client

package
v0.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 7, 2025 License: Apache-2.0 Imports: 37 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AlreadyExistsError added in v0.5.0 

type AlreadyExistsError struct {
	// contains filtered or unexported fields
}

func (*AlreadyExistsError) Error added in v0.5.0 

func (e *AlreadyExistsError) Error() string

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func New 

func New(ctx context.Context, db *db.DB, storageClient kclient.Client, encryptionConfig *encryptionconfig.EncryptionConfiguration, ownerEmails, adminEmails []string, auditLogPersistenceInterval time.Duration, auditLogBatchSize int) *Client

func (*Client) ActiveUsersByDate added in v0.7.1 

func (c *Client) ActiveUsersByDate(ctx context.Context, start, end time.Time) ([]types.User, error)

func (*Client) ActivitiesByUser added in v0.7.1 

func (c *Client) ActivitiesByUser(ctx context.Context, userID string, start, end time.Time) ([]types.APIActivity, error)

func (*Client) AddActivityForToday added in v0.7.1 

func (c *Client) AddActivityForToday(ctx context.Context, userID string) error

func (*Client) ClearTempUserCache added in v0.13.0 

func (c *Client) ClearTempUserCache(ctx context.Context) error

ClearTempUserCache removes all cached temporary users from the database.

func (*Client) Close 

func (c *Client) Close() error

func (*Client) CreateImage added in v0.7.0 

func (c *Client) CreateImage(ctx context.Context, data []byte, mimeType string) (*types.Image, error)

CreateImage stores a new image in the database

func (*Client) CreateRunState added in v0.7.0 

func (c *Client) CreateRunState(ctx context.Context, runState *types.RunState) error

func (*Client) CreateTokenRequest added in v0.13.0 

func (c *Client) CreateTokenRequest(ctx context.Context, tr *types.TokenRequest) error

CreateTokenRequest creates a new token request in the database.

func (*Client) DeleteImage added in v0.7.0 

func (c *Client) DeleteImage(ctx context.Context, id string) error

DeleteImage removes an image from the database

func (*Client) DeleteMCPOAuthToken added in v0.8.0 

func (c *Client) DeleteMCPOAuthToken(ctx context.Context, userID, mcpID string) error

func (*Client) DeleteMCPOAuthTokenForAllUsers added in v0.8.0 

func (c *Client) DeleteMCPOAuthTokenForAllUsers(ctx context.Context, mcpID string) error

func (*Client) DeleteRunState added in v0.7.0 

func (c *Client) DeleteRunState(ctx context.Context, namespace, name string) error

func (*Client) DeleteSessionCookie added in v0.10.0 

func (c *Client) DeleteSessionCookie(ctx context.Context, hashedSessionID string, authProviderNamespace string, authProviderName string) error

DeleteSessionCookie deletes a session cookie by hashed session ID along with any dangling refresh tokens.

func (*Client) DeleteSessionsForUser added in v0.8.0 

func (c *Client) DeleteSessionsForUser(ctx context.Context, storageClient kclient.Client, identities []types.Identity, sessionID string) error

func (*Client) DeleteUser added in v0.5.0 

func (c *Client) DeleteUser(ctx context.Context, userID string) (*types.User, error)

func (*Client) EncryptIdentities added in v0.8.0 

func (c *Client) EncryptIdentities(ctx context.Context, force bool) error

EncryptIdentities will pull all identities out of the database and ensure they are encrypted.

func (*Client) EncryptUsers added in v0.13.0 

func (c *Client) EncryptUsers(ctx context.Context, force bool) error

EncryptUsers will pull all users out of the database and ensure they are encrypted.

func (*Client) EnsureIdentity 

func (c *Client) EnsureIdentity(ctx context.Context, id *types.Identity, timezone string) (*types.User, error)

EnsureIdentity ensures that the given identity exists in the database, and returns the user associated with it.

