Documentation
¶
Index ¶
- Constants
- Variables
- func As[T AnyType, V any](input T) (*V, error)
- func GetExpanded[T any](e ExpandedReponse, key string) *T
- func GetJSONPathIndex(jsonpath *string) (int, error)
- func HandleErrors(ctx context.Context, v *viper.Viper, input error) error
- func NewC1TokenSource(ctx context.Context, clientID string, clientSecret string, tokenHost string, ...) (oauth2.TokenSource, error)
- func NewTokenExchangeSource(ctx context.Context, oidcToken, clientID, tokenHost string, debug bool) (oauth2.TokenSource, error)
- func ParseSecret(input []byte) (*jose.JSONWebKey, error)
- func PopulateExpandedMap(expandMap map[string]int, expanded []any) map[string]*any
- func ResolveServerHost(clientID string, v *viper.Viper) (string, string, error)
- func StringFromIntPtr(s *int64) string
- func StringFromPtr(s *string) string
- func UnmarshalAnyType[T AnyType, PT interface{ ... }](input PT) (any, error)
- type AnyType
- type AppEntitlement
- type C1Client
- func New(ctx context.Context, clientId string, clientSecret string, v *viper.Viper, ...) (C1Client, error)
- func NewWithAccessToken(ctx context.Context, accessToken string, clientID string, v *viper.Viper, ...) (C1Client, error)
- func NewWithOIDCToken(ctx context.Context, oidcToken string, clientID string, v *viper.Viper, ...) (C1Client, error)
- type EntitlementWithBindings
- type Expandable
- type ExpandableEntitlementWithBindings
- type ExpandableReponse
- type ExpandedReponse
- type Expander
- func (ee *Expander) ExpandApp(v hasAppID)
- func (ee *Expander) ExpandResource(v hasResourceID)
- func (ee *Expander) ExpandResourceType(v hasResourceTypeID)
- func (ee *Expander) GetApp(appID string) (*shared.App, bool)
- func (ee *Expander) GetResource(appID string, resourceTypeID string, resourceID string) (*shared.AppResource, bool)
- func (ee *Expander) GetResourceType(appID string, resourceTypeID string) (*shared.AppResourceType, bool)
- func (ee *Expander) Run(ctx context.Context, c C1Client) error
- type HTTPError
- type JSONError
- type PathDetails
- type SearchEntitlementsFilter
Constants ¶
View Source
const ( EnvAccessToken = "CONDUCTORONE_ACCESS_TOKEN" EnvOIDCToken = "CONDUCTORONE_OIDC_TOKEN" EnvClientID = "CONDUCTORONE_CLIENT_ID" EnvClientSecret = "CONDUCTORONE_CLIENT_SECRET" EnvServerURL = "CONDUCTORONE_SERVER_URL" )
Environment variable names for ConductorOne authentication. These match the constants in conductorone-sdk-go and terraform-provider-conductorone.
View Source
const ( GrantedStatusGranted = shared.GrantedStatusGranted GrantedStatusUnspecified = shared.GrantedStatusUnspecified GrantedStatusNotGranted = shared.GrantedStatusNotGranted GrantedStatusAll = shared.GrantedStatusAll )
View Source
const ( ExpandedApp = "App" ExpandedAppResource = "AppResource" ExpandedAppResourceType = "AppResourceType" )
View Source
const ConeClientID = "2RGdOS94VDferT9e80mdgntl36K"
View Source
const VersionKey contextKey = "version"
Variables ¶
View Source
var ( ErrInvalidClientSecret = errors.New("invalid client secret") ErrInvalidClientID = errors.New("invalid client id") )
Functions ¶
func GetExpanded ¶ added in v0.0.9
func GetExpanded[T any](e ExpandedReponse, key string) *T
func GetJSONPathIndex ¶ added in v0.0.9
Implementation of JSONPath only intended to allow expansion of non nested search results using array indexing. If you need to support more complex JSONPath operations, please use a library. Example: matches "$.expanded[0]".
func HandleErrors ¶ added in v0.0.14
func NewC1TokenSource ¶
func NewTokenExchangeSource ¶ added in v0.0.37
func NewTokenExchangeSource(ctx context.Context, oidcToken, clientID, tokenHost string, debug bool) (oauth2.TokenSource, error)
NewTokenExchangeSource creates an oauth2.TokenSource that exchanges an external OIDC token for a ConductorOne access token via RFC 8693 token exchange.
func ParseSecret ¶ added in v0.0.23
func ParseSecret(input []byte) (*jose.JSONWebKey, error)
func PopulateExpandedMap ¶ added in v0.0.9
Populate the expanded map with references to the related objects.
func ResolveServerHost ¶ added in v0.0.37
ResolveServerHost determines the API server host using a consistent priority:
- --api-endpoint flag (via viper)
- CONDUCTORONE_SERVER_URL env var
- CONE_API_ENDPOINT env var
- Parsed from clientID (e.g. "name@host/suffix" -> "host")
Returns (clientName, host, error). clientName is empty if no clientID provided.
