ims

package
v0.24.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 17, 2026 License: Apache-2.0 Imports: 13 Imported by: 6

Documentation

Overview

Package ims provides an HTTP client for the Adobe Identity Management System (IMS) API. It supports token exchange, validation, invalidation, refresh, JWT exchange, profile retrieval, and authorization URL generation.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthorizeURLConfig 

type AuthorizeURLConfig struct {
	ClientID     string
	GrantType    GrantType
	Scope        []string
	RedirectURI  string
	State        string
	CodeVerifier string
	Resource     []string
}

AuthorizeURLConfig is the configuration for building an authorization URL.

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client is the client for the IMS API.

func NewClient 

func NewClient(cfg *ClientConfig) (*Client, error)

NewClient creates a new Client for the given configuration.

func (*Client) AuthorizeURL 

func (c *Client) AuthorizeURL(cfg *AuthorizeURLConfig) (string, error)

AuthorizeURL builds an authorization URL according to the provided configuration.

func (*Client) ClusterExchange added in v0.10.0 

func (c *Client) ClusterExchange(r *ClusterExchangeRequest) (*ClusterExchangeResponse, error)

ClusterExchange is equivalent to ClusterExchangeWithContext with a background context.

func (*Client) ClusterExchangeWithContext added in v0.10.0 

func (c *Client) ClusterExchangeWithContext(ctx context.Context, r *ClusterExchangeRequest) (*ClusterExchangeResponse, error)

ClusterExchangeWithContext exchanges an access token for another access token in a different IMS organization.

func (*Client) DCR added in v0.22.0 

func (c *Client) DCR(r *DCRRequest) (*DCRResponse, error)

func (*Client) DCRWithContext added in v0.22.0 

func (c *Client) DCRWithContext(ctx context.Context, r *DCRRequest) (*DCRResponse, error)

func (*Client) ExchangeJWT 

func (c *Client) ExchangeJWT(r *ExchangeJWTRequest) (*ExchangeJWTResponse, error)

ExchangeJWT is equivalent to ExchangeJWTWithContext with a background context.

func (*Client) ExchangeJWTWithContext added in v0.10.0 

func (c *Client) ExchangeJWTWithContext(ctx context.Context, r *ExchangeJWTRequest) (*ExchangeJWTResponse, error)

ExchangeJWTWithContext exchanges a JWT token for an access token.

func (*Client) GetAdminOrganizations added in v0.19.0 

func (c *Client) GetAdminOrganizations(r *GetAdminOrganizationsRequest) (*GetAdminOrganizationsResponse, error)

GetAdminOrganizations is equivalent to GetAdminOrganizationsWithContext with a background context.

func (*Client) GetAdminOrganizationsWithContext added in v0.19.0 

func (c *Client) GetAdminOrganizationsWithContext(ctx context.Context, r *GetAdminOrganizationsRequest) (*GetAdminOrganizationsResponse, error)

GetAdminOrganizationsWithContext reads the user organizations associated to a given access token. It returns a non-nil response on success or an error on failure.

func (*Client) GetAdminProfile added in v0.19.0 

func (c *Client) GetAdminProfile(r *GetAdminProfileRequest) (*GetAdminProfileResponse, error)

GetAdminProfile is equivalent to GetAdminProfileWithContext with a background context.

func (*Client) GetAdminProfileWithContext added in v0.19.0 

func (c *Client) GetAdminProfileWithContext(ctx context.Context, r *GetAdminProfileRequest) (*GetAdminProfileResponse, error)

GetAdminProfileWithContext reads the user profile associated to a given access token. It returns a non-nil response on success or an error on failure.

func (*Client) GetOrganizations added in v0.8.0 

func (c *Client) GetOrganizations(r *GetOrganizationsRequest) (*GetOrganizationsResponse, error)

GetOrganizations is equivalent to GetOrganizationsWithContext with a background context.

func (*Client) GetOrganizationsWithContext added in v0.10.0 

func (c *Client) GetOrganizationsWithContext(ctx context.Context, r *GetOrganizationsRequest) (*GetOrganizationsResponse, error)

GetOrganizationsWithContext reads the user organizations associated to a given access token. It returns a non-nil response on success or an error on failure.

func (*Client) GetProfile added in v0.7.0 

func (c *Client) GetProfile(r *GetProfileRequest) (*GetProfileResponse, error)

GetProfile is equivalent to GetProfileWithContext with a background context.

