README
¶
IAM Client
A simple yet powerful library that empowers you using IAM APIs.
Table of Contents
General Information
- There are so many products that need to use Sotoon IAM Service as their Identity and Access Management engine.
- IAM-Client is a Golang Library you can use it to control the risk of API changes and other support issues.
- It is under active development and support of Sotoon Integration Tribe.
Technologies Used
- Golang :)
Quick Start🏎
Simply add iam-client library latest stable version to your go.mod file:
Note! Please check latest version tag here.
Installation
In to go.mod file add:
module your-module-path
go 1.19
require (
github.com/sotoon/iam-client v1.0.14
)
Resolve Golang library:
go mod tidy
go mod vendor
Initialization
Then simply use the client in your code:
import (
"github.com/sotoon/iam-client/pkg/types"
)
func SimpleIamClientExample() {
// ... initialize IAM_URL, accessToken, defaultWorkspaceId, userId
client, err := client.NewClient(accessToken, IAM_URL, defaultWorkspaceId, userId, client.INFO)
if err != nil {
logger.Error("Cannot make a IAM client.", zap.Error(err))
// handle error or kill the process
return
}
}
func ReliableIamClientExample() {
// ... initialize serverUrls, accessToken, defaultWorkspaceId, userId, iamTimeout
client, err := return client.NewReliableClient(accessToken, serverUrls, defaultWorkspace, userUUID, iamTimeout)
if err != nil {
logger.Error("Cannot make a IAM client.", zap.Error(err))
// handle error or kill the process
return
}
}
Usage
See the interface.go file to see the full list of API functions. The usage is so simple, just call the function with your intended parameters:
// Get Workspace Data by name
workspace, err := client.GetWorkspaceByName(workspaceName)
// authorize user with Sotoon IAM System
err := client.Authorize(identity, userType, action, object string)
// identify token with Sotoon IAM System
subject, err := client.Identify(token)
// check if a token's owner has the permission to perform the action on the RRI object
// example: checking if the token's owner has the permission to list compute nodes?
action := "list"
rriObject := "rri:v1:cafebazaar.cloud:d386c6d8-0a0a-4251-b478-2dc03241927d:compute:/core/v1/_/nodes"
err := client.IdentifyAndAuthorize(token, action, rriObject)
if err != nil {
// the owner of token is Not Authorized to do the action
return
}
Features
- Almost all services of Sotoon IAM System
- Client-Side Fail-over.
Architecture
Brief overview of projects deployment architecture.
Setup
Please refer to Makefile.
make build
make test
Project Status
Actively developing and supported.
Room for Improvement
- Cache health-check result
- Developer API Guide
- Internal Mock Object in the library
Support Notes
Nothing yet :)
External Links
- IAM: Sotoon Identity and Access Management System Repository
Acknowledgements
Please refer to Contributors Section.
Contact
Please contact to Sotoon Integration Backend Team!
Directories
¶
| Path | Synopsis |
|---|---|
|
Package mocks is a generated GoMock package.
|
Package mocks is a generated GoMock package. |
|
pkg
|
|
Click to show internal directories.
Click to hide internal directories.