api

package
v0.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 19, 2023 License: MIT Imports: 5 Imported by: 4

Documentation

Index

Constants

View Source 
const (
	ErrorStrInvalidRequest       = "invalid_request"
	ErrorStrInvalidClient        = "invalid_client"
	ErrorStrInvalidGrant         = "invalid_grant"
	ErrorStrUnauthorizedClient   = "unauthorized_client"
	ErrorStrUnsupportedGrantType = "unsupported_grant_type"
	ErrorStrInvalidScope         = "invalid_scope"
	ErrorStrInvalidToken         = "invalid_token"
	ErrorStrInsufficientScope    = "insufficient_scope"
	ErrorStrExpiredToken         = "expired_token"
	ErrorStrAccessDenied         = "access_denied"
	ErrorStrAuthorizationPending = "authorization_pending"
)

Predefined OAuth2/OIDC errors

View Source 
const (
	ErrorStrInternal                 = "internal_server_error"
	ErrorStrOIDC                     = "oidc_error"
	ErrorStrNYI                      = "not_yet_implemented"
	ErrorStrInsufficientCapabilities = "insufficient_capabilities"
	ErrorStrUsageRestricted          = "usage_restricted"
)

Additional Mytoken errors

View Source 
const (
	ClientTypeWeb    = "web"
	ClientTypeNative = "native"
)

Client types

View Source 
const (
	GrantTypeMytoken      = "mytoken"
	GrantTypeOIDCFlow     = "oidc_flow"
	GrantTypePollingCode  = "polling_code"
	GrantTypeTransferCode = "transfer_code"
	GrantTypeSSH          = "ssh"
)

GrantTypes

View Source 
const (
	ResponseTypeToken        = "token"
	ResponseTypeShortToken   = "short_token"
	ResponseTypeTransferCode = "transfer_code"
)

ResponseTypes

View Source 
const (
	RestrictionClaimNotBefore     = "nbf"
	RestrictionClaimExpiresAt     = "exp"
	RestrictionClaimScope         = "scope"
	RestrictionClaimAudiences     = "audience"
	RestrictionClaimHosts         = "hosts"
	RestrictionClaimGeoIPAllow    = "geoip_allow"
	RestrictionClaimGeoIPDisallow = "geoip_disallow"
	RestrictionClaimUsagesAT      = "usages_AT"
	RestrictionClaimUsagesOther   = "usages_other"
)

RestrictionClaims

View Source 
const (
	SSHMimetypeJson       = "application/json"
	SSHMimetypeJsonBase64 = "application/json;base64"
)

ssh payload mimetypes

View Source 
const (
	SSHRequestMytoken               = "MT"
	SSHRequestAccessToken           = "AT"
	SSHRequestTokenInfoIntrospect   = "introspect"
	SSHRequestTokenInfoHistory      = "history"
	SSHRequestTokenInfoSubtokens    = "list-subtokens"
	SSHRequestTokenInfoListMytokens = "list-all-mytokens"
)

ssh request types

View Source 
const (
	TokeninfoActionIntrospect   = "introspect"
	TokeninfoActionEventHistory = "event_history"
	TokeninfoActionSubtokens    = "subtokens"
	TokeninfoActionListMytokens = "list_mytokens"
)

TokeninfoActions

View Source 
const (
	MOMIDValueThis     = "this"
	MOMIDValueChildren = "children"
)
View Source 
const CapabilityReadOnlyPrefix = "read@"
View Source 
const MinShortTokenLen = 32

MinShortTokenLen is the minimum length of a short token

View Source 
const (
	OIDCFlowAuthorizationCode = "authorization_code"
)

OIDCFlows

View Source 
const TokenType = "mytoken"

TokenType is a constant that can be used for identifying mytokens and to distinguish them from OIDC tokens

