forked from zemirco/keycloak
-
Notifications
You must be signed in to change notification settings - Fork 0
/
users.go
174 lines (145 loc) · 5.89 KB
/
users.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
package keycloak
import (
"context"
"fmt"
"net/http"
)
// User representation.
//
// https://github.com/keycloak/keycloak/blob/master/core/src/main/java/org/keycloak/representations/idm/UserRepresentation.java
type User struct {
ID *string `json:"id,omitempty"`
CreatedTimestamp *int64 `json:"createdTimestamp,omitempty"`
Username *string `json:"username,omitempty"`
Enabled *bool `json:"enabled,omitempty"`
Totp *bool `json:"totp,omitempty"`
EmailVerified *bool `json:"emailVerified,omitempty"`
FirstName *string `json:"firstName,omitempty"`
LastName *string `json:"lastName,omitempty"`
Email *string `json:"email,omitempty"`
DisableableCredentialTypes []string `json:"disableableCredentialTypes,omitempty"`
RequiredActions []string `json:"requiredActions,omitempty"`
NotBefore *int `json:"notBefore,omitempty"`
Access *map[string]bool `json:"access,omitempty"`
Attributes *map[string][]string `json:"attributes,omitempty"`
}
// Credential representation.
//
// https://github.com/keycloak/keycloak/blob/master/core/src/main/java/org/keycloak/representations/idm/CredentialRepresentation.java
type Credential struct {
Type *string `json:"type,omitempty"`
Value *string `json:"value,omitempty"`
Temporary *bool `json:"temporary,omitempty"`
}
// UsersService ...
type UsersService service
// Create a new user.
func (s *UsersService) Create(ctx context.Context, realm string, user *User) (*http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users", realm)
req, err := s.keycloak.NewRequest(http.MethodPost, u, user)
if err != nil {
return nil, err
}
return s.keycloak.Do(ctx, req, nil)
}
// List users.
func (s *UsersService) List(ctx context.Context, realm string) ([]*User, *http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users", realm)
req, err := s.keycloak.NewRequest(http.MethodGet, u, nil)
if err != nil {
return nil, nil, err
}
var users []*User
res, err := s.keycloak.Do(ctx, req, &users)
if err != nil {
return nil, nil, err
}
return users, res, nil
}
// GetByUsername get a single user by username.
func (s *UsersService) GetByUsername(ctx context.Context, realm, username string) ([]*User, *http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users?username=%s", realm, username)
req, err := s.keycloak.NewRequest(http.MethodGet, u, nil)
if err != nil {
return nil, nil, err
}
var users []*User
res, err := s.keycloak.Do(ctx, req, &users)
if err != nil {
return nil, nil, err
}
return users, res, nil
}
// Delete user.
func (s *UsersService) Delete(ctx context.Context, realm, userID string) (*http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users/%s", realm, userID)
req, err := s.keycloak.NewRequest(http.MethodDelete, u, nil)
if err != nil {
return nil, err
}
return s.keycloak.Do(ctx, req, nil)
}
// ResetPassword sets or resets the user's password.
func (s *UsersService) ResetPassword(ctx context.Context, realm, userID string, credential *Credential) (*http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users/%s/reset-password", realm, userID)
req, err := s.keycloak.NewRequest(http.MethodPut, u, credential)
if err != nil {
return nil, err
}
return s.keycloak.Do(ctx, req, nil)
}
// Update user.
// JoinGroup adds user to a group.
func (s *UsersService) JoinGroup(ctx context.Context, realm, userID, groupID string) (*http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users/%s/groups/%s", realm, userID, groupID)
req, err := s.keycloak.NewRequest(http.MethodPut, u, nil)
if err != nil {
return nil, err
}
return s.keycloak.Do(ctx, req, nil)
}
// LeaveGroup removes a user from a group.
func (s *UsersService) LeaveGroup(ctx context.Context, realm, userID, groupID string) (*http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users/%s/groups/%s", realm, userID, groupID)
req, err := s.keycloak.NewRequest(http.MethodDelete, u, nil)
if err != nil {
return nil, err
}
return s.keycloak.Do(ctx, req, nil)
}
// AddRealmRoles adds realm roles to user.
func (s *UsersService) AddRealmRoles(ctx context.Context, realm, userID string, roles []*Role) (*http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users/%s/role-mappings/realm", realm, userID)
req, err := s.keycloak.NewRequest(http.MethodPost, u, roles)
if err != nil {
return nil, err
}
return s.keycloak.Do(ctx, req, nil)
}
// RemoveRealmRoles removes assigned realm roles from user.
func (s *UsersService) RemoveRealmRoles(ctx context.Context, realm, userID string, roles []*Role) (*http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users/%s/role-mappings/realm", realm, userID)
req, err := s.keycloak.NewRequest(http.MethodDelete, u, roles)
if err != nil {
return nil, err
}
return s.keycloak.Do(ctx, req, nil)
}
// AddClientRoles adds client roles to user.
func (s *UsersService) AddClientRoles(ctx context.Context, realm, userID, clientID string, roles []*Role) (*http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users/%s/role-mappings/clients/%s", realm, userID, clientID)
req, err := s.keycloak.NewRequest(http.MethodPost, u, roles)
if err != nil {
return nil, err
}
return s.keycloak.Do(ctx, req, nil)
}
// RemoveClientRoles removes assigned client roles from user.
func (s *UsersService) RemoveClientRoles(ctx context.Context, realm, userID, clientID string, roles []*Role) (*http.Response, error) {
u := fmt.Sprintf("admin/realms/%s/users/%s/role-mappings/clients/%s", realm, userID, clientID)
req, err := s.keycloak.NewRequest(http.MethodDelete, u, roles)
if err != nil {
return nil, err
}
return s.keycloak.Do(ctx, req, nil)
}