diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 0fbb1b27..9dc4aacc 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -9,7 +9,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@v3.0.0 with: - go-version: 1.18 + go-version: 1.19 - name: Checkout code uses: actions/checkout@v2 - name: Run golangci-lint @@ -20,8 +20,7 @@ jobs: uses: sonatype-nexus-community/nancy-github-action@main - name: Run Keycloak run: | - docker pull jboss/keycloak:12.0.3 - docker run -d -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=secret -e KEYCLOAK_IMPORT=/tmp/gocloak-realm.json -v "`pwd`/testdata/gocloak-realm.json:/tmp/gocloak-realm.json" -p 8080:8080 --name keycloak jboss/keycloak:12.0.3 -Dkeycloak.profile.feature.upload_scripts=enabled + make start-keycloak sleep 15 - name: Unit Tests run: | diff --git a/.nancy-ignore b/.nancy-ignore index 6c4168fa..d23fc372 100644 --- a/.nancy-ignore +++ b/.nancy-ignore @@ -1 +1 @@ -CVE-2019-11840 +CVE-2022-32149 diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..fe10a523 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,11 @@ +FROM quay.io/keycloak/keycloak:latest +COPY testdata data/import +WORKDIR /opt/keycloak +ENV KC_HOSTNAME=localhost +ENV KEYCLOAK_USER=admin +ENV KEYCLOAK_PASSWORD=secret +ENV KEYCLOAK_ADMIN=admin +ENV KEYCLOAK_ADMIN_PASSWORD=secret +ENV KC_FEATURES=account-api,account2,authorization,client-policies,impersonation,docker,scripts,upload_scripts +RUN /opt/keycloak/bin/kc.sh import --file /data/import/gocloak-realm.json +ENTRYPOINT ["/opt/keycloak/bin/kc.sh"] \ No newline at end of file diff --git a/Makefile b/Makefile index 783ef7d8..1664ecb4 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,6 @@ test: ./run-tests.sh - \ No newline at end of file + +start-keycloak: + docker-compose down + docker-compose up -d \ No newline at end of file diff --git a/README.md b/README.md index 7df6e9ab..b1d99fb8 100644 --- a/README.md +++ b/README.md @@ -32,13 +32,13 @@ For release notes please consult the specific releases [here](https://github.com ### Installation ```shell -go get github.com/Nerzal/gocloak/v11 +go get github.com/Nerzal/gocloak/v12 ``` ### Importing ```go - import "github.com/Nerzal/gocloak/v11" + import "github.com/Nerzal/gocloak/v12" ``` ### Create New User diff --git a/client.go b/client.go index ae1f8708..69d24b64 100644 --- a/client.go +++ b/client.go @@ -1,3 +1,4 @@ +// Package gocloak is a golang keycloak adaptor. package gocloak import ( @@ -17,10 +18,11 @@ import ( "github.com/pkg/errors" "github.com/segmentio/ksuid" - "github.com/Nerzal/gocloak/v11/pkg/jwx" + "github.com/Nerzal/gocloak/v12/pkg/jwx" ) -type gocloak struct { +// GoCloak provides functionalities to talk to Keycloak. +type GoCloak struct { basePath string certsCache sync.Map certsLock sync.Mutex @@ -44,36 +46,36 @@ func makeURL(path ...string) string { return strings.Join(path, urlSeparator) } -func (client *gocloak) getRequest(ctx context.Context) *resty.Request { +func (g *GoCloak) getRequest(ctx context.Context) *resty.Request { var err HTTPErrorResponse return injectTracingHeaders( - ctx, client.restyClient.R(). + ctx, g.restyClient.R(). SetContext(ctx). SetError(&err), ) } -func (client *gocloak) getRequestWithBearerAuthNoCache(ctx context.Context, token string) *resty.Request { - return client.getRequest(ctx). +func (g *GoCloak) getRequestWithBearerAuthNoCache(ctx context.Context, token string) *resty.Request { + return g.getRequest(ctx). SetAuthToken(token). SetHeader("Content-Type", "application/json"). SetHeader("Cache-Control", "no-cache") } -func (client *gocloak) getRequestWithBearerAuth(ctx context.Context, token string) *resty.Request { - return client.getRequest(ctx). +func (g *GoCloak) getRequestWithBearerAuth(ctx context.Context, token string) *resty.Request { + return g.getRequest(ctx). SetAuthToken(token). SetHeader("Content-Type", "application/json") } -func (client *gocloak) getRequestWithBearerAuthXMLHeader(ctx context.Context, token string) *resty.Request { - return client.getRequest(ctx). +func (g *GoCloak) getRequestWithBearerAuthXMLHeader(ctx context.Context, token string) *resty.Request { + return g.getRequest(ctx). SetAuthToken(token). SetHeader("Content-Type", "application/xml;charset=UTF-8") } -func (client *gocloak) getRequestWithBasicAuth(ctx context.Context, clientID, clientSecret string) *resty.Request { - req := client.getRequest(ctx). +func (g *GoCloak) getRequestWithBasicAuth(ctx context.Context, clientID, clientSecret string) *resty.Request { + req := g.getRequest(ctx). SetHeader("Content-Type", "application/x-www-form-urlencoded") // Public client doesn't require Basic Auth if len(clientID) > 0 && len(clientSecret) > 0 { @@ -84,12 +86,12 @@ func (client *gocloak) getRequestWithBasicAuth(ctx context.Context, clientID, cl return req } -func (client *gocloak) getRequestingParty(ctx context.Context, token string, realm string, options RequestingPartyTokenOptions, res interface{}) (*resty.Response, error) { - return client.getRequestWithBearerAuth(ctx, token). +func (g *GoCloak) getRequestingParty(ctx context.Context, token string, realm string, options RequestingPartyTokenOptions, res interface{}) (*resty.Response, error) { + return g.getRequestWithBearerAuth(ctx, token). SetFormData(options.FormData()). SetFormDataFromValues(url.Values{"permission": PStringSlice(options.Permissions)}). SetResult(&res). - Post(client.getRealmURL(realm, client.Config.tokenEndpoint)) + Post(g.getRealmURL(realm, g.Config.tokenEndpoint)) } func checkForError(resp *resty.Response, err error, errMessage string) error { @@ -130,6 +132,7 @@ func checkForError(resp *resty.Response, err error, errMessage string) error { func getID(resp *resty.Response) string { header := resp.Header().Get("Location") splittedPath := strings.Split(header, urlSeparator) + return splittedPath[len(splittedPath)-1] } @@ -170,15 +173,15 @@ func injectTracingHeaders(ctx context.Context, req *resty.Request) *resty.Reques // =============== // NewClient creates a new Client -func NewClient(basePath string, options ...func(*gocloak)) GoCloak { - c := gocloak{ +func NewClient(basePath string, options ...func(*GoCloak)) *GoCloak { + c := GoCloak{ basePath: strings.TrimRight(basePath, urlSeparator), restyClient: resty.New(), } c.Config.CertsInvalidateTime = 10 * time.Minute - c.Config.authAdminRealms = makeURL("auth", "admin", "realms") - c.Config.authRealms = makeURL("auth", "realms") + c.Config.authAdminRealms = makeURL("admin", "realms") + c.Config.authRealms = makeURL("realms") c.Config.tokenEndpoint = makeURL("protocol", "openid-connect", "token") c.Config.logoutEndpoint = makeURL("protocol", "openid-connect", "logout") c.Config.openIDConnect = makeURL("protocol", "openid-connect") @@ -190,91 +193,103 @@ func NewClient(basePath string, options ...func(*gocloak)) GoCloak { return &c } -func (client *gocloak) RestyClient() *resty.Client { - return client.restyClient +// RestyClient returns the internal resty g. +// This can be used to configure the g. +func (g *GoCloak) RestyClient() *resty.Client { + return g.restyClient } -func (client *gocloak) SetRestyClient(restyClient *resty.Client) { - client.restyClient = restyClient +// SetRestyClient overwrites the internal resty g. +func (g *GoCloak) SetRestyClient(restyClient *resty.Client) { + g.restyClient = restyClient } -func (client *gocloak) getRealmURL(realm string, path ...string) string { - path = append([]string{client.basePath, client.Config.authRealms, realm}, path...) +func (g *GoCloak) getRealmURL(realm string, path ...string) string { + path = append([]string{g.basePath, g.Config.authRealms, realm}, path...) return makeURL(path...) } -func (client *gocloak) getAdminRealmURL(realm string, path ...string) string { - path = append([]string{client.basePath, client.Config.authAdminRealms, realm}, path...) +func (g *GoCloak) getAdminRealmURL(realm string, path ...string) string { + path = append([]string{g.basePath, g.Config.authAdminRealms, realm}, path...) return makeURL(path...) } // ==== Functional Options === +// SetLegacyWildFlySupport maintain legacy WildFly support. +func SetLegacyWildFlySupport() func(g *GoCloak) { + return func(g *GoCloak) { + g.Config.authAdminRealms = makeURL("auth", "admin", "realms") + g.Config.authRealms = makeURL("auth", "realms") + } +} + // SetAuthRealms sets the auth realm -func SetAuthRealms(url string) func(client *gocloak) { - return func(client *gocloak) { - client.Config.authRealms = url +func SetAuthRealms(url string) func(g *GoCloak) { + return func(g *GoCloak) { + g.Config.authRealms = url } } // SetAuthAdminRealms sets the auth admin realm -func SetAuthAdminRealms(url string) func(client *gocloak) { - return func(client *gocloak) { - client.Config.authAdminRealms = url +func SetAuthAdminRealms(url string) func(g *GoCloak) { + return func(g *GoCloak) { + g.Config.authAdminRealms = url } } // SetTokenEndpoint sets the token endpoint -func SetTokenEndpoint(url string) func(client *gocloak) { - return func(client *gocloak) { - client.Config.tokenEndpoint = url +func SetTokenEndpoint(url string) func(g *GoCloak) { + return func(g *GoCloak) { + g.Config.tokenEndpoint = url } } // SetLogoutEndpoint sets the logout -func SetLogoutEndpoint(url string) func(client *gocloak) { - return func(client *gocloak) { - client.Config.logoutEndpoint = url +func SetLogoutEndpoint(url string) func(g *GoCloak) { + return func(g *GoCloak) { + g.Config.logoutEndpoint = url } } // SetOpenIDConnectEndpoint sets the logout -func SetOpenIDConnectEndpoint(url string) func(client *gocloak) { - return func(client *gocloak) { - client.Config.openIDConnect = url +func SetOpenIDConnectEndpoint(url string) func(g *GoCloak) { + return func(g *GoCloak) { + g.Config.openIDConnect = url } } // SetCertCacheInvalidationTime sets the logout -func SetCertCacheInvalidationTime(duration time.Duration) func(client *gocloak) { - return func(client *gocloak) { - client.Config.CertsInvalidateTime = duration +func SetCertCacheInvalidationTime(duration time.Duration) func(g *GoCloak) { + return func(g *GoCloak) { + g.Config.CertsInvalidateTime = duration } } -func (client *gocloak) GetServerInfo(ctx context.Context, accessToken string) (*ServerInfoRepesentation, error) { +// GetServerInfo fetches the server info. +func (g *GoCloak) GetServerInfo(ctx context.Context, accessToken string) ([]*ServerInfoRepresentation, error) { errMessage := "could not get server info" - var result ServerInfoRepesentation + var result []*ServerInfoRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). SetResult(&result). - Get(makeURL(client.basePath, "auth", "admin", "serverinfo")) + Get(makeURL(g.basePath, "admin", "realms")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err } - return &result, nil + return result, nil } // GetUserInfo calls the UserInfo endpoint -func (client *gocloak) GetUserInfo(ctx context.Context, accessToken, realm string) (*UserInfo, error) { +func (g *GoCloak) GetUserInfo(ctx context.Context, accessToken, realm string) (*UserInfo, error) { const errMessage = "could not get user info" var result UserInfo - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). SetResult(&result). - Get(client.getRealmURL(realm, client.Config.openIDConnect, "userinfo")) + Get(g.getRealmURL(realm, g.Config.openIDConnect, "userinfo")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -284,13 +299,13 @@ func (client *gocloak) GetUserInfo(ctx context.Context, accessToken, realm strin } // GetRawUserInfo calls the UserInfo endpoint and returns a raw json object -func (client *gocloak) GetRawUserInfo(ctx context.Context, accessToken, realm string) (map[string]interface{}, error) { +func (g *GoCloak) GetRawUserInfo(ctx context.Context, accessToken, realm string) (map[string]interface{}, error) { const errMessage = "could not get user info" var result map[string]interface{} - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). SetResult(&result). - Get(client.getRealmURL(realm, client.Config.openIDConnect, "userinfo")) + Get(g.getRealmURL(realm, g.Config.openIDConnect, "userinfo")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -299,13 +314,13 @@ func (client *gocloak) GetRawUserInfo(ctx context.Context, accessToken, realm st return result, nil } -func (client *gocloak) getNewCerts(ctx context.Context, realm string) (*CertResponse, error) { +func (g *GoCloak) getNewCerts(ctx context.Context, realm string) (*CertResponse, error) { const errMessage = "could not get newCerts" var result CertResponse - resp, err := client.getRequest(ctx). + resp, err := g.getRequest(ctx). SetResult(&result). - Get(client.getRealmURL(realm, client.Config.openIDConnect, "certs")) + Get(g.getRealmURL(realm, g.Config.openIDConnect, "certs")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -315,41 +330,41 @@ func (client *gocloak) getNewCerts(ctx context.Context, realm string) (*CertResp } // GetCerts fetches certificates for the given realm from the public /open-id-connect/certs endpoint -func (client *gocloak) GetCerts(ctx context.Context, realm string) (*CertResponse, error) { +func (g *GoCloak) GetCerts(ctx context.Context, realm string) (*CertResponse, error) { const errMessage = "could not get certs" - if cert, ok := client.certsCache.Load(realm); ok { + if cert, ok := g.certsCache.Load(realm); ok { return cert.(*CertResponse), nil } - client.certsLock.Lock() - defer client.certsLock.Unlock() + g.certsLock.Lock() + defer g.certsLock.Unlock() - if cert, ok := client.certsCache.Load(realm); ok { + if cert, ok := g.certsCache.Load(realm); ok { return cert.(*CertResponse), nil } - cert, err := client.getNewCerts(ctx, realm) + cert, err := g.getNewCerts(ctx, realm) if err != nil { return nil, errors.Wrap(err, errMessage) } - client.certsCache.Store(realm, cert) - time.AfterFunc(client.Config.CertsInvalidateTime, func() { - client.certsCache.Delete(realm) + g.certsCache.Store(realm, cert) + time.AfterFunc(g.Config.CertsInvalidateTime, func() { + g.certsCache.Delete(realm) }) return cert, nil } // GetIssuer gets the issuer of the given realm -func (client *gocloak) GetIssuer(ctx context.Context, realm string) (*IssuerResponse, error) { +func (g *GoCloak) GetIssuer(ctx context.Context, realm string) (*IssuerResponse, error) { const errMessage = "could not get issuer" var result IssuerResponse - resp, err := client.getRequest(ctx). + resp, err := g.getRequest(ctx). SetResult(&result). - Get(client.getRealmURL(realm)) + Get(g.getRealmURL(realm)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -359,17 +374,17 @@ func (client *gocloak) GetIssuer(ctx context.Context, realm string) (*IssuerResp } // RetrospectToken calls the openid-connect introspect endpoint -func (client *gocloak) RetrospectToken(ctx context.Context, accessToken, clientID, clientSecret, realm string) (*RetrospecTokenResult, error) { +func (g *GoCloak) RetrospectToken(ctx context.Context, accessToken, clientID, clientSecret, realm string) (*IntroSpectTokenResult, error) { const errMessage = "could not introspect requesting party token" - var result RetrospecTokenResult - resp, err := client.getRequestWithBasicAuth(ctx, clientID, clientSecret). + var result IntroSpectTokenResult + resp, err := g.getRequestWithBasicAuth(ctx, clientID, clientSecret). SetFormData(map[string]string{ "token_type_hint": "requesting_party_token", "token": accessToken, }). SetResult(&result). - Post(client.getRealmURL(realm, client.Config.tokenEndpoint, "introspect")) + Post(g.getRealmURL(realm, g.Config.tokenEndpoint, "introspect")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -378,7 +393,7 @@ func (client *gocloak) RetrospectToken(ctx context.Context, accessToken, clientI return &result, nil } -func (client *gocloak) decodeAccessTokenWithClaims(ctx context.Context, accessToken, realm string, claims jwt.Claims) (*jwt.Token, error) { +func (g *GoCloak) decodeAccessTokenWithClaims(ctx context.Context, accessToken, realm string, claims jwt.Claims) (*jwt.Token, error) { const errMessage = "could not decode access token" accessToken = strings.Replace(accessToken, "Bearer ", "", 1) @@ -387,7 +402,7 @@ func (client *gocloak) decodeAccessTokenWithClaims(ctx context.Context, accessTo return nil, errors.Wrap(err, errMessage) } - certResult, err := client.GetCerts(ctx, realm) + certResult, err := g.GetCerts(ctx, realm) if err != nil { return nil, errors.Wrap(err, errMessage) } @@ -408,9 +423,9 @@ func (client *gocloak) decodeAccessTokenWithClaims(ctx context.Context, accessTo } // DecodeAccessToken decodes the accessToken -func (client *gocloak) DecodeAccessToken(ctx context.Context, accessToken, realm string) (*jwt.Token, *jwt.MapClaims, error) { +func (g *GoCloak) DecodeAccessToken(ctx context.Context, accessToken, realm string) (*jwt.Token, *jwt.MapClaims, error) { claims := jwt.MapClaims{} - token, err := client.decodeAccessTokenWithClaims(ctx, accessToken, realm, claims) + token, err := g.decodeAccessTokenWithClaims(ctx, accessToken, realm, claims) if err != nil { return nil, nil, err } @@ -418,25 +433,26 @@ func (client *gocloak) DecodeAccessToken(ctx context.Context, accessToken, realm } // DecodeAccessTokenCustomClaims decodes the accessToken and writes claims into the given claims -func (client *gocloak) DecodeAccessTokenCustomClaims(ctx context.Context, accessToken, realm string, claims jwt.Claims) (*jwt.Token, error) { - return client.decodeAccessTokenWithClaims(ctx, accessToken, realm, claims) +func (g *GoCloak) DecodeAccessTokenCustomClaims(ctx context.Context, accessToken, realm string, claims jwt.Claims) (*jwt.Token, error) { + return g.decodeAccessTokenWithClaims(ctx, accessToken, realm, claims) } -func (client *gocloak) GetToken(ctx context.Context, realm string, options TokenOptions) (*JWT, error) { +// GetToken uses TokenOptions to fetch a token. +func (g *GoCloak) GetToken(ctx context.Context, realm string, options TokenOptions) (*JWT, error) { const errMessage = "could not get token" var token JWT var req *resty.Request if !NilOrEmpty(options.ClientSecret) { - req = client.getRequestWithBasicAuth(ctx, *options.ClientID, *options.ClientSecret) + req = g.getRequestWithBasicAuth(ctx, *options.ClientID, *options.ClientSecret) } else { - req = client.getRequest(ctx) + req = g.getRequest(ctx) } resp, err := req.SetFormData(options.FormData()). SetResult(&token). - Post(client.getRealmURL(realm, client.Config.tokenEndpoint)) + Post(g.getRealmURL(realm, g.Config.tokenEndpoint)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -446,13 +462,12 @@ func (client *gocloak) GetToken(ctx context.Context, realm string, options Token } // GetRequestingPartyToken returns a requesting party token with permissions granted by the server -func (client *gocloak) GetRequestingPartyToken(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*JWT, error) { +func (g *GoCloak) GetRequestingPartyToken(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*JWT, error) { const errMessage = "could not get requesting party token" var res JWT - resp, err := client.getRequestingParty(ctx, token, realm, options, &res) - + resp, err := g.getRequestingParty(ctx, token, realm, options, &res) if err := checkForError(resp, err, errMessage); err != nil { return nil, err } @@ -461,15 +476,14 @@ func (client *gocloak) GetRequestingPartyToken(ctx context.Context, token, realm } // GetRequestingPartyPermissions returns a requesting party permissions granted by the server -func (client *gocloak) GetRequestingPartyPermissions(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*[]RequestingPartyPermission, error) { +func (g *GoCloak) GetRequestingPartyPermissions(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*[]RequestingPartyPermission, error) { const errMessage = "could not get requesting party token" var res []RequestingPartyPermission options.ResponseMode = StringP("permissions") - resp, err := client.getRequestingParty(ctx, token, realm, options, &res) - + resp, err := g.getRequestingParty(ctx, token, realm, options, &res) if err := checkForError(resp, err, errMessage); err != nil { return nil, err } @@ -478,15 +492,14 @@ func (client *gocloak) GetRequestingPartyPermissions(ctx context.Context, token, } // GetRequestingPartyPermissionDecision returns a requesting party permission decision granted by the server -func (client *gocloak) GetRequestingPartyPermissionDecision(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*RequestingPartyPermissionDecision, error) { +func (g *GoCloak) GetRequestingPartyPermissionDecision(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*RequestingPartyPermissionDecision, error) { const errMessage = "could not get requesting party token" var res RequestingPartyPermissionDecision options.ResponseMode = StringP("decision") - resp, err := client.getRequestingParty(ctx, token, realm, options, &res) - + resp, err := g.getRequestingParty(ctx, token, realm, options, &res) if err := checkForError(resp, err, errMessage); err != nil { return nil, err } @@ -496,8 +509,8 @@ func (client *gocloak) GetRequestingPartyPermissionDecision(ctx context.Context, // RefreshToken refreshes the given token. // May return a *APIError with further details about the issue. -func (client *gocloak) RefreshToken(ctx context.Context, refreshToken, clientID, clientSecret, realm string) (*JWT, error) { - return client.GetToken(ctx, realm, TokenOptions{ +func (g *GoCloak) RefreshToken(ctx context.Context, refreshToken, clientID, clientSecret, realm string) (*JWT, error) { + return g.GetToken(ctx, realm, TokenOptions{ ClientID: &clientID, ClientSecret: &clientSecret, GrantType: StringP("refresh_token"), @@ -506,8 +519,8 @@ func (client *gocloak) RefreshToken(ctx context.Context, refreshToken, clientID, } // LoginAdmin performs a login with Admin client -func (client *gocloak) LoginAdmin(ctx context.Context, username, password, realm string) (*JWT, error) { - return client.GetToken(ctx, realm, TokenOptions{ +func (g *GoCloak) LoginAdmin(ctx context.Context, username, password, realm string) (*JWT, error) { + return g.GetToken(ctx, realm, TokenOptions{ ClientID: StringP(adminClientID), GrantType: StringP("password"), Username: &username, @@ -516,8 +529,8 @@ func (client *gocloak) LoginAdmin(ctx context.Context, username, password, realm } // LoginClient performs a login with client credentials -func (client *gocloak) LoginClient(ctx context.Context, clientID, clientSecret, realm string) (*JWT, error) { - return client.GetToken(ctx, realm, TokenOptions{ +func (g *GoCloak) LoginClient(ctx context.Context, clientID, clientSecret, realm string) (*JWT, error) { + return g.GetToken(ctx, realm, TokenOptions{ ClientID: &clientID, ClientSecret: &clientSecret, GrantType: StringP("client_credentials"), @@ -526,7 +539,7 @@ func (client *gocloak) LoginClient(ctx context.Context, clientID, clientSecret, // LoginClientTokenExchange will exchange the presented token for a user's token // Requires Token-Exchange is enabled: https://www.keycloak.org/docs/latest/securing_apps/index.html#_token-exchange -func (client *gocloak) LoginClientTokenExchange(ctx context.Context, clientID, token, clientSecret, realm, targetClient, userID string) (*JWT, error) { +func (g *GoCloak) LoginClientTokenExchange(ctx context.Context, clientID, token, clientSecret, realm, targetClient, userID string) (*JWT, error) { tokenOptions := TokenOptions{ ClientID: &clientID, ClientSecret: &clientSecret, @@ -538,11 +551,11 @@ func (client *gocloak) LoginClientTokenExchange(ctx context.Context, clientID, t if userID != "" { tokenOptions.RequestedSubject = &userID } - return client.GetToken(ctx, realm, tokenOptions) + return g.GetToken(ctx, realm, tokenOptions) } // LoginClientSignedJWT performs a login with client credentials and signed jwt claims -func (client *gocloak) LoginClientSignedJWT( +func (g *GoCloak) LoginClientSignedJWT( ctx context.Context, clientID, realm string, @@ -556,7 +569,7 @@ func (client *gocloak) LoginClientSignedJWT( Subject: clientID, ID: ksuid.New().String(), Audience: jwt.ClaimStrings{ - client.getRealmURL(realm), + g.getRealmURL(realm), }, } assertion, err := jwx.SignClaims(claims, key, signedMethod) @@ -564,7 +577,7 @@ func (client *gocloak) LoginClientSignedJWT( return nil, err } - return client.GetToken(ctx, realm, TokenOptions{ + return g.GetToken(ctx, realm, TokenOptions{ ClientID: &clientID, GrantType: StringP("client_credentials"), ClientAssertionType: StringP("urn:ietf:params:oauth:client-assertion-type:jwt-bearer"), @@ -573,8 +586,8 @@ func (client *gocloak) LoginClientSignedJWT( } // Login performs a login with user credentials and a client -func (client *gocloak) Login(ctx context.Context, clientID, clientSecret, realm, username, password string) (*JWT, error) { - return client.GetToken(ctx, realm, TokenOptions{ +func (g *GoCloak) Login(ctx context.Context, clientID, clientSecret, realm, username, password string) (*JWT, error) { + return g.GetToken(ctx, realm, TokenOptions{ ClientID: &clientID, ClientSecret: &clientSecret, GrantType: StringP("password"), @@ -584,8 +597,8 @@ func (client *gocloak) Login(ctx context.Context, clientID, clientSecret, realm, } // LoginOtp performs a login with user credentials and otp token -func (client *gocloak) LoginOtp(ctx context.Context, clientID, clientSecret, realm, username, password, totp string) (*JWT, error) { - return client.GetToken(ctx, realm, TokenOptions{ +func (g *GoCloak) LoginOtp(ctx context.Context, clientID, clientSecret, realm, username, password, totp string) (*JWT, error) { + return g.GetToken(ctx, realm, TokenOptions{ ClientID: &clientID, ClientSecret: &clientSecret, GrantType: StringP("password"), @@ -596,63 +609,65 @@ func (client *gocloak) LoginOtp(ctx context.Context, clientID, clientSecret, rea } // Logout logs out users with refresh token -func (client *gocloak) Logout(ctx context.Context, clientID, clientSecret, realm, refreshToken string) error { +func (g *GoCloak) Logout(ctx context.Context, clientID, clientSecret, realm, refreshToken string) error { const errMessage = "could not logout" - resp, err := client.getRequestWithBasicAuth(ctx, clientID, clientSecret). + resp, err := g.getRequestWithBasicAuth(ctx, clientID, clientSecret). SetFormData(map[string]string{ "client_id": clientID, "refresh_token": refreshToken, }). - Post(client.getRealmURL(realm, client.Config.logoutEndpoint)) + Post(g.getRealmURL(realm, g.Config.logoutEndpoint)) return checkForError(resp, err, errMessage) } -func (client *gocloak) LogoutPublicClient(ctx context.Context, clientID, realm, accessToken, refreshToken string) error { +// LogoutPublicClient performs a logout using a public client and the accessToken. +func (g *GoCloak) LogoutPublicClient(ctx context.Context, clientID, realm, accessToken, refreshToken string) error { const errMessage = "could not logout public client" - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). SetFormData(map[string]string{ "client_id": clientID, "refresh_token": refreshToken, }). - Post(client.getRealmURL(realm, client.Config.logoutEndpoint)) + Post(g.getRealmURL(realm, g.Config.logoutEndpoint)) return checkForError(resp, err, errMessage) } -// LogoutAllSessions logs out all sessions of a user given an id -func (client *gocloak) LogoutAllSessions(ctx context.Context, accessToken, realm, userID string) error { +// LogoutAllSessions logs out all sessions of a user given an id. +func (g *GoCloak) LogoutAllSessions(ctx context.Context, accessToken, realm, userID string) error { const errMessage = "could not logout" - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). - Post(client.getAdminRealmURL(realm, "users", userID, "logout")) + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). + Post(g.getAdminRealmURL(realm, "users", userID, "logout")) return checkForError(resp, err, errMessage) } -func (client *gocloak) RevokeUserConsents(ctx context.Context, accessToken, realm, userID, clientID string) error { +// RevokeUserConsents revokes the given user consent. +func (g *GoCloak) RevokeUserConsents(ctx context.Context, accessToken, realm, userID, clientID string) error { const errMessage = "could not revoke consents" - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). - Delete(client.getAdminRealmURL(realm, "users", userID, "consents", clientID)) + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). + Delete(g.getAdminRealmURL(realm, "users", userID, "consents", clientID)) return checkForError(resp, err, errMessage) } -// LogoutUserSessions logs out a single sessions of a user given a session id -func (client *gocloak) LogoutUserSession(ctx context.Context, accessToken, realm, session string) error { +// LogoutUserSession logs out a single sessions of a user given a session id +func (g *GoCloak) LogoutUserSession(ctx context.Context, accessToken, realm, session string) error { const errMessage = "could not logout" - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). - Delete(client.getAdminRealmURL(realm, "sessions", session)) + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). + Delete(g.getAdminRealmURL(realm, "sessions", session)) return checkForError(resp, err, errMessage) } // ExecuteActionsEmail executes an actions email -func (client *gocloak) ExecuteActionsEmail(ctx context.Context, token, realm string, params ExecuteActionsEmail) error { +func (g *GoCloak) ExecuteActionsEmail(ctx context.Context, token, realm string, params ExecuteActionsEmail) error { const errMessage = "could not execute actions email" queryParams, err := GetQueryParams(params) @@ -660,20 +675,43 @@ func (client *gocloak) ExecuteActionsEmail(ctx context.Context, token, realm str return errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(params.Actions). SetQueryParams(queryParams). - Put(client.getAdminRealmURL(realm, "users", *(params.UserID), "execute-actions-email")) + Put(g.getAdminRealmURL(realm, "users", *(params.UserID), "execute-actions-email")) + + return checkForError(resp, err, errMessage) +} + +// SendVerifyEmail sends a verification e-mail to a user. +func (g *GoCloak) SendVerifyEmail(ctx context.Context, token, userID, realm string, params ...SendVerificationMailParams) error { + const errMessage = "could not execute actions email" + + queryParams := map[string]string{} + if params != nil { + if params[0].ClientID != nil { + queryParams["client_id"] = *params[0].ClientID + } + + if params[0].RedirectURI != nil { + queryParams["redirect_uri"] = *params[0].RedirectURI + } + } + + resp, err := g.getRequestWithBearerAuth(ctx, token). + SetQueryParams(queryParams). + Put(g.getAdminRealmURL(realm, "users", userID, "send-verify-email")) return checkForError(resp, err, errMessage) } -func (client *gocloak) CreateGroup(ctx context.Context, token, realm string, group Group) (string, error) { +// CreateGroup creates a new group. +func (g *GoCloak) CreateGroup(ctx context.Context, token, realm string, group Group) (string, error) { const errMessage = "could not create group" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(group). - Post(client.getAdminRealmURL(realm, "groups")) + Post(g.getAdminRealmURL(realm, "groups")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -682,12 +720,12 @@ func (client *gocloak) CreateGroup(ctx context.Context, token, realm string, gro } // CreateChildGroup creates a new child group -func (client *gocloak) CreateChildGroup(ctx context.Context, token, realm, groupID string, group Group) (string, error) { +func (g *GoCloak) CreateChildGroup(ctx context.Context, token, realm, groupID string, group Group) (string, error) { const errMessage = "could not create child group" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(group). - Post(client.getAdminRealmURL(realm, "groups", groupID, "children")) + Post(g.getAdminRealmURL(realm, "groups", groupID, "children")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -696,12 +734,13 @@ func (client *gocloak) CreateChildGroup(ctx context.Context, token, realm, group return getID(resp), nil } -func (client *gocloak) CreateComponent(ctx context.Context, token, realm string, component Component) (string, error) { +// CreateComponent creates the given component. +func (g *GoCloak) CreateComponent(ctx context.Context, token, realm string, component Component) (string, error) { const errMessage = "could not create component" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(component). - Post(client.getAdminRealmURL(realm, "components")) + Post(g.getAdminRealmURL(realm, "components")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -710,12 +749,13 @@ func (client *gocloak) CreateComponent(ctx context.Context, token, realm string, return getID(resp), nil } -func (client *gocloak) CreateClient(ctx context.Context, accessToken, realm string, newClient Client) (string, error) { +// CreateClient creates the given g. +func (g *GoCloak) CreateClient(ctx context.Context, accessToken, realm string, newClient Client) (string, error) { const errMessage = "could not create client" - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). SetBody(newClient). - Post(client.getAdminRealmURL(realm, "clients")) + Post(g.getAdminRealmURL(realm, "clients")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -725,15 +765,15 @@ func (client *gocloak) CreateClient(ctx context.Context, accessToken, realm stri } // CreateClientRepresentation creates a new client representation -func (client *gocloak) CreateClientRepresentation(ctx context.Context, realm string) (*Client, error) { +func (g *GoCloak) CreateClientRepresentation(ctx context.Context, token, realm string, newClient Client) (*Client, error) { const errMessage = "could not create client representation" var result Client - resp, err := client.getRequest(ctx). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - SetBody(Client{}). - Post(client.getRealmURL(realm, "clients-registrations", "default")) + SetBody(newClient). + Post(g.getRealmURL(realm, "clients-registrations", "default")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -743,12 +783,12 @@ func (client *gocloak) CreateClientRepresentation(ctx context.Context, realm str } // CreateClientRole creates a new role for a client -func (client *gocloak) CreateClientRole(ctx context.Context, token, realm, idOfClient string, role Role) (string, error) { +func (g *GoCloak) CreateClientRole(ctx context.Context, token, realm, idOfClient string, role Role) (string, error) { const errMessage = "could not create client role" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(role). - Post(client.getAdminRealmURL(realm, "clients", idOfClient, "roles")) + Post(g.getAdminRealmURL(realm, "clients", idOfClient, "roles")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -758,12 +798,12 @@ func (client *gocloak) CreateClientRole(ctx context.Context, token, realm, idOfC } // CreateClientScope creates a new client scope -func (client *gocloak) CreateClientScope(ctx context.Context, token, realm string, scope ClientScope) (string, error) { +func (g *GoCloak) CreateClientScope(ctx context.Context, token, realm string, scope ClientScope) (string, error) { const errMessage = "could not create client scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(scope). - Post(client.getAdminRealmURL(realm, "client-scopes")) + Post(g.getAdminRealmURL(realm, "client-scopes")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -773,12 +813,12 @@ func (client *gocloak) CreateClientScope(ctx context.Context, token, realm strin } // CreateClientScopeProtocolMapper creates a new protocolMapper under the given client scope -func (client *gocloak) CreateClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID string, protocolMapper ProtocolMappers) (string, error) { +func (g *GoCloak) CreateClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID string, protocolMapper ProtocolMappers) (string, error) { const errMessage = "could not create client scope protocol mapper" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(protocolMapper). - Post(client.getAdminRealmURL(realm, "client-scopes", scopeID, "protocol-mappers", "models")) + Post(g.getAdminRealmURL(realm, "client-scopes", scopeID, "protocol-mappers", "models")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -787,36 +827,37 @@ func (client *gocloak) CreateClientScopeProtocolMapper(ctx context.Context, toke return getID(resp), nil } -func (client *gocloak) UpdateGroup(ctx context.Context, token, realm string, updatedGroup Group) error { +// UpdateGroup updates the given group. +func (g *GoCloak) UpdateGroup(ctx context.Context, token, realm string, updatedGroup Group) error { const errMessage = "could not update group" if NilOrEmpty(updatedGroup.ID) { return errors.Wrap(errors.New("ID of a group required"), errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(updatedGroup). - Put(client.getAdminRealmURL(realm, "groups", PString(updatedGroup.ID))) + Put(g.getAdminRealmURL(realm, "groups", PString(updatedGroup.ID))) return checkForError(resp, err, errMessage) } // UpdateClient updates the given Client -func (client *gocloak) UpdateClient(ctx context.Context, token, realm string, updatedClient Client) error { +func (g *GoCloak) UpdateClient(ctx context.Context, token, realm string, updatedClient Client) error { const errMessage = "could not update client" if NilOrEmpty(updatedClient.ID) { return errors.Wrap(errors.New("ID of a client required"), errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(updatedClient). - Put(client.getAdminRealmURL(realm, "clients", PString(updatedClient.ID))) + Put(g.getAdminRealmURL(realm, "clients", PString(updatedClient.ID))) return checkForError(resp, err, errMessage) } // UpdateClientRepresentation updates the given client representation -func (client *gocloak) UpdateClientRepresentation(ctx context.Context, accessToken, realm string, updatedClient Client) (*Client, error) { +func (g *GoCloak) UpdateClientRepresentation(ctx context.Context, accessToken, realm string, updatedClient Client) (*Client, error) { const errMessage = "could not update client representation" if NilOrEmpty(updatedClient.ID) { @@ -825,10 +866,10 @@ func (client *gocloak) UpdateClientRepresentation(ctx context.Context, accessTok var result Client - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). SetResult(&result). SetBody(updatedClient). - Put(client.getRealmURL(realm, "clients-registrations", "default", PString(updatedClient.ID))) + Put(g.getRealmURL(realm, "clients-registrations", "default", PString(updatedClient.ClientID))) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -837,113 +878,118 @@ func (client *gocloak) UpdateClientRepresentation(ctx context.Context, accessTok return &result, nil } -func (client *gocloak) UpdateRole(ctx context.Context, token, realm, idOfClient string, role Role) error { +// UpdateRole updates the given role. +func (g *GoCloak) UpdateRole(ctx context.Context, token, realm, idOfClient string, role Role) error { const errMessage = "could not update role" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(role). - Put(client.getAdminRealmURL(realm, "clients", idOfClient, "roles", PString(role.Name))) + Put(g.getAdminRealmURL(realm, "clients", idOfClient, "roles", PString(role.Name))) return checkForError(resp, err, errMessage) } -func (client *gocloak) UpdateClientScope(ctx context.Context, token, realm string, scope ClientScope) error { +// UpdateClientScope updates the given client scope. +func (g *GoCloak) UpdateClientScope(ctx context.Context, token, realm string, scope ClientScope) error { const errMessage = "could not update client scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(scope). - Put(client.getAdminRealmURL(realm, "client-scopes", PString(scope.ID))) + Put(g.getAdminRealmURL(realm, "client-scopes", PString(scope.ID))) return checkForError(resp, err, errMessage) } // UpdateClientScopeProtocolMapper updates the given protocol mapper for a client scope -func (client *gocloak) UpdateClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID string, protocolMapper ProtocolMappers) error { +func (g *GoCloak) UpdateClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID string, protocolMapper ProtocolMappers) error { const errMessage = "could not update client scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(protocolMapper). - Put(client.getAdminRealmURL(realm, "client-scopes", scopeID, "protocol-mappers", "models", PString(protocolMapper.ID))) + Put(g.getAdminRealmURL(realm, "client-scopes", scopeID, "protocol-mappers", "models", PString(protocolMapper.ID))) return checkForError(resp, err, errMessage) } -func (client *gocloak) DeleteGroup(ctx context.Context, token, realm, groupID string) error { +// DeleteGroup deletes the group with the given groupID. +func (g *GoCloak) DeleteGroup(ctx context.Context, token, realm, groupID string) error { const errMessage = "could not delete group" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "groups", groupID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "groups", groupID)) return checkForError(resp, err, errMessage) } // DeleteClient deletes a given client -func (client *gocloak) DeleteClient(ctx context.Context, token, realm, idOfClient string) error { +func (g *GoCloak) DeleteClient(ctx context.Context, token, realm, idOfClient string) error { const errMessage = "could not delete client" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "clients", idOfClient)) return checkForError(resp, err, errMessage) } -func (client *gocloak) DeleteComponent(ctx context.Context, token, realm, componentID string) error { +// DeleteComponent deletes the component with the given id. +func (g *GoCloak) DeleteComponent(ctx context.Context, token, realm, componentID string) error { const errMessage = "could not delete component" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "components", componentID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "components", componentID)) return checkForError(resp, err, errMessage) } -// DeleteClientRepresentation deletes a given client representation -func (client *gocloak) DeleteClientRepresentation(ctx context.Context, accessToken, realm, clientID string) error { +// DeleteClientRepresentation deletes a given client representation. +func (g *GoCloak) DeleteClientRepresentation(ctx context.Context, accessToken, realm, clientID string) error { const errMessage = "could not delete client representation" - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). - Delete(client.getRealmURL(realm, "clients-registrations", "default", clientID)) + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). + Delete(g.getRealmURL(realm, "clients-registrations", "default", clientID)) return checkForError(resp, err, errMessage) } -// DeleteClientRole deletes a given role -func (client *gocloak) DeleteClientRole(ctx context.Context, token, realm, idOfClient, roleName string) error { +// DeleteClientRole deletes a given role. +func (g *GoCloak) DeleteClientRole(ctx context.Context, token, realm, idOfClient, roleName string) error { const errMessage = "could not delete client role" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient, "roles", roleName)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "clients", idOfClient, "roles", roleName)) return checkForError(resp, err, errMessage) } -func (client *gocloak) DeleteClientScope(ctx context.Context, token, realm, scopeID string) error { +// DeleteClientScope deletes the scope with the given id. +func (g *GoCloak) DeleteClientScope(ctx context.Context, token, realm, scopeID string) error { const errMessage = "could not delete client scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "client-scopes", scopeID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "client-scopes", scopeID)) return checkForError(resp, err, errMessage) } // DeleteClientScopeProtocolMapper deletes the given protocol mapper from the client scope -func (client *gocloak) DeleteClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID, protocolMapperID string) error { +func (g *GoCloak) DeleteClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID, protocolMapperID string) error { const errMessage = "could not delete client scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "client-scopes", scopeID, "protocol-mappers", "models", protocolMapperID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "client-scopes", scopeID, "protocol-mappers", "models", protocolMapperID)) return checkForError(resp, err, errMessage) } // GetClient returns a client -func (client *gocloak) GetClient(ctx context.Context, token, realm, idOfClient string) (*Client, error) { +func (g *GoCloak) GetClient(ctx context.Context, token, realm, idOfClient string) (*Client, error) { const errMessage = "could not get client" var result Client - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient)) + Get(g.getAdminRealmURL(realm, "clients", idOfClient)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -953,14 +999,14 @@ func (client *gocloak) GetClient(ctx context.Context, token, realm, idOfClient s } // GetClientRepresentation returns a client representation -func (client *gocloak) GetClientRepresentation(ctx context.Context, accessToken, realm, clientID string) (*Client, error) { +func (g *GoCloak) GetClientRepresentation(ctx context.Context, accessToken, realm, clientID string) (*Client, error) { const errMessage = "could not get client representation" var result Client - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). SetResult(&result). - Get(client.getRealmURL(realm, "clients-registrations", "default", clientID)) + Get(g.getRealmURL(realm, "clients-registrations", "default", clientID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -970,14 +1016,14 @@ func (client *gocloak) GetClientRepresentation(ctx context.Context, accessToken, } // GetAdapterConfiguration returns a adapter configuration -func (client *gocloak) GetAdapterConfiguration(ctx context.Context, accessToken, realm, clientID string) (*AdapterConfiguration, error) { +func (g *GoCloak) GetAdapterConfiguration(ctx context.Context, accessToken, realm, clientID string) (*AdapterConfiguration, error) { const errMessage = "could not get adapter configuration" var result AdapterConfiguration - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). SetResult(&result). - Get(client.getRealmURL(realm, "clients-registrations", "install", clientID)) + Get(g.getRealmURL(realm, "clients-registrations", "install", clientID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -987,14 +1033,14 @@ func (client *gocloak) GetAdapterConfiguration(ctx context.Context, accessToken, } // GetClientsDefaultScopes returns a list of the client's default scopes -func (client *gocloak) GetClientsDefaultScopes(ctx context.Context, token, realm, idOfClient string) ([]*ClientScope, error) { +func (g *GoCloak) GetClientsDefaultScopes(ctx context.Context, token, realm, idOfClient string) ([]*ClientScope, error) { const errMessage = "could not get clients default scopes" var result []*ClientScope - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "default-client-scopes")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "default-client-scopes")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1004,34 +1050,34 @@ func (client *gocloak) GetClientsDefaultScopes(ctx context.Context, token, realm } // AddDefaultScopeToClient adds a client scope to the list of client's default scopes -func (client *gocloak) AddDefaultScopeToClient(ctx context.Context, token, realm, idOfClient, scopeID string) error { +func (g *GoCloak) AddDefaultScopeToClient(ctx context.Context, token, realm, idOfClient, scopeID string) error { const errMessage = "could not add default scope to client" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Put(client.getAdminRealmURL(realm, "clients", idOfClient, "default-client-scopes", scopeID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Put(g.getAdminRealmURL(realm, "clients", idOfClient, "default-client-scopes", scopeID)) return checkForError(resp, err, errMessage) } // RemoveDefaultScopeFromClient removes a client scope from the list of client's default scopes -func (client *gocloak) RemoveDefaultScopeFromClient(ctx context.Context, token, realm, idOfClient, scopeID string) error { +func (g *GoCloak) RemoveDefaultScopeFromClient(ctx context.Context, token, realm, idOfClient, scopeID string) error { const errMessage = "could not remove default scope from client" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient, "default-client-scopes", scopeID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "clients", idOfClient, "default-client-scopes", scopeID)) return checkForError(resp, err, errMessage) } // GetClientsOptionalScopes returns a list of the client's optional scopes -func (client *gocloak) GetClientsOptionalScopes(ctx context.Context, token, realm, idOfClient string) ([]*ClientScope, error) { +func (g *GoCloak) GetClientsOptionalScopes(ctx context.Context, token, realm, idOfClient string) ([]*ClientScope, error) { const errMessage = "could not get clients optional scopes" var result []*ClientScope - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "optional-client-scopes")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "optional-client-scopes")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1041,34 +1087,34 @@ func (client *gocloak) GetClientsOptionalScopes(ctx context.Context, token, real } // AddOptionalScopeToClient adds a client scope to the list of client's optional scopes -func (client *gocloak) AddOptionalScopeToClient(ctx context.Context, token, realm, idOfClient, scopeID string) error { +func (g *GoCloak) AddOptionalScopeToClient(ctx context.Context, token, realm, idOfClient, scopeID string) error { const errMessage = "could not add optional scope to client" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Put(client.getAdminRealmURL(realm, "clients", idOfClient, "optional-client-scopes", scopeID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Put(g.getAdminRealmURL(realm, "clients", idOfClient, "optional-client-scopes", scopeID)) return checkForError(resp, err, errMessage) } // RemoveOptionalScopeFromClient deletes a client scope from the list of client's optional scopes -func (client *gocloak) RemoveOptionalScopeFromClient(ctx context.Context, token, realm, idOfClient, scopeID string) error { +func (g *GoCloak) RemoveOptionalScopeFromClient(ctx context.Context, token, realm, idOfClient, scopeID string) error { const errMessage = "could not remove optional scope from client" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient, "optional-client-scopes", scopeID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "clients", idOfClient, "optional-client-scopes", scopeID)) return checkForError(resp, err, errMessage) } // GetDefaultOptionalClientScopes returns a list of default realm optional scopes -func (client *gocloak) GetDefaultOptionalClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error) { +func (g *GoCloak) GetDefaultOptionalClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error) { const errMessage = "could not get default optional client scopes" var result []*ClientScope - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "default-optional-client-scopes")) + Get(g.getAdminRealmURL(realm, "default-optional-client-scopes")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1078,14 +1124,14 @@ func (client *gocloak) GetDefaultOptionalClientScopes(ctx context.Context, token } // GetDefaultDefaultClientScopes returns a list of default realm default scopes -func (client *gocloak) GetDefaultDefaultClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error) { +func (g *GoCloak) GetDefaultDefaultClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error) { const errMessage = "could not get default client scopes" var result []*ClientScope - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "default-default-client-scopes")) + Get(g.getAdminRealmURL(realm, "default-default-client-scopes")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1095,14 +1141,14 @@ func (client *gocloak) GetDefaultDefaultClientScopes(ctx context.Context, token, } // GetClientScope returns a clientscope -func (client *gocloak) GetClientScope(ctx context.Context, token, realm, scopeID string) (*ClientScope, error) { +func (g *GoCloak) GetClientScope(ctx context.Context, token, realm, scopeID string) (*ClientScope, error) { const errMessage = "could not get client scope" var result ClientScope - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "client-scopes", scopeID)) + Get(g.getAdminRealmURL(realm, "client-scopes", scopeID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1112,14 +1158,14 @@ func (client *gocloak) GetClientScope(ctx context.Context, token, realm, scopeID } // GetClientScopes returns all client scopes -func (client *gocloak) GetClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error) { +func (g *GoCloak) GetClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error) { const errMessage = "could not get client scopes" var result []*ClientScope - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "client-scopes")) + Get(g.getAdminRealmURL(realm, "client-scopes")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1129,14 +1175,14 @@ func (client *gocloak) GetClientScopes(ctx context.Context, token, realm string) } // GetClientScopeProtocolMappers returns all protocol mappers of a client scope -func (client *gocloak) GetClientScopeProtocolMappers(ctx context.Context, token, realm, scopeID string) ([]*ProtocolMappers, error) { +func (g *GoCloak) GetClientScopeProtocolMappers(ctx context.Context, token, realm, scopeID string) ([]*ProtocolMappers, error) { const errMessage = "could not get client scope protocol mappers" var result []*ProtocolMappers - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "client-scopes", scopeID, "protocol-mappers", "models")) + Get(g.getAdminRealmURL(realm, "client-scopes", scopeID, "protocol-mappers", "models")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1146,14 +1192,14 @@ func (client *gocloak) GetClientScopeProtocolMappers(ctx context.Context, token, } // GetClientScopeProtocolMapper returns a protocol mapper of a client scope -func (client *gocloak) GetClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID, protocolMapperID string) (*ProtocolMappers, error) { +func (g *GoCloak) GetClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID, protocolMapperID string) (*ProtocolMappers, error) { const errMessage = "could not get client scope protocol mappers" var result *ProtocolMappers - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "client-scopes", scopeID, "protocol-mappers", "models", protocolMapperID)) + Get(g.getAdminRealmURL(realm, "client-scopes", scopeID, "protocol-mappers", "models", protocolMapperID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1163,14 +1209,14 @@ func (client *gocloak) GetClientScopeProtocolMapper(ctx context.Context, token, } // GetClientScopeMappings returns all scope mappings for the client -func (client *gocloak) GetClientScopeMappings(ctx context.Context, token, realm, idOfClient string) (*MappingsRepresentation, error) { +func (g *GoCloak) GetClientScopeMappings(ctx context.Context, token, realm, idOfClient string) (*MappingsRepresentation, error) { const errMessage = "could not get all scope mappings for the client" var result *MappingsRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1180,14 +1226,14 @@ func (client *gocloak) GetClientScopeMappings(ctx context.Context, token, realm, } // GetClientScopeMappingsRealmRoles returns realm-level roles associated with the client’s scope -func (client *gocloak) GetClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string) ([]*Role, error) { +func (g *GoCloak) GetClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string) ([]*Role, error) { const errMessage = "could not get realm-level roles with the client’s scope" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "realm")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "realm")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1197,14 +1243,14 @@ func (client *gocloak) GetClientScopeMappingsRealmRoles(ctx context.Context, tok } // GetClientScopeMappingsRealmRolesAvailable returns realm-level roles that are available to attach to this client’s scope -func (client *gocloak) GetClientScopeMappingsRealmRolesAvailable(ctx context.Context, token, realm, idOfClient string) ([]*Role, error) { +func (g *GoCloak) GetClientScopeMappingsRealmRolesAvailable(ctx context.Context, token, realm, idOfClient string) ([]*Role, error) { const errMessage = "could not get available realm-level roles with the client’s scope" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "realm", "available")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "realm", "available")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1214,36 +1260,36 @@ func (client *gocloak) GetClientScopeMappingsRealmRolesAvailable(ctx context.Con } // CreateClientScopeMappingsRealmRoles create realm-level roles to the client’s scope -func (client *gocloak) CreateClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string, roles []Role) error { +func (g *GoCloak) CreateClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string, roles []Role) error { const errMessage = "could not create realm-level roles to the client’s scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Post(client.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "realm")) + Post(g.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "realm")) return checkForError(resp, err, errMessage) } // DeleteClientScopeMappingsRealmRoles deletes realm-level roles from the client’s scope -func (client *gocloak) DeleteClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string, roles []Role) error { +func (g *GoCloak) DeleteClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string, roles []Role) error { const errMessage = "could not delete realm-level roles from the client’s scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "realm")) + Delete(g.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "realm")) return checkForError(resp, err, errMessage) } // GetClientScopeMappingsClientRoles returns roles associated with a client’s scope -func (client *gocloak) GetClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string) ([]*Role, error) { +func (g *GoCloak) GetClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string) ([]*Role, error) { const errMessage = "could not get roles associated with a client’s scope" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "clients", idOfSelectedClient)) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "clients", idOfSelectedClient)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1253,14 +1299,14 @@ func (client *gocloak) GetClientScopeMappingsClientRoles(ctx context.Context, to } // GetClientScopeMappingsClientRolesAvailable returns available roles associated with a client’s scope -func (client *gocloak) GetClientScopeMappingsClientRolesAvailable(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string) ([]*Role, error) { +func (g *GoCloak) GetClientScopeMappingsClientRolesAvailable(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string) ([]*Role, error) { const errMessage = "could not get available roles associated with a client’s scope" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "clients", idOfSelectedClient, "available")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "clients", idOfSelectedClient, "available")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1270,36 +1316,36 @@ func (client *gocloak) GetClientScopeMappingsClientRolesAvailable(ctx context.Co } // CreateClientScopeMappingsClientRoles creates client-level roles from the client’s scope -func (client *gocloak) CreateClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string, roles []Role) error { +func (g *GoCloak) CreateClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string, roles []Role) error { const errMessage = "could not create client-level roles from the client’s scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Post(client.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "clients", idOfSelectedClient)) + Post(g.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "clients", idOfSelectedClient)) return checkForError(resp, err, errMessage) } // DeleteClientScopeMappingsClientRoles deletes client-level roles from the client’s scope -func (client *gocloak) DeleteClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string, roles []Role) error { +func (g *GoCloak) DeleteClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string, roles []Role) error { const errMessage = "could not delete client-level roles from the client’s scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "clients", idOfSelectedClient)) + Delete(g.getAdminRealmURL(realm, "clients", idOfClient, "scope-mappings", "clients", idOfSelectedClient)) return checkForError(resp, err, errMessage) } // GetClientSecret returns a client's secret -func (client *gocloak) GetClientSecret(ctx context.Context, token, realm, idOfClient string) (*CredentialRepresentation, error) { +func (g *GoCloak) GetClientSecret(ctx context.Context, token, realm, idOfClient string) (*CredentialRepresentation, error) { const errMessage = "could not get client secret" var result CredentialRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "client-secret")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "client-secret")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1309,13 +1355,13 @@ func (client *gocloak) GetClientSecret(ctx context.Context, token, realm, idOfCl } // GetClientServiceAccount retrieves the service account "user" for a client if enabled -func (client *gocloak) GetClientServiceAccount(ctx context.Context, token, realm, idOfClient string) (*User, error) { +func (g *GoCloak) GetClientServiceAccount(ctx context.Context, token, realm, idOfClient string) (*User, error) { const errMessage = "could not get client service account" var result User - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "service-account-user")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "service-account-user")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1324,13 +1370,14 @@ func (client *gocloak) GetClientServiceAccount(ctx context.Context, token, realm return &result, nil } -func (client *gocloak) RegenerateClientSecret(ctx context.Context, token, realm, idOfClient string) (*CredentialRepresentation, error) { +// RegenerateClientSecret triggers the creation of the new client secret. +func (g *GoCloak) RegenerateClientSecret(ctx context.Context, token, realm, idOfClient string) (*CredentialRepresentation, error) { const errMessage = "could not regenerate client secret" var result CredentialRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Post(client.getAdminRealmURL(realm, "clients", idOfClient, "client-secret")) + Post(g.getAdminRealmURL(realm, "clients", idOfClient, "client-secret")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1340,13 +1387,13 @@ func (client *gocloak) RegenerateClientSecret(ctx context.Context, token, realm, } // GetClientOfflineSessions returns offline sessions associated with the client -func (client *gocloak) GetClientOfflineSessions(ctx context.Context, token, realm, idOfClient string) ([]*UserSessionRepresentation, error) { +func (g *GoCloak) GetClientOfflineSessions(ctx context.Context, token, realm, idOfClient string) ([]*UserSessionRepresentation, error) { const errMessage = "could not get client offline sessions" var res []*UserSessionRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&res). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "offline-sessions")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "offline-sessions")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1356,13 +1403,13 @@ func (client *gocloak) GetClientOfflineSessions(ctx context.Context, token, real } // GetClientUserSessions returns user sessions associated with the client -func (client *gocloak) GetClientUserSessions(ctx context.Context, token, realm, idOfClient string) ([]*UserSessionRepresentation, error) { +func (g *GoCloak) GetClientUserSessions(ctx context.Context, token, realm, idOfClient string) ([]*UserSessionRepresentation, error) { const errMessage = "could not get client user sessions" var res []*UserSessionRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&res). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "user-sessions")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "user-sessions")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1372,12 +1419,12 @@ func (client *gocloak) GetClientUserSessions(ctx context.Context, token, realm, } // CreateClientProtocolMapper creates a protocol mapper in client scope -func (client *gocloak) CreateClientProtocolMapper(ctx context.Context, token, realm, idOfClient string, mapper ProtocolMapperRepresentation) (string, error) { +func (g *GoCloak) CreateClientProtocolMapper(ctx context.Context, token, realm, idOfClient string, mapper ProtocolMapperRepresentation) (string, error) { const errMessage = "could not create client protocol mapper" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(mapper). - Post(client.getAdminRealmURL(realm, "clients", idOfClient, "protocol-mappers", "models")) + Post(g.getAdminRealmURL(realm, "clients", idOfClient, "protocol-mappers", "models")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -1387,34 +1434,34 @@ func (client *gocloak) CreateClientProtocolMapper(ctx context.Context, token, re } // UpdateClientProtocolMapper updates a protocol mapper in client scope -func (client *gocloak) UpdateClientProtocolMapper(ctx context.Context, token, realm, idOfClient, mapperID string, mapper ProtocolMapperRepresentation) error { +func (g *GoCloak) UpdateClientProtocolMapper(ctx context.Context, token, realm, idOfClient, mapperID string, mapper ProtocolMapperRepresentation) error { const errMessage = "could not update client protocol mapper" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(mapper). - Put(client.getAdminRealmURL(realm, "clients", idOfClient, "protocol-mappers", "models", mapperID)) + Put(g.getAdminRealmURL(realm, "clients", idOfClient, "protocol-mappers", "models", mapperID)) return checkForError(resp, err, errMessage) } // DeleteClientProtocolMapper deletes a protocol mapper in client scope -func (client *gocloak) DeleteClientProtocolMapper(ctx context.Context, token, realm, idOfClient, mapperID string) error { +func (g *GoCloak) DeleteClientProtocolMapper(ctx context.Context, token, realm, idOfClient, mapperID string) error { const errMessage = "could not delete client protocol mapper" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient, "protocol-mappers", "models", mapperID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "clients", idOfClient, "protocol-mappers", "models", mapperID)) return checkForError(resp, err, errMessage) } // GetKeyStoreConfig get keystoreconfig of the realm -func (client *gocloak) GetKeyStoreConfig(ctx context.Context, token, realm string) (*KeyStoreConfig, error) { +func (g *GoCloak) GetKeyStoreConfig(ctx context.Context, token, realm string) (*KeyStoreConfig, error) { const errMessage = "could not get key store config" var result KeyStoreConfig - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "keys")) + Get(g.getAdminRealmURL(realm, "keys")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1424,13 +1471,13 @@ func (client *gocloak) GetKeyStoreConfig(ctx context.Context, token, realm strin } // GetComponents get all components in realm -func (client *gocloak) GetComponents(ctx context.Context, token, realm string) ([]*Component, error) { +func (g *GoCloak) GetComponents(ctx context.Context, token, realm string) ([]*Component, error) { const errMessage = "could not get components" var result []*Component - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "components")) + Get(g.getAdminRealmURL(realm, "components")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1440,7 +1487,7 @@ func (client *gocloak) GetComponents(ctx context.Context, token, realm string) ( } // GetComponentsWithParams get all components in realm with query params -func (client *gocloak) GetComponentsWithParams(ctx context.Context, token, realm string, params GetComponentsParams) ([]*Component, error) { +func (g *GoCloak) GetComponentsWithParams(ctx context.Context, token, realm string, params GetComponentsParams) ([]*Component, error) { const errMessage = "could not get components" var result []*Component @@ -1448,10 +1495,10 @@ func (client *gocloak) GetComponentsWithParams(ctx context.Context, token, realm if err != nil { return nil, errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "components")) + Get(g.getAdminRealmURL(realm, "components")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1461,15 +1508,15 @@ func (client *gocloak) GetComponentsWithParams(ctx context.Context, token, realm } // GetComponent get exactly one component by ID -func (client *gocloak) GetComponent(ctx context.Context, token, realm string, componentID string) (*Component, error) { +func (g *GoCloak) GetComponent(ctx context.Context, token, realm string, componentID string) (*Component, error) { const errMessage = "could not get components" var result *Component componentURL := fmt.Sprintf("components/%s", componentID) - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, componentURL)) + Get(g.getAdminRealmURL(realm, componentURL)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1479,25 +1526,25 @@ func (client *gocloak) GetComponent(ctx context.Context, token, realm string, co } // UpdateComponent updates the given component -func (client *gocloak) UpdateComponent(ctx context.Context, token, realm string, component Component) error { +func (g *GoCloak) UpdateComponent(ctx context.Context, token, realm string, component Component) error { const errMessage = "could not update component" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(component). - Put(client.getAdminRealmURL(realm, "components", PString(component.ID))) + Put(g.getAdminRealmURL(realm, "components", PString(component.ID))) return checkForError(resp, err, errMessage) } // GetDefaultGroups returns a list of default groups -func (client *gocloak) GetDefaultGroups(ctx context.Context, token, realm string) ([]*Group, error) { +func (g *GoCloak) GetDefaultGroups(ctx context.Context, token, realm string) ([]*Group, error) { const errMessage = "could not get default groups" var result []*Group - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "default-groups")) + Get(g.getAdminRealmURL(realm, "default-groups")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1507,32 +1554,32 @@ func (client *gocloak) GetDefaultGroups(ctx context.Context, token, realm string } // AddDefaultGroup adds group to the list of default groups -func (client *gocloak) AddDefaultGroup(ctx context.Context, token, realm, groupID string) error { +func (g *GoCloak) AddDefaultGroup(ctx context.Context, token, realm, groupID string) error { const errMessage = "could not add default group" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Put(client.getAdminRealmURL(realm, "default-groups", groupID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Put(g.getAdminRealmURL(realm, "default-groups", groupID)) return checkForError(resp, err, errMessage) } // RemoveDefaultGroup removes group from the list of default groups -func (client *gocloak) RemoveDefaultGroup(ctx context.Context, token, realm, groupID string) error { +func (g *GoCloak) RemoveDefaultGroup(ctx context.Context, token, realm, groupID string) error { const errMessage = "could not remove default group" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "default-groups", groupID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "default-groups", groupID)) return checkForError(resp, err, errMessage) } -func (client *gocloak) getRoleMappings(ctx context.Context, token, realm, path, objectID string) (*MappingsRepresentation, error) { +func (g *GoCloak) getRoleMappings(ctx context.Context, token, realm, path, objectID string) (*MappingsRepresentation, error) { const errMessage = "could not get role mappings" var result MappingsRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, path, objectID, "role-mappings")) + Get(g.getAdminRealmURL(realm, path, objectID, "role-mappings")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1542,24 +1589,24 @@ func (client *gocloak) getRoleMappings(ctx context.Context, token, realm, path, } // GetRoleMappingByGroupID gets the role mappings by group -func (client *gocloak) GetRoleMappingByGroupID(ctx context.Context, token, realm, groupID string) (*MappingsRepresentation, error) { - return client.getRoleMappings(ctx, token, realm, "groups", groupID) +func (g *GoCloak) GetRoleMappingByGroupID(ctx context.Context, token, realm, groupID string) (*MappingsRepresentation, error) { + return g.getRoleMappings(ctx, token, realm, "groups", groupID) } // GetRoleMappingByUserID gets the role mappings by user -func (client *gocloak) GetRoleMappingByUserID(ctx context.Context, token, realm, userID string) (*MappingsRepresentation, error) { - return client.getRoleMappings(ctx, token, realm, "users", userID) +func (g *GoCloak) GetRoleMappingByUserID(ctx context.Context, token, realm, userID string) (*MappingsRepresentation, error) { + return g.getRoleMappings(ctx, token, realm, "users", userID) } // GetGroup get group with id in realm -func (client *gocloak) GetGroup(ctx context.Context, token, realm, groupID string) (*Group, error) { +func (g *GoCloak) GetGroup(ctx context.Context, token, realm, groupID string) (*Group, error) { const errMessage = "could not get group" var result Group - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "groups", groupID)) + Get(g.getAdminRealmURL(realm, "groups", groupID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1569,14 +1616,14 @@ func (client *gocloak) GetGroup(ctx context.Context, token, realm, groupID strin } // GetGroupByPath get group with path in realm -func (client *gocloak) GetGroupByPath(ctx context.Context, token, realm, groupPath string) (*Group, error) { +func (g *GoCloak) GetGroupByPath(ctx context.Context, token, realm, groupPath string) (*Group, error) { const errMessage = "could not get group" var result Group - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "group-by-path", groupPath)) + Get(g.getAdminRealmURL(realm, "group-by-path", groupPath)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1586,7 +1633,7 @@ func (client *gocloak) GetGroupByPath(ctx context.Context, token, realm, groupPa } // GetGroups get all groups in realm -func (client *gocloak) GetGroups(ctx context.Context, token, realm string, params GetGroupsParams) ([]*Group, error) { +func (g *GoCloak) GetGroups(ctx context.Context, token, realm string, params GetGroupsParams) ([]*Group, error) { const errMessage = "could not get groups" var result []*Group @@ -1595,10 +1642,10 @@ func (client *gocloak) GetGroups(ctx context.Context, token, realm string, param return nil, errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "groups")) + Get(g.getAdminRealmURL(realm, "groups")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1608,13 +1655,13 @@ func (client *gocloak) GetGroups(ctx context.Context, token, realm string, param } // GetGroupsByRole gets groups assigned with a specific role of a realm -func (client *gocloak) GetGroupsByRole(ctx context.Context, token, realm string, roleName string) ([]*Group, error) { +func (g *GoCloak) GetGroupsByRole(ctx context.Context, token, realm string, roleName string) ([]*Group, error) { const errMessage = "could not get groups" var result []*Group - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "roles", roleName, "groups")) + Get(g.getAdminRealmURL(realm, "roles", roleName, "groups")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1624,13 +1671,13 @@ func (client *gocloak) GetGroupsByRole(ctx context.Context, token, realm string, } // GetGroupsByClientRole gets groups with specified roles assigned of given client within a realm -func (client *gocloak) GetGroupsByClientRole(ctx context.Context, token, realm string, roleName string, clientID string) ([]*Group, error) { +func (g *GoCloak) GetGroupsByClientRole(ctx context.Context, token, realm string, roleName string, clientID string) ([]*Group, error) { const errMessage = "could not get groups" var result []*Group - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", clientID, "roles", roleName, "groups")) + Get(g.getAdminRealmURL(realm, "clients", clientID, "roles", roleName, "groups")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1640,7 +1687,7 @@ func (client *gocloak) GetGroupsByClientRole(ctx context.Context, token, realm s } // GetGroupsCount gets the groups count in the realm -func (client *gocloak) GetGroupsCount(ctx context.Context, token, realm string, params GetGroupsParams) (int, error) { +func (g *GoCloak) GetGroupsCount(ctx context.Context, token, realm string, params GetGroupsParams) (int, error) { const errMessage = "could not get groups count" var result GroupsCount @@ -1648,10 +1695,10 @@ func (client *gocloak) GetGroupsCount(ctx context.Context, token, realm string, if err != nil { return 0, errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "groups", "count")) + Get(g.getAdminRealmURL(realm, "groups", "count")) if err := checkForError(resp, err, errMessage); err != nil { return -1, errors.Wrap(err, errMessage) @@ -1661,7 +1708,7 @@ func (client *gocloak) GetGroupsCount(ctx context.Context, token, realm string, } // GetGroupMembers get a list of users of group with id in realm -func (client *gocloak) GetGroupMembers(ctx context.Context, token, realm, groupID string, params GetGroupsParams) ([]*User, error) { +func (g *GoCloak) GetGroupMembers(ctx context.Context, token, realm, groupID string, params GetGroupsParams) ([]*User, error) { const errMessage = "could not get group members" var result []*User @@ -1670,10 +1717,10 @@ func (client *gocloak) GetGroupMembers(ctx context.Context, token, realm, groupI return nil, errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "groups", groupID, "members")) + Get(g.getAdminRealmURL(realm, "groups", groupID, "members")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1683,7 +1730,7 @@ func (client *gocloak) GetGroupMembers(ctx context.Context, token, realm, groupI } // GetClientRoles get all roles for the given client in realm -func (client *gocloak) GetClientRoles(ctx context.Context, token, realm, idOfClient string, params GetRoleParams) ([]*Role, error) { +func (g *GoCloak) GetClientRoles(ctx context.Context, token, realm, idOfClient string, params GetRoleParams) ([]*Role, error) { const errMessage = "could not get client roles" var result []*Role @@ -1692,10 +1739,10 @@ func (client *gocloak) GetClientRoles(ctx context.Context, token, realm, idOfCli return nil, errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "roles")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "roles")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1704,14 +1751,14 @@ func (client *gocloak) GetClientRoles(ctx context.Context, token, realm, idOfCli return result, nil } -// GetClientRoleById gets role for the given client in realm using role ID -func (client *gocloak) GetClientRoleByID(ctx context.Context, token, realm, roleID string) (*Role, error) { +// GetClientRoleByID gets role for the given client in realm using role ID +func (g *GoCloak) GetClientRoleByID(ctx context.Context, token, realm, roleID string) (*Role, error) { const errMessage = "could not get client role" var result Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "roles-by-id", roleID)) + Get(g.getAdminRealmURL(realm, "roles-by-id", roleID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1720,14 +1767,14 @@ func (client *gocloak) GetClientRoleByID(ctx context.Context, token, realm, role return &result, nil } -// GetRealmRolesByUserID returns all client roles assigned to the given user -func (client *gocloak) GetClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error) { +// GetClientRolesByUserID returns all client roles assigned to the given user +func (g *GoCloak) GetClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error) { const errMessage = "could not client roles by user id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "users", userID, "role-mappings", "clients", idOfClient)) + Get(g.getAdminRealmURL(realm, "users", userID, "role-mappings", "clients", idOfClient)) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1737,13 +1784,13 @@ func (client *gocloak) GetClientRolesByUserID(ctx context.Context, token, realm, } // GetClientRolesByGroupID returns all client roles assigned to the given group -func (client *gocloak) GetClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error) { +func (g *GoCloak) GetClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error) { const errMessage = "could not get client roles by group id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "clients", idOfClient)) + Get(g.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "clients", idOfClient)) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1753,13 +1800,13 @@ func (client *gocloak) GetClientRolesByGroupID(ctx context.Context, token, realm } // GetCompositeClientRolesByRoleID returns all client composite roles associated with the given client role -func (client *gocloak) GetCompositeClientRolesByRoleID(ctx context.Context, token, realm, idOfClient, roleID string) ([]*Role, error) { +func (g *GoCloak) GetCompositeClientRolesByRoleID(ctx context.Context, token, realm, idOfClient, roleID string) ([]*Role, error) { const errMessage = "could not get composite client roles by role id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "roles-by-id", roleID, "composites", "clients", idOfClient)) + Get(g.getAdminRealmURL(realm, "roles-by-id", roleID, "composites", "clients", idOfClient)) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1769,13 +1816,13 @@ func (client *gocloak) GetCompositeClientRolesByRoleID(ctx context.Context, toke } // GetCompositeClientRolesByUserID returns all client roles and composite roles assigned to the given user -func (client *gocloak) GetCompositeClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error) { +func (g *GoCloak) GetCompositeClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error) { const errMessage = "could not get composite client roles by user id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "users", userID, "role-mappings", "clients", idOfClient, "composite")) + Get(g.getAdminRealmURL(realm, "users", userID, "role-mappings", "clients", idOfClient, "composite")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1785,13 +1832,13 @@ func (client *gocloak) GetCompositeClientRolesByUserID(ctx context.Context, toke } // GetAvailableClientRolesByUserID returns all available client roles to the given user -func (client *gocloak) GetAvailableClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error) { +func (g *GoCloak) GetAvailableClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error) { const errMessage = "could not get available client roles by user id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "users", userID, "role-mappings", "clients", idOfClient, "available")) + Get(g.getAdminRealmURL(realm, "users", userID, "role-mappings", "clients", idOfClient, "available")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1801,13 +1848,13 @@ func (client *gocloak) GetAvailableClientRolesByUserID(ctx context.Context, toke } // GetAvailableClientRolesByGroupID returns all available roles to the given group -func (client *gocloak) GetAvailableClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error) { +func (g *GoCloak) GetAvailableClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error) { const errMessage = "could not get available client roles by user id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "clients", idOfClient, "available")) + Get(g.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "clients", idOfClient, "available")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1817,13 +1864,13 @@ func (client *gocloak) GetAvailableClientRolesByGroupID(ctx context.Context, tok } // GetCompositeClientRolesByGroupID returns all client roles and composite roles assigned to the given group -func (client *gocloak) GetCompositeClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error) { +func (g *GoCloak) GetCompositeClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error) { const errMessage = "could not get composite client roles by group id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "clients", idOfClient, "composite")) + Get(g.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "clients", idOfClient, "composite")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1833,13 +1880,13 @@ func (client *gocloak) GetCompositeClientRolesByGroupID(ctx context.Context, tok } // GetClientRole get a role for the given client in a realm by role name -func (client *gocloak) GetClientRole(ctx context.Context, token, realm, idOfClient, roleName string) (*Role, error) { +func (g *GoCloak) GetClientRole(ctx context.Context, token, realm, idOfClient, roleName string) (*Role, error) { const errMessage = "could not get client role" var result Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "roles", roleName)) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "roles", roleName)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1849,7 +1896,7 @@ func (client *gocloak) GetClientRole(ctx context.Context, token, realm, idOfClie } // GetClients gets all clients in realm -func (client *gocloak) GetClients(ctx context.Context, token, realm string, params GetClientsParams) ([]*Client, error) { +func (g *GoCloak) GetClients(ctx context.Context, token, realm string, params GetClientsParams) ([]*Client, error) { const errMessage = "could not get clients" var result []*Client @@ -1857,10 +1904,10 @@ func (client *gocloak) GetClients(ctx context.Context, token, realm string, para if err != nil { return nil, errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "clients")) + Get(g.getAdminRealmURL(realm, "clients")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1884,12 +1931,12 @@ func UserAttributeContains(attributes map[string][]string, attribute, value stri // ----------- // CreateRealmRole creates a role in a realm -func (client *gocloak) CreateRealmRole(ctx context.Context, token string, realm string, role Role) (string, error) { +func (g *GoCloak) CreateRealmRole(ctx context.Context, token string, realm string, role Role) (string, error) { const errMessage = "could not create realm role" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(role). - Post(client.getAdminRealmURL(realm, "roles")) + Post(g.getAdminRealmURL(realm, "roles")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -1899,14 +1946,14 @@ func (client *gocloak) CreateRealmRole(ctx context.Context, token string, realm } // GetRealmRole returns a role from a realm by role's name -func (client *gocloak) GetRealmRole(ctx context.Context, token, realm, roleName string) (*Role, error) { +func (g *GoCloak) GetRealmRole(ctx context.Context, token, realm, roleName string) (*Role, error) { const errMessage = "could not get realm role" var result Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "roles", roleName)) + Get(g.getAdminRealmURL(realm, "roles", roleName)) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1916,13 +1963,13 @@ func (client *gocloak) GetRealmRole(ctx context.Context, token, realm, roleName } // GetRealmRoleByID returns a role from a realm by role's ID -func (client *gocloak) GetRealmRoleByID(ctx context.Context, token, realm, roleID string) (*Role, error) { +func (g *GoCloak) GetRealmRoleByID(ctx context.Context, token, realm, roleID string) (*Role, error) { const errMessage = "could not get realm role" var result Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "roles-by-id", roleID)) + Get(g.getAdminRealmURL(realm, "roles-by-id", roleID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1932,7 +1979,7 @@ func (client *gocloak) GetRealmRoleByID(ctx context.Context, token, realm, roleI } // GetRealmRoles get all roles of the given realm. -func (client *gocloak) GetRealmRoles(ctx context.Context, token, realm string, params GetRoleParams) ([]*Role, error) { +func (g *GoCloak) GetRealmRoles(ctx context.Context, token, realm string, params GetRoleParams) ([]*Role, error) { const errMessage = "could not get realm roles" var result []*Role @@ -1941,10 +1988,10 @@ func (client *gocloak) GetRealmRoles(ctx context.Context, token, realm string, p return nil, errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "roles")) + Get(g.getAdminRealmURL(realm, "roles")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1954,13 +2001,13 @@ func (client *gocloak) GetRealmRoles(ctx context.Context, token, realm string, p } // GetRealmRolesByUserID returns all roles assigned to the given user -func (client *gocloak) GetRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error) { +func (g *GoCloak) GetRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error) { const errMessage = "could not get realm roles by user id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "users", userID, "role-mappings", "realm")) + Get(g.getAdminRealmURL(realm, "users", userID, "role-mappings", "realm")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1970,13 +2017,13 @@ func (client *gocloak) GetRealmRolesByUserID(ctx context.Context, token, realm, } // GetRealmRolesByGroupID returns all roles assigned to the given group -func (client *gocloak) GetRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error) { +func (g *GoCloak) GetRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error) { const errMessage = "could not get realm roles by group id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "realm")) + Get(g.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "realm")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -1986,109 +2033,111 @@ func (client *gocloak) GetRealmRolesByGroupID(ctx context.Context, token, realm, } // UpdateRealmRole updates a role in a realm -func (client *gocloak) UpdateRealmRole(ctx context.Context, token, realm, roleName string, role Role) error { +func (g *GoCloak) UpdateRealmRole(ctx context.Context, token, realm, roleName string, role Role) error { const errMessage = "could not update realm role" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(role). - Put(client.getAdminRealmURL(realm, "roles", roleName)) + Put(g.getAdminRealmURL(realm, "roles", roleName)) return checkForError(resp, err, errMessage) } // UpdateRealmRoleByID updates a role in a realm by role's ID -func (client *gocloak) UpdateRealmRoleByID(ctx context.Context, token, realm, roleID string, role Role) error { +func (g *GoCloak) UpdateRealmRoleByID(ctx context.Context, token, realm, roleID string, role Role) error { const errMessage = "could not update realm role" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(role). - Put(client.getAdminRealmURL(realm, "roles-by-id", roleID)) + Put(g.getAdminRealmURL(realm, "roles-by-id", roleID)) return checkForError(resp, err, errMessage) } // DeleteRealmRole deletes a role in a realm by role's name -func (client *gocloak) DeleteRealmRole(ctx context.Context, token, realm, roleName string) error { +func (g *GoCloak) DeleteRealmRole(ctx context.Context, token, realm, roleName string) error { const errMessage = "could not delete realm role" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "roles", roleName)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "roles", roleName)) return checkForError(resp, err, errMessage) } // AddRealmRoleToUser adds realm-level role mappings -func (client *gocloak) AddRealmRoleToUser(ctx context.Context, token, realm, userID string, roles []Role) error { +func (g *GoCloak) AddRealmRoleToUser(ctx context.Context, token, realm, userID string, roles []Role) error { const errMessage = "could not add realm role to user" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Post(client.getAdminRealmURL(realm, "users", userID, "role-mappings", "realm")) + Post(g.getAdminRealmURL(realm, "users", userID, "role-mappings", "realm")) return checkForError(resp, err, errMessage) } // DeleteRealmRoleFromUser deletes realm-level role mappings -func (client *gocloak) DeleteRealmRoleFromUser(ctx context.Context, token, realm, userID string, roles []Role) error { +func (g *GoCloak) DeleteRealmRoleFromUser(ctx context.Context, token, realm, userID string, roles []Role) error { const errMessage = "could not delete realm role from user" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Delete(client.getAdminRealmURL(realm, "users", userID, "role-mappings", "realm")) + Delete(g.getAdminRealmURL(realm, "users", userID, "role-mappings", "realm")) return checkForError(resp, err, errMessage) } // AddRealmRoleToGroup adds realm-level role mappings -func (client *gocloak) AddRealmRoleToGroup(ctx context.Context, token, realm, groupID string, roles []Role) error { +func (g *GoCloak) AddRealmRoleToGroup(ctx context.Context, token, realm, groupID string, roles []Role) error { const errMessage = "could not add realm role to group" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Post(client.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "realm")) + Post(g.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "realm")) return checkForError(resp, err, errMessage) } // DeleteRealmRoleFromGroup deletes realm-level role mappings -func (client *gocloak) DeleteRealmRoleFromGroup(ctx context.Context, token, realm, groupID string, roles []Role) error { +func (g *GoCloak) DeleteRealmRoleFromGroup(ctx context.Context, token, realm, groupID string, roles []Role) error { const errMessage = "could not delete realm role from group" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Delete(client.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "realm")) + Delete(g.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "realm")) return checkForError(resp, err, errMessage) } -func (client *gocloak) AddRealmRoleComposite(ctx context.Context, token, realm, roleName string, roles []Role) error { +// AddRealmRoleComposite adds a role to the composite. +func (g *GoCloak) AddRealmRoleComposite(ctx context.Context, token, realm, roleName string, roles []Role) error { const errMessage = "could not add realm role composite" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Post(client.getAdminRealmURL(realm, "roles", roleName, "composites")) + Post(g.getAdminRealmURL(realm, "roles", roleName, "composites")) return checkForError(resp, err, errMessage) } -func (client *gocloak) DeleteRealmRoleComposite(ctx context.Context, token, realm, roleName string, roles []Role) error { +// DeleteRealmRoleComposite deletes a role from the composite. +func (g *GoCloak) DeleteRealmRoleComposite(ctx context.Context, token, realm, roleName string, roles []Role) error { const errMessage = "could not delete realm role composite" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Delete(client.getAdminRealmURL(realm, "roles", roleName, "composites")) + Delete(g.getAdminRealmURL(realm, "roles", roleName, "composites")) return checkForError(resp, err, errMessage) } // GetCompositeRealmRoles returns all realm composite roles associated with the given realm role -func (client *gocloak) GetCompositeRealmRoles(ctx context.Context, token, realm, roleName string) ([]*Role, error) { +func (g *GoCloak) GetCompositeRealmRoles(ctx context.Context, token, realm, roleName string) ([]*Role, error) { const errMessage = "could not get composite realm roles by role" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "roles", roleName, "composites")) + Get(g.getAdminRealmURL(realm, "roles", roleName, "composites")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2098,13 +2147,13 @@ func (client *gocloak) GetCompositeRealmRoles(ctx context.Context, token, realm, } // GetCompositeRolesByRoleID returns all realm composite roles associated with the given client role -func (client *gocloak) GetCompositeRolesByRoleID(ctx context.Context, token, realm, roleID string) ([]*Role, error) { +func (g *GoCloak) GetCompositeRolesByRoleID(ctx context.Context, token, realm, roleID string) ([]*Role, error) { const errMessage = "could not get composite client roles by role id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "roles-by-id", roleID, "composites")) + Get(g.getAdminRealmURL(realm, "roles-by-id", roleID, "composites")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2114,13 +2163,13 @@ func (client *gocloak) GetCompositeRolesByRoleID(ctx context.Context, token, rea } // GetCompositeRealmRolesByRoleID returns all realm composite roles associated with the given client role -func (client *gocloak) GetCompositeRealmRolesByRoleID(ctx context.Context, token, realm, roleID string) ([]*Role, error) { +func (g *GoCloak) GetCompositeRealmRolesByRoleID(ctx context.Context, token, realm, roleID string) ([]*Role, error) { const errMessage = "could not get composite client roles by role id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "roles-by-id", roleID, "composites", "realm")) + Get(g.getAdminRealmURL(realm, "roles-by-id", roleID, "composites", "realm")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2130,13 +2179,13 @@ func (client *gocloak) GetCompositeRealmRolesByRoleID(ctx context.Context, token } // GetCompositeRealmRolesByUserID returns all realm roles and composite roles assigned to the given user -func (client *gocloak) GetCompositeRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error) { +func (g *GoCloak) GetCompositeRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error) { const errMessage = "could not get composite client roles by user id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "users", userID, "role-mappings", "realm", "composite")) + Get(g.getAdminRealmURL(realm, "users", userID, "role-mappings", "realm", "composite")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2146,13 +2195,13 @@ func (client *gocloak) GetCompositeRealmRolesByUserID(ctx context.Context, token } // GetCompositeRealmRolesByGroupID returns all realm roles and composite roles assigned to the given group -func (client *gocloak) GetCompositeRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error) { +func (g *GoCloak) GetCompositeRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error) { const errMessage = "could not get composite client roles by user id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "realm", "composite")) + Get(g.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "realm", "composite")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2162,13 +2211,13 @@ func (client *gocloak) GetCompositeRealmRolesByGroupID(ctx context.Context, toke } // GetAvailableRealmRolesByUserID returns all available realm roles to the given user -func (client *gocloak) GetAvailableRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error) { +func (g *GoCloak) GetAvailableRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error) { const errMessage = "could not get available client roles by user id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "users", userID, "role-mappings", "realm", "available")) + Get(g.getAdminRealmURL(realm, "users", userID, "role-mappings", "realm", "available")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2178,13 +2227,13 @@ func (client *gocloak) GetAvailableRealmRolesByUserID(ctx context.Context, token } // GetAvailableRealmRolesByGroupID returns all available realm roles to the given group -func (client *gocloak) GetAvailableRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error) { +func (g *GoCloak) GetAvailableRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error) { const errMessage = "could not get available client roles by user id" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "realm", "available")) + Get(g.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "realm", "available")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2198,13 +2247,13 @@ func (client *gocloak) GetAvailableRealmRolesByGroupID(ctx context.Context, toke // ----- // GetRealm returns top-level representation of the realm -func (client *gocloak) GetRealm(ctx context.Context, token, realm string) (*RealmRepresentation, error) { +func (g *GoCloak) GetRealm(ctx context.Context, token, realm string) (*RealmRepresentation, error) { const errMessage = "could not get realm" var result RealmRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm)) + Get(g.getAdminRealmURL(realm)) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2214,13 +2263,13 @@ func (client *gocloak) GetRealm(ctx context.Context, token, realm string) (*Real } // GetRealms returns top-level representation of all realms -func (client *gocloak) GetRealms(ctx context.Context, token string) ([]*RealmRepresentation, error) { +func (g *GoCloak) GetRealms(ctx context.Context, token string) ([]*RealmRepresentation, error) { const errMessage = "could not get realms" var result []*RealmRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL("")) + Get(g.getAdminRealmURL("")) if err = checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2230,12 +2279,12 @@ func (client *gocloak) GetRealms(ctx context.Context, token string) ([]*RealmRep } // CreateRealm creates a realm -func (client *gocloak) CreateRealm(ctx context.Context, token string, realm RealmRepresentation) (string, error) { +func (g *GoCloak) CreateRealm(ctx context.Context, token string, realm RealmRepresentation) (string, error) { const errMessage = "could not create realm" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(&realm). - Post(client.getAdminRealmURL("")) + Post(g.getAdminRealmURL("")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -2244,63 +2293,63 @@ func (client *gocloak) CreateRealm(ctx context.Context, token string, realm Real } // UpdateRealm updates a given realm -func (client *gocloak) UpdateRealm(ctx context.Context, token string, realm RealmRepresentation) error { +func (g *GoCloak) UpdateRealm(ctx context.Context, token string, realm RealmRepresentation) error { const errMessage = "could not update realm" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(realm). - Put(client.getAdminRealmURL(PString(realm.Realm))) + Put(g.getAdminRealmURL(PString(realm.Realm))) return checkForError(resp, err, errMessage) } // DeleteRealm removes a realm -func (client *gocloak) DeleteRealm(ctx context.Context, token, realm string) error { +func (g *GoCloak) DeleteRealm(ctx context.Context, token, realm string) error { const errMessage = "could not delete realm" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm)) return checkForError(resp, err, errMessage) } // ClearRealmCache clears realm cache -func (client *gocloak) ClearRealmCache(ctx context.Context, token, realm string) error { +func (g *GoCloak) ClearRealmCache(ctx context.Context, token, realm string) error { const errMessage = "could not clear realm cache" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Post(client.getAdminRealmURL(realm, "clear-realm-cache")) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Post(g.getAdminRealmURL(realm, "clear-realm-cache")) return checkForError(resp, err, errMessage) } // ClearUserCache clears realm cache -func (client *gocloak) ClearUserCache(ctx context.Context, token, realm string) error { +func (g *GoCloak) ClearUserCache(ctx context.Context, token, realm string) error { const errMessage = "could not clear user cache" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Post(client.getAdminRealmURL(realm, "clear-user-cache")) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Post(g.getAdminRealmURL(realm, "clear-user-cache")) return checkForError(resp, err, errMessage) } // ClearKeysCache clears realm cache -func (client *gocloak) ClearKeysCache(ctx context.Context, token, realm string) error { +func (g *GoCloak) ClearKeysCache(ctx context.Context, token, realm string) error { const errMessage = "could not clear keys cache" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Post(client.getAdminRealmURL(realm, "clear-keys-cache")) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Post(g.getAdminRealmURL(realm, "clear-keys-cache")) return checkForError(resp, err, errMessage) } // GetAuthenticationFlows get all authentication flows from a realm -func (client *gocloak) GetAuthenticationFlows(ctx context.Context, token, realm string) ([]*AuthenticationFlowRepresentation, error) { +func (g *GoCloak) GetAuthenticationFlows(ctx context.Context, token, realm string) ([]*AuthenticationFlowRepresentation, error) { const errMessage = "could not retrieve authentication flows" var result []*AuthenticationFlowRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "authentication", "flows")) + Get(g.getAdminRealmURL(realm, "authentication", "flows")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2308,33 +2357,33 @@ func (client *gocloak) GetAuthenticationFlows(ctx context.Context, token, realm return result, nil } -// Create a new Authentication flow in a realm -func (client *gocloak) CreateAuthenticationFlow(ctx context.Context, token, realm string, flow AuthenticationFlowRepresentation) error { +// CreateAuthenticationFlow creates a new Authentication flow in a realm +func (g *GoCloak) CreateAuthenticationFlow(ctx context.Context, token, realm string, flow AuthenticationFlowRepresentation) error { const errMessage = "could not create authentication flows" var result []*AuthenticationFlowRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result).SetBody(flow). - Post(client.getAdminRealmURL(realm, "authentication", "flows")) + Post(g.getAdminRealmURL(realm, "authentication", "flows")) return checkForError(resp, err, errMessage) } // DeleteAuthenticationFlow deletes a flow in a realm with the given ID -func (client *gocloak) DeleteAuthenticationFlow(ctx context.Context, token, realm, flowID string) error { +func (g *GoCloak) DeleteAuthenticationFlow(ctx context.Context, token, realm, flowID string) error { const errMessage = "could not delete authentication flows" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "authentication", "flows", flowID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "authentication", "flows", flowID)) return checkForError(resp, err, errMessage) } // GetAuthenticationExecutions retrieves all executions of a given flow -func (client *gocloak) GetAuthenticationExecutions(ctx context.Context, token, realm, flow string) ([]*ModifyAuthenticationExecutionRepresentation, error) { +func (g *GoCloak) GetAuthenticationExecutions(ctx context.Context, token, realm, flow string) ([]*ModifyAuthenticationExecutionRepresentation, error) { const errMessage = "could not retrieve authentication flows" var result []*ModifyAuthenticationExecutionRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "authentication", "flows", flow, "executions")) + Get(g.getAdminRealmURL(realm, "authentication", "flows", flow, "executions")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2343,37 +2392,37 @@ func (client *gocloak) GetAuthenticationExecutions(ctx context.Context, token, r } // CreateAuthenticationExecution creates a new execution for the given flow name in the given realm -func (client *gocloak) CreateAuthenticationExecution(ctx context.Context, token, realm, flow string, execution CreateAuthenticationExecutionRepresentation) error { +func (g *GoCloak) CreateAuthenticationExecution(ctx context.Context, token, realm, flow string, execution CreateAuthenticationExecutionRepresentation) error { const errMessage = "could not create authentication execution" - resp, err := client.getRequestWithBearerAuth(ctx, token).SetBody(execution). - Post(client.getAdminRealmURL(realm, "authentication", "flows", flow, "executions", "execution")) + resp, err := g.getRequestWithBearerAuth(ctx, token).SetBody(execution). + Post(g.getAdminRealmURL(realm, "authentication", "flows", flow, "executions", "execution")) return checkForError(resp, err, errMessage) } // UpdateAuthenticationExecution updates an authentication execution for the given flow in the given realm -func (client *gocloak) UpdateAuthenticationExecution(ctx context.Context, token, realm, flow string, execution ModifyAuthenticationExecutionRepresentation) error { +func (g *GoCloak) UpdateAuthenticationExecution(ctx context.Context, token, realm, flow string, execution ModifyAuthenticationExecutionRepresentation) error { const errMessage = "could not update authentication execution" - resp, err := client.getRequestWithBearerAuth(ctx, token).SetBody(execution). - Put(client.getAdminRealmURL(realm, "authentication", "flows", flow, "executions")) + resp, err := g.getRequestWithBearerAuth(ctx, token).SetBody(execution). + Put(g.getAdminRealmURL(realm, "authentication", "flows", flow, "executions")) return checkForError(resp, err, errMessage) } // DeleteAuthenticationExecution delete a single execution with the given ID -func (client *gocloak) DeleteAuthenticationExecution(ctx context.Context, token, realm, executionID string) error { +func (g *GoCloak) DeleteAuthenticationExecution(ctx context.Context, token, realm, executionID string) error { const errMessage = "could not delete authentication execution" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "authentication", "executions", executionID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "authentication", "executions", executionID)) return checkForError(resp, err, errMessage) } // CreateAuthenticationExecutionFlow creates a new execution for the given flow name in the given realm -func (client *gocloak) CreateAuthenticationExecutionFlow(ctx context.Context, token, realm, flow string, executionFlow CreateAuthenticationExecutionFlowRepresentation) error { +func (g *GoCloak) CreateAuthenticationExecutionFlow(ctx context.Context, token, realm, flow string, executionFlow CreateAuthenticationExecutionFlowRepresentation) error { const errMessage = "could not create authentication execution flow" - resp, err := client.getRequestWithBearerAuth(ctx, token).SetBody(executionFlow). - Post(client.getAdminRealmURL(realm, "authentication", "flows", flow, "executions", "flow")) + resp, err := g.getRequestWithBearerAuth(ctx, token).SetBody(executionFlow). + Post(g.getAdminRealmURL(realm, "authentication", "flows", flow, "executions", "flow")) return checkForError(resp, err, errMessage) } @@ -2383,12 +2432,14 @@ func (client *gocloak) CreateAuthenticationExecutionFlow(ctx context.Context, to // ----- // CreateUser creates the given user in the given realm and returns it's userID -func (client *gocloak) CreateUser(ctx context.Context, token, realm string, user User) (string, error) { +// Note: Keycloak has not documented what members of the User object are actually being accepted, when creating a user. +// Things like RealmRoles must be attached using followup calls to the respective functions. +func (g *GoCloak) CreateUser(ctx context.Context, token, realm string, user User) (string, error) { const errMessage = "could not create user" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(user). - Post(client.getAdminRealmURL(realm, "users")) + Post(g.getAdminRealmURL(realm, "users")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -2398,17 +2449,17 @@ func (client *gocloak) CreateUser(ctx context.Context, token, realm string, user } // DeleteUser delete a given user -func (client *gocloak) DeleteUser(ctx context.Context, token, realm, userID string) error { +func (g *GoCloak) DeleteUser(ctx context.Context, token, realm, userID string) error { const errMessage = "could not delete user" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "users", userID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "users", userID)) return checkForError(resp, err, errMessage) } // GetUserByID fetches a user from the given realm with the given userID -func (client *gocloak) GetUserByID(ctx context.Context, accessToken, realm, userID string) (*User, error) { +func (g *GoCloak) GetUserByID(ctx context.Context, accessToken, realm, userID string) (*User, error) { const errMessage = "could not get user by id" if userID == "" { @@ -2416,9 +2467,9 @@ func (client *gocloak) GetUserByID(ctx context.Context, accessToken, realm, user } var result User - resp, err := client.getRequestWithBearerAuth(ctx, accessToken). + resp, err := g.getRequestWithBearerAuth(ctx, accessToken). SetResult(&result). - Get(client.getAdminRealmURL(realm, "users", userID)) + Get(g.getAdminRealmURL(realm, "users", userID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2428,7 +2479,7 @@ func (client *gocloak) GetUserByID(ctx context.Context, accessToken, realm, user } // GetUserCount gets the user count in the realm -func (client *gocloak) GetUserCount(ctx context.Context, token string, realm string, params GetUsersParams) (int, error) { +func (g *GoCloak) GetUserCount(ctx context.Context, token string, realm string, params GetUsersParams) (int, error) { const errMessage = "could not get user count" var result int @@ -2437,10 +2488,10 @@ func (client *gocloak) GetUserCount(ctx context.Context, token string, realm str return 0, errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "users", "count")) + Get(g.getAdminRealmURL(realm, "users", "count")) if err := checkForError(resp, err, errMessage); err != nil { return -1, errors.Wrap(err, errMessage) @@ -2450,7 +2501,7 @@ func (client *gocloak) GetUserCount(ctx context.Context, token string, realm str } // GetUserGroups get all groups for user -func (client *gocloak) GetUserGroups(ctx context.Context, token, realm, userID string, params GetGroupsParams) ([]*Group, error) { +func (g *GoCloak) GetUserGroups(ctx context.Context, token, realm, userID string, params GetGroupsParams) ([]*Group, error) { const errMessage = "could not get user groups" var result []*Group @@ -2459,10 +2510,10 @@ func (client *gocloak) GetUserGroups(ctx context.Context, token, realm, userID s return nil, errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "users", userID, "groups")) + Get(g.getAdminRealmURL(realm, "users", userID, "groups")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2472,7 +2523,7 @@ func (client *gocloak) GetUserGroups(ctx context.Context, token, realm, userID s } // GetUsers get all users in realm -func (client *gocloak) GetUsers(ctx context.Context, token, realm string, params GetUsersParams) ([]*User, error) { +func (g *GoCloak) GetUsers(ctx context.Context, token, realm string, params GetUsersParams) ([]*User, error) { const errMessage = "could not get users" var result []*User @@ -2481,10 +2532,10 @@ func (client *gocloak) GetUsers(ctx context.Context, token, realm string, params return nil, errors.Wrap(err, errMessage) } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "users")) + Get(g.getAdminRealmURL(realm, "users")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2494,13 +2545,13 @@ func (client *gocloak) GetUsers(ctx context.Context, token, realm string, params } // GetUsersByRoleName returns all users have a given role -func (client *gocloak) GetUsersByRoleName(ctx context.Context, token, realm, roleName string) ([]*User, error) { +func (g *GoCloak) GetUsersByRoleName(ctx context.Context, token, realm, roleName string) ([]*User, error) { const errMessage = "could not get users by role name" var result []*User - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "roles", roleName, "users")) + Get(g.getAdminRealmURL(realm, "roles", roleName, "users")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2510,7 +2561,7 @@ func (client *gocloak) GetUsersByRoleName(ctx context.Context, token, realm, rol } // GetUsersByClientRoleName returns all users have a given client role -func (client *gocloak) GetUsersByClientRoleName(ctx context.Context, token, realm, idOfClient, roleName string, params GetUsersByRoleParams) ([]*User, error) { +func (g *GoCloak) GetUsersByClientRoleName(ctx context.Context, token, realm, idOfClient, roleName string, params GetUsersByRoleParams) ([]*User, error) { const errMessage = "could not get users by client role name" var result []*User @@ -2519,10 +2570,10 @@ func (client *gocloak) GetUsersByClientRoleName(ctx context.Context, token, real return nil, err } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "roles", roleName, "users")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "roles", roleName, "users")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2532,56 +2583,56 @@ func (client *gocloak) GetUsersByClientRoleName(ctx context.Context, token, real } // SetPassword sets a new password for the user with the given id. Needs elevated privileges -func (client *gocloak) SetPassword(ctx context.Context, token, userID, realm, password string, temporary bool) error { +func (g *GoCloak) SetPassword(ctx context.Context, token, userID, realm, password string, temporary bool) error { const errMessage = "could not set password" requestBody := SetPasswordRequest{Password: &password, Temporary: &temporary, Type: StringP("password")} - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(requestBody). - Put(client.getAdminRealmURL(realm, "users", userID, "reset-password")) + Put(g.getAdminRealmURL(realm, "users", userID, "reset-password")) return checkForError(resp, err, errMessage) } // UpdateUser updates a given user -func (client *gocloak) UpdateUser(ctx context.Context, token, realm string, user User) error { +func (g *GoCloak) UpdateUser(ctx context.Context, token, realm string, user User) error { const errMessage = "could not update user" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(user). - Put(client.getAdminRealmURL(realm, "users", PString(user.ID))) + Put(g.getAdminRealmURL(realm, "users", PString(user.ID))) return checkForError(resp, err, errMessage) } // AddUserToGroup puts given user to given group -func (client *gocloak) AddUserToGroup(ctx context.Context, token, realm, userID, groupID string) error { +func (g *GoCloak) AddUserToGroup(ctx context.Context, token, realm, userID, groupID string) error { const errMessage = "could not add user to group" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Put(client.getAdminRealmURL(realm, "users", userID, "groups", groupID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Put(g.getAdminRealmURL(realm, "users", userID, "groups", groupID)) return checkForError(resp, err, errMessage) } // DeleteUserFromGroup deletes given user from given group -func (client *gocloak) DeleteUserFromGroup(ctx context.Context, token, realm, userID, groupID string) error { +func (g *GoCloak) DeleteUserFromGroup(ctx context.Context, token, realm, userID, groupID string) error { const errMessage = "could not delete user from group" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "users", userID, "groups", groupID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "users", userID, "groups", groupID)) return checkForError(resp, err, errMessage) } // GetUserSessions returns user sessions associated with the user -func (client *gocloak) GetUserSessions(ctx context.Context, token, realm, userID string) ([]*UserSessionRepresentation, error) { +func (g *GoCloak) GetUserSessions(ctx context.Context, token, realm, userID string) ([]*UserSessionRepresentation, error) { const errMessage = "could not get user sessions" var res []*UserSessionRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&res). - Get(client.getAdminRealmURL(realm, "users", userID, "sessions")) + Get(g.getAdminRealmURL(realm, "users", userID, "sessions")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2591,13 +2642,13 @@ func (client *gocloak) GetUserSessions(ctx context.Context, token, realm, userID } // GetUserOfflineSessionsForClient returns offline sessions associated with the user and client -func (client *gocloak) GetUserOfflineSessionsForClient(ctx context.Context, token, realm, userID, idOfClient string) ([]*UserSessionRepresentation, error) { +func (g *GoCloak) GetUserOfflineSessionsForClient(ctx context.Context, token, realm, userID, idOfClient string) ([]*UserSessionRepresentation, error) { const errMessage = "could not get user offline sessions for client" var res []*UserSessionRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&res). - Get(client.getAdminRealmURL(realm, "users", userID, "offline-sessions", idOfClient)) + Get(g.getAdminRealmURL(realm, "users", userID, "offline-sessions", idOfClient)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2606,80 +2657,101 @@ func (client *gocloak) GetUserOfflineSessionsForClient(ctx context.Context, toke return res, nil } -// AddClientRoleToUser adds client-level role mappings -func (client *gocloak) AddClientRoleToUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error { +// AddClientRolesToUser adds client-level role mappings +func (g *GoCloak) AddClientRolesToUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error { const errMessage = "could not add client role to user" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Post(client.getAdminRealmURL(realm, "users", userID, "role-mappings", "clients", idOfClient)) + Post(g.getAdminRealmURL(realm, "users", userID, "role-mappings", "clients", idOfClient)) return checkForError(resp, err, errMessage) } -// AddClientRoleToGroup adds a client role to the group -func (client *gocloak) AddClientRoleToGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []Role) error { +// AddClientRoleToUser adds client-level role mappings +// +// Deprecated: replaced by AddClientRolesToUser +func (g *GoCloak) AddClientRoleToUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error { + return g.AddClientRolesToUser(ctx, token, realm, idOfClient, userID, roles) +} + +// AddClientRolesToGroup adds a client role to the group +func (g *GoCloak) AddClientRolesToGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []Role) error { const errMessage = "could not add client role to group" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Post(client.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "clients", idOfClient)) + Post(g.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "clients", idOfClient)) return checkForError(resp, err, errMessage) } -// DeleteClientRoleFromUser adds client-level role mappings -func (client *gocloak) DeleteClientRoleFromUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error { +// AddClientRoleToGroup adds a client role to the group +// +// Deprecated: replaced by AddClientRolesToGroup +func (g *GoCloak) AddClientRoleToGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []Role) error { + return g.AddClientRolesToGroup(ctx, token, realm, idOfClient, groupID, roles) +} + +// DeleteClientRolesFromUser adds client-level role mappings +func (g *GoCloak) DeleteClientRolesFromUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error { const errMessage = "could not delete client role from user" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Delete(client.getAdminRealmURL(realm, "users", userID, "role-mappings", "clients", idOfClient)) + Delete(g.getAdminRealmURL(realm, "users", userID, "role-mappings", "clients", idOfClient)) return checkForError(resp, err, errMessage) } +// DeleteClientRoleFromUser adds client-level role mappings +// +// Deprecated: replaced by DeleteClientRolesFrom +func (g *GoCloak) DeleteClientRoleFromUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error { + return g.DeleteClientRolesFromUser(ctx, token, realm, idOfClient, userID, roles) +} + // DeleteClientRoleFromGroup removes a client role from from the group -func (client *gocloak) DeleteClientRoleFromGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []Role) error { +func (g *GoCloak) DeleteClientRoleFromGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []Role) error { const errMessage = "could not client role from group" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Delete(client.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "clients", idOfClient)) + Delete(g.getAdminRealmURL(realm, "groups", groupID, "role-mappings", "clients", idOfClient)) return checkForError(resp, err, errMessage) } // AddClientRoleComposite adds roles as composite -func (client *gocloak) AddClientRoleComposite(ctx context.Context, token, realm, roleID string, roles []Role) error { +func (g *GoCloak) AddClientRoleComposite(ctx context.Context, token, realm, roleID string, roles []Role) error { const errMessage = "could not add client role composite" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Post(client.getAdminRealmURL(realm, "roles-by-id", roleID, "composites")) + Post(g.getAdminRealmURL(realm, "roles-by-id", roleID, "composites")) return checkForError(resp, err, errMessage) } // DeleteClientRoleComposite deletes composites from a role -func (client *gocloak) DeleteClientRoleComposite(ctx context.Context, token, realm, roleID string, roles []Role) error { +func (g *GoCloak) DeleteClientRoleComposite(ctx context.Context, token, realm, roleID string, roles []Role) error { const errMessage = "could not delete client role composite" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Delete(client.getAdminRealmURL(realm, "roles-by-id", roleID, "composites")) + Delete(g.getAdminRealmURL(realm, "roles-by-id", roleID, "composites")) return checkForError(resp, err, errMessage) } // GetUserFederatedIdentities gets all user federated identities -func (client *gocloak) GetUserFederatedIdentities(ctx context.Context, token, realm, userID string) ([]*FederatedIdentityRepresentation, error) { - const errMessage = "could not get user federeated identities" +func (g *GoCloak) GetUserFederatedIdentities(ctx context.Context, token, realm, userID string) ([]*FederatedIdentityRepresentation, error) { + const errMessage = "could not get user federated identities" var res []*FederatedIdentityRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&res). - Get(client.getAdminRealmURL(realm, "users", userID, "federated-identity")) + Get(g.getAdminRealmURL(realm, "users", userID, "federated-identity")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2689,22 +2761,22 @@ func (client *gocloak) GetUserFederatedIdentities(ctx context.Context, token, re } // CreateUserFederatedIdentity creates an user federated identity -func (client *gocloak) CreateUserFederatedIdentity(ctx context.Context, token, realm, userID, providerID string, federatedIdentityRep FederatedIdentityRepresentation) error { +func (g *GoCloak) CreateUserFederatedIdentity(ctx context.Context, token, realm, userID, providerID string, federatedIdentityRep FederatedIdentityRepresentation) error { const errMessage = "could not create user federeated identity" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(federatedIdentityRep). - Post(client.getAdminRealmURL(realm, "users", userID, "federated-identity", providerID)) + Post(g.getAdminRealmURL(realm, "users", userID, "federated-identity", providerID)) return checkForError(resp, err, errMessage) } // DeleteUserFederatedIdentity deletes an user federated identity -func (client *gocloak) DeleteUserFederatedIdentity(ctx context.Context, token, realm, userID, providerID string) error { +func (g *GoCloak) DeleteUserFederatedIdentity(ctx context.Context, token, realm, userID, providerID string) error { const errMessage = "could not delete user federeated identity" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "users", userID, "federated-identity", providerID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "users", userID, "federated-identity", providerID)) return checkForError(resp, err, errMessage) } @@ -2714,12 +2786,12 @@ func (client *gocloak) DeleteUserFederatedIdentity(ctx context.Context, token, r // ------------------ // CreateIdentityProvider creates an identity provider in a realm -func (client *gocloak) CreateIdentityProvider(ctx context.Context, token string, realm string, providerRep IdentityProviderRepresentation) (string, error) { +func (g *GoCloak) CreateIdentityProvider(ctx context.Context, token string, realm string, providerRep IdentityProviderRepresentation) (string, error) { const errMessage = "could not create identity provider" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(providerRep). - Post(client.getAdminRealmURL(realm, "identity-provider", "instances")) + Post(g.getAdminRealmURL(realm, "identity-provider", "instances")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -2729,13 +2801,13 @@ func (client *gocloak) CreateIdentityProvider(ctx context.Context, token string, } // GetIdentityProviders returns list of identity providers in a realm -func (client *gocloak) GetIdentityProviders(ctx context.Context, token, realm string) ([]*IdentityProviderRepresentation, error) { +func (g *GoCloak) GetIdentityProviders(ctx context.Context, token, realm string) ([]*IdentityProviderRepresentation, error) { const errMessage = "could not get identity providers" var result []*IdentityProviderRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "identity-provider", "instances")) + Get(g.getAdminRealmURL(realm, "identity-provider", "instances")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2745,13 +2817,13 @@ func (client *gocloak) GetIdentityProviders(ctx context.Context, token, realm st } // GetIdentityProvider gets the identity provider in a realm -func (client *gocloak) GetIdentityProvider(ctx context.Context, token, realm, alias string) (*IdentityProviderRepresentation, error) { +func (g *GoCloak) GetIdentityProvider(ctx context.Context, token, realm, alias string) (*IdentityProviderRepresentation, error) { const errMessage = "could not get identity provider" var result IdentityProviderRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "identity-provider", "instances", alias)) + Get(g.getAdminRealmURL(realm, "identity-provider", "instances", alias)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2761,32 +2833,32 @@ func (client *gocloak) GetIdentityProvider(ctx context.Context, token, realm, al } // UpdateIdentityProvider updates the identity provider in a realm -func (client *gocloak) UpdateIdentityProvider(ctx context.Context, token, realm, alias string, providerRep IdentityProviderRepresentation) error { +func (g *GoCloak) UpdateIdentityProvider(ctx context.Context, token, realm, alias string, providerRep IdentityProviderRepresentation) error { const errMessage = "could not update identity provider" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(providerRep). - Put(client.getAdminRealmURL(realm, "identity-provider", "instances", alias)) + Put(g.getAdminRealmURL(realm, "identity-provider", "instances", alias)) return checkForError(resp, err, errMessage) } // DeleteIdentityProvider deletes the identity provider in a realm -func (client *gocloak) DeleteIdentityProvider(ctx context.Context, token, realm, alias string) error { +func (g *GoCloak) DeleteIdentityProvider(ctx context.Context, token, realm, alias string) error { const errMessage = "could not delete identity provider" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "identity-provider", "instances", alias)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "identity-provider", "instances", alias)) return checkForError(resp, err, errMessage) } // ExportIDPPublicBrokerConfig exports the broker config for a given alias -func (client *gocloak) ExportIDPPublicBrokerConfig(ctx context.Context, token, realm, alias string) (*string, error) { +func (g *GoCloak) ExportIDPPublicBrokerConfig(ctx context.Context, token, realm, alias string) (*string, error) { const errMessage = "could not get public identity provider configuration" - resp, err := client.getRequestWithBearerAuthXMLHeader(ctx, token). - Get(client.getAdminRealmURL(realm, "identity-provider", "instances", alias, "export")) + resp, err := g.getRequestWithBearerAuthXMLHeader(ctx, token). + Get(g.getAdminRealmURL(realm, "identity-provider", "instances", alias, "export")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2797,17 +2869,17 @@ func (client *gocloak) ExportIDPPublicBrokerConfig(ctx context.Context, token, r } // ImportIdentityProviderConfig parses and returns the identity provider config at a given URL -func (client *gocloak) ImportIdentityProviderConfig(ctx context.Context, token, realm, fromURL, providerID string) (map[string]string, error) { +func (g *GoCloak) ImportIdentityProviderConfig(ctx context.Context, token, realm, fromURL, providerID string) (map[string]string, error) { const errMessage = "could not import config" result := make(map[string]string) - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetBody(map[string]string{ "fromUrl": fromURL, "providerId": providerID, }). - Post(client.getAdminRealmURL(realm, "identity-provider", "import-config")) + Post(g.getAdminRealmURL(realm, "identity-provider", "import-config")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2817,17 +2889,17 @@ func (client *gocloak) ImportIdentityProviderConfig(ctx context.Context, token, } // ImportIdentityProviderConfigFromFile parses and returns the identity provider config from a given file -func (client *gocloak) ImportIdentityProviderConfigFromFile(ctx context.Context, token, realm, providerID, fileName string, fileBody io.Reader) (map[string]string, error) { +func (g *GoCloak) ImportIdentityProviderConfigFromFile(ctx context.Context, token, realm, providerID, fileName string, fileBody io.Reader) (map[string]string, error) { const errMessage = "could not import config" result := make(map[string]string) - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetFileReader("file", fileName, fileBody). SetFormData(map[string]string{ "providerId": providerID, }). - Post(client.getAdminRealmURL(realm, "identity-provider", "import-config")) + Post(g.getAdminRealmURL(realm, "identity-provider", "import-config")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2837,12 +2909,12 @@ func (client *gocloak) ImportIdentityProviderConfigFromFile(ctx context.Context, } // CreateIdentityProviderMapper creates an instance of an identity provider mapper associated with the given alias -func (client *gocloak) CreateIdentityProviderMapper(ctx context.Context, token, realm, alias string, mapper IdentityProviderMapper) (string, error) { +func (g *GoCloak) CreateIdentityProviderMapper(ctx context.Context, token, realm, alias string, mapper IdentityProviderMapper) (string, error) { const errMessage = "could not create mapper for identity provider" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(mapper). - Post(client.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers")) + Post(g.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers")) if err := checkForError(resp, err, errMessage); err != nil { return "", err @@ -2852,13 +2924,13 @@ func (client *gocloak) CreateIdentityProviderMapper(ctx context.Context, token, } // GetIdentityProviderMapper gets the mapper by id for the given identity provider alias in a realm -func (client *gocloak) GetIdentityProviderMapper(ctx context.Context, token string, realm string, alias string, mapperID string) (*IdentityProviderMapper, error) { +func (g *GoCloak) GetIdentityProviderMapper(ctx context.Context, token string, realm string, alias string, mapperID string) (*IdentityProviderMapper, error) { const errMessage = "could not get identity provider mapper" result := IdentityProviderMapper{} - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers", mapperID)) + Get(g.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers", mapperID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2868,23 +2940,23 @@ func (client *gocloak) GetIdentityProviderMapper(ctx context.Context, token stri } // DeleteIdentityProviderMapper deletes an instance of an identity provider mapper associated with the given alias and mapper ID -func (client *gocloak) DeleteIdentityProviderMapper(ctx context.Context, token, realm, alias, mapperID string) error { +func (g *GoCloak) DeleteIdentityProviderMapper(ctx context.Context, token, realm, alias, mapperID string) error { const errMessage = "could not delete mapper for identity provider" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers", mapperID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers", mapperID)) return checkForError(resp, err, errMessage) } // GetIdentityProviderMappers returns list of mappers associated with an identity provider -func (client *gocloak) GetIdentityProviderMappers(ctx context.Context, token, realm, alias string) ([]*IdentityProviderMapper, error) { +func (g *GoCloak) GetIdentityProviderMappers(ctx context.Context, token, realm, alias string) ([]*IdentityProviderMapper, error) { const errMessage = "could not get identity provider mappers" var result []*IdentityProviderMapper - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers")) + Get(g.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2894,13 +2966,13 @@ func (client *gocloak) GetIdentityProviderMappers(ctx context.Context, token, re } // GetIdentityProviderMapperByID gets the mapper of an identity provider -func (client *gocloak) GetIdentityProviderMapperByID(ctx context.Context, token, realm, alias, mapperID string) (*IdentityProviderMapper, error) { +func (g *GoCloak) GetIdentityProviderMapperByID(ctx context.Context, token, realm, alias, mapperID string) (*IdentityProviderMapper, error) { const errMessage = "could not get identity provider mappers" var result IdentityProviderMapper - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers", mapperID)) + Get(g.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers", mapperID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2910,12 +2982,12 @@ func (client *gocloak) GetIdentityProviderMapperByID(ctx context.Context, token, } // UpdateIdentityProviderMapper updates mapper of an identity provider -func (client *gocloak) UpdateIdentityProviderMapper(ctx context.Context, token, realm, alias string, mapper IdentityProviderMapper) error { +func (g *GoCloak) UpdateIdentityProviderMapper(ctx context.Context, token, realm, alias string, mapper IdentityProviderMapper) error { const errMessage = "could not update identity provider mapper" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(mapper). - Put(client.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers", PString(mapper.ID))) + Put(g.getAdminRealmURL(realm, "identity-provider", "instances", alias, "mappers", PString(mapper.ID))) return checkForError(resp, err, errMessage) } @@ -2925,13 +2997,13 @@ func (client *gocloak) UpdateIdentityProviderMapper(ctx context.Context, token, // ------------------ // GetResource returns a client's resource with the given id, using access token from admin -func (client *gocloak) GetResource(ctx context.Context, token, realm, idOfClient, resourceID string) (*ResourceRepresentation, error) { +func (g *GoCloak) GetResource(ctx context.Context, token, realm, idOfClient, resourceID string) (*ResourceRepresentation, error) { const errMessage = "could not get resource" var result ResourceRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "resource", resourceID)) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "resource", resourceID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2940,14 +3012,14 @@ func (client *gocloak) GetResource(ctx context.Context, token, realm, idOfClient return &result, nil } -// GetResource returns a client's resource with the given id, using access token from client -func (client *gocloak) GetResourceClient(ctx context.Context, token, realm, resourceID string) (*ResourceRepresentation, error) { +// GetResourceClient returns a client's resource with the given id, using access token from client +func (g *GoCloak) GetResourceClient(ctx context.Context, token, realm, resourceID string) (*ResourceRepresentation, error) { const errMessage = "could not get resource" var result ResourceRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getRealmURL(realm, "authz", "protection", "resource_set", resourceID)) + Get(g.getRealmURL(realm, "authz", "protection", "resource_set", resourceID)) // http://${host}:${port}/auth/realms/${realm_name}/authz/protection/resource_set/{resource_id} @@ -2959,7 +3031,7 @@ func (client *gocloak) GetResourceClient(ctx context.Context, token, realm, reso } // GetResources returns resources associated with the client, using access token from admin -func (client *gocloak) GetResources(ctx context.Context, token, realm, idOfClient string, params GetResourceParams) ([]*ResourceRepresentation, error) { +func (g *GoCloak) GetResources(ctx context.Context, token, realm, idOfClient string, params GetResourceParams) ([]*ResourceRepresentation, error) { const errMessage = "could not get resources" queryParams, err := GetQueryParams(params) @@ -2968,10 +3040,10 @@ func (client *gocloak) GetResources(ctx context.Context, token, realm, idOfClien } var result []*ResourceRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "resource")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "resource")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -2980,8 +3052,8 @@ func (client *gocloak) GetResources(ctx context.Context, token, realm, idOfClien return result, nil } -// GetResources returns resources associated with the client, using access token from client -func (client *gocloak) GetResourcesClient(ctx context.Context, token, realm string, params GetResourceParams) ([]*ResourceRepresentation, error) { +// GetResourcesClient returns resources associated with the client, using access token from client +func (g *GoCloak) GetResourcesClient(ctx context.Context, token, realm string, params GetResourceParams) ([]*ResourceRepresentation, error) { const errMessage = "could not get resources" queryParams, err := GetQueryParams(params) @@ -2991,17 +3063,17 @@ func (client *gocloak) GetResourcesClient(ctx context.Context, token, realm stri var result []*ResourceRepresentation var resourceIDs []string - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&resourceIDs). SetQueryParams(queryParams). - Get(client.getRealmURL(realm, "authz", "protection", "resource_set")) + Get(g.getRealmURL(realm, "authz", "protection", "resource_set")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err } for _, resourceID := range resourceIDs { - resource, err := client.GetResourceClient(ctx, token, realm, resourceID) + resource, err := g.GetResourceClient(ctx, token, realm, resourceID) if err == nil { result = append(result, resource) } @@ -3011,44 +3083,44 @@ func (client *gocloak) GetResourcesClient(ctx context.Context, token, realm stri } // UpdateResource updates a resource associated with the client, using access token from admin -func (client *gocloak) UpdateResource(ctx context.Context, token, realm, idOfClient string, resource ResourceRepresentation) error { +func (g *GoCloak) UpdateResource(ctx context.Context, token, realm, idOfClient string, resource ResourceRepresentation) error { const errMessage = "could not update resource" if NilOrEmpty(resource.ID) { return errors.New("ID of a resource required") } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(resource). - Put(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "resource", *(resource.ID))) + Put(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "resource", *(resource.ID))) return checkForError(resp, err, errMessage) } -// UpdateResource updates a resource associated with the client, using access token from client -func (client *gocloak) UpdateResourceClient(ctx context.Context, token, realm string, resource ResourceRepresentation) error { +// UpdateResourceClient updates a resource associated with the client, using access token from client +func (g *GoCloak) UpdateResourceClient(ctx context.Context, token, realm string, resource ResourceRepresentation) error { const errMessage = "could not update resource" if NilOrEmpty(resource.ID) { return errors.New("ID of a resource required") } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(resource). - Put(client.getRealmURL(realm, "authz", "protection", "resource_set", *(resource.ID))) + Put(g.getRealmURL(realm, "authz", "protection", "resource_set", *(resource.ID))) return checkForError(resp, err, errMessage) } // CreateResource creates a resource associated with the client, using access token from admin -func (client *gocloak) CreateResource(ctx context.Context, token, realm string, idOfClient string, resource ResourceRepresentation) (*ResourceRepresentation, error) { +func (g *GoCloak) CreateResource(ctx context.Context, token, realm string, idOfClient string, resource ResourceRepresentation) (*ResourceRepresentation, error) { const errMessage = "could not create resource" var result ResourceRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetBody(resource). - Post(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "resource")) + Post(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "resource")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3057,15 +3129,15 @@ func (client *gocloak) CreateResource(ctx context.Context, token, realm string, return &result, nil } -// CreateResource creates a resource associated with the client, using access token from client -func (client *gocloak) CreateResourceClient(ctx context.Context, token, realm string, resource ResourceRepresentation) (*ResourceRepresentation, error) { +// CreateResourceClient creates a resource associated with the client, using access token from client +func (g *GoCloak) CreateResourceClient(ctx context.Context, token, realm string, resource ResourceRepresentation) (*ResourceRepresentation, error) { const errMessage = "could not create resource" var result ResourceRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetBody(resource). - Post(client.getRealmURL(realm, "authz", "protection", "resource_set")) + Post(g.getRealmURL(realm, "authz", "protection", "resource_set")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3075,33 +3147,33 @@ func (client *gocloak) CreateResourceClient(ctx context.Context, token, realm st } // DeleteResource deletes a resource associated with the client (using an admin token) -func (client *gocloak) DeleteResource(ctx context.Context, token, realm, idOfClient, resourceID string) error { +func (g *GoCloak) DeleteResource(ctx context.Context, token, realm, idOfClient, resourceID string) error { const errMessage = "could not delete resource" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "resource", resourceID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "resource", resourceID)) return checkForError(resp, err, errMessage) } -// DeleteResource deletes a resource associated with the client (using a client token) -func (client *gocloak) DeleteResourceClient(ctx context.Context, token, realm, resourceID string) error { +// DeleteResourceClient deletes a resource associated with the client (using a client token) +func (g *GoCloak) DeleteResourceClient(ctx context.Context, token, realm, resourceID string) error { const errMessage = "could not delete resource" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getRealmURL(realm, "authz", "protection", "resource_set", resourceID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getRealmURL(realm, "authz", "protection", "resource_set", resourceID)) return checkForError(resp, err, errMessage) } // GetScope returns a client's scope with the given id -func (client *gocloak) GetScope(ctx context.Context, token, realm, idOfClient, scopeID string) (*ScopeRepresentation, error) { +func (g *GoCloak) GetScope(ctx context.Context, token, realm, idOfClient, scopeID string) (*ScopeRepresentation, error) { const errMessage = "could not get scope" var result ScopeRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "scope", scopeID)) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "scope", scopeID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3111,7 +3183,7 @@ func (client *gocloak) GetScope(ctx context.Context, token, realm, idOfClient, s } // GetScopes returns scopes associated with the client -func (client *gocloak) GetScopes(ctx context.Context, token, realm, idOfClient string, params GetScopeParams) ([]*ScopeRepresentation, error) { +func (g *GoCloak) GetScopes(ctx context.Context, token, realm, idOfClient string, params GetScopeParams) ([]*ScopeRepresentation, error) { const errMessage = "could not get scopes" queryParams, err := GetQueryParams(params) @@ -3119,10 +3191,10 @@ func (client *gocloak) GetScopes(ctx context.Context, token, realm, idOfClient s return nil, err } var result []*ScopeRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "scope")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "scope")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3132,14 +3204,14 @@ func (client *gocloak) GetScopes(ctx context.Context, token, realm, idOfClient s } // CreateScope creates a scope associated with the client -func (client *gocloak) CreateScope(ctx context.Context, token, realm, idOfClient string, scope ScopeRepresentation) (*ScopeRepresentation, error) { +func (g *GoCloak) CreateScope(ctx context.Context, token, realm, idOfClient string, scope ScopeRepresentation) (*ScopeRepresentation, error) { const errMessage = "could not create scope" var result ScopeRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetBody(scope). - Post(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "scope")) + Post(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "scope")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3149,38 +3221,38 @@ func (client *gocloak) CreateScope(ctx context.Context, token, realm, idOfClient } // UpdateScope updates a scope associated with the client -func (client *gocloak) UpdateScope(ctx context.Context, token, realm, idOfClient string, scope ScopeRepresentation) error { +func (g *GoCloak) UpdateScope(ctx context.Context, token, realm, idOfClient string, scope ScopeRepresentation) error { const errMessage = "could not update scope" if NilOrEmpty(scope.ID) { return errors.New("ID of a scope required") } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(scope). - Put(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "scope", *(scope.ID))) + Put(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "scope", *(scope.ID))) return checkForError(resp, err, errMessage) } // DeleteScope deletes a scope associated with the client -func (client *gocloak) DeleteScope(ctx context.Context, token, realm, idOfClient, scopeID string) error { +func (g *GoCloak) DeleteScope(ctx context.Context, token, realm, idOfClient, scopeID string) error { const errMessage = "could not delete scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "scope", scopeID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "scope", scopeID)) return checkForError(resp, err, errMessage) } // GetPolicy returns a client's policy with the given id -func (client *gocloak) GetPolicy(ctx context.Context, token, realm, idOfClient, policyID string) (*PolicyRepresentation, error) { +func (g *GoCloak) GetPolicy(ctx context.Context, token, realm, idOfClient, policyID string) (*PolicyRepresentation, error) { const errMessage = "could not get policy" var result PolicyRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID)) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3190,7 +3262,7 @@ func (client *gocloak) GetPolicy(ctx context.Context, token, realm, idOfClient, } // GetPolicies returns policies associated with the client -func (client *gocloak) GetPolicies(ctx context.Context, token, realm, idOfClient string, params GetPolicyParams) ([]*PolicyRepresentation, error) { +func (g *GoCloak) GetPolicies(ctx context.Context, token, realm, idOfClient string, params GetPolicyParams) ([]*PolicyRepresentation, error) { const errMessage = "could not get policies" queryParams, err := GetQueryParams(params) @@ -3204,10 +3276,10 @@ func (client *gocloak) GetPolicies(ctx context.Context, token, realm, idOfClient } var result []*PolicyRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, path...)) + Get(g.getAdminRealmURL(realm, path...)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3217,7 +3289,7 @@ func (client *gocloak) GetPolicies(ctx context.Context, token, realm, idOfClient } // CreatePolicy creates a policy associated with the client -func (client *gocloak) CreatePolicy(ctx context.Context, token, realm, idOfClient string, policy PolicyRepresentation) (*PolicyRepresentation, error) { +func (g *GoCloak) CreatePolicy(ctx context.Context, token, realm, idOfClient string, policy PolicyRepresentation) (*PolicyRepresentation, error) { const errMessage = "could not create policy" if NilOrEmpty(policy.Type) { @@ -3225,10 +3297,10 @@ func (client *gocloak) CreatePolicy(ctx context.Context, token, realm, idOfClien } var result PolicyRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetBody(policy). - Post(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", *(policy.Type))) + Post(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", *(policy.Type))) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3238,38 +3310,38 @@ func (client *gocloak) CreatePolicy(ctx context.Context, token, realm, idOfClien } // UpdatePolicy updates a policy associated with the client -func (client *gocloak) UpdatePolicy(ctx context.Context, token, realm, idOfClient string, policy PolicyRepresentation) error { +func (g *GoCloak) UpdatePolicy(ctx context.Context, token, realm, idOfClient string, policy PolicyRepresentation) error { const errMessage = "could not update policy" if NilOrEmpty(policy.ID) { return errors.New("ID of a policy required") } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(policy). - Put(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", *(policy.Type), *(policy.ID))) + Put(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", *(policy.Type), *(policy.ID))) return checkForError(resp, err, errMessage) } // DeletePolicy deletes a policy associated with the client -func (client *gocloak) DeletePolicy(ctx context.Context, token, realm, idOfClient, policyID string) error { +func (g *GoCloak) DeletePolicy(ctx context.Context, token, realm, idOfClient, policyID string) error { const errMessage = "could not delete policy" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID)) return checkForError(resp, err, errMessage) } // GetAuthorizationPolicyAssociatedPolicies returns a client's associated policies of specific policy with the given policy id, using access token from admin -func (client *gocloak) GetAuthorizationPolicyAssociatedPolicies(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyRepresentation, error) { +func (g *GoCloak) GetAuthorizationPolicyAssociatedPolicies(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyRepresentation, error) { const errMessage = "could not get policy associated policies" var result []*PolicyRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID, "associatedPolicies")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID, "associatedPolicies")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3279,13 +3351,13 @@ func (client *gocloak) GetAuthorizationPolicyAssociatedPolicies(ctx context.Cont } // GetAuthorizationPolicyResources returns a client's resources of specific policy with the given policy id, using access token from admin -func (client *gocloak) GetAuthorizationPolicyResources(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyResourceRepresentation, error) { +func (g *GoCloak) GetAuthorizationPolicyResources(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyResourceRepresentation, error) { const errMessage = "could not get policy resources" var result []*PolicyResourceRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID, "resources")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID, "resources")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3295,13 +3367,13 @@ func (client *gocloak) GetAuthorizationPolicyResources(ctx context.Context, toke } // GetAuthorizationPolicyScopes returns a client's scopes of specific policy with the given policy id, using access token from admin -func (client *gocloak) GetAuthorizationPolicyScopes(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyScopeRepresentation, error) { +func (g *GoCloak) GetAuthorizationPolicyScopes(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyScopeRepresentation, error) { const errMessage = "could not get policy scopes" var result []*PolicyScopeRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID, "scopes")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID, "scopes")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3310,14 +3382,14 @@ func (client *gocloak) GetAuthorizationPolicyScopes(ctx context.Context, token, return result, nil } -// GetResourcePolicy updates a permission for a specifc resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange -func (client *gocloak) GetResourcePolicy(ctx context.Context, token, realm, permissionID string) (*ResourcePolicyRepresentation, error) { +// GetResourcePolicy updates a permission for a specific resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange +func (g *GoCloak) GetResourcePolicy(ctx context.Context, token, realm, permissionID string) (*ResourcePolicyRepresentation, error) { const errMessage = "could not get resource policy" var result ResourcePolicyRepresentation - resp, err := client.getRequestWithBearerAuthNoCache(ctx, token). + resp, err := g.getRequestWithBearerAuthNoCache(ctx, token). SetResult(&result). - Get(client.getRealmURL(realm, "authz", "protection", "uma-policy", permissionID)) + Get(g.getRealmURL(realm, "authz", "protection", "uma-policy", permissionID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3327,7 +3399,7 @@ func (client *gocloak) GetResourcePolicy(ctx context.Context, token, realm, perm } // GetResourcePolicies returns resources associated with the client, using token obtained by Resource Owner Password Credentials Grant or Token exchange -func (client *gocloak) GetResourcePolicies(ctx context.Context, token, realm string, params GetResourcePoliciesParams) ([]*ResourcePolicyRepresentation, error) { +func (g *GoCloak) GetResourcePolicies(ctx context.Context, token, realm string, params GetResourcePoliciesParams) ([]*ResourcePolicyRepresentation, error) { const errMessage = "could not get resource policies" queryParams, err := GetQueryParams(params) @@ -3336,10 +3408,10 @@ func (client *gocloak) GetResourcePolicies(ctx context.Context, token, realm str } var result []*ResourcePolicyRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getRealmURL(realm, "authz", "protection", "uma-policy")) + Get(g.getRealmURL(realm, "authz", "protection", "uma-policy")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3348,15 +3420,15 @@ func (client *gocloak) GetResourcePolicies(ctx context.Context, token, realm str return result, nil } -// CreateResourcePolicy associates a permission with a specifc resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange -func (client *gocloak) CreateResourcePolicy(ctx context.Context, token, realm, resourceID string, policy ResourcePolicyRepresentation) (*ResourcePolicyRepresentation, error) { +// CreateResourcePolicy associates a permission with a specific resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange +func (g *GoCloak) CreateResourcePolicy(ctx context.Context, token, realm, resourceID string, policy ResourcePolicyRepresentation) (*ResourcePolicyRepresentation, error) { const errMessage = "could not create resource policy" var result ResourcePolicyRepresentation - resp, err := client.getRequestWithBearerAuthNoCache(ctx, token). + resp, err := g.getRequestWithBearerAuthNoCache(ctx, token). SetResult(&result). SetBody(policy). - Post(client.getRealmURL(realm, "authz", "protection", "uma-policy", resourceID)) + Post(g.getRealmURL(realm, "authz", "protection", "uma-policy", resourceID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3365,35 +3437,35 @@ func (client *gocloak) CreateResourcePolicy(ctx context.Context, token, realm, r return &result, nil } -// UpdateResourcePolicy updates a permission for a specifc resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange -func (client *gocloak) UpdateResourcePolicy(ctx context.Context, token, realm, permissionID string, policy ResourcePolicyRepresentation) error { +// UpdateResourcePolicy updates a permission for a specific resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange +func (g *GoCloak) UpdateResourcePolicy(ctx context.Context, token, realm, permissionID string, policy ResourcePolicyRepresentation) error { const errMessage = "could not update resource policy" - resp, err := client.getRequestWithBearerAuthNoCache(ctx, token). + resp, err := g.getRequestWithBearerAuthNoCache(ctx, token). SetBody(policy). - Put(client.getRealmURL(realm, "authz", "protection", "uma-policy", permissionID)) + Put(g.getRealmURL(realm, "authz", "protection", "uma-policy", permissionID)) return checkForError(resp, err, errMessage) } -// DeleteResourcePolicy deletes a permission for a specifc resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange -func (client *gocloak) DeleteResourcePolicy(ctx context.Context, token, realm, permissionID string) error { +// DeleteResourcePolicy deletes a permission for a specific resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange +func (g *GoCloak) DeleteResourcePolicy(ctx context.Context, token, realm, permissionID string) error { const errMessage = "could not delete resource policy" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getRealmURL(realm, "authz", "protection", "uma-policy", permissionID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getRealmURL(realm, "authz", "protection", "uma-policy", permissionID)) return checkForError(resp, err, errMessage) } // GetPermission returns a client's permission with the given id -func (client *gocloak) GetPermission(ctx context.Context, token, realm, idOfClient, permissionID string) (*PermissionRepresentation, error) { +func (g *GoCloak) GetPermission(ctx context.Context, token, realm, idOfClient, permissionID string) (*PermissionRepresentation, error) { const errMessage = "could not get permission" var result PermissionRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", permissionID)) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", permissionID)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3403,13 +3475,13 @@ func (client *gocloak) GetPermission(ctx context.Context, token, realm, idOfClie } // GetDependentPermissions returns a client's permission with the given policy id -func (client *gocloak) GetDependentPermissions(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PermissionRepresentation, error) { +func (g *GoCloak) GetDependentPermissions(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PermissionRepresentation, error) { const errMessage = "could not get permission" var result []*PermissionRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID, "dependentPolicies")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "policy", policyID, "dependentPolicies")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3418,14 +3490,14 @@ func (client *gocloak) GetDependentPermissions(ctx context.Context, token, realm return result, nil } -// GetPermissionResource returns a client's resource attached for the given permission id -func (client *gocloak) GetPermissionResources(ctx context.Context, token, realm, idOfClient, permissionID string) ([]*PermissionResource, error) { +// GetPermissionResources returns a client's resource attached for the given permission id +func (g *GoCloak) GetPermissionResources(ctx context.Context, token, realm, idOfClient, permissionID string) ([]*PermissionResource, error) { const errMessage = "could not get permission resource" var result []*PermissionResource - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", permissionID, "resources")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", permissionID, "resources")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3435,13 +3507,13 @@ func (client *gocloak) GetPermissionResources(ctx context.Context, token, realm, } // GetPermissionScopes returns a client's scopes configured for the given permission id -func (client *gocloak) GetPermissionScopes(ctx context.Context, token, realm, idOfClient, permissionID string) ([]*PermissionScope, error) { +func (g *GoCloak) GetPermissionScopes(ctx context.Context, token, realm, idOfClient, permissionID string) ([]*PermissionScope, error) { const errMessage = "could not get permission scopes" var result []*PermissionScope - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", permissionID, "scopes")) + Get(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", permissionID, "scopes")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3451,7 +3523,7 @@ func (client *gocloak) GetPermissionScopes(ctx context.Context, token, realm, id } // GetPermissions returns permissions associated with the client -func (client *gocloak) GetPermissions(ctx context.Context, token, realm, idOfClient string, params GetPermissionParams) ([]*PermissionRepresentation, error) { +func (g *GoCloak) GetPermissions(ctx context.Context, token, realm, idOfClient string, params GetPermissionParams) ([]*PermissionRepresentation, error) { const errMessage = "could not get permissions" queryParams, err := GetQueryParams(params) @@ -3465,10 +3537,10 @@ func (client *gocloak) GetPermissions(ctx context.Context, token, realm, idOfCli } var result []*PermissionRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, path...)) + Get(g.getAdminRealmURL(realm, path...)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3497,7 +3569,7 @@ func checkPermissionTicketParams(permissions []CreatePermissionTicketParams) err } // CreatePermissionTicket creates a permission ticket, using access token from client -func (client *gocloak) CreatePermissionTicket(ctx context.Context, token, realm string, permissions []CreatePermissionTicketParams) (*PermissionTicketResponseRepresentation, error) { +func (g *GoCloak) CreatePermissionTicket(ctx context.Context, token, realm string, permissions []CreatePermissionTicketParams) (*PermissionTicketResponseRepresentation, error) { const errMessage = "could not create permission ticket" err := checkPermissionTicketParams(permissions) @@ -3506,10 +3578,10 @@ func (client *gocloak) CreatePermissionTicket(ctx context.Context, token, realm } var result PermissionTicketResponseRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetBody(permissions). - Post(client.getRealmURL(realm, "authz", "protection", "permission")) + Post(g.getRealmURL(realm, "authz", "protection", "permission")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3533,8 +3605,8 @@ func checkPermissionGrantParams(permission PermissionGrantParams) error { return nil } -// GrantPermission lets resource owner grant permission for specific resource ID to specific user ID -func (client *gocloak) GrantUserPermission(ctx context.Context, token, realm string, permission PermissionGrantParams) (*PermissionGrantResponseRepresentation, error) { +// GrantUserPermission lets resource owner grant permission for specific resource ID to specific user ID +func (g *GoCloak) GrantUserPermission(ctx context.Context, token, realm string, permission PermissionGrantParams) (*PermissionGrantResponseRepresentation, error) { const errMessage = "could not grant user permission" err := checkPermissionGrantParams(permission) @@ -3546,10 +3618,10 @@ func (client *gocloak) GrantUserPermission(ctx context.Context, token, realm str var result PermissionGrantResponseRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetBody(permission). - Post(client.getRealmURL(realm, "authz", "protection", "permission", "ticket")) + Post(g.getRealmURL(realm, "authz", "protection", "permission", "ticket")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3571,7 +3643,8 @@ func checkPermissionUpdateParams(permission PermissionGrantParams) error { return nil } -func (client *gocloak) UpdateUserPermission(ctx context.Context, token, realm string, permission PermissionGrantParams) (*PermissionGrantResponseRepresentation, error) { +// UpdateUserPermission updates user permissions. +func (g *GoCloak) UpdateUserPermission(ctx context.Context, token, realm string, permission PermissionGrantParams) (*PermissionGrantResponseRepresentation, error) { const errMessage = "could not update user permission" err := checkPermissionUpdateParams(permission) @@ -3581,10 +3654,10 @@ func (client *gocloak) UpdateUserPermission(ctx context.Context, token, realm st var result PermissionGrantResponseRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetBody(permission). - Put(client.getRealmURL(realm, "authz", "protection", "permission", "ticket")) + Put(g.getRealmURL(realm, "authz", "protection", "permission", "ticket")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3597,8 +3670,8 @@ func (client *gocloak) UpdateUserPermission(ctx context.Context, token, realm st return &result, nil } -// GetUserPermission gets granted permissions according query parameters -func (client *gocloak) GetUserPermissions(ctx context.Context, token, realm string, params GetUserPermissionParams) ([]*PermissionGrantResponseRepresentation, error) { +// GetUserPermissions gets granted permissions according query parameters +func (g *GoCloak) GetUserPermissions(ctx context.Context, token, realm string, params GetUserPermissionParams) ([]*PermissionGrantResponseRepresentation, error) { const errMessage = "could not get user permissions" queryParams, err := GetQueryParams(params) @@ -3607,10 +3680,10 @@ func (client *gocloak) GetUserPermissions(ctx context.Context, token, realm stri } var result []*PermissionGrantResponseRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getRealmURL(realm, "authz", "protection", "permission", "ticket")) + Get(g.getRealmURL(realm, "authz", "protection", "permission", "ticket")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3619,17 +3692,18 @@ func (client *gocloak) GetUserPermissions(ctx context.Context, token, realm stri return result, nil } -func (client *gocloak) DeleteUserPermission(ctx context.Context, token, realm, ticketID string) error { +// DeleteUserPermission revokes permissions according query parameters +func (g *GoCloak) DeleteUserPermission(ctx context.Context, token, realm, ticketID string) error { const errMessage = "could not delete user permission" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getRealmURL(realm, "authz", "protection", "permission", "ticket", ticketID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getRealmURL(realm, "authz", "protection", "permission", "ticket", ticketID)) return checkForError(resp, err, errMessage) } // CreatePermission creates a permission associated with the client -func (client *gocloak) CreatePermission(ctx context.Context, token, realm, idOfClient string, permission PermissionRepresentation) (*PermissionRepresentation, error) { +func (g *GoCloak) CreatePermission(ctx context.Context, token, realm, idOfClient string, permission PermissionRepresentation) (*PermissionRepresentation, error) { const errMessage = "could not create permission" if NilOrEmpty(permission.Type) { @@ -3637,10 +3711,10 @@ func (client *gocloak) CreatePermission(ctx context.Context, token, realm, idOfC } var result PermissionRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetBody(permission). - Post(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", *(permission.Type))) + Post(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", *(permission.Type))) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3650,25 +3724,25 @@ func (client *gocloak) CreatePermission(ctx context.Context, token, realm, idOfC } // UpdatePermission updates a permission associated with the client -func (client *gocloak) UpdatePermission(ctx context.Context, token, realm, idOfClient string, permission PermissionRepresentation) error { +func (g *GoCloak) UpdatePermission(ctx context.Context, token, realm, idOfClient string, permission PermissionRepresentation) error { const errMessage = "could not update permission" if NilOrEmpty(permission.ID) { return errors.New("ID of a permission required") } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(permission). - Put(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", *permission.Type, *permission.ID)) + Put(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", *permission.Type, *permission.ID)) return checkForError(resp, err, errMessage) } // DeletePermission deletes a policy associated with the client -func (client *gocloak) DeletePermission(ctx context.Context, token, realm, idOfClient, permissionID string) error { +func (g *GoCloak) DeletePermission(ctx context.Context, token, realm, idOfClient, permissionID string) error { const errMessage = "could not delete permission" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", permissionID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "clients", idOfClient, "authz", "resource-server", "permission", permissionID)) return checkForError(resp, err, errMessage) } @@ -3678,13 +3752,13 @@ func (client *gocloak) DeletePermission(ctx context.Context, token, realm, idOfC // --------------- // GetCredentialRegistrators returns credentials registrators -func (client *gocloak) GetCredentialRegistrators(ctx context.Context, token, realm string) ([]string, error) { +func (g *GoCloak) GetCredentialRegistrators(ctx context.Context, token, realm string) ([]string, error) { const errMessage = "could not get user credential registrators" var result []string - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "credential-registrators")) + Get(g.getAdminRealmURL(realm, "credential-registrators")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3694,13 +3768,13 @@ func (client *gocloak) GetCredentialRegistrators(ctx context.Context, token, rea } // GetConfiguredUserStorageCredentialTypes returns credential types, which are provided by the user storage where user is stored -func (client *gocloak) GetConfiguredUserStorageCredentialTypes(ctx context.Context, token, realm, userID string) ([]string, error) { +func (g *GoCloak) GetConfiguredUserStorageCredentialTypes(ctx context.Context, token, realm, userID string) ([]string, error) { const errMessage = "could not get user credential registrators" var result []string - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "users", userID, "configured-user-storage-credential-types")) + Get(g.getAdminRealmURL(realm, "users", userID, "configured-user-storage-credential-types")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3710,13 +3784,13 @@ func (client *gocloak) GetConfiguredUserStorageCredentialTypes(ctx context.Conte } // GetCredentials returns credentials available for a given user -func (client *gocloak) GetCredentials(ctx context.Context, token, realm, userID string) ([]*CredentialRepresentation, error) { +func (g *GoCloak) GetCredentials(ctx context.Context, token, realm, userID string) ([]*CredentialRepresentation, error) { const errMessage = "could not get user credentials" var result []*CredentialRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "users", userID, "credentials")) + Get(g.getAdminRealmURL(realm, "users", userID, "credentials")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3726,60 +3800,60 @@ func (client *gocloak) GetCredentials(ctx context.Context, token, realm, userID } // DeleteCredentials deletes the given credential for a given user -func (client *gocloak) DeleteCredentials(ctx context.Context, token, realm, userID, credentialID string) error { +func (g *GoCloak) DeleteCredentials(ctx context.Context, token, realm, userID, credentialID string) error { const errMessage = "could not delete user credentials" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "users", userID, "credentials", credentialID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "users", userID, "credentials", credentialID)) return checkForError(resp, err, errMessage) } // UpdateCredentialUserLabel updates label for the given credential for the given user -func (client *gocloak) UpdateCredentialUserLabel(ctx context.Context, token, realm, userID, credentialID, userLabel string) error { +func (g *GoCloak) UpdateCredentialUserLabel(ctx context.Context, token, realm, userID, credentialID, userLabel string) error { const errMessage = "could not update credential label for a user" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetHeader("Content-Type", "text/plain"). SetBody(userLabel). - Put(client.getAdminRealmURL(realm, "users", userID, "credentials", credentialID, "userLabel")) + Put(g.getAdminRealmURL(realm, "users", userID, "credentials", credentialID, "userLabel")) return checkForError(resp, err, errMessage) } // DisableAllCredentialsByType disables all credentials for a user of a specific type -func (client *gocloak) DisableAllCredentialsByType(ctx context.Context, token, realm, userID string, types []string) error { +func (g *GoCloak) DisableAllCredentialsByType(ctx context.Context, token, realm, userID string, types []string) error { const errMessage = "could not update disable credentials" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(types). - Put(client.getAdminRealmURL(realm, "users", userID, "disable-credential-types")) + Put(g.getAdminRealmURL(realm, "users", userID, "disable-credential-types")) return checkForError(resp, err, errMessage) } // MoveCredentialBehind move a credential to a position behind another credential -func (client *gocloak) MoveCredentialBehind(ctx context.Context, token, realm, userID, credentialID, newPreviousCredentialID string) error { +func (g *GoCloak) MoveCredentialBehind(ctx context.Context, token, realm, userID, credentialID, newPreviousCredentialID string) error { const errMessage = "could not move credential" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Post(client.getAdminRealmURL(realm, "users", userID, "credentials", credentialID, "moveAfter", newPreviousCredentialID)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Post(g.getAdminRealmURL(realm, "users", userID, "credentials", credentialID, "moveAfter", newPreviousCredentialID)) return checkForError(resp, err, errMessage) } // MoveCredentialToFirst move a credential to a first position in the credentials list of the user -func (client *gocloak) MoveCredentialToFirst(ctx context.Context, token, realm, userID, credentialID string) error { +func (g *GoCloak) MoveCredentialToFirst(ctx context.Context, token, realm, userID, credentialID string) error { const errMessage = "could not move credential" - resp, err := client.getRequestWithBearerAuth(ctx, token). - Post(client.getAdminRealmURL(realm, "users", userID, "credentials", credentialID, "moveToFirst")) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Post(g.getAdminRealmURL(realm, "users", userID, "credentials", credentialID, "moveToFirst")) return checkForError(resp, err, errMessage) } // GetEvents returns events -func (client *gocloak) GetEvents(ctx context.Context, token string, realm string, params GetEventsParams) ([]*EventRepresentation, error) { +func (g *GoCloak) GetEvents(ctx context.Context, token string, realm string, params GetEventsParams) ([]*EventRepresentation, error) { const errMessage = "could not get events" queryParams, err := GetQueryParams(params) @@ -3788,10 +3862,10 @@ func (client *gocloak) GetEvents(ctx context.Context, token string, realm string } var result []*EventRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). SetQueryParams(queryParams). - Get(client.getAdminRealmURL(realm, "events")) + Get(g.getAdminRealmURL(realm, "events")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3801,14 +3875,14 @@ func (client *gocloak) GetEvents(ctx context.Context, token string, realm string } // GetClientScopesScopeMappingsRealmRolesAvailable returns realm-level roles that are available to attach to this client scope -func (client *gocloak) GetClientScopesScopeMappingsRealmRolesAvailable(ctx context.Context, token, realm, clientScopeID string) ([]*Role, error) { +func (g *GoCloak) GetClientScopesScopeMappingsRealmRolesAvailable(ctx context.Context, token, realm, clientScopeID string) ([]*Role, error) { const errMessage = "could not get available realm-level roles with the client-scope" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "client-scopes", clientScopeID, "scope-mappings", "realm", "available")) + Get(g.getAdminRealmURL(realm, "client-scopes", clientScopeID, "scope-mappings", "realm", "available")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3818,14 +3892,14 @@ func (client *gocloak) GetClientScopesScopeMappingsRealmRolesAvailable(ctx conte } // GetClientScopesScopeMappingsRealmRoles returns roles associated with a client-scope -func (client *gocloak) GetClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, clientScopeID string) ([]*Role, error) { +func (g *GoCloak) GetClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, clientScopeID string) ([]*Role, error) { const errMessage = "could not get realm-level roles with the client-scope" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "client-scopes", clientScopeID, "scope-mappings", "realm")) + Get(g.getAdminRealmURL(realm, "client-scopes", clientScopeID, "scope-mappings", "realm")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3835,34 +3909,34 @@ func (client *gocloak) GetClientScopesScopeMappingsRealmRoles(ctx context.Contex } // DeleteClientScopesScopeMappingsRealmRoles deletes realm-level roles from the client-scope -func (client *gocloak) DeleteClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, clientScopeID string, roles []Role) error { +func (g *GoCloak) DeleteClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, clientScopeID string, roles []Role) error { const errMessage = "could not delete realm-level roles from the client-scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Delete(client.getAdminRealmURL(realm, "client-scopes", clientScopeID, "scope-mappings", "realm")) + Delete(g.getAdminRealmURL(realm, "client-scopes", clientScopeID, "scope-mappings", "realm")) return checkForError(resp, err, errMessage) } // CreateClientScopesScopeMappingsRealmRoles creates realm-level roles to the client scope -func (client *gocloak) CreateClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, clientScopeID string, roles []Role) error { +func (g *GoCloak) CreateClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, clientScopeID string, roles []Role) error { const errMessage = "could not create realm-level roles to the client-scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Post(client.getAdminRealmURL(realm, "client-scopes", clientScopeID, "scope-mappings", "realm")) + Post(g.getAdminRealmURL(realm, "client-scopes", clientScopeID, "scope-mappings", "realm")) return checkForError(resp, err, errMessage) } -// CreateRequiredAction creates a required action for a given realm -func (client *gocloak) RegisterRequiredAction(ctx context.Context, token string, realm string, requiredAction RequiredActionProviderRepresentation) error { +// RegisterRequiredAction creates a required action for a given realm +func (g *GoCloak) RegisterRequiredAction(ctx context.Context, token string, realm string, requiredAction RequiredActionProviderRepresentation) error { const errMessage = "could not create required action" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(requiredAction). - Post(client.getAdminRealmURL(realm, "authentication", "register-required-action")) + Post(g.getAdminRealmURL(realm, "authentication", "register-required-action")) if err := checkForError(resp, err, errMessage); err != nil { return err @@ -3872,13 +3946,13 @@ func (client *gocloak) RegisterRequiredAction(ctx context.Context, token string, } // GetRequiredActions gets a list of required actions for a given realm -func (client *gocloak) GetRequiredActions(ctx context.Context, token string, realm string) ([]*RequiredActionProviderRepresentation, error) { +func (g *GoCloak) GetRequiredActions(ctx context.Context, token string, realm string) ([]*RequiredActionProviderRepresentation, error) { const errMessage = "could not get required actions" var result []*RequiredActionProviderRepresentation - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "authentication", "required-actions")) + Get(g.getAdminRealmURL(realm, "authentication", "required-actions")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3888,7 +3962,7 @@ func (client *gocloak) GetRequiredActions(ctx context.Context, token string, rea } // GetRequiredAction gets a required action for a given realm -func (client *gocloak) GetRequiredAction(ctx context.Context, token string, realm string, alias string) (*RequiredActionProviderRepresentation, error) { +func (g *GoCloak) GetRequiredAction(ctx context.Context, token string, realm string, alias string) (*RequiredActionProviderRepresentation, error) { const errMessage = "could not get required action" var result RequiredActionProviderRepresentation @@ -3896,9 +3970,9 @@ func (client *gocloak) GetRequiredAction(ctx context.Context, token string, real return nil, errors.New("alias is required for getting a required action") } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "authentication", "required-actions", alias)) + Get(g.getAdminRealmURL(realm, "authentication", "required-actions", alias)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3908,28 +3982,28 @@ func (client *gocloak) GetRequiredAction(ctx context.Context, token string, real } // UpdateRequiredAction updates a required action for a given realm -func (client *gocloak) UpdateRequiredAction(ctx context.Context, token string, realm string, requiredAction RequiredActionProviderRepresentation) error { +func (g *GoCloak) UpdateRequiredAction(ctx context.Context, token string, realm string, requiredAction RequiredActionProviderRepresentation) error { const errMessage = "could not update required action" if NilOrEmpty(requiredAction.ProviderID) { return errors.New("providerId is required for updating a required action") } - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(requiredAction). - Put(client.getAdminRealmURL(realm, "authentication", "required-actions", *requiredAction.ProviderID)) + Put(g.getAdminRealmURL(realm, "authentication", "required-actions", *requiredAction.ProviderID)) return checkForError(resp, err, errMessage) } // DeleteRequiredAction updates a required action for a given realm -func (client *gocloak) DeleteRequiredAction(ctx context.Context, token string, realm string, alias string) error { +func (g *GoCloak) DeleteRequiredAction(ctx context.Context, token string, realm string, alias string) error { const errMessage = "could not delete required action" if alias == "" { return errors.New("alias is required for deleting a required action") } - resp, err := client.getRequestWithBearerAuth(ctx, token). - Delete(client.getAdminRealmURL(realm, "authentication", "required-actions", alias)) + resp, err := g.getRequestWithBearerAuth(ctx, token). + Delete(g.getAdminRealmURL(realm, "authentication", "required-actions", alias)) if err := checkForError(resp, err, errMessage); err != nil { return err @@ -3939,14 +4013,14 @@ func (client *gocloak) DeleteRequiredAction(ctx context.Context, token string, r } // CreateClientScopesScopeMappingsClientRoles attaches a client role to a client scope (not client's scope) -func (client *gocloak) CreateClientScopesScopeMappingsClientRoles( +func (g *GoCloak) CreateClientScopesScopeMappingsClientRoles( ctx context.Context, token, realm, idOfClientScope, idOfClient string, roles []Role, ) error { const errMessage = "could not create client-level roles to the client-scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Post(client.getAdminRealmURL(realm, "client-scopes", idOfClientScope, "scope-mappings", "clients", idOfClient)) + Post(g.getAdminRealmURL(realm, "client-scopes", idOfClientScope, "scope-mappings", "clients", idOfClient)) return checkForError(resp, err, errMessage) } @@ -3954,14 +4028,14 @@ func (client *gocloak) CreateClientScopesScopeMappingsClientRoles( // GetClientScopesScopeMappingsClientRolesAvailable returns available (i.e. not attached via // CreateClientScopesScopeMappingsClientRoles) client roles for a specific client, for a client scope // (not client's scope). -func (client *gocloak) GetClientScopesScopeMappingsClientRolesAvailable(ctx context.Context, token, realm, idOfClientScope, idOfClient string) ([]*Role, error) { +func (g *GoCloak) GetClientScopesScopeMappingsClientRolesAvailable(ctx context.Context, token, realm, idOfClientScope, idOfClient string) ([]*Role, error) { const errMessage = "could not get available client-level roles with the client-scope" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "client-scopes", idOfClientScope, "scope-mappings", "clients", idOfClient, "available")) + Get(g.getAdminRealmURL(realm, "client-scopes", idOfClientScope, "scope-mappings", "clients", idOfClient, "available")) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3972,14 +4046,14 @@ func (client *gocloak) GetClientScopesScopeMappingsClientRolesAvailable(ctx cont // GetClientScopesScopeMappingsClientRoles returns attached client roles for a specific client, for a client scope // (not client's scope). -func (client *gocloak) GetClientScopesScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClientScope, idOfClient string) ([]*Role, error) { +func (g *GoCloak) GetClientScopesScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClientScope, idOfClient string) ([]*Role, error) { const errMessage = "could not get client-level roles with the client-scope" var result []*Role - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetResult(&result). - Get(client.getAdminRealmURL(realm, "client-scopes", idOfClientScope, "scope-mappings", "clients", idOfClient)) + Get(g.getAdminRealmURL(realm, "client-scopes", idOfClientScope, "scope-mappings", "clients", idOfClient)) if err := checkForError(resp, err, errMessage); err != nil { return nil, err @@ -3990,12 +4064,12 @@ func (client *gocloak) GetClientScopesScopeMappingsClientRoles(ctx context.Conte // DeleteClientScopesScopeMappingsClientRoles removes attachment of client roles from a client scope // (not client's scope). -func (client *gocloak) DeleteClientScopesScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClientScope, idOfClient string, roles []Role) error { +func (g *GoCloak) DeleteClientScopesScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClientScope, idOfClient string, roles []Role) error { const errMessage = "could not delete client-level roles from the client-scope" - resp, err := client.getRequestWithBearerAuth(ctx, token). + resp, err := g.getRequestWithBearerAuth(ctx, token). SetBody(roles). - Delete(client.getAdminRealmURL(realm, "client-scopes", idOfClientScope, "scope-mappings", "clients", idOfClient)) + Delete(g.getAdminRealmURL(realm, "client-scopes", idOfClientScope, "scope-mappings", "clients", idOfClient)) return checkForError(resp, err, errMessage) } diff --git a/client_benchmark_test.go b/client_benchmark_test.go index e097fbd8..cbd3ebab 100644 --- a/client_benchmark_test.go +++ b/client_benchmark_test.go @@ -4,7 +4,7 @@ import ( "context" "testing" - "github.com/Nerzal/gocloak/v11" + "github.com/Nerzal/gocloak/v12" "github.com/stretchr/testify/assert" ) diff --git a/client_test.go b/client_test.go index 941569b5..1312cd86 100644 --- a/client_test.go +++ b/client_test.go @@ -26,7 +26,7 @@ import ( "github.com/stretchr/testify/require" "golang.org/x/crypto/pkcs12" - "github.com/Nerzal/gocloak/v11" + "github.com/Nerzal/gocloak/v12" ) type configAdmin struct { @@ -92,7 +92,7 @@ func GetConfig(t testing.TB) *Config { return config } -func GetClientToken(t *testing.T, client gocloak.GoCloak) *gocloak.JWT { +func GetClientToken(t *testing.T, client *gocloak.GoCloak) *gocloak.JWT { cfg := GetConfig(t) token, err := client.LoginClient( context.Background(), @@ -103,7 +103,7 @@ func GetClientToken(t *testing.T, client gocloak.GoCloak) *gocloak.JWT { return token } -func GetUserToken(t *testing.T, client gocloak.GoCloak) *gocloak.JWT { +func GetUserToken(t *testing.T, client *gocloak.GoCloak) *gocloak.JWT { SetUpTestUser(t, client) cfg := GetConfig(t) token, err := client.Login( @@ -117,7 +117,7 @@ func GetUserToken(t *testing.T, client gocloak.GoCloak) *gocloak.JWT { return token } -func GetAdminToken(t testing.TB, client gocloak.GoCloak) *gocloak.JWT { +func GetAdminToken(t testing.TB, client *gocloak.GoCloak) *gocloak.JWT { cfg := GetConfig(t) token, err := client.LoginAdmin( context.Background(), @@ -140,7 +140,7 @@ func GetRandomNameP(name string) *string { return &r } -func GetClientByClientID(t *testing.T, client gocloak.GoCloak, clientID string) *gocloak.Client { +func GetClientByClientID(t *testing.T, client *gocloak.GoCloak, clientID string) *gocloak.Client { cfg := GetConfig(t) token := GetAdminToken(t, client) clients, err := client.GetClients( @@ -163,7 +163,7 @@ func GetClientByClientID(t *testing.T, client gocloak.GoCloak, clientID string) return nil } -func CreateGroup(t *testing.T, client gocloak.GoCloak) (func(), string) { +func CreateGroup(t *testing.T, client *gocloak.GoCloak) (func(), string) { cfg := GetConfig(t) token := GetAdminToken(t, client) group := gocloak.Group{ @@ -192,7 +192,7 @@ func CreateGroup(t *testing.T, client gocloak.GoCloak) (func(), string) { return tearDown, groupID } -func CreateResource(t *testing.T, client gocloak.GoCloak, idOfClient string) (func(), string) { +func CreateResource(t *testing.T, client *gocloak.GoCloak, idOfClient string) (func(), string) { cfg := GetConfig(t) token := GetAdminToken(t, client) resource := gocloak.ResourceRepresentation{ @@ -231,7 +231,7 @@ func CreateResource(t *testing.T, client gocloak.GoCloak, idOfClient string) (fu return tearDown, *createdResource.ID } -func CreateResourceClientWithScopes(t *testing.T, client gocloak.GoCloak) (func(), string) { +func CreateResourceClientWithScopes(t *testing.T, client *gocloak.GoCloak) (func(), string) { cfg := GetConfig(t) token := GetClientToken(t, client) resource := gocloak.ResourceRepresentation{ @@ -275,7 +275,7 @@ func CreateResourceClientWithScopes(t *testing.T, client gocloak.GoCloak) (func( return tearDown, *createdResource.ID } -func CreateResourceClient(t *testing.T, client gocloak.GoCloak) (func(), string) { +func CreateResourceClient(t *testing.T, client *gocloak.GoCloak) (func(), string) { cfg := GetConfig(t) token := GetClientToken(t, client) resource := gocloak.ResourceRepresentation{ @@ -312,7 +312,7 @@ func CreateResourceClient(t *testing.T, client gocloak.GoCloak) (func(), string) return tearDown, *createdResource.ID } -func CreateScope(t *testing.T, client gocloak.GoCloak, idOfClient string) (func(), string) { +func CreateScope(t *testing.T, client *gocloak.GoCloak, idOfClient string) (func(), string) { cfg := GetConfig(t) token := GetAdminToken(t, client) scope := gocloak.ScopeRepresentation{ @@ -341,7 +341,7 @@ func CreateScope(t *testing.T, client gocloak.GoCloak, idOfClient string) (func( return tearDown, *createdScope.ID } -func CreatePolicy(t *testing.T, client gocloak.GoCloak, idOfClient string, policy gocloak.PolicyRepresentation) (func(), string) { +func CreatePolicy(t *testing.T, client *gocloak.GoCloak, idOfClient string, policy gocloak.PolicyRepresentation) (func(), string) { cfg := GetConfig(t) token := GetAdminToken(t, client) createdPolicy, err := client.CreatePolicy( @@ -366,7 +366,7 @@ func CreatePolicy(t *testing.T, client gocloak.GoCloak, idOfClient string, polic return tearDown, *createdPolicy.ID } -func CreatePermission(t *testing.T, client gocloak.GoCloak, idOfClient string, permission gocloak.PermissionRepresentation) (func(), string) { +func CreatePermission(t *testing.T, client *gocloak.GoCloak, idOfClient string, permission gocloak.PermissionRepresentation) (func(), string) { cfg := GetConfig(t) token := GetAdminToken(t, client) createdPermission, err := client.CreatePermission( @@ -390,10 +390,10 @@ func CreatePermission(t *testing.T, client gocloak.GoCloak, idOfClient string, p return tearDown, *createdPermission.ID } -func CreateClient(t *testing.T, client gocloak.GoCloak, newClient *gocloak.Client) (func(), string) { +func CreateClient(t *testing.T, client *gocloak.GoCloak, newClient *gocloak.Client) (func(), string) { if newClient == nil { newClient = &gocloak.Client{ - ClientID: GetRandomNameP("CliendID"), + ClientID: GetRandomNameP("ClientID"), Name: GetRandomNameP("Name"), BaseURL: gocloak.StringP("http://example.com"), } @@ -418,7 +418,7 @@ func CreateClient(t *testing.T, client gocloak.GoCloak, newClient *gocloak.Clien return tearDown, createdID } -func SetUpTestUser(t testing.TB, client gocloak.GoCloak) { +func SetUpTestUser(t testing.TB, client *gocloak.GoCloak) { setupOnce.Do(func() { cfg := GetConfig(t) token := GetAdminToken(t, client) @@ -490,7 +490,7 @@ func (w *RestyLogWriter) write(format string, v ...interface{}) { w.t.Logf(format, v...) } -func NewClientWithDebug(t testing.TB) gocloak.GoCloak { +func NewClientWithDebug(t testing.TB) *gocloak.GoCloak { cfg := GetConfig(t) client := gocloak.NewClient(cfg.HostName) cond := func(resp *resty.Response, err error) bool { @@ -532,7 +532,7 @@ func NewClientWithDebug(t testing.TB) gocloak.GoCloak { // err - returned error or nil to return the default error // failN - number of requests to be failed // skipN = number of requests to be executed and not failed by this function -func FailRequest(client gocloak.GoCloak, err error, failN, skipN int) gocloak.GoCloak { +func FailRequest(client *gocloak.GoCloak, err error, failN, skipN int) *gocloak.GoCloak { client.RestyClient().OnBeforeRequest( func(c *resty.Client, r *resty.Request) error { if skipN > 0 { @@ -552,7 +552,7 @@ func FailRequest(client gocloak.GoCloak, err error, failN, skipN int) gocloak.Go return client } -func ClearRealmCache(t testing.TB, client gocloak.GoCloak, realm ...string) { +func ClearRealmCache(t testing.TB, client *gocloak.GoCloak, realm ...string) { cfg := GetConfig(t) token := GetAdminToken(t, client) if len(realm) == 0 { @@ -574,14 +574,14 @@ func ClearRealmCache(t testing.TB, client gocloak.GoCloak, realm ...string) { // ----- func Test_RestyClient(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) restyClient := client.RestyClient() require.NotEqual(t, restyClient, resty.New()) } func Test_SetRestyClient(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) newRestyClient := resty.New() client.SetRestyClient(newRestyClient) @@ -590,7 +590,7 @@ func Test_SetRestyClient(t *testing.T) { } func Test_checkForError(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) FailRequest(client, nil, 1, 0) _, err := client.Login(context.Background(), "", "", "", "", "") @@ -603,7 +603,7 @@ func Test_checkForError(t *testing.T) { // --------- func Test_GetServerInfo(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) // client.RestyClient().SetDebug(true) token := GetAdminToken(t, client) @@ -623,7 +623,7 @@ func Test_GetServerInfo(t *testing.T) { } func Test_GetUserInfo(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -644,7 +644,7 @@ func Test_GetUserInfo(t *testing.T) { } func Test_GetRawUserInfo(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -660,7 +660,7 @@ func Test_GetRawUserInfo(t *testing.T) { } func Test_RetrospectRequestingPartyToken(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -683,7 +683,7 @@ func Test_RetrospectRequestingPartyToken(t *testing.T) { "Fake Resource", }, }) - require.Error(t, err, "GetRequestingPartyToken failed") + require.Error(t, err, "GetRequestingPartyToken must fail with Fake resource") require.Nil(t, rpt) rpt, err = client.GetRequestingPartyToken( @@ -716,7 +716,7 @@ func Test_RetrospectRequestingPartyToken(t *testing.T) { } func Test_GetRequestingPartyPermissions(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -762,7 +762,7 @@ func Test_GetRequestingPartyPermissions(t *testing.T) { } func Test_GetRequestingPartyPermissionDecision(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -800,7 +800,7 @@ func Test_GetRequestingPartyPermissionDecision(t *testing.T) { } func Test_GetCerts(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) certs, err := client.GetCerts(context.Background(), cfg.GoCloak.Realm) @@ -809,7 +809,7 @@ func Test_GetCerts(t *testing.T) { } func Test_LoginClient_UnknownRealm(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) _, err := client.LoginClient( @@ -822,7 +822,7 @@ func Test_LoginClient_UnknownRealm(t *testing.T) { } func Test_GetIssuer(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) issuer, err := client.GetIssuer(context.Background(), cfg.GoCloak.Realm) @@ -831,7 +831,7 @@ func Test_GetIssuer(t *testing.T) { } func Test_RetrospectToken_InactiveToken(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) @@ -847,7 +847,7 @@ func Test_RetrospectToken_InactiveToken(t *testing.T) { } func Test_RetrospectToken(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetClientToken(t, client) @@ -864,7 +864,7 @@ func Test_RetrospectToken(t *testing.T) { } func Test_DecodeAccessToken(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetClientToken(t, client) @@ -897,7 +897,7 @@ func Test_DecodeAccessTokenCustomClaims(t *testing.T) { } func Test_RefreshToken(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -914,7 +914,7 @@ func Test_RefreshToken(t *testing.T) { } func Test_UserAttributeContains(t *testing.T) { - // t.Parallel() + t.Parallel() attributes := map[string][]string{} attributes["foo"] = []string{"bar", "alice", "bob", "roflcopter"} @@ -925,7 +925,7 @@ func Test_UserAttributeContains(t *testing.T) { } func Test_GetKeyStoreConfig(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -939,7 +939,7 @@ func Test_GetKeyStoreConfig(t *testing.T) { } func Test_Login(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -954,7 +954,7 @@ func Test_Login(t *testing.T) { } func Test_LoginSignedJWT(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) keystore := filepath.Join("testdata", "keystore.p12") f, err := os.Open(keystore) @@ -1001,7 +1001,7 @@ func Test_LoginSignedJWT(t *testing.T) { func Test_LoginOtp(t *testing.T) { totp := "123456" - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -1018,7 +1018,7 @@ func Test_LoginOtp(t *testing.T) { } func Test_GetToken(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -1084,7 +1084,7 @@ func Test_GetRequestingPartyToken(t *testing.T) { } func Test_LoginClient(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) _, err := client.LoginClient( @@ -1096,7 +1096,7 @@ func Test_LoginClient(t *testing.T) { } func Test_LoginAdmin(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) _, err := client.LoginAdmin( @@ -1108,7 +1108,7 @@ func Test_LoginAdmin(t *testing.T) { } func Test_SetPassword(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1127,7 +1127,7 @@ func Test_SetPassword(t *testing.T) { } func Test_CreateListGetUpdateDeleteGetChildGroup(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1194,7 +1194,7 @@ func Test_CreateListGetUpdateDeleteGetChildGroup(t *testing.T) { require.NoError(t, err, "GetGroup failed") } -func CreateClientRole(t *testing.T, client gocloak.GoCloak) (func(), string) { +func CreateClientRole(t *testing.T, client *gocloak.GoCloak) (func(), string) { cfg := GetConfig(t) token := GetAdminToken(t, client) @@ -1225,14 +1225,14 @@ func CreateClientRole(t *testing.T, client gocloak.GoCloak) (func(), string) { } func Test_CreateClientRole(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) tearDown, _ := CreateClientRole(t, client) tearDown() } func Test_GetClientRole(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) tearDown, roleName := CreateClientRole(t, client) defer tearDown() @@ -1269,7 +1269,7 @@ func Test_GetClientRole(t *testing.T) { require.Nil(t, role) } -func CreateClientScope(t *testing.T, client gocloak.GoCloak, scope *gocloak.ClientScope) (func(), string) { +func CreateClientScope(t *testing.T, client *gocloak.GoCloak, scope *gocloak.ClientScope) (func(), string) { cfg := GetConfig(t) token := GetAdminToken(t, client) @@ -1304,13 +1304,13 @@ func CreateClientScope(t *testing.T, client gocloak.GoCloak, scope *gocloak.Clie } func Test_CreateClientScope_DeleteClientScope(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) tearDown, _ := CreateClientScope(t, client, nil) tearDown() } -func CreateUpdateClientScopeProtocolMapper(t *testing.T, client gocloak.GoCloak, scopeID string, protocolMapper *gocloak.ProtocolMappers) (func(), string) { +func CreateUpdateClientScopeProtocolMapper(t *testing.T, client *gocloak.GoCloak, scopeID string, protocolMapper *gocloak.ProtocolMappers) (func(), string) { cfg := GetConfig(t) token := GetAdminToken(t, client) @@ -1370,7 +1370,7 @@ func CreateUpdateClientScopeProtocolMapper(t *testing.T, client gocloak.GoCloak, } func Test_CreateClientScopeProtocolMapper_DeleteClientScopeProtocolMapper(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1392,7 +1392,7 @@ func Test_CreateClientScopeProtocolMapper_DeleteClientScopeProtocolMapper(t *tes } func Test_ListAddRemoveDefaultClientScopes(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1457,7 +1457,7 @@ func Test_ListAddRemoveDefaultClientScopes(t *testing.T) { } func Test_ListAddRemoveOptionalClientScopes(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1516,7 +1516,7 @@ func Test_ListAddRemoveOptionalClientScopes(t *testing.T) { } func Test_GetDefaultOptionalClientScopes(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1532,7 +1532,7 @@ func Test_GetDefaultOptionalClientScopes(t *testing.T) { } func Test_GetDefaultDefaultClientScopes(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1547,7 +1547,7 @@ func Test_GetDefaultDefaultClientScopes(t *testing.T) { } func Test_GetClientScope(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1568,7 +1568,7 @@ func Test_GetClientScope(t *testing.T) { } func Test_GetClientScopes(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1584,7 +1584,7 @@ func Test_GetClientScopes(t *testing.T) { } func Test_GetClientScopeProtocolMappers(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1603,7 +1603,7 @@ func Test_GetClientScopeProtocolMappers(t *testing.T) { require.NotNil(t, protocolMappers) } -func CreateClientScopeMappingsRealmRoles(t *testing.T, client gocloak.GoCloak, idOfClient string, roles []gocloak.Role) func() { +func CreateClientScopeMappingsRealmRoles(t *testing.T, client *gocloak.GoCloak, idOfClient string, roles []gocloak.Role) func() { token := GetAdminToken(t, client) cfg := GetConfig(t) @@ -1630,7 +1630,7 @@ func CreateClientScopeMappingsRealmRoles(t *testing.T, client gocloak.GoCloak, i return tearDown } -func CreateClientScopeMappingsClientRoles(t *testing.T, client gocloak.GoCloak, idOfClient, clients string, roles []gocloak.Role) func() { +func CreateClientScopeMappingsClientRoles(t *testing.T, client *gocloak.GoCloak, idOfClient, clients string, roles []gocloak.Role) func() { token := GetAdminToken(t, client) cfg := GetConfig(t) @@ -1660,7 +1660,7 @@ func CreateClientScopeMappingsClientRoles(t *testing.T, client gocloak.GoCloak, } func Test_ClientScopeMappingsClientRoles(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1738,7 +1738,7 @@ func Test_ClientScopeMappingsClientRoles(t *testing.T) { } func Test_ClientScopeMappingsRealmRoles(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -1813,7 +1813,7 @@ func Test_ClientScopeMappingsRealmRoles(t *testing.T) { } func CreateClientScopesMappingsClientRoles( - t *testing.T, client gocloak.GoCloak, scopeID, idOfClient string, roles []gocloak.Role, + t *testing.T, client *gocloak.GoCloak, scopeID, idOfClient string, roles []gocloak.Role, ) func() { token := GetAdminToken(t, client) cfg := GetConfig(t) @@ -1919,7 +1919,7 @@ func Test_ClientScopesMappingsClientRoles(t *testing.T) { } func Test_CreateListGetUpdateDeleteClient(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2015,25 +2015,34 @@ func Test_CreateListGetUpdateDeleteClient(t *testing.T) { } func Test_CreateListGetUpdateDeleteClientRepresentation(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) + token := GetClientToken(t, client) + testClient := gocloak.Client{ + ClientID: GetRandomNameP("gocloak-client-secret-client-id-"), + } + ctx := context.Background() // Creating a client representation - createdClient, err := client.CreateClientRepresentation(context.Background(), cfg.GoCloak.Realm) + createdClient, err := client.CreateClientRepresentation(ctx, token.AccessToken, cfg.GoCloak.Realm, testClient) require.NoError(t, err, "CreateClientRepresentation failed") - t.Logf("Client ID: %s", gocloak.PString(createdClient.ID)) + t.Logf( + "Client ID: %s, ID: %s", + gocloak.PString(createdClient.ClientID), + gocloak.PString(createdClient.ID), + ) // Get the created client representation gotClient, err := client.GetClientRepresentation( context.Background(), gocloak.PString(createdClient.RegistrationAccessToken), cfg.GoCloak.Realm, - gocloak.PString(createdClient.ID), + gocloak.PString(createdClient.ClientID), ) require.NoError(t, err, "GetClientRepresentation failed") - require.Equal(t, gocloak.PString(createdClient.ID), gocloak.PString(gotClient.ID)) + require.Equal(t, gocloak.PString(createdClient.ClientID), gocloak.PString(gotClient.ClientID)) // Updating the client representation @@ -2062,7 +2071,7 @@ func Test_CreateListGetUpdateDeleteClientRepresentation(t *testing.T) { context.Background(), gocloak.PString(updatedClient.RegistrationAccessToken), cfg.GoCloak.Realm, - gocloak.PString(createdClient.ID), + gocloak.PString(createdClient.ClientID), ) require.NoError(t, err, "GetClientRepresentation failed") require.Equal(t, gocloak.PString(createdClient.Name), gocloak.PString(gotClient.Name)) @@ -2072,7 +2081,7 @@ func Test_CreateListGetUpdateDeleteClientRepresentation(t *testing.T) { context.Background(), gocloak.PString(gotClient.RegistrationAccessToken), cfg.GoCloak.Realm, - gocloak.PString(createdClient.ID), + gocloak.PString(createdClient.ClientID), ) require.NoError(t, err, "DeleteClientRepresentation failed") @@ -2081,28 +2090,32 @@ func Test_CreateListGetUpdateDeleteClientRepresentation(t *testing.T) { context.Background(), gocloak.PString(gotClient.RegistrationAccessToken), cfg.GoCloak.Realm, - gocloak.PString(createdClient.ID), + gocloak.PString(createdClient.ClientID), ) require.Error(t, err, "Should fail because the deleted client doesn't exist anymore") } func Test_GetAdapterConfigurationForClientRepresentation(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) + token := GetClientToken(t, client) + testClient := gocloak.Client{ + ClientID: GetRandomNameP("gocloak-client-secret-client-id-"), + } // Creating a client representation - createdClient, err := client.CreateClientRepresentation(context.Background(), cfg.GoCloak.Realm) + createdClient, err := client.CreateClientRepresentation(context.Background(), token.AccessToken, cfg.GoCloak.Realm, testClient) require.NoError(t, err, "CreateClientRepresentation failed") - t.Logf("Client ID: %s", gocloak.PString(createdClient.ID)) + t.Logf("Client ID: %s", gocloak.PString(createdClient.ClientID)) // Get the created client representation gotClient, err := client.GetClientRepresentation( context.Background(), gocloak.PString(createdClient.RegistrationAccessToken), cfg.GoCloak.Realm, - gocloak.PString(createdClient.ID), + gocloak.PString(createdClient.ClientID), ) require.NoError(t, err, "GetClientRepresentation failed") require.Equal(t, gocloak.PString(createdClient.ID), gocloak.PString(gotClient.ID)) @@ -2112,17 +2125,17 @@ func Test_GetAdapterConfigurationForClientRepresentation(t *testing.T) { context.Background(), gocloak.PString(gotClient.RegistrationAccessToken), cfg.GoCloak.Realm, - gocloak.PString(createdClient.ID), + gocloak.PString(createdClient.ClientID), ) require.NoError(t, err, "GetAdapterConfiguration failed") - require.Equal(t, gocloak.PString(gotClient.ID), gocloak.PString(adapterConfig.Resource)) + require.Equal(t, gocloak.PString(gotClient.ClientID), gocloak.PString(adapterConfig.Resource)) // Deleting the client representation err = client.DeleteClientRepresentation( context.Background(), gocloak.PString(gotClient.RegistrationAccessToken), cfg.GoCloak.Realm, - gocloak.PString(createdClient.ID), + gocloak.PString(createdClient.ClientID), ) require.NoError(t, err, "DeleteClientRepresentation failed") @@ -2131,13 +2144,13 @@ func Test_GetAdapterConfigurationForClientRepresentation(t *testing.T) { context.Background(), gocloak.PString(gotClient.RegistrationAccessToken), cfg.GoCloak.Realm, - gocloak.PString(createdClient.ID), + gocloak.PString(createdClient.ClientID), ) require.Error(t, err, "Should fail because the deleted client doesn't exist anymore") } func Test_GetGroups(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2151,7 +2164,7 @@ func Test_GetGroups(t *testing.T) { } func Test_GetGroupsFull(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2184,7 +2197,7 @@ func Test_GetGroupsFull(t *testing.T) { } func Test_GetGroupsBriefRepresentation(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2258,7 +2271,7 @@ func Test_GetGroupsByClientRole(t *testing.T) { } func Test_GetGroupFull(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2280,7 +2293,7 @@ func Test_GetGroupFull(t *testing.T) { } func Test_GetGroupMembers(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2311,7 +2324,7 @@ func Test_GetGroupMembers(t *testing.T) { } func Test_ListAddRemoveDefaultGroups(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2360,7 +2373,7 @@ func Test_ListAddRemoveDefaultGroups(t *testing.T) { } func Test_GetClientRoles(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2377,7 +2390,7 @@ func Test_GetClientRoles(t *testing.T) { } func Test_GetRoleMappingByGroupID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2394,7 +2407,7 @@ func Test_GetRoleMappingByGroupID(t *testing.T) { } func Test_GetRoleMappingByUserID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2437,8 +2450,34 @@ func Test_ExecuteActionsEmail_UpdatePassword(t *testing.T) { } } +func Test_SendVerifyEmail(t *testing.T) { + cfg := GetConfig(t) + client := NewClientWithDebug(t) + token := GetAdminToken(t, client) + + tearDown, userID := CreateUser(t, client) + defer tearDown() + + params := gocloak.SendVerificationMailParams{ + ClientID: &(cfg.GoCloak.ClientID), + } + + err := client.SendVerifyEmail( + context.Background(), + token.AccessToken, + userID, + cfg.GoCloak.Realm, + params) + if err != nil { + if err.Error() == "500 Internal Server Error: Failed to send execute actions email" { + return + } + require.NoError(t, err, "ExecuteActionsEmail failed") + } +} + func Test_Logout(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetUserToken(t, client) @@ -2453,7 +2492,7 @@ func Test_Logout(t *testing.T) { } func Test_LogoutAllSessions(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2471,7 +2510,7 @@ func Test_LogoutAllSessions(t *testing.T) { } func Test_RevokeUserConsents(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -2503,7 +2542,7 @@ func Test_RevokeUserConsents(t *testing.T) { } func Test_LogoutUserSession(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) uToken := GetUserToken(t, client) @@ -2519,7 +2558,7 @@ func Test_LogoutUserSession(t *testing.T) { } func Test_GetRealm(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2533,7 +2572,7 @@ func Test_GetRealm(t *testing.T) { } func Test_GetRealms(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2549,7 +2588,7 @@ func Test_GetRealms(t *testing.T) { // Realm // ----------- -func CreateRealm(t *testing.T, client gocloak.GoCloak) (func(), string) { +func CreateRealm(t *testing.T, client *gocloak.GoCloak) (func(), string) { token := GetAdminToken(t, client) realmName := GetRandomName("Realm") @@ -2588,14 +2627,14 @@ func CreateRealm(t *testing.T, client gocloak.GoCloak) (func(), string) { } func Test_CreateRealm(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) tearDown, _ := CreateRealm(t, client) defer tearDown() } func Test_UpdateRealm(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2617,7 +2656,7 @@ func Test_UpdateRealm(t *testing.T) { } func Test_ClearRealmCache(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) ClearRealmCache(t, client) } @@ -2626,7 +2665,7 @@ func Test_ClearRealmCache(t *testing.T) { // Realm Roles // ----------- -func CreateRealmRole(t *testing.T, client gocloak.GoCloak) (func(), string) { +func CreateRealmRole(t *testing.T, client *gocloak.GoCloak) (func(), string) { cfg := GetConfig(t) token := GetAdminToken(t, client) @@ -2654,14 +2693,14 @@ func CreateRealmRole(t *testing.T, client gocloak.GoCloak) (func(), string) { } func Test_CreateRealmRole(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) tearDown, _ := CreateRealmRole(t, client) defer tearDown() } func Test_GetRealmRole(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2684,7 +2723,7 @@ func Test_GetRealmRole(t *testing.T) { } func Test_GetRealmRoles(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2702,7 +2741,7 @@ func Test_GetRealmRoles(t *testing.T) { } func Test_UpdateRealmRole(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2738,7 +2777,7 @@ func Test_UpdateRealmRole(t *testing.T) { } func Test_DeleteRealmRole(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2754,7 +2793,7 @@ func Test_DeleteRealmRole(t *testing.T) { } func Test_AddRealmRoleToUser_DeleteRealmRoleFromUser(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2790,7 +2829,7 @@ func Test_AddRealmRoleToUser_DeleteRealmRoleFromUser(t *testing.T) { } func Test_AddRealmRoleToGroup_DeleteRealmRoleFromGroup(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2826,7 +2865,7 @@ func Test_AddRealmRoleToGroup_DeleteRealmRoleFromGroup(t *testing.T) { } func Test_GetRealmRolesByUserID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2890,7 +2929,7 @@ func Test_GetRealmRolesByUserID(t *testing.T) { } func Test_GetRealmRolesByGroupID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2930,7 +2969,7 @@ func Test_GetRealmRolesByGroupID(t *testing.T) { } func Test_AddRealmRoleComposite_DeleteRealmRoleComposite(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -2972,7 +3011,7 @@ func Test_AddRealmRoleComposite_DeleteRealmRoleComposite(t *testing.T) { // Users // ----- -func CreateUser(t *testing.T, client gocloak.GoCloak) (func(), string) { +func CreateUser(t *testing.T, client *gocloak.GoCloak) (func(), string) { cfg := GetConfig(t) token := GetAdminToken(t, client) @@ -3009,7 +3048,7 @@ func CreateUser(t *testing.T, client gocloak.GoCloak) (func(), string) { } func Test_CreateUser(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) tearDown, _ := CreateUser(t, client) @@ -3017,7 +3056,7 @@ func Test_CreateUser(t *testing.T) { } func Test_CreateUserCustomAttributes(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3040,7 +3079,7 @@ func Test_CreateUserCustomAttributes(t *testing.T) { } func Test_GetUserByID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3058,7 +3097,7 @@ func Test_GetUserByID(t *testing.T) { } func Test_GetUsers(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3075,7 +3114,7 @@ func Test_GetUsers(t *testing.T) { } func Test_GetUserCount(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3091,7 +3130,7 @@ func Test_GetUserCount(t *testing.T) { } func Test_GetGroupsCount(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3106,7 +3145,7 @@ func Test_GetGroupsCount(t *testing.T) { } func Test_AddUserToGroup(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3127,7 +3166,7 @@ func Test_AddUserToGroup(t *testing.T) { } func Test_DeleteUserFromGroup(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3155,7 +3194,7 @@ func Test_DeleteUserFromGroup(t *testing.T) { } func Test_GetUserGroups(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3186,7 +3225,7 @@ func Test_GetUserGroups(t *testing.T) { } func Test_DeleteUser(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) tearDown, _ := CreateUser(t, client) @@ -3194,7 +3233,7 @@ func Test_DeleteUser(t *testing.T) { } func Test_UpdateUser(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3217,7 +3256,7 @@ func Test_UpdateUser(t *testing.T) { } func Test_UpdateUserSetEmptyRequiredActions(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3267,7 +3306,7 @@ func Test_UpdateUserSetEmptyRequiredActions(t *testing.T) { } func Test_UpdateUserSetEmptyEmail(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3299,7 +3338,7 @@ func Test_UpdateUserSetEmptyEmail(t *testing.T) { } func Test_GetUsersByRoleName(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3337,7 +3376,7 @@ func Test_GetUsersByRoleName(t *testing.T) { } func Test_GetUsersByClientRoleName(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3355,7 +3394,7 @@ func Test_GetUsersByClientRoleName(t *testing.T) { gocloakClientID, roleName) require.NoError(t, err) - err = client.AddClientRoleToUser( + err = client.AddClientRolesToUser( context.Background(), token.AccessToken, cfg.GoCloak.Realm, @@ -3378,7 +3417,7 @@ func Test_GetUsersByClientRoleName(t *testing.T) { } func Test_GetUserSessions(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -3406,7 +3445,7 @@ func Test_GetUserSessions(t *testing.T) { } func Test_GetUserOfflineSessionsForClient(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -3437,7 +3476,7 @@ func Test_GetUserOfflineSessionsForClient(t *testing.T) { } func Test_GetClientUserSessions(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -3478,7 +3517,7 @@ func findProtocolMapperByID(t *testing.T, client *gocloak.Client, id string) *go } func Test_CreateUpdateDeleteClientProtocolMapper(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) id := GetRandomName("protocol-mapper-id-") @@ -3576,7 +3615,7 @@ func Test_CreateUpdateDeleteClientProtocolMapper(t *testing.T) { } func Test_GetClientOfflineSessions(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -3606,7 +3645,7 @@ func Test_GetClientOfflineSessions(t *testing.T) { } func Test_ClientSecret(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3657,7 +3696,7 @@ func Test_ClientSecret(t *testing.T) { } func Test_ClientServiceAccount(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3677,7 +3716,7 @@ func Test_ClientServiceAccount(t *testing.T) { } func Test_AddClientRoleToUser_DeleteClientRoleFromUser(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -3703,7 +3742,7 @@ func Test_AddClientRoleToUser_DeleteClientRoleFromUser(t *testing.T) { ) require.NoError(t, err, "GetClientRole failed") roles := []gocloak.Role{*role1, *role2} - err = client.AddClientRoleToUser( + err = client.AddClientRolesToUser( context.Background(), token.AccessToken, cfg.GoCloak.Realm, @@ -3713,7 +3752,7 @@ func Test_AddClientRoleToUser_DeleteClientRoleFromUser(t *testing.T) { ) require.NoError(t, err, "AddClientRoleToUser failed") - err = client.DeleteClientRoleFromUser( + err = client.DeleteClientRolesFromUser( context.Background(), token.AccessToken, cfg.GoCloak.Realm, @@ -3725,7 +3764,7 @@ func Test_AddClientRoleToUser_DeleteClientRoleFromUser(t *testing.T) { } func Test_GetClientRolesByUserID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3742,7 +3781,7 @@ func Test_GetClientRolesByUserID(t *testing.T) { roleName) require.NoError(t, err) - err = client.AddClientRoleToUser( + err = client.AddClientRolesToUser( context.Background(), token.AccessToken, cfg.GoCloak.Realm, @@ -3792,7 +3831,7 @@ func Test_GetClientRolesByUserID(t *testing.T) { } func Test_GetAvailableClientRolesByUserID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3820,7 +3859,7 @@ func Test_GetAvailableClientRolesByUserID(t *testing.T) { roleName2) require.NoError(t, err) - err = client.AddClientRoleToUser( + err = client.AddClientRolesToUser( context.Background(), token.AccessToken, cfg.GoCloak.Realm, @@ -3870,7 +3909,7 @@ func Test_GetAvailableClientRolesByUserID(t *testing.T) { } func Test_GetAvailableRealmRolesByUserID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3943,7 +3982,7 @@ func Test_GetAvailableRealmRolesByUserID(t *testing.T) { } func Test_GetAvailableClientRolesByGroupID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -3971,7 +4010,7 @@ func Test_GetAvailableClientRolesByGroupID(t *testing.T) { roleName2) require.NoError(t, err) - err = client.AddClientRoleToGroup( + err = client.AddClientRolesToGroup( context.Background(), token.AccessToken, cfg.GoCloak.Realm, @@ -4021,7 +4060,7 @@ func Test_GetAvailableClientRolesByGroupID(t *testing.T) { } func Test_GetAvailableRealmRolesByGroupID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -4095,7 +4134,7 @@ func Test_GetAvailableRealmRolesByGroupID(t *testing.T) { } func Test_GetClientRolesByGroupID(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -4121,7 +4160,7 @@ func Test_GetClientRolesByGroupID(t *testing.T) { } func Test_AddClientRoleToGroup_DeleteClientRoleFromGroup(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) SetUpTestUser(t, client) @@ -4151,7 +4190,7 @@ func Test_AddClientRoleToGroup_DeleteClientRoleFromGroup(t *testing.T) { defer tearDownGroup() roles := []gocloak.Role{*role1, *role2} - err = client.AddClientRoleToGroup( + err = client.AddClientRolesToGroup( context.Background(), token.AccessToken, cfg.GoCloak.Realm, @@ -4173,7 +4212,7 @@ func Test_AddClientRoleToGroup_DeleteClientRoleFromGroup(t *testing.T) { } func Test_AddDeleteClientRoleComposite(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -4233,7 +4272,7 @@ func Test_AddDeleteClientRoleComposite(t *testing.T) { } func Test_AddDeleteRealmRoleComposite(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -4434,7 +4473,7 @@ func Test_CreateGetDeleteUserFederatedIdentity(t *testing.T) { } func Test_CreateDeleteClientScopeWithMappers(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -4740,7 +4779,7 @@ func Test_CreateProvider(t *testing.T) { // ----------------- func Test_ErrorsCreateListGetUpdateDeleteResourceClient(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetClientToken(t, client) @@ -4790,7 +4829,7 @@ func Test_ErrorsCreateListGetUpdateDeleteResourceClient(t *testing.T) { } func Test_CreateListGetUpdateDeleteResourceClient(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetClientToken(t, client) @@ -4855,7 +4894,7 @@ func Test_CreateListGetUpdateDeleteResourceClient(t *testing.T) { } func Test_CreateListGetUpdateDeleteResource(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -4924,7 +4963,7 @@ func Test_CreateListGetUpdateDeleteResource(t *testing.T) { } func Test_CreateListGetUpdateDeleteScope(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -4992,7 +5031,7 @@ func Test_CreateListGetUpdateDeleteScope(t *testing.T) { } func Test_CreateListGetUpdateDeletePolicy(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -5001,10 +5040,12 @@ func Test_CreateListGetUpdateDeletePolicy(t *testing.T) { tearDown, policyID := CreatePolicy(t, client, gocloakClientID, gocloak.PolicyRepresentation{ Name: GetRandomNameP("PolicyName"), Description: gocloak.StringP("Policy Description"), - Type: gocloak.StringP("js"), + Type: gocloak.StringP("client"), Logic: gocloak.NEGATIVE, - JSPolicyRepresentation: gocloak.JSPolicyRepresentation{ - Code: gocloak.StringP("$evaluation.grant();"), + ClientPolicyRepresentation: gocloak.ClientPolicyRepresentation{ + Clients: &[]string{ + gocloakClientID, + }, }, }) // Delete @@ -5045,7 +5086,7 @@ func Test_CreateListGetUpdateDeletePolicy(t *testing.T) { gocloakClientID, gocloak.GetPolicyParams{ Name: createdPolicy.Name, - Type: gocloak.StringP("js"), + Type: gocloak.StringP("client"), }, ) require.NoError(t, err, "GetPolicies failed") @@ -5074,8 +5115,10 @@ func Test_CreateListGetUpdateDeletePolicy(t *testing.T) { Description: createdPolicy.Description, Type: createdPolicy.Type, Logic: createdPolicy.Logic, - JSPolicyRepresentation: gocloak.JSPolicyRepresentation{ - Code: gocloak.StringP("$evaluation.grant();"), + ClientPolicyRepresentation: gocloak.ClientPolicyRepresentation{ + Clients: &[]string{ + gocloakClientID, + }, }, }, ) @@ -5521,7 +5564,7 @@ func Test_CreateGetUpdateDeleteResourcePolicy(t *testing.T) { } func Test_RolePolicy(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -5553,26 +5596,8 @@ func Test_RolePolicy(t *testing.T) { defer tearDown() } -func Test_JSPolicy(t *testing.T) { - // t.Parallel() - client := NewClientWithDebug(t) - - // Create - tearDown, _ := CreatePolicy(t, client, gocloakClientID, gocloak.PolicyRepresentation{ - Name: GetRandomNameP("PolicyName"), - Description: gocloak.StringP("JS Policy"), - Type: gocloak.StringP("js"), - Logic: gocloak.POSITIVE, - JSPolicyRepresentation: gocloak.JSPolicyRepresentation{ - Code: gocloak.StringP("$evaluation.grant();"), - }, - }) - // Delete - defer tearDown() -} - func Test_ClientPolicy(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) // Create @@ -5591,7 +5616,7 @@ func Test_ClientPolicy(t *testing.T) { } func Test_TimePolicy(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) // Create @@ -5619,7 +5644,7 @@ func Test_TimePolicy(t *testing.T) { } func Test_UserPolicy(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) tearDownUser, userID := CreateUser(t, client) @@ -5641,7 +5666,7 @@ func Test_UserPolicy(t *testing.T) { } func Test_AggregatedPolicy(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) tearDownClient, clientPolicyID := CreatePolicy(t, client, gocloakClientID, gocloak.PolicyRepresentation{ @@ -5656,17 +5681,19 @@ func Test_AggregatedPolicy(t *testing.T) { }) defer tearDownClient() - tearDownJS, jsPolicyID := CreatePolicy(t, client, gocloakClientID, gocloak.PolicyRepresentation{ + tearDownClient1, clientPolicyID1 := CreatePolicy(t, client, gocloakClientID, gocloak.PolicyRepresentation{ Name: GetRandomNameP("PolicyName"), Description: gocloak.StringP("JS Policy"), - Type: gocloak.StringP("js"), + Type: gocloak.StringP("client"), Logic: gocloak.POSITIVE, - JSPolicyRepresentation: gocloak.JSPolicyRepresentation{ - Code: gocloak.StringP("$evaluation.grant();"), + ClientPolicyRepresentation: gocloak.ClientPolicyRepresentation{ + Clients: &[]string{ + gocloakClientID, + }, }, }) // Delete - defer tearDownJS() + defer tearDownClient1() // Create tearDown, _ := CreatePolicy(t, client, gocloakClientID, gocloak.PolicyRepresentation{ @@ -5676,7 +5703,7 @@ func Test_AggregatedPolicy(t *testing.T) { AggregatedPolicyRepresentation: gocloak.AggregatedPolicyRepresentation{ Policies: &[]string{ clientPolicyID, - jsPolicyID, + clientPolicyID1, }, }, }) @@ -5685,7 +5712,7 @@ func Test_AggregatedPolicy(t *testing.T) { } func Test_GroupPolicy(t *testing.T) { - // t.Parallel() + t.Parallel() client := NewClientWithDebug(t) tearDownGroup, groupID := CreateGroup(t, client) @@ -5709,7 +5736,7 @@ func Test_GroupPolicy(t *testing.T) { } func Test_ErrorsGrantGetUpdateDeleteUserPermission(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetClientToken(t, client) @@ -5774,7 +5801,7 @@ func Test_ErrorsGrantGetUpdateDeleteUserPermission(t *testing.T) { } func Test_GrantGetUpdateDeleteUserPermission(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetClientToken(t, client) @@ -5871,7 +5898,7 @@ func Test_GrantGetUpdateDeleteUserPermission(t *testing.T) { } func Test_BadCreatePermissionTicket(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetClientToken(t, client) @@ -5907,7 +5934,7 @@ func Test_BadCreatePermissionTicket(t *testing.T) { } func Test_CreatePermissionTicket(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetClientToken(t, client) @@ -5951,7 +5978,7 @@ func Test_CreatePermissionTicket(t *testing.T) { } func Test_CreateListGetUpdateDeletePermission(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -5963,11 +5990,13 @@ func Test_CreateListGetUpdateDeletePermission(t *testing.T) { tearDownPolicy, policyID := CreatePolicy(t, client, gocloakClientID, gocloak.PolicyRepresentation{ Name: GetRandomNameP("PolicyName"), - Description: gocloak.StringP("JS Policy"), - Type: gocloak.StringP("js"), + Description: gocloak.StringP("Client Policy"), + Type: gocloak.StringP("client"), Logic: gocloak.POSITIVE, - JSPolicyRepresentation: gocloak.JSPolicyRepresentation{ - Code: gocloak.StringP("$evaluation.grant();"), + ClientPolicyRepresentation: gocloak.ClientPolicyRepresentation{ + Clients: &[]string{ + gocloakClientID, + }, }, }) // Delete @@ -6081,7 +6110,7 @@ func Test_CreateListGetUpdateDeletePermission(t *testing.T) { } func Test_CheckError(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -6111,7 +6140,7 @@ func Test_CheckError(t *testing.T) { // --------------- func Test_GetCredentialRegistrators(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -6126,7 +6155,7 @@ func Test_GetCredentialRegistrators(t *testing.T) { } func Test_GetConfiguredUserStorageCredentialTypes(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -6143,7 +6172,7 @@ func Test_GetConfiguredUserStorageCredentialTypes(t *testing.T) { } func Test_GetUpdateLableDeleteCredentials(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -6212,7 +6241,7 @@ func Test_GetUpdateLableDeleteCredentials(t *testing.T) { func Test_DisableAllCredentialsByType(t *testing.T) { // NOTE(svilgelm): I didn't find a way how to properly test this function, // so the test validates that the API call doesn't return an error. - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -6229,7 +6258,7 @@ func Test_DisableAllCredentialsByType(t *testing.T) { } func Test_TestSetFunctionalOptions(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) gocloak.NewClient(cfg.HostName, gocloak.SetAuthRealms("foo"), gocloak.SetAuthAdminRealms("bar")) @@ -6268,7 +6297,7 @@ func Test_GetClientsWithPagination(t *testing.T) { } func Test_ImportIdentityProviderConfig(t *testing.T) { - // t.Parallel() + t.Parallel() cfg := GetConfig(t) client := NewClientWithDebug(t) token := GetAdminToken(t, client) @@ -6363,6 +6392,7 @@ E8go1LcvbfHNyknHu2sptnRq55fHZSHr18vVsQRfDYMG "addExtensionsElementWithKeyInfo": "false", "loginHint": "false", "enabledFromMetadata": "true", + "idpEntityId": "https://accounts.google.com/o/saml2?idpid=C01unc9st", } require.Len( @@ -6610,7 +6640,7 @@ func TestGocloak_UpdateRequiredAction(t *testing.T) { require.NoError(t, err, "Failed to update required action") } -func CreateComponent(t *testing.T, client gocloak.GoCloak) (func(), *gocloak.Component) { +func CreateComponent(t *testing.T, client *gocloak.GoCloak) (func(), *gocloak.Component) { newComponent := &gocloak.Component{ Name: GetRandomNameP("CreateComponent"), ProviderID: gocloak.StringP("rsa-generated"), diff --git a/docker-compose.yml b/docker-compose.yml index d0b25ac5..4f02c3e4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,13 +2,16 @@ version: '3' services: keycloak: - image: jboss/keycloak:latest - command: -Dkeycloak.profile.feature.upload_scripts=enabled + build: . + command: -Dauto-build -Dfeatures=preview environment: - KEYCLOAK_IMPORT: /tmp/gocloak-realm.json KEYCLOAK_USER: admin KEYCLOAK_PASSWORD: secret + KEYCLOAK_ADMIN: admin + KEYCLOAK_ADMIN_PASSWORD: secret ports: - "8080:8080" volumes: - - ./testdata/gocloak-realm.json:/tmp/gocloak-realm.json \ No newline at end of file + - ./testdata/gocloak-realm.json:/opt/keycloak/data/import/gocloak-realm.json + entrypoint: ["/opt/keycloak/bin/kc.sh", "start-dev --features=preview --import-realm"] + \ No newline at end of file diff --git a/go.mod b/go.mod index d3a67f2f..3359f49d 100644 --- a/go.mod +++ b/go.mod @@ -1,15 +1,20 @@ -module github.com/Nerzal/gocloak/v11 +module github.com/Nerzal/gocloak/v12 -go 1.15 +go 1.18 require ( github.com/go-resty/resty/v2 v2.7.0 - github.com/golang-jwt/jwt/v4 v4.4.1 + github.com/golang-jwt/jwt/v4 v4.4.2 github.com/opentracing/opentracing-go v1.2.0 github.com/pkg/errors v0.9.1 github.com/segmentio/ksuid v1.0.4 - github.com/stretchr/testify v1.7.1 - golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f - golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4 // indirect - gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect + github.com/stretchr/testify v1.8.0 + golang.org/x/crypto v0.0.0-20221012134737-56aed061732a +) + +require ( + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + golang.org/x/net v0.0.0-20221019024206-cb67ada4b0ad // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 7f4ec501..01590474 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,10 @@ -github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY= github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I= -github.com/golang-jwt/jwt/v4 v4.4.1 h1:pC5DB52sCeK48Wlb9oPcdhnjkz1TKt1D/P7WKJ0kUcQ= -github.com/golang-jwt/jwt/v4 v4.4.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= +github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -13,26 +14,23 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c= github.com/segmentio/ksuid v1.0.4/go.mod h1:/XUiZBD3kVx5SmUOl55voK5yeAbBNNIed+2O73XgrPE= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f h1:OeJjE6G4dgCY4PIXvIRQbE8+RX+uXZyGhUy/ksMGJoc= -golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +golang.org/x/crypto v0.0.0-20221012134737-56aed061732a h1:NmSIgad6KjE6VvHciPZuNRTKxGhlPfD6OA87W/PLkqg= +golang.org/x/crypto v0.0.0-20221012134737-56aed061732a/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4 h1:HVyaeDAYux4pnY+D/SiwmLOR36ewZ4iGQIIrtnuCjFA= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20221019024206-cb67ada4b0ad h1:Zx6wVVDwwNJFWXNIvDi7o952w3/1ckSwYk/7eykRmjM= +golang.org/x/net v0.0.0-20221019024206-cb67ada4b0ad/go.mod h1:RpDiru2p0u2F0lLpEoqnP2+7xs0ifAuOcJ442g6GU2s= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/gocloak.go b/gocloak.go deleted file mode 100644 index 75dccc30..00000000 --- a/gocloak.go +++ /dev/null @@ -1,547 +0,0 @@ -package gocloak - -import ( - "context" - "io" - - "github.com/go-resty/resty/v2" - "github.com/golang-jwt/jwt/v4" -) - -// GoCloak holds all methods a client should fulfill -type GoCloak interface { - // RestyClient returns a resty client that gocloak uses - RestyClient() *resty.Client - // Sets the resty Client that gocloak uses - SetRestyClient(restyClient *resty.Client) - - // GetToken returns a token - GetToken(ctx context.Context, realm string, options TokenOptions) (*JWT, error) - // GetRequestingPartyToken returns a requesting party token with permissions granted by the server - GetRequestingPartyToken(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*JWT, error) - // GetRequestingPartyPermissions returns a permissions granted by the server to requesting party - GetRequestingPartyPermissions(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*[]RequestingPartyPermission, error) - // GetRequestingPartyPermissionDecision returns a permission decision granted by the server to requesting party - GetRequestingPartyPermissionDecision(ctx context.Context, token, realm string, options RequestingPartyTokenOptions) (*RequestingPartyPermissionDecision, error) - // Login sends a request to the token endpoint using user and client credentials - Login(ctx context.Context, clientID, clientSecret, realm, username, password string) (*JWT, error) - // LoginOtp performs a login with user credentials and otp token - LoginOtp(ctx context.Context, clientID, clientSecret, realm, username, password, totp string) (*JWT, error) - // Logout sends a request to the logout endpoint using refresh token - Logout(ctx context.Context, clientID, clientSecret, realm, refreshToken string) error - // LogoutPublicClient sends a request to the logout endpoint using refresh token - LogoutPublicClient(ctx context.Context, idOfClient, realm, accessToken, refreshToken string) error - // LogoutAllSessions logs out all sessions of a user given an id - LogoutAllSessions(ctx context.Context, accessToken, realm, userID string) error - // RevokeConsents revoke consent and offline tokens for particular client from user - RevokeUserConsents(ctx context.Context, accessToken, realm, userID, clientID string) error - // LogoutUserSessions logs out a single sessions of a user given a session id. - // NOTE: this uses bearer token, but this token must belong to a user with proper privileges - LogoutUserSession(ctx context.Context, accessToken, realm, session string) error - // LoginClient sends a request to the token endpoint using client credentials - LoginClient(ctx context.Context, clientID, clientSecret, realm string) (*JWT, error) - // LoginClientTokenExchange requests a login on a specified users behalf. Returning a user's tokens. - LoginClientTokenExchange(ctx context.Context, clientID, token, clientSecret, realm, targetClient, userID string) (*JWT, error) - // LoginClientSignedJWT performs a login with client credentials and signed jwt claims - LoginClientSignedJWT(ctx context.Context, idOfClient, realm string, key interface{}, signedMethod jwt.SigningMethod, expiresAt *jwt.NumericDate) (*JWT, error) - // LoginAdmin login as admin - LoginAdmin(ctx context.Context, username, password, realm string) (*JWT, error) - // RefreshToken used to refresh the token - RefreshToken(ctx context.Context, refreshToken, clientID, clientSecret, realm string) (*JWT, error) - // DecodeAccessToken decodes the accessToken - DecodeAccessToken(ctx context.Context, accessToken, realm string) (*jwt.Token, *jwt.MapClaims, error) - // DecodeAccessTokenCustomClaims decodes the accessToken and fills the given claims - DecodeAccessTokenCustomClaims(ctx context.Context, accessToken, realm string, claims jwt.Claims) (*jwt.Token, error) - // RetrospectToken calls the openid-connect introspect endpoint - RetrospectToken(ctx context.Context, accessToken, clientID, clientSecret, realm string) (*RetrospecTokenResult, error) - // GetIssuer calls the issuer endpoint for the given realm - GetIssuer(ctx context.Context, realm string) (*IssuerResponse, error) - // GetCerts gets the public keys for the given realm - GetCerts(ctx context.Context, realm string) (*CertResponse, error) - // GetServerInfo returns the server info - GetServerInfo(ctx context.Context, accessToken string) (*ServerInfoRepesentation, error) - // GetUserInfo gets the user info for the given realm - GetUserInfo(ctx context.Context, accessToken, realm string) (*UserInfo, error) - // GetRawUserInfo calls the UserInfo endpoint and returns a raw json object - GetRawUserInfo(ctx context.Context, accessToken, realm string) (map[string]interface{}, error) - - // ExecuteActionsEmail executes an actions email - ExecuteActionsEmail(ctx context.Context, token, realm string, params ExecuteActionsEmail) error - - // CreateGroup creates a new group - CreateGroup(ctx context.Context, accessToken, realm string, group Group) (string, error) - // CreateChildGroup creates a new child group - CreateChildGroup(ctx context.Context, token, realm, groupID string, group Group) (string, error) - // CreateClient creates a new client - CreateClient(ctx context.Context, accessToken, realm string, newClient Client) (string, error) - // CreateClientScope creates a new clientScope - CreateClientScope(ctx context.Context, accessToken, realm string, scope ClientScope) (string, error) - // CreateClientScopeProtocolMapper creates a new protocolMapper under the given client scope - CreateClientScopeProtocolMapper(ctx context.Context, accessToken, realm, scopeID string, protocolMapper ProtocolMappers) (string, error) - // CreateComponent creates a new component - CreateComponent(ctx context.Context, accessToken, realm string, component Component) (string, error) - // CreateClientScopeMappingsRealmRoles creates realm-level roles to the client’s scope - CreateClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string, roles []Role) error - // CreateClientScopeMappingsClientRoles creates client-level roles from the client’s scope - CreateClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string, roles []Role) error - // CreateClientScopesScopeMappingsRealmRoles creates realm-level roles to the client-scope - CreateClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClientScope string, roles []Role) error - // CreateClientScopesScopeMappingsClientRoles creates client-level roles to the client-scope - CreateClientScopesScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClientScope, idOfClient string, roles []Role) error - // CreateClientRepresentation creates a new client representation - CreateClientRepresentation(ctx context.Context, realm string) (*Client, error) - - // UpdateGroup updates the given group - UpdateGroup(ctx context.Context, accessToken, realm string, updatedGroup Group) error - // UpdateRole updates the given role - UpdateRole(ctx context.Context, accessToken, realm, idOfClient string, role Role) error - // UpdateClient updates the given client - UpdateClient(ctx context.Context, accessToken, realm string, updatedClient Client) error - // UpdateClientScope updates the given clientScope - UpdateClientScope(ctx context.Context, accessToken, realm string, scope ClientScope) error - // UpdateClientScopeProtocolMapper updates the given protocol mapper for a client scope - UpdateClientScopeProtocolMapper(ctx context.Context, accessToken, realm, scopeID string, protocolMapper ProtocolMappers) error - // UpdateClientRepresentation updates the given client representation - UpdateClientRepresentation(ctx context.Context, accessToken, realm string, updatedClient Client) (*Client, error) - - // DeleteComponent deletes the given component - DeleteComponent(ctx context.Context, accessToken, realm, componentID string) error - // DeleteGroup deletes the given group - DeleteGroup(ctx context.Context, accessToken, realm, groupID string) error - // DeleteClient deletes the given client - DeleteClient(ctx context.Context, accessToken, realm, idOfClient string) error - // DeleteClientScope - DeleteClientScope(ctx context.Context, accessToken, realm, scopeID string) error - // DeleteClientScopeProtocolMapper deletes the given protocol mapper from the client scope - DeleteClientScopeProtocolMapper(ctx context.Context, accessToken, realm, scopeID, protocolMapperID string) error - // DeleteClientScopeMappingsRealmRoles deletes realm-level roles from the client’s scope - DeleteClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string, roles []Role) error - // DeleteClientScopeMappingsClientRoles deletes client-level roles from the client’s scope - DeleteClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string, roles []Role) error - // DeleteClientScopesScopeMappingsRealmRoles deletes realm-level roles from the client-scope - DeleteClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClientScope string, roles []Role) error - // DeleteClientScopesScopeMappingsClientRoles deletes client-level roles from the client-scope - DeleteClientScopesScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClientScope, ifOfClient string, roles []Role) error - // DeleteClientRepresentation deletes a given client representation - DeleteClientRepresentation(ctx context.Context, accessToken, realm, clientID string) error - - // GetClient returns a client - GetClient(ctx context.Context, accessToken, realm, idOfClient string) (*Client, error) - // GetClientsDefaultScopes returns a list of the client's default scopes - GetClientsDefaultScopes(ctx context.Context, token, realm, idOfClient string) ([]*ClientScope, error) - // AddDefaultScopeToClient adds a client scope to the list of client's default scopes - AddDefaultScopeToClient(ctx context.Context, token, realm, idOfClient, scopeID string) error - // RemoveDefaultScopeFromClient removes a client scope from the list of client's default scopes - RemoveDefaultScopeFromClient(ctx context.Context, token, realm, idOfClient, scopeID string) error - // GetClientsOptionalScopes returns a list of the client's optional scopes - GetClientsOptionalScopes(ctx context.Context, token, realm, idOfClient string) ([]*ClientScope, error) - // AddOptionalScopeToClient adds a client scope to the list of client's optional scopes - AddOptionalScopeToClient(ctx context.Context, token, realm, idOfClient, scopeID string) error - // RemoveOptionalScopeFromClient deletes a client scope from the list of client's optional scopes - RemoveOptionalScopeFromClient(ctx context.Context, token, realm, idOfClient, scopeID string) error - // GetDefaultOptionalClientScopes returns a list of default realm optional scopes - GetDefaultOptionalClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error) - // GetDefaultDefaultClientScopes returns a list of default realm default scopes - GetDefaultDefaultClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error) - // GetClientScope returns a clientscope - GetClientScope(ctx context.Context, token, realm, scopeID string) (*ClientScope, error) - // GetClientScopes returns all client scopes - GetClientScopes(ctx context.Context, token, realm string) ([]*ClientScope, error) - // GetClientScopeProtocolMappers returns all protocol mappers of a client scope - GetClientScopeProtocolMappers(ctx context.Context, token, realm, scopeID string) ([]*ProtocolMappers, error) - // GetClientScopeProtocolMapper returns a protocol mapper of a client scope - GetClientScopeProtocolMapper(ctx context.Context, token, realm, scopeID, protocolMapperID string) (*ProtocolMappers, error) - // GetClientScopeMappings returns all scope mappings for the client - GetClientScopeMappings(ctx context.Context, token, realm, idOfClient string) (*MappingsRepresentation, error) - // GetClientScopeMappingsRealmRoles returns realm-level roles associated with the client’s scope - GetClientScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClient string) ([]*Role, error) - // GetClientScopeMappingsRealmRolesAvailable returns realm-level roles that are available to attach to this client’s scope - GetClientScopeMappingsRealmRolesAvailable(ctx context.Context, token, realm, idOfClient string) ([]*Role, error) - // GetClientScopesScopeMappingsRealmRolesAvailable returns realm-level roles that are available to attach to this client-scope - GetClientScopesScopeMappingsRealmRolesAvailable(ctx context.Context, token, realm, idOfClientScope string) ([]*Role, error) - // GetClientScopesScopeMappingsClientRolesAvailable returns client-level roles that are available to attach to this client-scope - GetClientScopesScopeMappingsClientRolesAvailable(ctx context.Context, token, realm, idOfClientScope, idOfClient string) ([]*Role, error) - // GetClientScopeMappingsClientRoles returns roles associated with a client’s scope - GetClientScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string) ([]*Role, error) - // GetClientScopesScopeMappingsRealmRoles returns roles associated with a client-scope - GetClientScopesScopeMappingsRealmRoles(ctx context.Context, token, realm, idOfClientScope string) ([]*Role, error) - // GetClientScopesScopeMappingsClientRoles returns client roles associated with a client-scope - GetClientScopesScopeMappingsClientRoles(ctx context.Context, token, realm, idOfClientScope, idOfClient string) ([]*Role, error) - // GetClientScopeMappingsClientRolesAvailable returns available roles associated with a client’s scope - GetClientScopeMappingsClientRolesAvailable(ctx context.Context, token, realm, idOfClient, idOfSelectedClient string) ([]*Role, error) - // GetClientSecret returns a client's secret - GetClientSecret(ctx context.Context, token, realm, idOfClient string) (*CredentialRepresentation, error) - // GetClientServiceAccount retrieves the service account "user" for a client if enabled - GetClientServiceAccount(ctx context.Context, token, realm, idOfClient string) (*User, error) - // RegenerateClientSecret creates a new client secret returning the updated CredentialRepresentation - RegenerateClientSecret(ctx context.Context, token, realm, idOfClient string) (*CredentialRepresentation, error) - // GetKeyStoreConfig gets the keyStoreConfig - GetKeyStoreConfig(ctx context.Context, accessToken, realm string) (*KeyStoreConfig, error) - // GetComponents gets components of the given realm - GetComponents(ctx context.Context, accessToken, realm string) ([]*Component, error) - // GetComponentsWithParams get all components in realm with query params - GetComponentsWithParams(ctx context.Context, token, realm string, params GetComponentsParams) ([]*Component, error) - // GetComponent get exactly one component by ID - GetComponent(ctx context.Context, token, realm string, componentID string) (*Component, error) - // UpdateComponent updates the given component - UpdateComponent(ctx context.Context, token, realm string, component Component) error - // GetDefaultGroups returns a list of default groups - GetDefaultGroups(ctx context.Context, accessToken, realm string) ([]*Group, error) - // AddDefaultGroup adds group to the list of default groups - AddDefaultGroup(ctx context.Context, accessToken, realm, groupID string) error - // RemoveDefaultGroup removes group from the list of default groups - RemoveDefaultGroup(ctx context.Context, accessToken, realm, groupID string) error - // GetGroups gets all groups of the given realm - GetGroups(ctx context.Context, accessToken, realm string, params GetGroupsParams) ([]*Group, error) - // GetGroupsByRole gets groups with specified roles assigned of given realm - GetGroupsByRole(ctx context.Context, accessToken, realm string, roleName string) ([]*Group, error) - // GetGroupsByClientRole gets groups with specified roles assigned of given client within a realm - GetGroupsByClientRole(ctx context.Context, accessToken, realm string, roleName string, clientID string) ([]*Group, error) - // GetGroupsCount gets groups count of the given realm - GetGroupsCount(ctx context.Context, token, realm string, params GetGroupsParams) (int, error) - // GetGroup gets the given group - GetGroup(ctx context.Context, accessToken, realm, groupID string) (*Group, error) - // GetGroupByPath get group with path in realm - GetGroupByPath(ctx context.Context, token, realm, groupPath string) (*Group, error) - // GetGroupMembers get a list of users of group with id in realm - GetGroupMembers(ctx context.Context, accessToken, realm, groupID string, params GetGroupsParams) ([]*User, error) - // GetRoleMappingByGroupID gets the rolemapping for the given group id - GetRoleMappingByGroupID(ctx context.Context, accessToken, realm, groupID string) (*MappingsRepresentation, error) - // GetRoleMappingByUserID gets the rolemapping for the given user id - GetRoleMappingByUserID(ctx context.Context, accessToken, realm, userID string) (*MappingsRepresentation, error) - // GetClients gets the clients in the realm - GetClients(ctx context.Context, accessToken, realm string, params GetClientsParams) ([]*Client, error) - // GetClientOfflineSessions returns offline sessions associated with the client - GetClientOfflineSessions(ctx context.Context, token, realm, idOfClient string) ([]*UserSessionRepresentation, error) - // GetClientUserSessions returns user sessions associated with the client - GetClientUserSessions(ctx context.Context, token, realm, idOfClient string) ([]*UserSessionRepresentation, error) - // CreateClientProtocolMapper creates a protocol mapper in client scope - CreateClientProtocolMapper(ctx context.Context, token, realm, idOfClient string, mapper ProtocolMapperRepresentation) (string, error) - // CreateClientProtocolMapper updates a protocol mapper in client scope - UpdateClientProtocolMapper(ctx context.Context, token, realm, idOfClient, mapperID string, mapper ProtocolMapperRepresentation) error - // DeleteClientProtocolMapper deletes a protocol mapper in client scope - DeleteClientProtocolMapper(ctx context.Context, token, realm, idOfClient, mapperID string) error - // GetClientRepresentation return a client representation - GetClientRepresentation(ctx context.Context, accessToken, realm, clientID string) (*Client, error) - // GetAdapterConfiguration returns a adapter configuration - GetAdapterConfiguration(ctx context.Context, accessToken, realm, clientID string) (*AdapterConfiguration, error) - - // *** Realm Roles *** - - // CreateRealmRole creates a role in a realm - CreateRealmRole(ctx context.Context, token, realm string, role Role) (string, error) - // GetRealmRole returns a role from a realm by role's name - GetRealmRole(ctx context.Context, token, realm, roleName string) (*Role, error) - // GetRealmRoleByID returns a role from a realm by role's ID - GetRealmRoleByID(ctx context.Context, token, realm, roleID string) (*Role, error) - // GetRealmRoles get all roles of the given realm. It's an alias for the GetRoles function - GetRealmRoles(ctx context.Context, accessToken, realm string, params GetRoleParams) ([]*Role, error) - // GetRealmRolesByUserID returns all roles assigned to the given user - GetRealmRolesByUserID(ctx context.Context, accessToken, realm, userID string) ([]*Role, error) - // GetRealmRolesByGroupID returns all roles assigned to the given group - GetRealmRolesByGroupID(ctx context.Context, accessToken, realm, groupID string) ([]*Role, error) - // UpdateRealmRole updates a role in a realm - UpdateRealmRole(ctx context.Context, token, realm, roleName string, role Role) error - // UpdateRealmRoleByID updates a role in a realm by role's ID - UpdateRealmRoleByID(ctx context.Context, token, realm, roleID string, role Role) error - // DeleteRealmRole deletes a role in a realm by role's name - DeleteRealmRole(ctx context.Context, token, realm, roleName string) error - // AddRealmRoleToUser adds realm-level role mappings - AddRealmRoleToUser(ctx context.Context, token, realm, userID string, roles []Role) error - // DeleteRealmRoleFromUser deletes realm-level role mappings - DeleteRealmRoleFromUser(ctx context.Context, token, realm, userID string, roles []Role) error - // AddRealmRoleToGroup adds realm-level role mappings - AddRealmRoleToGroup(ctx context.Context, token, realm, groupID string, roles []Role) error - // DeleteRealmRoleFromGroup deletes realm-level role mappings - DeleteRealmRoleFromGroup(ctx context.Context, token, realm, groupID string, roles []Role) error - // AddRealmRoleComposite adds roles as composite - AddRealmRoleComposite(ctx context.Context, token, realm, roleName string, roles []Role) error - // AddRealmRoleComposite adds roles as composite - DeleteRealmRoleComposite(ctx context.Context, token, realm, roleName string, roles []Role) error - // GetCompositeRealmRoles returns all realm composite roles associated with the given realm role - GetCompositeRealmRoles(ctx context.Context, token, realm, roleName string) ([]*Role, error) - // GetCompositeRolesByRoleID returns all realm composite roles associated with the given client role - GetCompositeRolesByRoleID(ctx context.Context, token, realm, roleID string) ([]*Role, error) - // GetCompositeRealmRolesByRoleID returns all realm composite roles associated with the given client role - GetCompositeRealmRolesByRoleID(ctx context.Context, token, realm, roleID string) ([]*Role, error) - // GetCompositeRealmRolesByUserID returns all realm roles and composite roles assigned to the given user - GetCompositeRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error) - // GetCompositeRealmRolesByGroupID returns all realm roles and composite roles assigned to the given group - GetCompositeRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error) - // GetAvailableRealmRolesByUserID returns all available realm roles to the given user - GetAvailableRealmRolesByUserID(ctx context.Context, token, realm, userID string) ([]*Role, error) - // GetAvailableRealmRolesByGroupID returns all available realm roles to the given group - GetAvailableRealmRolesByGroupID(ctx context.Context, token, realm, groupID string) ([]*Role, error) - - // *** Client Roles *** - - // AddClientRoleToUser adds a client role to the user - AddClientRoleToUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error - // AddClientRoleToGroup adds a client role to the group - AddClientRoleToGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []Role) error - // CreateClientRole creates a new role for a client - CreateClientRole(ctx context.Context, accessToken, realm, idOfClient string, role Role) (string, error) - // DeleteClientRole deletes the given role - DeleteClientRole(ctx context.Context, accessToken, realm, idOfClient, roleName string) error - // DeleteClientRoleFromUser removes a client role from from the user - DeleteClientRoleFromUser(ctx context.Context, token, realm, idOfClient, userID string, roles []Role) error - // DeleteClientRoleFromGroup removes a client role from from the group - DeleteClientRoleFromGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []Role) error - // GetClientRoles gets roles for the given client - GetClientRoles(ctx context.Context, accessToken, realm, idOfClient string, params GetRoleParams) ([]*Role, error) - // GetClientRoleById gets role for the given client using role id - GetClientRoleByID(ctx context.Context, accessToken, realm, roleID string) (*Role, error) - // GetRealmRolesByUserID returns all client roles assigned to the given user - GetClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error) - // GetClientRolesByGroupID returns all client roles assigned to the given group - GetClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error) - // GetCompositeClientRolesByRoleID returns all client composite roles associated with the given client role - GetCompositeClientRolesByRoleID(ctx context.Context, token, realm, idOfClient, roleID string) ([]*Role, error) - // GetCompositeClientRolesByUserID returns all client roles and composite roles assigned to the given user - GetCompositeClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error) - // GetCompositeClientRolesByGroupID returns all client roles and composite roles assigned to the given group - GetCompositeClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error) - // GetAvailableClientRolesByUserID returns all available client roles to the given user - GetAvailableClientRolesByUserID(ctx context.Context, token, realm, idOfClient, userID string) ([]*Role, error) - // GetAvailableClientRolesByGroupID returns all available client roles to the given group - GetAvailableClientRolesByGroupID(ctx context.Context, token, realm, idOfClient, groupID string) ([]*Role, error) - - // GetClientRole get a role for the given client in a realm by role name - GetClientRole(ctx context.Context, token, realm, idOfClient, roleName string) (*Role, error) - // AddClientRoleComposite adds roles as composite - AddClientRoleComposite(ctx context.Context, token, realm, roleID string, roles []Role) error - // DeleteClientRoleComposite deletes composites from a role - DeleteClientRoleComposite(ctx context.Context, token, realm, roleID string, roles []Role) error - - // *** Realm *** - - // GetRealm returns top-level representation of the realm - GetRealm(ctx context.Context, token, realm string) (*RealmRepresentation, error) - // GetRealms returns top-level representation of all realms - GetRealms(ctx context.Context, token string) ([]*RealmRepresentation, error) - // CreateRealm creates a realm - CreateRealm(ctx context.Context, token string, realm RealmRepresentation) (string, error) - // UpdateRealm updates a given realm - UpdateRealm(ctx context.Context, token string, realm RealmRepresentation) error - // DeleteRealm removes a realm - DeleteRealm(ctx context.Context, token, realm string) error - // ClearRealmCache clears realm cache - ClearRealmCache(ctx context.Context, token, realm string) error - // ClearUserCache clears realm cache - ClearUserCache(ctx context.Context, token, realm string) error - // ClearKeysCache clears realm cache - ClearKeysCache(ctx context.Context, token, realm string) error - // GetAuthenticationFlows get all authentication flows from a realm - GetAuthenticationFlows(ctx context.Context, token, realm string) ([]*AuthenticationFlowRepresentation, error) - // Create a new Authentication flow in a realm - CreateAuthenticationFlow(ctx context.Context, token, realm string, flow AuthenticationFlowRepresentation) error - // DeleteAuthenticationFlow deletes a flow in a realm with the given ID - DeleteAuthenticationFlow(ctx context.Context, token, realm, flowID string) error - // GetAuthenticationExecutions retrieves all executions of a given flow - GetAuthenticationExecutions(ctx context.Context, token, realm, flow string) ([]*ModifyAuthenticationExecutionRepresentation, error) - // CreateAuthenticationExecution creates a new execution for the given flow name in the given realm - CreateAuthenticationExecution(ctx context.Context, token, realm, flow string, execution CreateAuthenticationExecutionRepresentation) error - // UpdateAuthenticationExecution updates an authentication execution for the given flow in the given realm - UpdateAuthenticationExecution(ctx context.Context, token, realm, flow string, execution ModifyAuthenticationExecutionRepresentation) error - // DeleteAuthenticationExecution delete a single execution with the given ID - DeleteAuthenticationExecution(ctx context.Context, token, realm, executionID string) error - - // CreateAuthenticationExecutionFlow creates a new flow execution for the given flow name in the given realm - CreateAuthenticationExecutionFlow(ctx context.Context, token, realm, flow string, execution CreateAuthenticationExecutionFlowRepresentation) error - - // *** Users *** - // CreateUser creates a new user - CreateUser(ctx context.Context, token, realm string, user User) (string, error) - // DeleteUser deletes the given user - DeleteUser(ctx context.Context, accessToken, realm, userID string) error - // GetUserByID gets the user with the given id - GetUserByID(ctx context.Context, accessToken, realm, userID string) (*User, error) - // GetUser count returns the userCount of the given realm - GetUserCount(ctx context.Context, accessToken, realm string, params GetUsersParams) (int, error) - // GetUsers gets all users of the given realm - GetUsers(ctx context.Context, accessToken, realm string, params GetUsersParams) ([]*User, error) - // GetUserGroups gets the groups of the given user - GetUserGroups(ctx context.Context, accessToken, realm, userID string, params GetGroupsParams) ([]*Group, error) - // GetUsersByRoleName returns all users have a given role - GetUsersByRoleName(ctx context.Context, token, realm, roleName string) ([]*User, error) - // GetUsersByClientRoleName returns all users have a given client role - GetUsersByClientRoleName(ctx context.Context, token, realm, idOfClient, roleName string, params GetUsersByRoleParams) ([]*User, error) - // SetPassword sets a new password for the user with the given id. Needs elevated privileges - SetPassword(ctx context.Context, token, userID, realm, password string, temporary bool) error - // UpdateUser updates the given user - UpdateUser(ctx context.Context, accessToken, realm string, user User) error - // AddUserToGroup puts given user to given group - AddUserToGroup(ctx context.Context, token, realm, userID, groupID string) error - // DeleteUserFromGroup deletes given user from given group - DeleteUserFromGroup(ctx context.Context, token, realm, userID, groupID string) error - // GetUserSessions returns user sessions associated with the user - GetUserSessions(ctx context.Context, token, realm, userID string) ([]*UserSessionRepresentation, error) - // GetUserOfflineSessionsForClient returns offline sessions associated with the user and client - GetUserOfflineSessionsForClient(ctx context.Context, token, realm, userID, idOfClient string) ([]*UserSessionRepresentation, error) - // GetUserFederatedIdentities gets all user federated identities - GetUserFederatedIdentities(ctx context.Context, token, realm, userID string) ([]*FederatedIdentityRepresentation, error) - // CreateUserFederatedIdentity creates an user federated identity - CreateUserFederatedIdentity(ctx context.Context, token, realm, userID, providerID string, federatedIdentityRep FederatedIdentityRepresentation) error - // DeleteUserFederatedIdentity deletes an user federated identity - DeleteUserFederatedIdentity(ctx context.Context, token, realm, userID, providerID string) error - - // *** Identity Provider ** - // CreateIdentityProvider creates an identity provider in a realm - CreateIdentityProvider(ctx context.Context, token, realm string, providerRep IdentityProviderRepresentation) (string, error) - // GetIdentityProviders gets identity providers in a realm - GetIdentityProviders(ctx context.Context, token, realm string) ([]*IdentityProviderRepresentation, error) - // GetIdentityProvider gets the identity provider in a realm - GetIdentityProvider(ctx context.Context, token, realm, alias string) (*IdentityProviderRepresentation, error) - // UpdateIdentityProvider updates the identity provider in a realm - UpdateIdentityProvider(ctx context.Context, token, realm, alias string, providerRep IdentityProviderRepresentation) error - // DeleteIdentityProvider deletes the identity provider in a realm - DeleteIdentityProvider(ctx context.Context, token, realm, alias string) error - // ImportIdentityProviderConfig parses and returns the identity provider config at a given URL - ImportIdentityProviderConfig(ctx context.Context, token, realm, fromURL, providerID string) (map[string]string, error) - // ImportIdentityProviderConfigFromFile parses and returns the identity provider config from a given file - ImportIdentityProviderConfigFromFile(ctx context.Context, token, realm, providerID, fileName string, fileBody io.Reader) (map[string]string, error) - // ExportIDPPublicBrokerConfig exports the broker config for a given alias - ExportIDPPublicBrokerConfig(ctx context.Context, token, realm, alias string) (*string, error) - // CreateIdentityProviderMapper creates an instance of an identity provider mapper associated with the given alias - CreateIdentityProviderMapper(ctx context.Context, token, realm, alias string, mapper IdentityProviderMapper) (string, error) - // GetIdentityProviderMapperByID gets the mapper of an identity provider - GetIdentityProviderMapperByID(ctx context.Context, token, realm, alias, mapperID string) (*IdentityProviderMapper, error) - // UpdateIdentityProviderMapper updates mapper of an identity provider - UpdateIdentityProviderMapper(ctx context.Context, token, realm, alias string, mapper IdentityProviderMapper) error - // DeleteIdentityProviderMapper deletes an instance of an identity provider mapper associated with the given alias and mapper ID - DeleteIdentityProviderMapper(ctx context.Context, token, realm, alias, mapperID string) error - // GetIdentityProviderMappers returns list of mappers associated with an identity provider - GetIdentityProviderMappers(ctx context.Context, token, realm, alias string) ([]*IdentityProviderMapper, error) - - // *** Protection API *** - // GetResource returns a client's resource with the given id, using access token from client - GetResourceClient(ctx context.Context, token, realm, resourceID string) (*ResourceRepresentation, error) - // GetResources a returns resources associated with the client, using access token from client - GetResourcesClient(ctx context.Context, token, realm string, params GetResourceParams) ([]*ResourceRepresentation, error) - // CreateResource creates a resource associated with the client, using access token from client - CreateResourceClient(ctx context.Context, token, realm string, resource ResourceRepresentation) (*ResourceRepresentation, error) - // UpdateResource updates a resource associated with the client, using access token from client - UpdateResourceClient(ctx context.Context, token, realm string, resource ResourceRepresentation) error - // DeleteResource deletes a resource associated with the client, using access token from client - DeleteResourceClient(ctx context.Context, token, realm, resourceID string) error - - // GetResource returns a client's resource with the given id, using access token from admin - GetResource(ctx context.Context, token, realm, idOfClient, resourceID string) (*ResourceRepresentation, error) - // GetResources a returns resources associated with the client, using access token from admin - GetResources(ctx context.Context, token, realm, idOfClient string, params GetResourceParams) ([]*ResourceRepresentation, error) - // CreateResource creates a resource associated with the client, using access token from admin - CreateResource(ctx context.Context, token, realm, idOfClient string, resource ResourceRepresentation) (*ResourceRepresentation, error) - // UpdateResource updates a resource associated with the client, using access token from admin - UpdateResource(ctx context.Context, token, realm, idOfClient string, resource ResourceRepresentation) error - // DeleteResource deletes a resource associated with the client, using access token from admin - DeleteResource(ctx context.Context, token, realm, idOfClient, resourceID string) error - - // GetScope returns a client's scope with the given id, using access token from admin - GetScope(ctx context.Context, token, realm, idOfClient, scopeID string) (*ScopeRepresentation, error) - // GetScopes returns scopes associated with the client, using access token from admin - GetScopes(ctx context.Context, token, realm, idOfClient string, params GetScopeParams) ([]*ScopeRepresentation, error) - // CreateScope creates a scope associated with the client, using access token from admin - CreateScope(ctx context.Context, token, realm, idOfClient string, scope ScopeRepresentation) (*ScopeRepresentation, error) - // UpdateScope updates a scope associated with the client, using access token from admin - UpdateScope(ctx context.Context, token, realm, idOfClient string, resource ScopeRepresentation) error - // DeleteScope deletes a scope associated with the client, using access token from admin - DeleteScope(ctx context.Context, token, realm, idOfClient, scopeID string) error - - // CreatePermissionTicket creates a permission ticket for a resource, using access token from client (typically a resource server) - CreatePermissionTicket(ctx context.Context, token, realm string, permissions []CreatePermissionTicketParams) (*PermissionTicketResponseRepresentation, error) - // GrantUserPermission lets resource owner grant permission for specific resource ID to specific user ID - GrantUserPermission(ctx context.Context, token, realm string, permission PermissionGrantParams) (*PermissionGrantResponseRepresentation, error) - // GrantPermission lets resource owner update permission for specific resource ID to specific user ID - UpdateUserPermission(ctx context.Context, token, realm string, permission PermissionGrantParams) (*PermissionGrantResponseRepresentation, error) - // GetUserPermission gets granted permissions according query parameters - GetUserPermissions(ctx context.Context, token, realm string, params GetUserPermissionParams) ([]*PermissionGrantResponseRepresentation, error) - // DeleteUserPermission lets resource owner delete permission for specific resource ID to specific user ID - DeleteUserPermission(ctx context.Context, token, realm, ticketID string) error - - // GetPermission returns a client's permission with the given id - GetPermission(ctx context.Context, token, realm, idOfClient, permissionID string) (*PermissionRepresentation, error) - // GetPermissions returns permissions associated with the client - GetPermissions(ctx context.Context, token, realm, idOfClient string, params GetPermissionParams) ([]*PermissionRepresentation, error) - // CreatePermission creates a permission associated with the client - CreatePermission(ctx context.Context, token, realm, idOfClient string, permission PermissionRepresentation) (*PermissionRepresentation, error) - // UpdatePermission updates a permission associated with the client - UpdatePermission(ctx context.Context, token, realm, idOfClient string, permission PermissionRepresentation) error - // DeletePermission deletes a permission associated with the client - DeletePermission(ctx context.Context, token, realm, idOfClient, permissionID string) error - // GetDependentPermissions returns client's permissions dependent on the policy with given ID - GetDependentPermissions(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PermissionRepresentation, error) - GetPermissionResources(ctx context.Context, token, realm, idOfClient, permissionID string) ([]*PermissionResource, error) - GetPermissionScopes(ctx context.Context, token, realm, idOfClient, permissionID string) ([]*PermissionScope, error) - - // GetPolicy returns a client's policy with the given id, using access token from admin - GetPolicy(ctx context.Context, token, realm, idOfClient, policyID string) (*PolicyRepresentation, error) - // GetPolicies returns policies associated with the client, using access token from admin - GetPolicies(ctx context.Context, token, realm, idOfClient string, params GetPolicyParams) ([]*PolicyRepresentation, error) - // CreatePolicy creates a policy associated with the client, using access token from admin - CreatePolicy(ctx context.Context, token, realm, idOfClient string, policy PolicyRepresentation) (*PolicyRepresentation, error) - // UpdatePolicy updates a policy associated with the client, using access token from admin - UpdatePolicy(ctx context.Context, token, realm, idOfClient string, policy PolicyRepresentation) error - // DeletePolicy deletes a policy associated with the client, using access token from admin - DeletePolicy(ctx context.Context, token, realm, idOfClient, policyID string) error - // GetPolicyAssociatedPolicies returns a client's policy associated policies with the given policy id, using access token from admin - GetAuthorizationPolicyAssociatedPolicies(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyRepresentation, error) - // GetPolicyResources returns a client's resources of specific policy with the given policy id, using access token from admin - GetAuthorizationPolicyResources(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyResourceRepresentation, error) - // GetPolicyScopes returns a client's scopes of specific policy with the given policy id, using access token from admin - GetAuthorizationPolicyScopes(ctx context.Context, token, realm, idOfClient, policyID string) ([]*PolicyScopeRepresentation, error) - - // GetResourcePolicy updates a permission for a specifc resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange - GetResourcePolicy(ctx context.Context, token, realm, permissionID string) (*ResourcePolicyRepresentation, error) - // GetResources returns resources associated with the client, using token obtained by Resource Owner Password Credentials Grant or Token exchange - GetResourcePolicies(ctx context.Context, token, realm string, params GetResourcePoliciesParams) ([]*ResourcePolicyRepresentation, error) - // GetResources returns all resources associated with the client, using token obtained by Resource Owner Password Credentials Grant or Token exchange - CreateResourcePolicy(ctx context.Context, token, realm, resourceID string, policy ResourcePolicyRepresentation) (*ResourcePolicyRepresentation, error) - // UpdateResourcePolicy updates a permission for a specifc resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange - UpdateResourcePolicy(ctx context.Context, token, realm, permissionID string, policy ResourcePolicyRepresentation) error - // DeleteResourcePolicy deletes a permission for a specifc resource, using token obtained by Resource Owner Password Credentials Grant or Token exchange - DeleteResourcePolicy(ctx context.Context, token, realm, permissionID string) error - - // --------------- - // Credentials API - // --------------- - - // GetCredentialRegistrators returns credentials registrators - GetCredentialRegistrators(ctx context.Context, token, realm string) ([]string, error) - // GetConfiguredUserStorageCredentialTypes returns credential types, which are provided by the user storage where user is stored - GetConfiguredUserStorageCredentialTypes(ctx context.Context, token, realm, userID string) ([]string, error) - - // GetCredentials returns credentials available for a given user - GetCredentials(ctx context.Context, token, realm, UserID string) ([]*CredentialRepresentation, error) - // DeleteCredentials deletes the given credential for a given user - DeleteCredentials(ctx context.Context, token, realm, UserID, CredentialID string) error - // UpdateCredentialUserLabel updates label for the given credential for the given user - UpdateCredentialUserLabel(ctx context.Context, token, realm, userID, credentialID, userLabel string) error - // DisableAllCredentialsByType disables all credentials for a user of a specific type - DisableAllCredentialsByType(ctx context.Context, token, realm, userID string, types []string) error - // MoveCredentialBehind move a credential to a position behind another credential - MoveCredentialBehind(ctx context.Context, token, realm, userID, credentialID, newPreviousCredentialID string) error - // MoveCredentialToFirst move a credential to a first position in the credentials list of the user - MoveCredentialToFirst(ctx context.Context, token, realm, userID, credentialID string) error - - // --------------- - // Events API - // --------------- - - // GetEvents returns events - GetEvents(ctx context.Context, token string, realm string, params GetEventsParams) ([]*EventRepresentation, error) - - // ------------------- - // RequiredActions API - // ------------------- - - // UpdateRequiredAction updates a required action for a given realm - RegisterRequiredAction(ctx context.Context, token string, realm string, requiredAction RequiredActionProviderRepresentation) error - // UpdateRequiredAction updates a required action for a given realm - UpdateRequiredAction(ctx context.Context, token string, realm string, requiredAction RequiredActionProviderRepresentation) error - // UpdateRequiredAction updates a required action for a given realm - GetRequiredAction(ctx context.Context, token string, realm string, alias string) (*RequiredActionProviderRepresentation, error) - // UpdateRequiredAction updates a required action for a given realm - GetRequiredActions(ctx context.Context, token string, realm string) ([]*RequiredActionProviderRepresentation, error) - // UpdateRequiredAction updates a required action for a given realm - DeleteRequiredAction(ctx context.Context, token string, realm string, alias string) error -} diff --git a/model_test.go b/model_test.go index ebda1396..ce342ba1 100644 --- a/model_test.go +++ b/model_test.go @@ -5,7 +5,7 @@ import ( "errors" "testing" - "github.com/Nerzal/gocloak/v11" + "github.com/Nerzal/gocloak/v12" "github.com/stretchr/testify/assert" ) @@ -261,7 +261,7 @@ func TestStringerOmitEmpty(t *testing.T) { &gocloak.ResourcePermission{}, &gocloak.PermissionResource{}, &gocloak.PermissionScope{}, - &gocloak.RetrospecTokenResult{}, + &gocloak.IntroSpectTokenResult{}, &gocloak.User{}, &gocloak.SetPasswordRequest{}, &gocloak.Component{}, @@ -309,7 +309,7 @@ func TestStringerOmitEmpty(t *testing.T) { &gocloak.UserSessionRepresentation{}, &gocloak.SystemInfoRepresentation{}, &gocloak.MemoryInfoRepresentation{}, - &gocloak.ServerInfoRepesentation{}, + &gocloak.ServerInfoRepresentation{}, &gocloak.FederatedIdentityRepresentation{}, &gocloak.IdentityProviderRepresentation{}, &gocloak.GetResourceParams{}, diff --git a/models.go b/models.go index 36c360a5..089efb3b 100644 --- a/models.go +++ b/models.go @@ -182,8 +182,8 @@ type PermissionScope struct { ScopeName *string `json:"name,omitempty"` } -// RetrospecTokenResult is returned when a token was checked -type RetrospecTokenResult struct { +// IntroSpectTokenResult is returned when a token was checked +type IntroSpectTokenResult struct { Permissions *[]ResourcePermission `json:"permissions,omitempty"` Exp *int `json:"exp,omitempty"` Nbf *int `json:"nbf,omitempty"` @@ -317,6 +317,12 @@ type ExecuteActionsEmail struct { Actions *[]string `json:"-"` } +// SendVerificationMailParams is being used to send verification params +type SendVerificationMailParams struct { + ClientID *string + RedirectURI *string +} + // Group is a Group type Group struct { ID *string `json:"id,omitempty"` @@ -1060,8 +1066,8 @@ type BuiltinProtocolMappers struct { OpenIDConnect []ProtocolMapperRepresentation `json:"openid-connect,omitempty"` } -// ServerInfoRepesentation represents a server info -type ServerInfoRepesentation struct { +// ServerInfoRepresentation represents a server info +type ServerInfoRepresentation struct { SystemInfo *SystemInfoRepresentation `json:"systemInfo,omitempty"` MemoryInfo *MemoryInfoRepresentation `json:"memoryInfo,omitempty"` PasswordPolicies []*PasswordPolicy `json:"passwordPolicies,omitempty"` @@ -1383,7 +1389,7 @@ func (v *IssuerResponse) String() string { return pre func (v *ResourcePermission) String() string { return prettyStringStruct(v) } func (v *PermissionResource) String() string { return prettyStringStruct(v) } func (v *PermissionScope) String() string { return prettyStringStruct(v) } -func (v *RetrospecTokenResult) String() string { return prettyStringStruct(v) } +func (v *IntroSpectTokenResult) String() string { return prettyStringStruct(v) } func (v *User) String() string { return prettyStringStruct(v) } func (v *SetPasswordRequest) String() string { return prettyStringStruct(v) } func (v *Component) String() string { return prettyStringStruct(v) } @@ -1436,7 +1442,7 @@ func (v *RequestingPartyPermission) String() string { return pre func (v *UserSessionRepresentation) String() string { return prettyStringStruct(v) } func (v *SystemInfoRepresentation) String() string { return prettyStringStruct(v) } func (v *MemoryInfoRepresentation) String() string { return prettyStringStruct(v) } -func (v *ServerInfoRepesentation) String() string { return prettyStringStruct(v) } +func (v *ServerInfoRepresentation) String() string { return prettyStringStruct(v) } func (v *FederatedIdentityRepresentation) String() string { return prettyStringStruct(v) } func (v *IdentityProviderRepresentation) String() string { return prettyStringStruct(v) } func (v *GetResourceParams) String() string { return prettyStringStruct(v) } diff --git a/testdata/gocloak-realm.json b/testdata/gocloak-realm.json index 9095c40d..1f7aed8f 100644 --- a/testdata/gocloak-realm.json +++ b/testdata/gocloak-realm.json @@ -65,13 +65,45 @@ "webAuthnPolicyCreateTimeout": 0, "webAuthnPolicyAvoidSameAuthenticatorRegister": false, "webAuthnPolicyAcceptableAaguids": [], - "scopeMappings": [{ - "clientScope": "offline_access", - "roles": [ - "offline_access" - ] - }], - "clients": [{ + "users": [ + { + "id": "6ead694f-bf59-495d-a475-a3b0b9be50ed", + "createdTimestamp": 1666175342321, + "username": "service-account-gocloak", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "gocloak", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-gocloak" + ], + "clientRoles": { + "realm-management": [ + "manage-clients", + "view-clients", + "query-clients", + "create-client" + ], + "gocloak": [ + "uma_protection" + ] + }, + "notBefore": 0, + "groups": [] + } + ], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clients": [ + { "id": "521554ab-23fb-46fa-a557-ab53f3a0498a", "clientId": "admin-cli", "name": "${client_admin-cli}", @@ -177,21 +209,23 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": 0, - "protocolMappers": [{ - "id": "d68e7a07-4ad5-4d9d-81d1-70c03ceaaa59", - "name": "locale", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "locale", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "locale", - "jsonType.label": "String" + "protocolMappers": [ + { + "id": "d68e7a07-4ad5-4d9d-81d1-70c03ceaaa59", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } } - }], + ], "defaultClientScopes": [ "web-origins", "role_list", @@ -246,7 +280,8 @@ "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, - "protocolMappers": [{ + "protocolMappers": [ + { "id": "c213647e-cb4c-43c3-b06c-d9a573bea602", "name": "Client Host", "protocol": "openid-connect", @@ -308,37 +343,40 @@ "authorizationSettings": { "allowRemoteResourceManagement": true, "policyEnforcementMode": "ENFORCING", - "resources": [{ - "name": "Default Resource", - "type": "urn:gocloak:resources:default", - "ownerManagedAccess": false, - "attributes": {}, - "_id": "067438bb-1d4a-4c4d-b84f-a57344ef2b2b", - "uris": [ - "/*" - ] - }], - "policies": [{ - "id": "16fdc33a-7384-4735-8b7e-5d15b8e8bdaf", - "name": "Default Policy", - "description": "A policy that grants access only for users within this realm", - "type": "js", + "resources": [ + { + "name": "Default Resource", + "type": "urn:gocloak:resources:default", + "ownerManagedAccess": false, + "attributes": {}, + "_id": "067438bb-1d4a-4c4d-b84f-a57344ef2b2b", + "uris": [ + "/*" + ] + } + ], + "policies": [ + { + "id": "4abda6f1-c621-414c-a97d-d8dbd422eabd", + "name": "default", + "description": "", + "type": "client", "logic": "POSITIVE", - "decisionStrategy": "AFFIRMATIVE", + "decisionStrategy": "UNANIMOUS", "config": { - "code": "// by default, grants any permission associated with this policy\n$evaluation.grant();\n" + "clients": "[\"gocloak\"]" } }, { - "id": "30cfeba8-79c4-493b-97c7-9e8c6e7c62c9", - "name": "Default Permission", - "description": "A permission that applies to the default resource type", + "id": "ddb430d2-368b-43f9-8917-edfa04a2d0d7", + "name": "test", + "description": "", "type": "resource", "logic": "POSITIVE", "decisionStrategy": "UNANIMOUS", "config": { - "defaultResourceType": "urn:gocloak:resources:default", - "applyPolicies": "[\"Default Policy\"]" + "resources": "[\"Default Resource\"]", + "applyPolicies": "[\"default\"]" } } ], @@ -430,7 +468,8 @@ ] } ], - "clientScopes": [{ + "clientScopes": [ + { "id": "fbf7672e-3883-492c-a9dd-a0e71b8e8f86", "name": "address", "description": "OpenID Connect built-in scope: address", @@ -440,24 +479,26 @@ "display.on.consent.screen": "true", "consent.screen.text": "${addressScopeConsentText}" }, - "protocolMappers": [{ - "id": "86b34081-1b15-47ef-8aa0-4b862055273a", - "name": "address", - "protocol": "openid-connect", - "protocolMapper": "oidc-address-mapper", - "consentRequired": false, - "config": { - "user.attribute.formatted": "formatted", - "user.attribute.country": "country", - "user.attribute.postal_code": "postal_code", - "userinfo.token.claim": "true", - "user.attribute.street": "street", - "id.token.claim": "true", - "user.attribute.region": "region", - "access.token.claim": "true", - "user.attribute.locality": "locality" + "protocolMappers": [ + { + "id": "86b34081-1b15-47ef-8aa0-4b862055273a", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } } - }] + ] }, { "id": "507ac74e-6bb7-482a-b865-473bf3506b13", @@ -469,7 +510,8 @@ "display.on.consent.screen": "true", "consent.screen.text": "${emailScopeConsentText}" }, - "protocolMappers": [{ + "protocolMappers": [ + { "id": "394eb31a-4c45-47ff-b9f4-4f2e004d7bb1", "name": "email verified", "protocol": "openid-connect", @@ -510,7 +552,8 @@ "include.in.token.scope": "true", "display.on.consent.screen": "false" }, - "protocolMappers": [{ + "protocolMappers": [ + { "id": "fb5df9d7-960b-4880-a66e-ef59d5ef374f", "name": "groups", "protocol": "openid-connect", @@ -562,7 +605,8 @@ "display.on.consent.screen": "true", "consent.screen.text": "${phoneScopeConsentText}" }, - "protocolMappers": [{ + "protocolMappers": [ + { "id": "c3891454-29b0-473a-9d27-5811b5841329", "name": "phone number", "protocol": "openid-connect", @@ -604,7 +648,8 @@ "display.on.consent.screen": "true", "consent.screen.text": "${profileScopeConsentText}" }, - "protocolMappers": [{ + "protocolMappers": [ + { "id": "38f3d54f-5001-4ad9-a7a3-c46cbdba6204", "name": "website", "protocol": "openid-connect", @@ -823,7 +868,8 @@ "display.on.consent.screen": "true", "consent.screen.text": "${rolesScopeConsentText}" }, - "protocolMappers": [{ + "protocolMappers": [ + { "id": "ef3ae474-ca8a-4b50-a1ec-0a014554cac9", "name": "audience resolve", "protocol": "openid-connect", @@ -870,18 +916,20 @@ "consent.screen.text": "${samlRoleListScopeConsentText}", "display.on.consent.screen": "true" }, - "protocolMappers": [{ - "id": "71fa5c48-aab3-4d59-bc85-5a33e4c98e60", - "name": "role list", - "protocol": "saml", - "protocolMapper": "saml-role-list-mapper", - "consentRequired": false, - "config": { - "single": "false", - "attribute.nameformat": "Basic", - "attribute.name": "Role" + "protocolMappers": [ + { + "id": "71fa5c48-aab3-4d59-bc85-5a33e4c98e60", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } } - }] + ] }, { "id": "5d656d84-ec76-45fd-99e3-5f326831459c", @@ -893,14 +941,16 @@ "display.on.consent.screen": "false", "consent.screen.text": "" }, - "protocolMappers": [{ - "id": "ff3a575a-eda5-43ef-a907-3908f9438966", - "name": "allowed web origins", - "protocol": "openid-connect", - "protocolMapper": "oidc-allowed-origins-mapper", - "consentRequired": false, - "config": {} - }] + "protocolMappers": [ + { + "id": "ff3a575a-eda5-43ef-a907-3908f9438966", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] } ], "defaultDefaultClientScopes": [ @@ -934,7 +984,8 @@ "adminEventsEnabled": false, "adminEventsDetailsEnabled": false, "components": { - "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [{ + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { "id": "749d8b66-5751-415a-8cca-e8ce66417de4", "name": "Max Clients Limit", "providerId": "max-clients", @@ -1025,7 +1076,8 @@ } } ], - "org.keycloak.keys.KeyProvider": [{ + "org.keycloak.keys.KeyProvider": [ + { "id": "7c9e0c14-d267-4e48-b26c-9d4197abd37e", "name": "rsa-generated", "providerId": "rsa-generated", @@ -1065,14 +1117,16 @@ }, "internationalizationEnabled": false, "supportedLocales": [], - "authenticationFlows": [{ + "authenticationFlows": [ + { "id": "f93eda62-488f-4090-acf1-9f3860f43afe", "alias": "Handle Existing Account", "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", "providerId": "basic-flow", "topLevel": false, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "idp-confirm-link", "requirement": "REQUIRED", "priority": 10, @@ -1102,7 +1156,8 @@ "providerId": "basic-flow", "topLevel": false, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "idp-username-password-form", "requirement": "REQUIRED", "priority": 10, @@ -1125,7 +1180,8 @@ "providerId": "basic-flow", "topLevel": false, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "conditional-user-configured", "requirement": "REQUIRED", "priority": 10, @@ -1148,7 +1204,8 @@ "providerId": "basic-flow", "topLevel": true, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "auth-cookie", "requirement": "ALTERNATIVE", "priority": 10, @@ -1185,7 +1242,8 @@ "providerId": "client-flow", "topLevel": true, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "client-secret", "requirement": "ALTERNATIVE", "priority": 10, @@ -1222,7 +1280,8 @@ "providerId": "basic-flow", "topLevel": true, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "direct-grant-validate-username", "requirement": "REQUIRED", "priority": 10, @@ -1252,7 +1311,8 @@ "providerId": "basic-flow", "topLevel": false, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "conditional-user-configured", "requirement": "REQUIRED", "priority": 10, @@ -1275,13 +1335,15 @@ "providerId": "basic-flow", "topLevel": true, "builtIn": true, - "authenticationExecutions": [{ - "authenticator": "docker-http-basic-authenticator", - "requirement": "REQUIRED", - "priority": 10, - "userSetupAllowed": false, - "autheticatorFlow": false - }] + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] }, { "id": "8c133757-5745-4c3e-b408-43a3e6e00d51", @@ -1290,7 +1352,8 @@ "providerId": "basic-flow", "topLevel": true, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticatorConfig": "review profile config", "authenticator": "idp-review-profile", "requirement": "REQUIRED", @@ -1322,7 +1385,8 @@ "providerId": "basic-flow", "topLevel": false, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "auth-username-password-form", "requirement": "REQUIRED", "priority": 10, @@ -1345,7 +1409,8 @@ "providerId": "basic-flow", "topLevel": false, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "conditional-user-configured", "requirement": "REQUIRED", "priority": 10, @@ -1368,7 +1433,8 @@ "providerId": "basic-flow", "topLevel": true, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "no-cookie-redirect", "requirement": "REQUIRED", "priority": 10, @@ -1405,14 +1471,16 @@ "providerId": "basic-flow", "topLevel": true, "builtIn": true, - "authenticationExecutions": [{ - "authenticator": "registration-page-form", - "requirement": "REQUIRED", - "priority": 10, - "flowAlias": "registration form", - "userSetupAllowed": false, - "autheticatorFlow": true - }] + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] }, { "id": "2a162eb4-830b-4719-b892-1b8748d75d77", @@ -1421,7 +1489,8 @@ "providerId": "form-flow", "topLevel": false, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "registration-user-creation", "requirement": "REQUIRED", "priority": 20, @@ -1458,7 +1527,8 @@ "providerId": "basic-flow", "topLevel": true, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "reset-credentials-choose-user", "requirement": "REQUIRED", "priority": 10, @@ -1495,7 +1565,8 @@ "providerId": "basic-flow", "topLevel": false, "builtIn": true, - "authenticationExecutions": [{ + "authenticationExecutions": [ + { "authenticator": "conditional-user-configured", "requirement": "REQUIRED", "priority": 10, @@ -1518,16 +1589,19 @@ "providerId": "basic-flow", "topLevel": true, "builtIn": true, - "authenticationExecutions": [{ - "authenticator": "http-basic-authenticator", - "requirement": "REQUIRED", - "priority": 10, - "userSetupAllowed": false, - "autheticatorFlow": false - }] + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] } ], - "authenticatorConfig": [{ + "authenticatorConfig": [ + { "id": "ae8a005d-8df1-4911-9289-7e507c6778d2", "alias": "create unique user config", "config": { @@ -1542,7 +1616,8 @@ } } ], - "requiredActions": [{ + "requiredActions": [ + { "alias": "CONFIGURE_TOTP", "name": "Configure OTP", "providerId": "CONFIGURE_TOTP", diff --git a/utils_test.go b/utils_test.go index 92cfa212..0e2d5c70 100644 --- a/utils_test.go +++ b/utils_test.go @@ -5,7 +5,7 @@ import ( "github.com/stretchr/testify/assert" - "github.com/Nerzal/gocloak/v11" + "github.com/Nerzal/gocloak/v12" ) func TestStringP(t *testing.T) {