Variables

View Source 
var (
	ErrorUnknownIssuer            = Error{ErrorStrInvalidRequest, "The provided issuer is not supported"}
	ErrorStateMismatch            = Error{ErrorStrInvalidRequest, "State mismatched"}
	ErrorUnsupportedOIDCFlow      = Error{ErrorStrInvalidGrant, "Unsupported oidc_flow"}
	ErrorUnsupportedGrantType     = Error{ErrorStrInvalidGrant, "Unsupported grant_type"}
	ErrorBadTransferCode          = Error{ErrorStrInvalidToken, "Bad polling or transfer code"}
	ErrorTransferCodeExpired      = Error{ErrorStrExpiredToken, "polling or transfer code is expired"}
	ErrorAuthorizationPending     = Error{ErrorStrAuthorizationPending, ""}
	ErrorConsentDeclined          = Error{ErrorStrAccessDenied, "user declined consent"}
	ErrorNoRefreshToken           = Error{ErrorStrOIDC, "Did not receive a refresh token"}
	ErrorInsufficientCapabilities = Error{ErrorStrInsufficientCapabilities, "The provided token does not have the required capability for this operation"}
	ErrorUsageRestricted          = Error{ErrorStrUsageRestricted, "The restrictions of this token does not allow this usage"}
	ErrorNYI                      = Error{ErrorStrNYI, ""}
)

Predefined errors

View Source 
var (
	CapabilityAT = Capability{
		Name:        "AT",
		Description: "Allows obtaining OpenID Connect Access Tokens.",
	}
	CapabilityCreateMT = Capability{
		Name:        "create_mytoken",
		Description: "Allows to create a new mytoken.",
	}
	CapabilitySettings = Capability{
		Name:        "settings",
		Description: "Allows read/write access to user settings.",
	}
	CapabilitySettingsRead = Capability{
		Name:        CapabilityReadOnlyPrefix + CapabilitySettings.Name,
		Description: "Allows read access to user settings.",
	}
	CapabilityGrants = Capability{
		Name:        CapabilitySettings.Name + ":grants",
		Description: "Allows read/write access to user grants.",
	}
	CapabilityGrantsRead = Capability{
		Name:        CapabilityReadOnlyPrefix + CapabilityGrants.Name,
		Description: "Allows read access to user grants.",
	}
	CapabilitySSHGrant = Capability{
		Name:        CapabilityGrants.Name + ":ssh",
		Description: "Allows read/write access to the ssh grant.",
	}
	CapabilitySSHGrantRead = Capability{
		Name:        CapabilityReadOnlyPrefix + CapabilitySSHGrant.Name,
		Description: "Allows read access to the ssh grant.",
	}
	CapabilityTokeninfo = Capability{
		Name:        "tokeninfo",
		Description: "Allows to obtain all information about this token.",
	}
	CapabilityTokeninfoIntrospect = Capability{
		Name:        subcapabilityName(CapabilityTokeninfo, "introspect"),
		Description: "Allows to obtain basic information about this token.",
	}
	CapabilityTokeninfoHistory = Capability{
		Name:        subcapabilityName(CapabilityTokeninfo, "history"),
		Description: "Allows to obtain the event history for this token and all subtokens.",
	}
	CapabilityTokeninfoSubtokens = Capability{
		Name:        subcapabilityName(CapabilityTokeninfo, "subtokens"),
		Description: "Allows to list a subtoken-tree for this token.",
	}
	CapabilityManageMTs = Capability{
		Name:        "manage_mytokens",
		Description: "Allows to manage (obtain metadata and revoke) all mytoken.",
	}
	CapabilityListMT = Capability{
		Name:        subcapabilityName(CapabilityManageMTs, "list"),
		Description: "Allows to list metadata about all mytokens.",
	}
	CapabilityRevokeAnyToken = Capability{
		Name:        subcapabilityName(CapabilityManageMTs, "revoke"),
		Description: "Allows to revoke any mytoken.",
	}
	CapabilityHistoryAnyToken = Capability{
		Name:        subcapabilityName(CapabilityManageMTs, "history"),
		Description: "Allows to obtain the event history for any token.",
	}
)

Defined Capabilities

View Source 
var AllCapabilities = Capabilities{
	CapabilityAT,
	CapabilityTokeninfo,
	CapabilityTokeninfoIntrospect,
	CapabilityTokeninfoHistory,
	CapabilityTokeninfoSubtokens,
	CapabilityManageMTs,
	CapabilityListMT,
	CapabilityRevokeAnyToken,
	CapabilityHistoryAnyToken,
	CapabilityCreateMT,
	CapabilitySettings,
	CapabilitySettingsRead,
	CapabilityGrants,
	CapabilityGrantsRead,
	CapabilitySSHGrant,
	CapabilitySSHGrantRead,
}

