2022-12-14 20:40:45 +01:00
|
|
|
package zrokEdgeSdk
|
2022-10-06 20:52:52 +02:00
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"fmt"
|
|
|
|
"github.com/openziti/edge/rest_management_api_client"
|
2022-12-14 20:31:47 +01:00
|
|
|
"github.com/openziti/edge/rest_management_api_client/identity"
|
2022-12-02 14:28:40 +01:00
|
|
|
rest_model_edge "github.com/openziti/edge/rest_model"
|
2022-12-14 20:31:47 +01:00
|
|
|
"github.com/openziti/sdk-golang/ziti/config"
|
2022-12-02 14:28:40 +01:00
|
|
|
"github.com/openziti/sdk-golang/ziti/enroll"
|
2022-10-06 20:52:52 +02:00
|
|
|
"github.com/sirupsen/logrus"
|
|
|
|
"time"
|
|
|
|
)
|
|
|
|
|
2023-01-10 22:43:58 +01:00
|
|
|
func CreateEnvironmentIdentity(uniqueToken, accountEmail, envDescription string, edge *rest_management_api_client.ZitiEdgeManagement) (*identity.CreateIdentityCreated, error) {
|
2022-12-02 14:28:40 +01:00
|
|
|
identityType := rest_model_edge.IdentityTypeUser
|
2022-12-05 21:40:42 +01:00
|
|
|
moreTags := map[string]interface{}{"zrokEmail": accountEmail}
|
2023-01-10 22:43:58 +01:00
|
|
|
return CreateIdentity(accountEmail+"-"+uniqueToken+"-"+envDescription, identityType, moreTags, edge)
|
2022-12-05 21:40:42 +01:00
|
|
|
}
|
|
|
|
|
2022-12-14 21:47:14 +01:00
|
|
|
func CreateIdentity(name string, identityType rest_model_edge.IdentityType, addlTags map[string]interface{}, edge *rest_management_api_client.ZitiEdgeManagement) (*identity.CreateIdentityCreated, error) {
|
2022-12-05 21:40:42 +01:00
|
|
|
isAdmin := false
|
2022-12-14 20:31:47 +01:00
|
|
|
tags := ZrokTags()
|
2022-12-14 20:57:55 +01:00
|
|
|
for k, v := range addlTags {
|
2022-12-05 21:40:42 +01:00
|
|
|
tags.SubTags[k] = v
|
|
|
|
}
|
2022-12-14 20:31:47 +01:00
|
|
|
req := identity.NewCreateIdentityParams()
|
2022-12-05 21:40:42 +01:00
|
|
|
req.Identity = &rest_model_edge.IdentityCreate{
|
2022-12-02 14:28:40 +01:00
|
|
|
Enrollment: &rest_model_edge.IdentityCreateEnrollment{Ott: true},
|
2022-12-05 21:40:42 +01:00
|
|
|
IsAdmin: &isAdmin,
|
2022-12-02 14:28:40 +01:00
|
|
|
Name: &name,
|
|
|
|
RoleAttributes: nil,
|
|
|
|
ServiceHostingCosts: nil,
|
|
|
|
Tags: tags,
|
|
|
|
Type: &identityType,
|
|
|
|
}
|
2022-12-05 21:40:42 +01:00
|
|
|
req.SetTimeout(30 * time.Second)
|
2022-12-14 21:47:14 +01:00
|
|
|
resp, err := edge.Identity.CreateIdentity(req, nil)
|
2022-12-02 14:28:40 +01:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return resp, nil
|
|
|
|
}
|
|
|
|
|
2022-12-14 21:47:14 +01:00
|
|
|
func GetIdentityByZId(zId string, edge *rest_management_api_client.ZitiEdgeManagement) (*identity.ListIdentitiesOK, error) {
|
2022-12-02 14:44:17 +01:00
|
|
|
filter := fmt.Sprintf("id=\"%v\"", zId)
|
|
|
|
limit := int64(0)
|
|
|
|
offset := int64(0)
|
2022-12-14 20:31:47 +01:00
|
|
|
req := &identity.ListIdentitiesParams{
|
2022-12-02 14:44:17 +01:00
|
|
|
Filter: &filter,
|
|
|
|
Limit: &limit,
|
|
|
|
Offset: &offset,
|
|
|
|
Context: context.Background(),
|
|
|
|
}
|
|
|
|
req.SetTimeout(30 * time.Second)
|
2022-12-14 21:47:14 +01:00
|
|
|
resp, err := edge.Identity.ListIdentities(req, nil)
|
2022-12-02 14:44:17 +01:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return resp, nil
|
|
|
|
}
|
|
|
|
|
2022-12-14 21:47:14 +01:00
|
|
|
func EnrollIdentity(zId string, edge *rest_management_api_client.ZitiEdgeManagement) (*config.Config, error) {
|
2022-12-14 20:31:47 +01:00
|
|
|
p := &identity.DetailIdentityParams{
|
2022-12-02 14:28:40 +01:00
|
|
|
Context: context.Background(),
|
|
|
|
ID: zId,
|
|
|
|
}
|
|
|
|
p.SetTimeout(30 * time.Second)
|
2022-12-14 21:47:14 +01:00
|
|
|
resp, err := edge.Identity.DetailIdentity(p, nil)
|
2022-12-02 14:28:40 +01:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
tkn, _, err := enroll.ParseToken(resp.GetPayload().Data.Enrollment.Ott.JWT)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
flags := enroll.EnrollmentFlags{
|
|
|
|
Token: tkn,
|
|
|
|
KeyAlg: "RSA",
|
|
|
|
}
|
|
|
|
conf, err := enroll.Enroll(flags)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2022-12-14 20:57:55 +01:00
|
|
|
logrus.Infof("enrolled ziti identity '%v'", zId)
|
2022-12-02 14:28:40 +01:00
|
|
|
return conf, nil
|
|
|
|
}
|
|
|
|
|
2022-12-14 20:57:55 +01:00
|
|
|
func DeleteIdentity(zId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
|
2022-12-14 20:31:47 +01:00
|
|
|
req := &identity.DeleteIdentityParams{
|
2022-12-14 20:57:55 +01:00
|
|
|
ID: zId,
|
2022-10-07 20:17:15 +02:00
|
|
|
Context: context.Background(),
|
|
|
|
}
|
|
|
|
req.SetTimeout(30 * time.Second)
|
|
|
|
_, err := edge.Identity.DeleteIdentity(req, nil)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
2022-10-06 20:52:52 +02:00
|
|
|
}
|
2022-12-14 20:57:55 +01:00
|
|
|
logrus.Infof("deleted ziti identity '%v'", zId)
|
2022-10-06 20:52:52 +02:00
|
|
|
return nil
|
|
|
|
}
|