func (*Client) EnsureIdentityWithRole added in v0.5.0 

func (c *Client) EnsureIdentityWithRole(ctx context.Context, id *types.Identity, timezone string, role types2.Role) (*types.User, error)

EnsureIdentityWithRole ensures the given identity exists in the database with the at least the given role, and returns the user associated with it. If the user already exists with a superset of the given role, it will not be updated.

func (*Client) EnsureSessionCookie added in v0.10.0 

func (c *Client) EnsureSessionCookie(ctx context.Context, sessionCookie types.SessionCookie) error

EnsureSessionCookie creates a new session cookie when one doesn't exist.

func (*Client) FindIdentitiesForUser added in v0.8.0 

func (c *Client) FindIdentitiesForUser(ctx context.Context, userID uint) ([]types.Identity, error)

FindIdentitiesForUser finds all identities for the given user.

func (*Client) GetAuditLogFilterOptions added in v0.8.0 

func (c *Client) GetAuditLogFilterOptions(ctx context.Context, option string, opts MCPAuditLogOptions, exclude ...any) ([]string, error)

func (*Client) GetExplicitRoleEmails added in v0.13.0 

func (c *Client) GetExplicitRoleEmails() map[string]types2.Role

GetExplicitRoleEmails returns a copy of all emails with explicit roles. Used by setup endpoints to list Owner and Admin emails.

func (*Client) GetImage added in v0.7.0 

func (c *Client) GetImage(ctx context.Context, id string) (*types.Image, error)

GetImage retrieves an image by its ID

func (*Client) GetMCPAuditLogs added in v0.8.0 

func (c *Client) GetMCPAuditLogs(ctx context.Context, opts MCPAuditLogOptions) ([]types.MCPAuditLog, int64, error)

GetMCPAuditLogs retrieves MCP audit logs with optional filters

func (*Client) GetMCPOAuthToken added in v0.8.0 

func (c *Client) GetMCPOAuthToken(ctx context.Context, userID, mcpID string) (*types.MCPOAuthToken, error)

func (*Client) GetMCPOAuthTokenByState added in v0.8.0 

func (c *Client) GetMCPOAuthTokenByState(ctx context.Context, state string) (*types.MCPOAuthToken, error)

func (*Client) GetMCPUsageStats added in v0.8.0 

func (c *Client) GetMCPUsageStats(ctx context.Context, opts MCPUsageStatsOptions) (types.MCPUsageStatsList, error)

GetMCPUsageStats retrieves usage statistics for MCP servers

func (*Client) GetProperty added in v0.13.0 

func (c *Client) GetProperty(ctx context.Context, key string) (types.Property, error)

func (*Client) GetSessionCookie added in v0.10.0 

func (c *Client) GetSessionCookie(ctx context.Context, hashedSessionID string, authProviderNamespace string, authProviderName string) (*types.SessionCookie, error)

GetSessionCookie finds a session cookie by hashed session ID.

func (*Client) GetTempUserCache added in v0.13.0 

func (c *Client) GetTempUserCache(ctx context.Context) *types.TempSetupUser

GetTempUserCache retrieves the cached temporary user, if one exists. Returns nil if no user is cached.

func (*Client) GetVirusScannerConfig added in v0.8.0 

func (c *Client) GetVirusScannerConfig(ctx context.Context) (*types.FileScannerConfig, error)

func (*Client) HasExplicitRole added in v0.12.0 

func (c *Client) HasExplicitRole(email string) types2.Role

func (*Client) InsertTokenUsage added in v0.8.0 

func (c *Client) InsertTokenUsage(ctx context.Context, activity *types.RunTokenActivity) error

func (*Client) ListAuthGroups added in v0.9.0 

func (c *Client) ListAuthGroups(ctx context.Context, authProviderURL, authProviderNamespace, authProviderName, nameFilter string) ([]types.Group, error)

ListAuthGroups lists the auth provider groups for the given auth provider.

It supports fuzzy finding group names using on the given nameFilter. It queries the auth provider for "live" group search from the auth provider, then combines the results with cached groups from the database. This allows admins to discover groups that authenticated users belong to for auth providers limited group search capabilities; e.g. there's not an effective way to perform a fuzzy search for GitHub teams or orgs by name.

func (*Client) ListGroupIDsForUser added in v0.9.0 

func (c *Client) ListGroupIDsForUser(ctx context.Context, userID uint) ([]string, error)

ListGroupIDsForUser lists the group IDs that the given user is a member of. This can include groups from multiple auth providers.

func (*Client) LogMCPAuditEntry added in v0.10.0 

func (c *Client) LogMCPAuditEntry(entry types.MCPAuditLog)

func (*Client) NewAuthToken added in v0.8.0 

func (c *Client) NewAuthToken(
	ctx context.Context,
	authProviderNamespace,
	authProviderName string,
	authProviderUserID string,
	userID uint,
	tr *types.TokenRequest,
) (*types.AuthToken, error)

func (*Client) RemainingTokenUsageForUser added in v0.8.0 

func (c *Client) RemainingTokenUsageForUser(ctx context.Context, userID string, period time.Duration, promptTokenLimit, completionTokenLimit int) (*types.RemainingTokenUsage, error)

func (*Client) RemoveIdentity added in v0.5.0 

func (c *Client) RemoveIdentity(ctx context.Context, id *types.Identity) error

RemoveIdentity deletes an identity from the database. The identity is deleted using UserID if set, otherwise ProviderUsername. The method is idempotent and ignores not-found errors, returning only unexpected errors.

func (*Client) RemoveIdentityAndUser added in v0.9.0 

func (c *Client) RemoveIdentityAndUser(ctx context.Context, id *types.Identity) error

RemoveIdentityAndUser deletes an identity and the associated user from the database. The identity and user are deleted using UserID if set, otherwise ProviderUsername. The method is idempotent and ignores not-found errors, returning only unexpected errors.

func (*Client) ReplaceMCPOAuthToken added in v0.8.0 

func (c *Client) ReplaceMCPOAuthToken(ctx context.Context, userID, mcpID, oauthAuthRequestID, state, verifier string, oauthConf *oauth2.Config, token *oauth2.Token) error

func (*Client) RunState added in v0.7.0 

func (c *Client) RunState(ctx context.Context, namespace, name string) (*types.RunState, error)

func (*Client) SetProperty added in v0.13.0 

func (c *Client) SetProperty(ctx context.Context, key, value string) (types.Property, error)

func (*Client) SetTempUserCache added in v0.13.0 

func (c *Client) SetTempUserCache(ctx context.Context, user *types.User, authProviderName, authProviderNamespace string) error

SetTempUserCache stores a temporary user in the database for the bootstrap setup flow. Returns an error if a user is already cached.

func (*Client) TokenUsageByUser added in v0.8.0 

func (c *Client) TokenUsageByUser(ctx context.Context, start, end time.Time, includePersonalTokenUsage bool) ([]types.RunTokenActivity, error)

func (*Client) TokenUsageForUser added in v0.8.0 

func (c *Client) TokenUsageForUser(ctx context.Context, userID string, start, end time.Time) ([]types.RunTokenActivity, error)

func (*Client) TotalTokenUsageForUser added in v0.8.0 

func (c *Client) TotalTokenUsageForUser(ctx context.Context, userID string, start, end time.Time, includePersonalTokenUsage bool) (types.RunTokenActivity, error)

func (*Client) UpdateProfileIfNeeded added in v0.8.0 

func (c *Client) UpdateProfileIfNeeded(ctx context.Context, user *types.User, authProviderName, authProviderNamespace, authProviderURL string) error

func (*Client) UpdateRunState added in v0.7.0 

func (c *Client) UpdateRunState(ctx context.Context, runState *types.RunState) error

func (*Client) UpdateUser added in v0.5.0 

func (c *Client) UpdateUser(ctx context.Context, actingUserCanChangeRole bool, updatedUser *types.User, userID string) (*types.User, error)

func (*Client) UpdateUserInternalStatus added in v0.8.0 

func (c *Client) UpdateUserInternalStatus(ctx context.Context, userID string, internal bool) error

func (*Client) UpdateVirusScannerConfig added in v0.8.0 

func (c *Client) UpdateVirusScannerConfig(ctx context.Context, config *types.FileScannerConfig) error

func (*Client) User 

func (c *Client) User(ctx context.Context, username string) (*types.User, error)

func (*Client) UserByID 

func (c *Client) UserByID(ctx context.Context, id string) (*types.User, error)

func (*Client) UserByIDIncludeDeleted added in v0.9.0 

func (c *Client) UserByIDIncludeDeleted(ctx context.Context, id string) (*types.User, error)

UserByIDIncludeDeleted returns a user by ID including soft-deleted users (for audit purposes)

func (*Client) UserFromToken added in v0.8.0 

func (c *Client) UserFromToken(ctx context.Context, token string) (*types.User, string, string, string, string, []string, error)

func (*Client) Users added in v0.5.0 

func (c *Client) Users(ctx context.Context, query types.UserQuery) ([]types.User, error)

func (*Client) UsersIncludeDeleted added in v0.9.0 

func (c *Client) UsersIncludeDeleted(ctx context.Context, query types.UserQuery) ([]types.User, error)

UsersIncludeDeleted returns all users including soft-deleted ones (for audit purposes)

type ExplicitRoleError added in v0.12.0 

type ExplicitRoleError struct {
	// contains filtered or unexported fields
}

func (*ExplicitRoleError) Error added in v0.12.0 

func (e *ExplicitRoleError) Error() string

type LastAdminError added in v0.5.0 

type LastAdminError struct{}

func (*LastAdminError) Error added in v0.5.0 

func (e *LastAdminError) Error() string

type LastOwnerError added in v0.13.0 

type LastOwnerError struct{}

func (*LastOwnerError) Error added in v0.13.0 

func (e *LastOwnerError) Error() string

type LogoutAllErr added in v0.8.0 

type LogoutAllErr struct{}

func (LogoutAllErr) Error added in v0.8.0 

func (e LogoutAllErr) Error() string

type MCPAuditLogOptions added in v0.8.0 

type MCPAuditLogOptions struct {
	WithRequestAndResponse    bool
	PowerUserWorkspaceID      []string // Support filtering by workspace ID(s)
	UserID                    []string
	MCPID                     []string
	MCPServerDisplayName      []string
	MCPServerCatalogEntryName []string
	CallType                  []string
	CallIdentifier            []string
	SessionID                 []string
	ClientName                []string
	ClientVersion             []string
	ResponseStatus            []string
	ClientIP                  []string
	ProcessingTimeMin         int64
	ProcessingTimeMax         int64
	Query                     string // Search term for text search across multiple fields
	StartTime                 time.Time
	EndTime                   time.Time
	Limit                     int
	Offset                    int
	SortBy                    string // Field to sort by (e.g., "created_at", "user_id", "call_type")
	SortOrder                 string // Sort order: "asc" or "desc"
}

MCPAuditLogOptions represents options for querying MCP audit logs

type MCPUsageStatsOptions added in v0.8.0 

type MCPUsageStatsOptions struct {
	MCPID                      string
	PowerUserWorkspaceID       []string // Workspace filtering support (same as audit logs)
	UserIDs                    []string
	MCPServerDisplayNames      []string
	MCPServerCatalogEntryNames []string
	StartTime                  time.Time
	EndTime                    time.Time
}

MCPUsageStatsOptions represents options for querying MCP usage statistics

type UserDecorator 

type UserDecorator struct {
	// contains filtered or unexported fields
}

func NewUserDecorator 

func NewUserDecorator(next authenticator.Request, client *Client) *UserDecorator

func (UserDecorator) AuthenticateRequest 

func (u UserDecorator) AuthenticateRequest(req *http.Request) (*authenticator.Response, bool, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.