AllCapabilities holds all defined Capabilities

View Source 
var AllGrantTypes = [...]string{GrantTypeMytoken, GrantTypeOIDCFlow, GrantTypePollingCode, GrantTypeTransferCode, GrantTypeSSH}

AllGrantTypes holds all the GrantTypes

View Source 
var AllRestrictionClaims = [...]string{
	RestrictionClaimNotBefore,
	RestrictionClaimExpiresAt,
	RestrictionClaimScope,
	RestrictionClaimAudiences,
	RestrictionClaimHosts,
	RestrictionClaimGeoIPAllow,
	RestrictionClaimGeoIPDisallow,
	RestrictionClaimUsagesAT,
	RestrictionClaimUsagesOther,
}

AllRestrictionClaims holds all the RestrictionClaims

View Source 
var AllTokeninfoActions = [...]string{TokeninfoActionIntrospect, TokeninfoActionEventHistory,
	TokeninfoActionSubtokens, TokeninfoActionListMytokens}

AllTokeninfoActions holds all defined TokenInfo strings

View Source 
var DefaultCapabilities = Capabilities{
	CapabilityAT,
	CapabilityTokeninfo,
}

DefaultCapabilities holds the default Capabilities

View Source 
var TokenVer = TokenVersion{
	Major: 0,
	Minor: 6,
}

TokenVer is the current Mytoken TokenVersion

Functions

This section is empty.

Types

type AccessTokenRequest 

type AccessTokenRequest struct {
	Issuer    string `json:"oidc_issuer,omitempty" form:"issuer" xml:"oidc_issuer"`
	GrantType string `json:"grant_type" form:"grant_type" xml:"grant_type"`
	Mytoken   string `json:"mytoken" form:"mytoken" xml:"mytoken"`
	Scope     string `json:"scope,omitempty" form:"scope" xml:"scope"`
	Audience  string `json:"audience,omitempty" form:"audience" xml:"audience"`
	Comment   string `json:"comment,omitempty" form:"comment" xml:"comment"`
}

AccessTokenRequest holds an request for an access token

type AccessTokenResponse 

type AccessTokenResponse struct {
	AccessToken string           `json:"access_token"`
	TokenType   string           `json:"token_type"`
	ExpiresIn   int64            `json:"expires_in"`
	Scope       string           `json:"scope,omitempty"`
	Audiences   []string         `json:"audience,omitempty"`
	TokenUpdate *MytokenResponse `json:"token_update,omitempty"`
}

AccessTokenResponse is the response to a access token request

type AuthCodeFlowRequest 

type AuthCodeFlowRequest struct {
	OIDCFlowRequest
	ClientType  string `json:"client_type"`
	RedirectURI string `json:"redirect_uri"`
}

AuthCodeFlowRequest holds a authorization code flow request

type AuthCodeFlowResponse 

type AuthCodeFlowResponse struct {
	ConsentURI string `json:"consent_uri"`
	PollingInfo
}

AuthCodeFlowResponse is the response to an authorization code flow request

type Capabilities 

type Capabilities []Capability

Capabilities is a slice of Capability

func NewCapabilities 

func NewCapabilities(caps []string) (c Capabilities)

NewCapabilities casts a []string into Capabilities

func TightenCapabilities 

func TightenCapabilities(a, b Capabilities) (res Capabilities)

TightenCapabilities tightens two set of Capabilities into one new

func (Capabilities) Has 

func (c Capabilities) Has(a Capability) bool

Has checks if Capabilities slice contains the passed Capability

func (*Capabilities) Scan 

func (c *Capabilities) Scan(src interface{}) error

Scan implements the sql.Scanner interface.

func (Capabilities) Strings 

func (c Capabilities) Strings() (s []string)

Strings returns a slice of strings for these capabilities

func (Capabilities) Value 

func (c Capabilities) Value() (driver.Value, error)

Value implements the driver.Valuer interface

type Capability 

type Capability struct {
	Name        string
	Description string
}

Capability is a capability string

func NewCapability 

func NewCapability(name string) Capability

NewCapability casts a string into a Capability

func (Capability) MarshalJSON 

func (c Capability) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface

func (*Capability) UnmarshalJSON 

func (c *Capability) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface

type ClientMetaData 

type ClientMetaData struct {
	IP        string `db:"ip" json:"ip,omitempty"`
	UserAgent string `db:"user_agent" json:"user_agent,omitempty"`
}

