keycloak

package

v0.5.3 Latest Latest Go to latest Published: Jun 17, 2022 License: BSD-3-Clause Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/vshn/appuio-keycloak-adapter

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type Client
- func NewClient(host, realm, username, password string) Client
type ErrEvent
type GoCloak
type Group
- func NewGroup(path ...string) Group
- func NewGroupFromPath(path string) Group
type MembershipSyncError
- func (err MembershipSyncError) Error() string
- func (err MembershipSyncError) Unwrap() error
type MembershipSyncErrors
- func (errs *MembershipSyncErrors) Error() string
type User
- func UserFromKeycloakUser(u gocloak.User) User
- func (u User) ApplyTo(tu *gocloak.User)
- func (u User) DisplayName() string
type UserNotFoundError
- func (err UserNotFoundError) Error() string
- func (err UserNotFoundError) Is(target error) bool

Constants ¶

View Source

const (
	// KeycloakDefaultOrganizationRef references the keycloak user attribute.
	// TODO(bastjan) If we add more attributes I'd use struct tags struct{ DefaultOrganizationRef string `kcattr:"appuio.io/default-organization"` }
	KeycloakDefaultOrganizationRef = "appuio.io/default-organization"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client struct {
	Client GoCloak

	Realm string
	// LoginRealm is used for the client to authenticate against keycloak. If not set Realm is used.
	LoginRealm string
	Username   string
	Password   string

	// RootGroup, if set, transparently manages groups under given root group.
	// Searches and puts groups under the given root group and strips the root group from the return values.
	// The root group must exist in Keycloak.
	RootGroup string
}

Client interacts with the Keycloak API

func NewClient ¶

func NewClient(host, realm, username, password string) Client

NewClient creates a new Client

func (Client) DeleteGroup ¶

func (c Client) DeleteGroup(ctx context.Context, path ...string) error

DeleteGroup deletes the Keycloak group by name. The method is idempotent and will not do anything if the group does not exits.

func (Client) ListGroups ¶

func (c Client) ListGroups(ctx context.Context) ([]Group, error)

ListGroups returns all Keycloak groups in the realm. This is potentially very expensive, as it needs to iterate over all groups to get their members.

func (Client) PutGroup ¶

func (c Client) PutGroup(ctx context.Context, group Group) (Group, error)

PutGroup creates the provided Keycloak group if it does not exist and adjusts the group members accordingly. The method is idempotent.

func (Client) PutUser ¶ added in v0.5.0

func (c Client) PutUser(ctx context.Context, user User) (User, error)

PutUser updates the given user referenced by its `Username` property. An error is returned if a user can't be found.

type ErrEvent ¶

type ErrEvent string

ErrEvent is the reason this error was thrown. It should be short and unique, imagine people writing switch statements to handle them.

var UserAddError ErrEvent = "AddUserFailed"

UserAddError indicates that the client was unable to add the user to the group

var UserRemoveError ErrEvent = "RemoveUserFailed"

UserRemoveError indicates that the client was unable to remove the user from the group

type GoCloak ¶

type GoCloak interface {
	LoginAdmin(ctx context.Context, username, password, realm string) (*gocloak.JWT, error)
	LogoutPublicClient(ctx context.Context, clientID, realm, accessToken, refreshToken string) error

	CreateGroup(ctx context.Context, accessToken, realm string, group gocloak.Group) (string, error)
	CreateChildGroup(ctx context.Context, accessToken, realm, groupID string, group gocloak.Group) (string, error)
	GetGroups(ctx context.Context, accessToken, realm string, params gocloak.GetGroupsParams) ([]*gocloak.Group, error)
	DeleteGroup(ctx context.Context, accessToken, realm, groupID string) error

	GetGroupMembers(ctx context.Context, accessToken, realm, groupID string, params gocloak.GetGroupsParams) ([]*gocloak.User, error)
	GetUsers(ctx context.Context, accessToken, realm string, params gocloak.GetUsersParams) ([]*gocloak.User, error)
	UpdateUser(ctx context.Context, accessToken, realm string, user gocloak.User) error
	AddUserToGroup(ctx context.Context, token, realm, userID, groupID string) error
	DeleteUserFromGroup(ctx context.Context, token, realm, userID, groupID string) error
}

GoCloak is the subset of methods of the humongous gocloak.GoCloak interface that we actually need. This keeps the mock at a more reasonable size

type Group ¶

type Group struct {
	Members []User
	// contains filtered or unexported fields
}

Group is a representation of a group in keycloak

func NewGroup ¶ added in v0.2.0

func NewGroup(path ...string) Group

NewGroup creates a new group.

func NewGroupFromPath ¶ added in v0.2.0

func NewGroupFromPath(path string) Group

NewGroupFromPath creates a new group.

func (Group) BaseName ¶ added in v0.2.0

func (g Group) BaseName() string

BaseName returns the name of the group.

func (Group) Path ¶ added in v0.2.0

func (g Group) Path() string

Path returns the path of the group.

func (Group) PathMembers ¶ added in v0.2.0

func (g Group) PathMembers() []string

PathMembers returns the split path of the group.

func (Group) WithMemberNames ¶ added in v0.5.0

func (g Group) WithMemberNames(members ...string) Group

WithMemberNames returns a copy of the group with given members added.

type MembershipSyncError ¶

type MembershipSyncError struct {
	Err      error
	Username string
	Event    ErrEvent
}

MembershipSyncError is a custom error indicating the failure of syncing the membership of a single user.

func (MembershipSyncError) Error ¶

func (err MembershipSyncError) Error() string

func (MembershipSyncError) Unwrap ¶ added in v0.5.0

func (err MembershipSyncError) Unwrap() error

type MembershipSyncErrors ¶

type MembershipSyncErrors []MembershipSyncError

MembershipSyncErrors is a cusom error that can be used to indicate that the client failed to sync one or more memberships.

func (*MembershipSyncErrors) Error ¶

func (errs *MembershipSyncErrors) Error() string

type User ¶ added in v0.5.0

type User struct {
	ID string
	// Username is the .metadata.name in kubernetes and the .Username field in Keycloak
	Username string

	Email     string
	FirstName string
	LastName  string

	DefaultOrganizationRef string
}

User is a representation of a user in keycloak

func UserFromKeycloakUser ¶ added in v0.5.0

func UserFromKeycloakUser(u gocloak.User) User

UserFromKeycloakUser returns a user with attributes mapped from the given keycloak user

func (User) ApplyTo ¶ added in v0.5.2

func (u User) ApplyTo(tu *gocloak.User)

ApplyTo sets attributes from this user to the given gocloak.User

func (User) DisplayName ¶ added in v0.5.0

func (u User) DisplayName() string

DisplayName returns the disply name of this user

type UserNotFoundError ¶ added in v0.5.0

type UserNotFoundError struct {
	Username string
}

UserNotFoundError indicates a user could not be found.

func (UserNotFoundError) Error ¶ added in v0.5.0

func (err UserNotFoundError) Error() string

func (UserNotFoundError) Is ¶ added in v0.5.0

func (err UserNotFoundError) Is(target error) bool

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL