2022-12-14 20:40:45 +01:00
|
|
|
package zrokEdgeSdk
|
2022-10-06 20:52:52 +02:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
"fmt"
|
|
|
|
|
"github.com/openziti/edge/rest_management_api_client"
|
2022-12-14 20:31:47 +01:00
|
|
|
"github.com/openziti/edge/rest_management_api_client/identity"
|
2022-12-02 14:28:40 +01:00
|
|
|
rest_model_edge "github.com/openziti/edge/rest_model"
|
2022-12-14 20:31:47 +01:00
|
|
|
"github.com/openziti/sdk-golang/ziti/config"
|
2022-12-02 14:28:40 +01:00
|
|
|
"github.com/openziti/sdk-golang/ziti/enroll"
|
2022-10-06 20:52:52 +02:00
|
|
|
"github.com/sirupsen/logrus"
|
|
|
|
|
"time"
|
|
|
|
|
)
|
|
|
|
|
|
2022-12-14 20:31:47 +01:00
|
|
|
func CreateEnvironmentIdentity(accountEmail, accountToken string, client *rest_management_api_client.ZitiEdgeManagement) (*identity.CreateIdentityCreated, error) {
|
2022-12-02 14:28:40 +01:00
|
|
|
identityType := rest_model_edge.IdentityTypeUser
|
2022-12-05 21:40:42 +01:00
|
|
|
moreTags := map[string]interface{}{"zrokEmail": accountEmail}
|
2022-12-14 20:31:47 +01:00
|
|
|
return CreateIdentity(accountToken, identityType, moreTags, client)
|
2022-12-05 21:40:42 +01:00
|
|
|
}
|
|
|
|
|
|
2022-12-14 20:31:47 +01:00
|
|
|
func CreateIdentity(name string, identityType rest_model_edge.IdentityType, moreTags map[string]interface{}, client *rest_management_api_client.ZitiEdgeManagement) (*identity.CreateIdentityCreated, error) {
|
2022-12-05 21:40:42 +01:00
|
|
|
isAdmin := false
|
2022-12-14 20:31:47 +01:00
|
|
|
tags := ZrokTags()
|
2022-12-05 21:40:42 +01:00
|
|
|
for k, v := range moreTags {
|
|
|
|
|
tags.SubTags[k] = v
|
|
|
|
|
}
|
2022-12-14 20:31:47 +01:00
|
|
|
req := identity.NewCreateIdentityParams()
|
2022-12-05 21:40:42 +01:00
|
|
|
req.Identity = &rest_model_edge.IdentityCreate{
|
2022-12-02 14:28:40 +01:00
|
|
|
Enrollment: &rest_model_edge.IdentityCreateEnrollment{Ott: true},
|
2022-12-05 21:40:42 +01:00
|
|
|
IsAdmin: &isAdmin,
|
2022-12-02 14:28:40 +01:00
|
|
|
Name: &name,
|
|
|
|
|
RoleAttributes: nil,
|
|
|
|
|
ServiceHostingCosts: nil,
|
|
|
|
|
Tags: tags,
|
|
|
|
|
Type: &identityType,
|
|
|
|
|
}
|
2022-12-05 21:40:42 +01:00
|
|
|
req.SetTimeout(30 * time.Second)
|
2022-12-02 14:28:40 +01:00
|
|
|
resp, err := client.Identity.CreateIdentity(req, nil)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return resp, nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-14 20:31:47 +01:00
|
|
|
func GetIdentity(zId string, client *rest_management_api_client.ZitiEdgeManagement) (*identity.ListIdentitiesOK, error) {
|
2022-12-02 14:44:17 +01:00
|
|
|
filter := fmt.Sprintf("id=\"%v\"", zId)
|
|
|
|
|
limit := int64(0)
|
|
|
|
|
offset := int64(0)
|
2022-12-14 20:31:47 +01:00
|
|
|
req := &identity.ListIdentitiesParams{
|
2022-12-02 14:44:17 +01:00
|
|
|
Filter: &filter,
|
|
|
|
|
Limit: &limit,
|
|
|
|
|
Offset: &offset,
|
|
|
|
|
Context: context.Background(),
|
|
|
|
|
}
|
|
|
|
|
req.SetTimeout(30 * time.Second)
|
|
|
|
|
resp, err := client.Identity.ListIdentities(req, nil)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return resp, nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-14 20:31:47 +01:00
|
|
|
func EnrollIdentity(zId string, client *rest_management_api_client.ZitiEdgeManagement) (*config.Config, error) {
|
|
|
|
|
p := &identity.DetailIdentityParams{
|
2022-12-02 14:28:40 +01:00
|
|
|
Context: context.Background(),
|
|
|
|
|
ID: zId,
|
|
|
|
|
}
|
|
|
|
|
p.SetTimeout(30 * time.Second)
|
|
|
|
|
resp, err := client.Identity.DetailIdentity(p, nil)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
tkn, _, err := enroll.ParseToken(resp.GetPayload().Data.Enrollment.Ott.JWT)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
flags := enroll.EnrollmentFlags{
|
|
|
|
|
Token: tkn,
|
|
|
|
|
KeyAlg: "RSA",
|
|
|
|
|
}
|
|
|
|
|
conf, err := enroll.Enroll(flags)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return conf, nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-14 20:31:47 +01:00
|
|
|
func DeleteIdentity(id string, edge *rest_management_api_client.ZitiEdgeManagement) error {
|
|
|
|
|
req := &identity.DeleteIdentityParams{
|
2022-10-07 20:17:15 +02:00
|
|
|
ID: id,
|
|
|
|
|
Context: context.Background(),
|
|
|
|
|
}
|
|
|
|
|
req.SetTimeout(30 * time.Second)
|
|
|
|
|
_, err := edge.Identity.DeleteIdentity(req, nil)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
2022-10-06 20:52:52 +02:00
|
|
|
}
|
2022-11-08 21:07:18 +01:00
|
|
|
logrus.Infof("deleted environment identity '%v'", id)
|
2022-10-06 20:52:52 +02:00
|
|
|
return nil
|
|
|
|
|
}
|