ClientMetaData hold information about the calling client

type CreateTransferCodeRequest 

type CreateTransferCodeRequest struct {
	Mytoken string `json:"mytoken"`
}

CreateTransferCodeRequest is a request to create a new transfer code from an existing mytoken

type Error 

type Error struct {
	Error            string `json:"error"`
	ErrorDescription string `json:"error_description,omitempty"`
}

Error is an error object that is returned on the api when an error occurs

func (Error) CombinedMessage 

func (e Error) CombinedMessage() string

CombinedMessage returns an error string that combines the error with the error description

type EventEntry 

type EventEntry struct {
	Event          string `db:"event" json:"event"`
	Time           int64  `db:"time" json:"time"`
	Comment        string `db:"comment" json:"comment,omitempty"`
	ClientMetaData `json:",inline"`
	MOMID          string `json:"mom_id,omitempty"`
}

EventEntry is a type holding information about an event

type EventHistory 

type EventHistory struct {
	Events []EventEntry `json:"events"`
}

EventHistory is a slice of EventEntry

type ExchangeTransferCodeRequest 

type ExchangeTransferCodeRequest struct {
	GrantType    string `json:"grant_type"`
	TransferCode string `json:"transfer_code"`
}

ExchangeTransferCodeRequest is a request to exchange a transfer code for the mytoken

type GeneralMytokenRequest 

type GeneralMytokenRequest struct {
	Issuer           string           `json:"oidc_issuer,omitempty"`
	GrantType        string           `json:"grant_type,omitempty"`
	Restrictions     Restrictions     `json:"restrictions,omitempty"`
	Capabilities     Capabilities     `json:"capabilities,omitempty"`
	Name             string           `json:"name,omitempty"`
	ResponseType     string           `json:"response_type,omitempty"`
	MaxTokenLen      int              `json:"max_token_len,omitempty"`
	Rotation         *Rotation        `json:"rotation,omitempty"`
	ApplicationName  string           `json:"application_name,omitempty"`
	IncludedProfiles IncludedProfiles `json:"include,omitempty"`
}

GeneralMytokenRequest is a type that holds all the information that all mytoken requests have in common. It should not be used directly as a request object

type GrantTypeInfo 

type GrantTypeInfo struct {
	GrantType string `json:"grant_type"`
	Enabled   bool   `json:"enabled"`
}

GrantTypeInfo is a struct holding information indicating if a grant type is enabled or not

type GrantTypeInfoResponse 

type GrantTypeInfoResponse struct {
	GrantTypes  []GrantTypeInfo  `json:"grant_types"`
	TokenUpdate *MytokenResponse `json:"token_update,omitempty"`
}

type GrantTypeRequest 

type GrantTypeRequest struct {
	GrantType string `json:"grant_type" form:"grant_type" xml:"grant_type"`
	Mytoken   string `json:"mytoken" form:"mytoken" xml:"mytoken"`
}

GrantTypeRequest is a request object for grant type requests at the grant type settings endpoint. The same GrantTypeRequest struct is used for Enable and Disable requests

type IncludedProfiles added in v0.10.0 

type IncludedProfiles []string

func NewIncludedProfiles added in v0.10.0 

func NewIncludedProfiles(profiles ...string) IncludedProfiles

NewIncludedProfiles creates a new IncludedProfiles var from the past profile names

func (IncludedProfiles) MarshalJSON added in v0.10.0 

func (i IncludedProfiles) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface

func (*IncludedProfiles) UnmarshalJSON added in v0.10.0 

func (i *IncludedProfiles) UnmarshalJSON(bytes []byte) error

UnmarshalJSON implements the json.Unmarshaler interface

type Mytoken 

type Mytoken struct {
	Version      TokenVersion `json:"ver"`
	TokenType    string       `json:"token_type"`
	Issuer       string       `json:"iss"`
	Subject      string       `json:"sub"`
	ExpiresAt    int64        `json:"exp,omitempty"`
	NotBefore    int64        `json:"nbf"`
	IssuedAt     int64        `json:"iat"`
	AuthTime     int64        `json:"auth_time"`
	ID           string       `json:"jti"`
	SeqNo        uint64       `json:"seq_no"`
	Name         string       `json:"name,omitempty"`
	Audience     string       `json:"aud"`
	OIDCSubject  string       `json:"oidc_sub"`
	OIDCIssuer   string       `json:"oidc_iss"`
	Restrictions Restrictions `json:"restrictions,omitempty"`
	Capabilities Capabilities `json:"capabilities"`
	Rotation     *Rotation    `json:"rotation,omitempty"`
}