func StringFromIntPtr ¶ added in v0.0.18
func StringFromPtr ¶
Types ¶
type AppEntitlement ¶ added in v0.0.4
type AppEntitlement shared.AppEntitlement
func (AppEntitlement) GetAppId ¶ added in v0.0.4
func (a AppEntitlement) GetAppId() string
func (AppEntitlement) GetAppResourceId ¶ added in v0.0.4
func (a AppEntitlement) GetAppResourceId() string
func (AppEntitlement) GetAppResourceTypeId ¶ added in v0.0.4
func (a AppEntitlement) GetAppResourceTypeId() string
type C1Client ¶
type C1Client interface {
BaseURL() string
AuthIntrospect(ctx context.Context) (*shared.IntrospectResponse, error)
GetUser(ctx context.Context, userID string) (*shared.User, error)
GetEntitlement(ctx context.Context, appID string, entitlementID string) (*shared.AppEntitlement, error)
SearchEntitlements(ctx context.Context, filter *SearchEntitlementsFilter) ([]*EntitlementWithBindings, error)
GetResource(ctx context.Context, appID string, resourceID string, resourceTypeID string) (*shared.AppResource, error)
GetResourceType(ctx context.Context, appID string, resourceTypeID string) (*shared.AppResourceType, error)
GetApp(ctx context.Context, appID string) (*shared.App, error)
GetTask(ctx context.Context, taskId string) (*shared.TaskServiceGetResponse, error)
CreateGrantTask(
ctx context.Context,
appId string,
appEntitlementId string,
identityUserId string,
appUserId string,
justification string,
duration string,
emergencyAccess bool,
requestData map[string]any,
) (*shared.TaskServiceCreateGrantResponse, error)
CreateRevokeTask(
ctx context.Context,
appId string,
appEntitlementId string,
identityUserId string,
justification string,
) (*shared.TaskServiceCreateRevokeResponse, error)
GetGrantsForIdentity(ctx context.Context, appID string, appEntitlementID string, identityID string) ([]shared.AppEntitlementUserBinding, error)
SearchTasks(ctx context.Context, taskFilter shared.TaskSearchRequest) (*shared.TaskSearchResponse, error)
CommentOnTask(ctx context.Context, taskID string, comment string) (*shared.TaskActionsServiceCommentResponse, error)
ApproveTask(ctx context.Context, taskId string, comment string, policyId string) (*shared.TaskActionsServiceApproveResponse, error)
DenyTask(ctx context.Context, taskId string, comment string, policyId string) (*shared.TaskActionsServiceDenyResponse, error)
EscalateTask(ctx context.Context, taskId string) (*shared.TaskServiceActionResponse, error)
UpdateTaskRequestData(ctx context.Context, taskID string, requestData map[string]any) (*shared.TaskServiceActionResponse, error)
ListApps(ctx context.Context) ([]shared.App, error)
ListAppUsers(ctx context.Context, appID string) ([]shared.AppUser, error)
ListAppUsersForUser(ctx context.Context, appID string, userID string) ([]shared.AppUser, error)
ListAppUserCredentials(ctx context.Context, appID string, appUserID string) ([]shared.AppUserCredential, error)
ListPolicies(ctx context.Context) ([]shared.Policy, error)
ListEntitlements(ctx context.Context, appId string) ([]shared.AppEntitlement, error)
}
type EntitlementWithBindings ¶
type EntitlementWithBindings struct {
Entitlement AppEntitlement
Bindings []shared.AppEntitlementUserBinding
// contains filtered or unexported fields
}
func (*EntitlementWithBindings) GetExpanded ¶ added in v0.0.9
func (e *EntitlementWithBindings) GetExpanded() map[string]*any
type Expandable ¶ added in v0.0.9
type Expandable interface {
GetPaths() []PathDetails
SetPath(pathname string, value int)
}
type ExpandableEntitlementWithBindings ¶ added in v0.0.9
type ExpandableEntitlementWithBindings struct {
shared.AppEntitlementWithUserBindings
ExpandedMap map[string]int
}
func NewExpandableEntitlementWithBindings ¶ added in v0.0.9
func NewExpandableEntitlementWithBindings(v shared.AppEntitlementWithUserBindings) *ExpandableEntitlementWithBindings
func (*ExpandableEntitlementWithBindings) GetPaths ¶ added in v0.0.9
func (e *ExpandableEntitlementWithBindings) GetPaths() []PathDetails
func (*ExpandableEntitlementWithBindings) SetPath ¶ added in v0.0.9
func (e *ExpandableEntitlementWithBindings) SetPath(pathname string, value int)
type ExpandableReponse ¶ added in v0.0.9
type ExpandableReponse[T Expandable] struct { List []T }
func (ExpandableReponse[T]) PopulateExpandedIndexes ¶ added in v0.0.9
func (o ExpandableReponse[T]) PopulateExpandedIndexes() error
type ExpandedReponse ¶ added in v0.0.9
type Expander ¶
type Expander struct {
// contains filtered or unexported fields
}
func (*Expander) ExpandResource ¶
func (ee *Expander) ExpandResource(v hasResourceID)
func (*Expander) ExpandResourceType ¶
func (ee *Expander) ExpandResourceType(v hasResourceTypeID)
func (*Expander) GetResource ¶
func (*Expander) GetResourceType ¶
type HTTPError ¶ added in v0.0.14
func NewHTTPError ¶ added in v0.0.14
type PathDetails ¶ added in v0.0.9
type SearchEntitlementsFilter ¶
type SearchEntitlementsFilter struct {
Query string
EntitlementAlias string
AppDisplayName string
GrantedStatus shared.GrantedStatus
IncludeDeleted bool
AppEntitlementExpandMask shared.AppEntitlementExpandMask
}
Source Files
Click to show internal directories.
Click to hide internal directories.