func (*Client) GetProfileWithContext added in v0.10.0 

func (c *Client) GetProfileWithContext(ctx context.Context, r *GetProfileRequest) (*GetProfileResponse, error)

GetProfileWithContext reads the user profile associated to a given access token. It returns a non-nil response on success or an error on failure.

func (*Client) GetUserInfo added in v0.12.0 

func (c *Client) GetUserInfo(r *GetUserInfoRequest) (*GetUserInfoResponse, error)

GetUserInfo is equivalent to GetUserInfoWithContext with a background context.

func (*Client) GetUserInfoWithContext added in v0.12.0 

func (c *Client) GetUserInfoWithContext(ctx context.Context, r *GetUserInfoRequest) (*GetUserInfoResponse, error)

GetUserInfoWithContext reads the user profile associated to a given access token. It returns a non-nil response on success or an error on failure.

func (*Client) InvalidateToken added in v0.11.0 

func (c *Client) InvalidateToken(r *InvalidateTokenRequest) error

InvalidateToken is equivalent to InvalidateTokenWithContext with a background context.

func (*Client) InvalidateTokenWithContext added in v0.11.0 

func (c *Client) InvalidateTokenWithContext(ctx context.Context, r *InvalidateTokenRequest) error

InvalidateTokenWithContext invalidates a token using the IMS API. It returns a non-nil response on success or an error on failure.

func (*Client) OBOExchange added in v0.20.0 

func (c *Client) OBOExchange(r *OBOExchangeRequest) (*OBOExchangeResponse, error)

func (*Client) OBOExchangeWithContext added in v0.20.0 

func (c *Client) OBOExchangeWithContext(ctx context.Context, r *OBOExchangeRequest) (*OBOExchangeResponse, error)

func (*Client) RefreshToken 

func (c *Client) RefreshToken(r *RefreshTokenRequest) (*RefreshTokenResponse, error)

RefreshToken is equivalent to RefreshTokenWithContext with a background context.

func (*Client) RefreshTokenWithContext added in v0.10.0 

func (c *Client) RefreshTokenWithContext(ctx context.Context, r *RefreshTokenRequest) (*RefreshTokenResponse, error)

RefreshTokenWithContext refreshes an access token.

func (*Client) Token 

func (c *Client) Token(r *TokenRequest) (*TokenResponse, error)

Token is equivalent to TokenWithContext with a background context.

func (*Client) TokenWithContext added in v0.10.0 

func (c *Client) TokenWithContext(ctx context.Context, r *TokenRequest) (*TokenResponse, error)

TokenWithContext requests an access token.

func (*Client) ValidateToken added in v0.9.0 

func (c *Client) ValidateToken(r *ValidateTokenRequest) (*ValidateTokenResponse, error)

ValidateToken is equivalent to ValidateTokenWithContext with a background context.

func (*Client) ValidateTokenWithContext added in v0.10.0 

func (c *Client) ValidateTokenWithContext(ctx context.Context, r *ValidateTokenRequest) (*ValidateTokenResponse, error)

ValidateTokenWithContext validates a token using the IMS API. It returns a non-nil response on success or an error on failure.

type ClientConfig 

type ClientConfig struct {
	// URL is the endpoint for the IMS API.
	URL string
	// Client is an HTTP client to use when performing requests. If not
	// provided, the default HTTP client is used.
	Client HTTPClient
}

ClientConfig is the configuration for a Client.

type ClusterExchangeRequest added in v0.10.0 

type ClusterExchangeRequest struct {
	ClientID     string
	ClientSecret string
	Scopes       []string
	UserToken    string
	UserID       string
	OrgID        string
	Resource     []string
}

type ClusterExchangeResponse added in v0.10.0 

type ClusterExchangeResponse struct {
	Response
	AccessToken string
	ExpiresIn   time.Duration
}

ClusterExchangeResponse is the response for ClusterExchange.

type DCRRequest added in v0.22.0 

type DCRRequest struct {
	ClientName   string
	RedirectURIs []string
	Scopes       []string
}

type DCRResponse added in v0.22.0 

type DCRResponse struct {
	Response
}

type Error 

type Error struct {
	Response
	// ErrorCode is an error code associated with the error response.
	ErrorCode string
	// ErrorMessage is a human-readable description of the error.
	ErrorMessage string
}

Error is an error containing information returned by the IMS API.

func IsError 

func IsError(err error) (*Error, bool)

IsError checks if the given error is an IMS error and, if it is, returns an instance of Error.

func (*Error) Error 

func (e *Error) Error() string

type ExchangeJWTRequest 

type ExchangeJWTRequest struct {
	// The private key for signing the JWT token. This field is required.
	PrivateKey []byte
	// The expiration time for the access token. This field is required.
	Expiration time.Time
	// The issuer of the JWT token. It represents the identity of the
	// organization issuing the token. This field is required.
	Issuer string
	// The subject of the JWT token. It represents the identity of the technical
	// account.
	Subject string
	// The client ID.
	ClientID string
	// The client secret.
	ClientSecret string
	// The additional meta-scopes to add to the JWT token.
	//
	// Deprecated: use explicit claims in ExchangeJWTRequest.
	MetaScope []MetaScope
	// Additional claims to add to the JWT token.
	Claims map[string]interface{}
	// Resources provided to be added as access token audiences
	Resources []string
}

ExchangeJWTRequest contains the data for exchanging a JWT token with an access token.

type ExchangeJWTResponse 

type ExchangeJWTResponse struct {
	Response
	// AccessToken is the access token.
	AccessToken string
	// ExpiresIn is the expiration for the token.
	ExpiresIn time.Duration
}

ExchangeJWTResponse contains the response of a successful exchange of a JWT token.

type GetAdminOrganizationsRequest added in v0.19.0 

type GetAdminOrganizationsRequest struct {
	Guid         string
	AuthSrc      string
	ServiceToken string
	ApiVersion   string
	ClientID     string
}

GetAdminOrganizationsRequest is the request for GetOrganizations.

type GetAdminOrganizationsResponse added in v0.19.0 

type GetAdminOrganizationsResponse struct {
	Response
}

GetAdminOrganizationsResponse is the response for GetOrganizations.

type GetAdminProfileRequest added in v0.19.0 

type GetAdminProfileRequest struct {
	Guid         string
	AuthSrc      string
	ServiceToken string
	ApiVersion   string
	ClientID     string
}

GetAdminProfileRequest is the request for GetProfile.

type GetAdminProfileResponse added in v0.19.0 

type GetAdminProfileResponse struct {
	Response
}

GetAdminProfileResponse is the response for GetProfile.

type GetOrganizationsRequest added in v0.8.0 

type GetOrganizationsRequest struct {
	// AccessToken is a valid access token.
	AccessToken string
	ApiVersion  string
}

GetOrganizationsRequest is the request for GetOrganizations.

type GetOrganizationsResponse added in v0.8.0 

type GetOrganizationsResponse struct {
	Response
}

GetOrganizationsResponse is the response for GetOrganizations.

type GetProfileRequest added in v0.7.0 

type GetProfileRequest struct {
	// AccessToken is a valid access token.
	AccessToken string
	ApiVersion  string
}

GetProfileRequest is the request for GetProfile.

type GetProfileResponse added in v0.7.0 

type GetProfileResponse struct {
	Response
}

GetProfileResponse is the response for GetProfile.

type GetUserInfoRequest added in v0.12.0 

type GetUserInfoRequest struct {
	// AccessToken is a valid access token.
	AccessToken string
	ApiVersion  string
}

GetUserInfoRequest is the request for GetUserInfo.

type GetUserInfoResponse added in v0.12.0 

type GetUserInfoResponse struct {
	Response
}

GetUserInfoResponse is the response for GetUserInfo.

type GrantType 

type GrantType int

GrantType is the grant type specified when building an authorization URL. 

const (
	// GrantTypeDefault is the default grant type as specified by IMS.
	GrantTypeDefault GrantType = iota
	// GrantTypeCode is the authorization code grant type.
	GrantTypeCode
	// GrantTypeImplicit is the implicit grant type.
	GrantTypeImplicit
	// GrantTypeDevice is the device token grant type.
	GrantTypeDevice
)

type HTTPClient added in v0.12.1 

type HTTPClient interface {
	Do(r *http.Request) (*http.Response, error)
}

HTTPClient is an interface for performing HTTP requests. It allows custom HTTP clients to be used instead of the default http.Client.

type InvalidateTokenRequest added in v0.11.0 

type InvalidateTokenRequest struct {
	Token        string
	Type         TokenType
	ClientID     string
	Cascading    bool
	ClientSecret string
}

InvalidateTokenRequest is the request to InvalidateToken.

type MetaScope deprecated 

type MetaScope int

MetaScope is a meta-scope that can be optionally added to a JWT token.

Deprecated: use explicit claims in ExchangeJWTRequest. 

const (
	// MetaScopeCloudManager is the meta-scope for Cloud Manager.
	//
	// Deprecated: use explicit claims in ExchangeJWTRequest.
	MetaScopeCloudManager MetaScope = iota
	// MetaScopeAdobeIO is the meta-scope for Adobe IO.
	//
	// Deprecated: use explicit claims in ExchangeJWTRequest.
	MetaScopeAdobeIO
	// MetaScopeAnalyticsBulkIngest is the meta-scope for Analytics Bulk Ingest.
	//
	// Deprecated: use explicit claims in ExchangeJWTRequest.
	MetaScopeAnalyticsBulkIngest
)

type OBOExchangeRequest added in v0.20.0 

type OBOExchangeRequest struct {
	ClientID     string
	ClientSecret string
	SubjectToken string
	Scopes       []string
	Resource     []string
}

type OBOExchangeResponse added in v0.20.0 

type OBOExchangeResponse struct {
	Response
	AccessToken string
	ExpiresIn   time.Duration
}

type RefreshTokenRequest 

type RefreshTokenRequest struct {
	// RefreshToken is the refresh token obtained during the first request for
	// an access token. This field is required.
	RefreshToken string
	// ClientID is the client ID. This field is required.
	ClientID string
	// ClientSecret is the client secret. This field is required.
	ClientSecret string
	// Scope is the scope list in the refresh token. This field is optional. If
	// provided, it must be a subset of the scopes in the request token.
	Scope []string
}

RefreshTokenRequest is the request for refreshing an access token.

type RefreshTokenResponse 

type RefreshTokenResponse struct {
	Response
	// AccessToken is the new access token.
	AccessToken string
	// RefreshToken is a new refresh token.
	RefreshToken string
	// ExpiresIn is the expiration time for the access token.
	ExpiresIn time.Duration
}

RefreshTokenResponse is the response of an access token refresh.

type Response added in v0.10.0 

type Response struct {
	// The status code of the HTTP response.
	StatusCode int
	// The raw body of the HTTP response.
	Body []byte
	// The value of the X-Debug-Id header.
	XDebugID   string
	RetryAfter string
}

Response contains information about the HTTP response and is embedded in every other response struct.

type TokenRequest 

type TokenRequest struct {
	// GrantType is the type of credentials to request.
	// If not set, authorization_code will be used
	GrantType string
	// Code is the authorization code obtained via the authorization workflow.
	// This field is required (except for GrantType=client_credentials).
	Code string
	// ClientID is the client ID. This field is required.
	ClientID string
	// ClientSecret is the client secret. This field is required.
	ClientSecret string
	// Scope is the scope of list for the access token. This field is optional.
	// If not provided, the scopes will be bound to the ones requested during
	// the authorization workflow.
	Scope []string
	// CodeVerifier to be sent if PKCE is used
	CodeVerifier string
	// The client credentials flow needs the IMS Org ID when the IMS Client is not owned by one IMS Org
	OrgID string
	// Resources provided to be added as access token audiences
	Resource []string
}

TokenRequest is the request for obtaining an access token.

type TokenResponse 

type TokenResponse struct {
	Response
	// AccessToken is the access token.
	AccessToken string
	// RefreshToken is the refresh token.
	RefreshToken string
	// ExpiresIn is the expiration time of the access token.
	ExpiresIn time.Duration
	// User id received from IMS token
	UserID string
}

TokenResponse is the response returned after an access token request.

type TokenType added in v0.9.0 

type TokenType string
const (
	AccessToken       TokenType = "access_token"
	RefreshToken      TokenType = "refresh_token"
	ServiceToken      TokenType = "service_token"
	DeviceToken       TokenType = "device_token"
	AuthorizationCode TokenType = "authorization_code"
)

type ValidateTokenRequest added in v0.9.0 

type ValidateTokenRequest struct {
	// AccessToken is a valid access token.
	Token    string
	Type     TokenType
	ClientID string
}

ValidateTokenRequest is the request to ValidateToken.

type ValidateTokenResponse added in v0.9.0 

type ValidateTokenResponse struct {
	Response
	Valid bool
}

ValidateTokenResponse is the response to the ValidateToken request .

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.