Mytoken is a mytoken Mytoken

type MytokenConfiguration 

type MytokenConfiguration struct {
	Issuer                                 string                    `json:"issuer"`
	AccessTokenEndpoint                    string                    `json:"access_token_endpoint"`
	MytokenEndpoint                        string                    `json:"mytoken_endpoint"`
	TokeninfoEndpoint                      string                    `json:"tokeninfo_endpoint,omitempty"`
	RevocationEndpoint                     string                    `json:"revocation_endpoint,omitempty"`
	UserSettingsEndpoint                   string                    `json:"usersettings_endpoint"`
	TokenTransferEndpoint                  string                    `json:"token_transfer_endpoint,omitempty"`
	ProfilesEndpoint                       string                    `json:"profiles_endpoint,omitempty"`
	JWKSURI                                string                    `json:"jwks_uri"`
	SSHKeys                                []SSHKeyMetadata          `json:"ssh_keys,omitempty"`
	ProvidersSupported                     []SupportedProviderConfig `json:"providers_supported"`
	TokenSigningAlgValue                   string                    `json:"token_signing_alg_value"`
	TokenInfoEndpointActionsSupported      []string                  `json:"tokeninfo_endpoint_actions_supported,omitempty"`
	AccessTokenEndpointGrantTypesSupported []string                  `json:"access_token_endpoint_grant_types_supported"`
	MytokenEndpointGrantTypesSupported     []string                  `json:"mytoken_endpoint_grant_types_supported"`
	MytokenEndpointOIDCFlowsSupported      []string                  `json:"mytoken_endpoint_oidc_flows_supported"`
	ResponseTypesSupported                 []string                  `json:"response_types_supported"`
	ServiceDocumentation                   string                    `json:"service_documentation,omitempty"`
	RestrictionClaimsSupported             []string                  `json:"restriction_claims_supported"`
	Version                                string                    `json:"version,omitempty"`
}

MytokenConfiguration holds information about a mytoken instance

type MytokenEntry 

type MytokenEntry struct {
	// The "Manage-Other-Mytokens-ID (MOMID) is used in requests to manage other mytokens than the one used for
	// authorization
	MOMID          string `json:"mom_id"`
	Name           string `json:"name,omitempty"`
	CreatedAt      int64  `json:"created"`
	ExpiresAt      int64  `json:"expires_at,omitempty"`
	ClientMetaData `json:",inline"`
}

MytokenEntry holds the information of a MytokenEntry as stored in the database

type MytokenEntryTree 

type MytokenEntryTree struct {
	Token    MytokenEntry       `json:"token"`
	Children []MytokenEntryTree `json:"children,omitempty"`
}

MytokenEntryTree is a tree of MytokenEntry

type MytokenFromMytokenRequest 

type MytokenFromMytokenRequest struct {
	GeneralMytokenRequest
	Mytoken                      string `json:"mytoken"`
	FailOnRestrictionsNotTighter bool   `json:"error_on_restrictions,omitempty"`
}

MytokenFromMytokenRequest is a request to create a new Mytoken from an existing Mytoken

type MytokenResponse 

type MytokenResponse struct {
	Mytoken      string           `json:"mytoken,omitempty"`
	MytokenType  string           `json:"mytoken_type"`
	TransferCode string           `json:"transfer_code,omitempty"`
	MOMID        string           `json:"mom_id,omitempty"`
	ExpiresIn    uint64           `json:"expires_in,omitempty"`
	Restrictions Restrictions     `json:"restrictions,omitempty"`
	Capabilities Capabilities     `json:"capabilities,omitempty"`
	Rotation     *Rotation        `json:"rotation,omitempty"`
	TokenUpdate  *MytokenResponse `json:"token_update,omitempty"`
}

MytokenResponse is a response to a mytoken request

type OIDCFlowRequest 

type OIDCFlowRequest struct {
	GeneralMytokenRequest
	OIDCFlow string `json:"oidc_flow"`
}

OIDCFlowRequest holds the request for an OIDC Flow request

type OnlyTokenUpdateResponse 

type OnlyTokenUpdateResponse struct {
	TokenUpdate *MytokenResponse `json:"token_update,omitempty"`
}

OnlyTokenUpdateResponse is a type for responses that do not contain any content except for a ( possibly) updated mytoken

type PollingCodeRequest 

type PollingCodeRequest struct {
	GrantType   string `json:"grant_type"`
	PollingCode string `json:"polling_code"`
}

PollingCodeRequest is a polling code request

type PollingInfo 

type PollingInfo struct {
	PollingCode          string `json:"polling_code,omitempty"`
	PollingCodeExpiresIn int64  `json:"expires_in,omitempty"`
	PollingInterval      int64  `json:"interval,omitempty"`
}

PollingInfo holds all response information about polling codes

type Profile added in v0.10.0 

type Profile struct {
	ID      string          `json:"id"`
	Name    string          `json:"name"`
	Payload json.RawMessage `json:"payload"`
}

type Restriction 

type Restriction struct {
	NotBefore        int64            `json:"nbf,omitempty"`
	ExpiresAt        int64            `json:"exp,omitempty"`
	Scope            string           `json:"scope,omitempty"`
	Audiences        []string         `json:"audience,omitempty"`
	Hosts            []string         `json:"hosts,omitempty"`
	GeoIPAllow       []string         `json:"geoip_allow,omitempty"`
	GeoIPDisallow    []string         `json:"geoip_disallow,omitempty"`
	UsagesAT         *int64           `json:"usages_AT,omitempty"`
	UsagesOther      *int64           `json:"usages_other,omitempty"`
	IncludedProfiles IncludedProfiles `json:"include,omitempty"`
}

Restriction describes a token usage restriction

type Restrictions 

type Restrictions []*Restriction

Restrictions is a slice of Restriction

type RevocationRequest 

type RevocationRequest struct {
	Token      string `json:"token"`
	MOMID      string `json:"mom_id,omitempty"`
	Recursive  bool   `json:"recursive,omitempty"`
	OIDCIssuer string `json:"oidc_issuer,omitempty"`
}

RevocationRequest holds the information for a token revocation request

type Rotation 

type Rotation struct {
	OnAT             bool             `json:"on_AT,omitempty"`
	OnOther          bool             `json:"on_other,omitempty"`
	Lifetime         uint64           `json:"lifetime,omitempty"`
	AutoRevoke       bool             `json:"auto_revoke,omitempty"`
	IncludedProfiles IncludedProfiles `json:"include,omitempty"`
}

Rotation is a type describing how a mytoken might be rotated

func (*Rotation) Scan 

func (r *Rotation) Scan(src interface{}) error

Scan implements the sql.Scanner interface.

func (Rotation) Value 

func (r Rotation) Value() (driver.Value, error)

Value implements the driver.Valuer interface

type SSHInfoResponse 

type SSHInfoResponse struct {
	GrantEnabled bool             `json:"grant_enabled"`
	SSHKeyInfo   []SSHKeyInfo     `json:"ssh_keys"`
	TokenUpdate  *MytokenResponse `json:"token_update,omitempty"`
}

type SSHKeyAddFinalResponse 

type SSHKeyAddFinalResponse struct {
	SSHUser       string `json:"ssh_user"`
	SSHHostConfig string `json:"ssh_host_config,omitempty"`
}

SSHKeyAddFinalResponse is a type for the final response for an SSHKeyAddRequest after the polling was successful

type SSHKeyAddRequest 

type SSHKeyAddRequest struct {
	Mytoken      string       `json:"mytoken" form:"mytoken" xml:"mytoken"`
	SSHKey       string       `json:"ssh_key" form:"ssh_key" xml:"ssh_key"`
	Name         string       `json:"name" form:"name" xml:"name"`
	Restrictions Restrictions `json:"restrictions" form:"restrictions" xml:"restrictions"`
	Capabilities Capabilities `json:"capabilities" form:"capabilities" xml:"capabilities"`
	GrantType    string       `json:"grant_type" form:"grant_type" xml:"grant_type"`
}

type SSHKeyAddResponse 

type SSHKeyAddResponse struct {
	AuthCodeFlowResponse
	TokenUpdate *MytokenResponse `json:"token_update,omitempty"`
}

