"`

	Created   string `json:"created"`
	Author    string `json:"author"`
	Updated   string `json:"updated,omitempty"`
	UpdatedBy string `json:"updated_by,omitempty"`
}

ApiTarget object specifies all information necessary for performing access control for requests to an API target

type ApiTargetEndpoint 

type ApiTargetEndpoint struct {
	// Host is matched against the host part in the request URL. Port may be
	// omitted from host if it matches the default port 80 for http or 443 for
	// https. Matching is done using case-insensitive exact match.
	Host string `json:"host"`

	// Protocols are matched against request URL scheme. Accepted values are
	// "http" ,"https" and "*" (for http or https).
	Protocols []string `json:"protocols"`

	// Methods are matched against request http method. Accepted values are
	// "GET", "PUT", "POST", "DELETE", "HEAD", "PATCH", "OPTIONS", "TRACE", "*"
	Methods []string `json:"methods"`

	// Paths are matched against request URL path. Following wildcards can be used:
	//   "*"   matches one path segment
	//   "**"  matches rest of the path
	Paths []string `json:"paths"`

	// AllowUnauthenticated specifies if unauthenticated requests should be allowed.
	AllowUnauthenticated bool `json:"allow_unauthenticated"`

	// NATTargetHost specifies optional api target host address. It is used as
	// the api target host address when forwarding requests to api targets over an extender.
	NATTargetHost string `json:"nat_target_host,omitempty"`
}

ApiTargetEndpoint API endpoint patterns that are matched against request URLs.

type ApiTargetHandle 

type ApiTargetHandle struct {
	ID      string `json:"id"`
	Name    string `json:"name,omitempty"`
	Deleted bool   `json:"deleted,omitempty"`
}

type ApiTargetSearchRequest 

type ApiTargetSearchRequest struct {
	// Keywords is a comma or space limited string of search keywords
	Keywords string `json:"keywords"`

	// Name is the search constraint for api target name
	Name string `json:"name"`

	// AccessGroupID is the search constraint for api target access group
	AccessGroupID string `json:"access_group_id"`

	// Tags is a search constraint for api target tags
	Tags []string `json:"tags"`
}

type ClientCredential 

type ClientCredential struct {
	// ID is the unique UUID for the client_credential.
	ID string `json:"id"`

	// UserID is the ID of the user owning this client credential.
	UserID string `json:"user_id"`

	// Target specifies the api target this client credential is associated to.
	Target ApiTargetHandle `json:"target"`

	// NotBefore specifies the start of the client credential validity period.
	NotBefore string `json:"not_before"`

	// NotAfter specifies the end of the client credential validity period.
	NotAfter string `json:"not_after"`

	// SourceAddress specifies optional IP address and/or CIDRs from which
	// requests using this client credential are allowed.
	SourceAddress []string `json:"source_address"`

	// Enabled specifies whether this client credential is enabled or not. All
	// requests using disabled client credentials are rejected.
	Enabled bool `json:"enabled"`

	// Type is the client credential type. Accepted values are "token",
	// "basicauth" and "certificate"
	Type string `json:"type"`

	// BasicAuthUsername is the username for client credentials of type
	// "basicauth"
	BasicAuthUsername string `json:"basic_auth_username,omitempty"`

	// BasicAuthPassword is the password for client credentials of type
	// "basicauth"
	BasicAuthPassword string `json:"basic_auth_password,omitempty"`

	// BearerToken is the static bearer token for client credentials of type
	// "token"
	BearerToken string `json:"bearer_token,omitempty"`

	// Certificate is the certificate for client credentials of type
	// "certificate"
	Certificate string `json:"certificate,omitempty"`

	// PrivateKey is the private key for client credentials of type
	// "certificate"
	PrivateKey string `json:"private_key,omitempty"`

	// Name is a human readable name for the client credential
	Name string `json:"name"`

	// Comment is an optional human readable comment
	Comment string `json:"comment,omitempty"`

	// LastUsed is the approximate timestamp of when client credential was last
	// used
	LastUsed string `json:"last_used,omitempty"`

	Created   string `json:"created"`
	Author    string `json:"author"`
	Updated   string `json:"updated,omitempty"`
	UpdatedBy string `json:"updated_by,omitempty"`
}

ClientCredential object

type RoleHandle 

type RoleHandle struct {
	ID      string `json:"id"`
	Name    string `json:"name,omitempty"`
	Deleted bool   `json:"deleted,omitempty"`
}

type TargetCredential 

type TargetCredential struct {
	// Type is the api target credential type. Accepted values are "basicauth" and "token".
	Type string `json:"type"`

	// BasicAuthUsername is the username for credentials of type "basicauth"
	BasicAuthUsername string `json:"basic_auth_username,omitempty"`

	// BasicAuthPassword is the password for credentials of type "basicauth"
	BasicAuthPassword string `json:"basic_auth_password,omitempty"`

	// BearerToken is the static bearer token for credentials of type "token"
	BearerToken string `json:"bearer_token,omitempty"`

	// Certificate is the certificate for api target of type "certificate"
	Certificate string `json:"certificate,omitempty"`

	// PrivateKey is the private key for api target of type "certificate"
	PrivateKey string `json:"private_key,omitempty"`
}

TargetCredential object contains the credentials for authenticating to the api target.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.