SSHKeyAddResponse is a type for the (first) response to an SSHKeyAddRequest

type SSHKeyDeleteRequest 

type SSHKeyDeleteRequest struct {
	Mytoken           string `json:"mytoken" form:"mytoken" xml:"mytoken"`
	SSHKey            string `json:"ssh_key" form:"ssh_key" xml:"ssh_key"`
	SSHKeyFingerprint string `json:"ssh_key_fp" form:"ssh_key_fp" xml:"ssh_key_fp"`
}

type SSHKeyInfo 

type SSHKeyInfo struct {
	Name              string `json:"name,omitempty"`
	SSHKey            string `json:"ssh_key,omitempty"`    // One of SSHKey and SSHKeyFingerprint MUST be given
	SSHKeyFingerprint string `json:"ssh_key_fp,omitempty"` // One of SSHKey and SSHKeyFingerprint MUST be given
	Created           int64  `json:"created"`
	LastUsed          *int64 `json:"last_used,omitempty"`
}

type SSHKeyMetadata 

type SSHKeyMetadata struct {
	Type        string `json:"type"`
	Fingerprint string `json:"fingerprint"`
}

SSHKeyMetadata holds information about an ssh key

type SettingsMetaData 

type SettingsMetaData struct {
	GrantTypeEndpoint string `json:"grant_type_endpoint"`
}

type SupportedProviderConfig 

type SupportedProviderConfig struct {
	Issuer          string   `json:"issuer"`
	Name            string   `json:"name,omitempty"`
	ScopesSupported []string `json:"scopes_supported"`
}

SupportedProviderConfig holds information about a provider

type TokenInfoRequest 

type TokenInfoRequest struct {
	Action  string   `json:"action"`
	Mytoken string   `json:"mytoken"`
	MOMIDs  []string `json:"mom_ids,omitempty"`
}

TokenInfoRequest is a type for requests to the tokeninfo endpoint

type TokenVersion 

type TokenVersion struct {
	Major int
	Minor int
}

TokenVersion is a type for the mytoken version

func (TokenVersion) MarshalJSON 

func (v TokenVersion) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface

func (TokenVersion) String 

func (v TokenVersion) String() string

String returns a version string

func (*TokenVersion) UnmarshalJSON 

func (v *TokenVersion) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface

func (TokenVersion) Version 

func (v TokenVersion) Version() string

Version returns a version string

type TokeninfoHistoryResponse 

type TokeninfoHistoryResponse struct {
	EventHistory
	TokenUpdate *MytokenResponse `json:"token_update,omitempty"`
}

TokeninfoHistoryResponse is a type for the response for a history request

type TokeninfoIntrospectResponse 

type TokeninfoIntrospectResponse struct {
	Valid     bool        `json:"valid"`
	TokenType string      `json:"token_type"`
	Token     UsedMytoken `json:"token"`
}

TokeninfoIntrospectResponse is a type for the response for an introspect request

type TokeninfoListResponse 

type TokeninfoListResponse struct {
	Tokens      []MytokenEntryTree `json:"mytokens"`
	TokenUpdate *MytokenResponse   `json:"token_update,omitempty"`
}

TokeninfoListResponse is a type for the response for a list request

type TokeninfoSubtokensResponse 

type TokeninfoSubtokensResponse struct {
	Tokens      MytokenEntryTree `json:"mytokens"`
	TokenUpdate *MytokenResponse `json:"token_update,omitempty"`
}

TokeninfoSubtokensResponse is a type for the response for a tree request

type TransferCodeResponse 

type TransferCodeResponse struct {
	MytokenType  string `json:"mytoken_type"`
	TransferCode string `json:"transfer_code"`
	ExpiresIn    uint64 `json:"expires_in"`
}

TransferCodeResponse is the response to a transfer code request

type UsedMytoken 

type UsedMytoken struct {
	Mytoken      `json:",inline"`
	Restrictions []UsedRestriction `json:"restrictions,omitempty"`
}

UsedMytoken is a type for a Mytoken that has been used, it additionally has information how often it has been used

type UsedRestriction 

type UsedRestriction struct {
	Restriction     `json:",inline"`
	UsagesATDone    *int64 `json:"usages_AT_done,omitempty"`
	UsagesOtherDone *int64 `json:"usages_other_done,omitempty"`
}

UsedRestriction is a type for a restriction that has been used and additionally has information how often it has been used

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.