diff --git a/README.md b/README.md index b0e9a3b7..9074aa3b 100644 --- a/README.md +++ b/README.md @@ -638,7 +638,7 @@ You can create, update, delete or load tenants: // Creating and updating tenants takes the &descope.TenantRequest type. This is an example of a &descope.TenantRequest tenantRequest := &descope.TenantRequest{} -tenantRequest.Name = []string{"My Tenant"} +tenantRequest.Name = "My Tenant" tenantRequest.SelfProvisioningDomains = []string{"domain.com"} tenantRequest.CustomAttributes = map[string]any{"mycustomattribute": "Test"} diff --git a/descope/api/client.go b/descope/api/client.go index 6d771f31..b3dc7038 100644 --- a/descope/api/client.go +++ b/descope/api/client.go @@ -187,6 +187,7 @@ var ( authzREResource: "mgmt/authz/re/resource", authzRETargets: "mgmt/authz/re/targets", authzRETargetAll: "mgmt/authz/re/targetall", + authzRETargetWithRelation: "mgmt/authz/re/targetwithrelation", authzGetModified: "mgmt/authz/getmodified", }, logout: "auth/logout", @@ -369,22 +370,23 @@ type mgmtEndpoints struct { auditSearch string - authzSchemaSave string - authzSchemaDelete string - authzSchemaLoad string - authzNSSave string - authzNSDelete string - authzRDSave string - authzRDDelete string - authzRECreate string - authzREDelete string - authzREDeleteResources string - authzREHasRelations string - authzREWho string - authzREResource string - authzRETargets string - authzRETargetAll string - authzGetModified string + authzSchemaSave string + authzSchemaDelete string + authzSchemaLoad string + authzNSSave string + authzNSDelete string + authzRDSave string + authzRDDelete string + authzRECreate string + authzREDelete string + authzREDeleteResources string + authzREHasRelations string + authzREWho string + authzREResource string + authzRETargets string + authzRETargetAll string + authzRETargetWithRelation string + authzGetModified string } func (e *endpoints) SignInOTP() string { @@ -1017,6 +1019,10 @@ func (e *endpoints) ManagementAuthzRETargetAll() string { return path.Join(e.version, e.mgmt.authzRETargetAll) } +func (e *endpoints) ManagementAuthzRETargetWithRelation() string { + return path.Join(e.version, e.mgmt.authzRETargetWithRelation) +} + func (e *endpoints) ManagementAuthzGetModified() string { return path.Join(e.version, e.mgmt.authzGetModified) } diff --git a/descope/internal/mgmt/authz.go b/descope/internal/mgmt/authz.go index 0294a07c..f240c6a0 100644 --- a/descope/internal/mgmt/authz.go +++ b/descope/internal/mgmt/authz.go @@ -214,6 +214,10 @@ type relationsResponse struct { Relations []*descope.AuthzRelation `json:"relations"` } +type resourcesResponse struct { + Resources []string `json:"resources"` +} + func (a *authz) ResourceRelations(ctx context.Context, resource string) ([]*descope.AuthzRelation, error) { if resource == "" { return nil, utils.NewInvalidArgumentError("resource") @@ -277,6 +281,45 @@ func (a *authz) WhatCanTargetAccess(ctx context.Context, target string) ([]*desc return response.Relations, nil } +func (a *authz) WhatCanTargetAccessWithRelation(ctx context.Context, target, relationDefinition, namespace string) ([]*descope.AuthzRelation, error) { + if target == "" { + return nil, utils.NewInvalidArgumentError("target") + } + if relationDefinition == "" { + return nil, utils.NewInvalidArgumentError("relationDefinition") + } + if namespace == "" { + return nil, utils.NewInvalidArgumentError("namespace") + } + body := map[string]any{ + "target": target, + "relationDefinition": relationDefinition, + "namespace": namespace, + } + res, err := a.client.DoPostRequest(ctx, api.Routes.ManagementAuthzRETargetWithRelation(), body, nil, a.conf.ManagementKey) + if err != nil { + // notest + return nil, err + } + var response *resourcesResponse + err = utils.Unmarshal([]byte(res.BodyStr), &response) + if err != nil { + // notest + return nil, err + } + + var resp []*descope.AuthzRelation + for _, resource := range response.Resources { + resp = append(resp, &descope.AuthzRelation{ + Resource: resource, + Target: target, + RelationDefinition: relationDefinition, + Namespace: namespace, + }) + } + return resp, nil +} + func (a *authz) GetModified(ctx context.Context, since time.Time) (*descope.AuthzModified, error) { body := map[string]any{} if !since.IsZero() { diff --git a/descope/internal/mgmt/authz_test.go b/descope/internal/mgmt/authz_test.go index 9b2f0705..7468cacc 100644 --- a/descope/internal/mgmt/authz_test.go +++ b/descope/internal/mgmt/authz_test.go @@ -358,6 +358,46 @@ func TestWhatCanTargetAccessMissingArgument(t *testing.T) { require.ErrorContains(t, err, utils.NewInvalidArgumentError("target").Message) } +func TestWhatCanTargetAccessWithRelationSuccess(t *testing.T) { + response := []*descope.AuthzRelation{ + { + Resource: "r1", + RelationDefinition: "rd", + Namespace: "n", + Target: "u1", + }, + { + Resource: "r2", + RelationDefinition: "rd", + Namespace: "n", + Target: "u1", + }, + } + mgmt := newTestMgmt(nil, helpers.DoOkWithBody(func(r *http.Request) { + require.Equal(t, r.Header.Get("Authorization"), "Bearer a:key") + req := map[string]any{} + require.NoError(t, helpers.ReadBody(r, &req)) + require.Equal(t, "u1", req["target"]) + require.Equal(t, "rd", req["relationDefinition"]) + require.Equal(t, "n", req["namespace"]) + }, map[string]any{"resources": []string{"r1", "r2"}})) + res, err := mgmt.Authz().WhatCanTargetAccessWithRelation(context.Background(), "u1", "rd", "n") + require.NoError(t, err) + assert.EqualValues(t, response, res) +} + +func TestWhatCanTargetAccessWithRelationMissingArgument(t *testing.T) { + mgmt := newTestMgmt(nil, helpers.DoOk(nil)) + _, err := mgmt.Authz().WhatCanTargetAccessWithRelation(context.Background(), "", "", "") + require.ErrorContains(t, err, utils.NewInvalidArgumentError("target").Message) + + _, err = mgmt.Authz().WhatCanTargetAccessWithRelation(context.Background(), "tar", "", "") + require.ErrorContains(t, err, utils.NewInvalidArgumentError("relationDefinition").Message) + + _, err = mgmt.Authz().WhatCanTargetAccessWithRelation(context.Background(), "tar", "def", "") + require.ErrorContains(t, err, utils.NewInvalidArgumentError("namespace").Message) +} + func TestGetModifiedWrongArgument(t *testing.T) { mgmt := newTestMgmt(nil, helpers.DoOk(nil)) _, err := mgmt.Authz().GetModified(context.Background(), time.Now().Add(10*time.Second)) diff --git a/descope/sdk/mgmt.go b/descope/sdk/mgmt.go index ff0c06c6..5c320701 100644 --- a/descope/sdk/mgmt.go +++ b/descope/sdk/mgmt.go @@ -757,6 +757,9 @@ type Authz interface { // WhatCanTargetAccess returns the list of all relations for the given target including derived relations from the schema tree. WhatCanTargetAccess(ctx context.Context, target string) ([]*descope.AuthzRelation, error) + // WhatCanTargetAccessWithRelation returns the list of all resources that the target has the given relation to including all derived relations + WhatCanTargetAccessWithRelation(ctx context.Context, target, relationDefinition, namespace string) ([]*descope.AuthzRelation, error) + // GetModified list of targets and resources changed since the given date // Should be used to invalidate local caches GetModified(ctx context.Context, since time.Time) (*descope.AuthzModified, error) diff --git a/descope/tests/mocks/mgmt/managementmock.go b/descope/tests/mocks/mgmt/managementmock.go index 6ee25b2a..0b852bd8 100644 --- a/descope/tests/mocks/mgmt/managementmock.go +++ b/descope/tests/mocks/mgmt/managementmock.go @@ -1280,6 +1280,10 @@ type MockAuthz struct { WhatCanTargetAccessResponse []*descope.AuthzRelation WhatCanTargetAccessError error + WhatCanTargetAccessWithRelationAssert func(target, relationDefinition, namespace string) + WhatCanTargetAccessWithRelationResponse []*descope.AuthzRelation + WhatCanTargetAccessWithRelationError error + GetModifiedAssert func(since time.Time) GetModifiedResponse *descope.AuthzModified GetModifiedError error @@ -1384,6 +1388,13 @@ func (m *MockAuthz) WhatCanTargetAccess(_ context.Context, target string) ([]*de return m.WhatCanTargetAccessResponse, m.WhatCanTargetAccessError } +func (m *MockAuthz) WhatCanTargetAccessWithRelation(_ context.Context, target, relationDefinition, namespace string) ([]*descope.AuthzRelation, error) { + if m.WhatCanTargetAccessWithRelationAssert != nil { + m.WhatCanTargetAccessWithRelationAssert(target, relationDefinition, namespace) + } + return m.WhatCanTargetAccessWithRelationResponse, m.WhatCanTargetAccessWithRelationError +} + func (m *MockAuthz) GetModified(_ context.Context, since time.Time) (*descope.AuthzModified, error) { if m.GetModifiedAssert != nil { m.GetModifiedAssert(since) diff --git a/examples/managementcli/go.mod b/examples/managementcli/go.mod deleted file mode 100644 index ae9bb017..00000000 --- a/examples/managementcli/go.mod +++ /dev/null @@ -1,27 +0,0 @@ -module github.com/descope/go-sdk/examples/managementcli - -go 1.18 - -replace github.com/descope/go-sdk => ../../ - -require ( - github.com/descope/go-sdk v1.5.7 - github.com/spf13/cobra v1.8.0 -) - -require ( - github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect - github.com/goccy/go-json v0.10.2 // indirect - github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/lestrrat-go/blackmagic v1.0.2 // indirect - github.com/lestrrat-go/httpcc v1.0.1 // indirect - github.com/lestrrat-go/httprc v1.0.4 // indirect - github.com/lestrrat-go/iter v1.0.2 // indirect - github.com/lestrrat-go/jwx/v2 v2.0.18 // indirect - github.com/lestrrat-go/option v1.0.1 // indirect - github.com/segmentio/asm v1.2.0 // indirect - github.com/spf13/pflag v1.0.5 // indirect - golang.org/x/crypto v0.17.0 // indirect - golang.org/x/exp v0.0.0-20231214170342-aacd6d4b4611 // indirect - golang.org/x/sys v0.15.0 // indirect -) diff --git a/examples/managementcli/go.sum b/examples/managementcli/go.sum deleted file mode 100644 index d9c9d438..00000000 --- a/examples/managementcli/go.sum +++ /dev/null @@ -1,89 +0,0 @@ -github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0= -github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= -github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= -github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= -github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k= -github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= -github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= -github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= -github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJGdI8= -github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo= -github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI= -github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= -github.com/lestrrat-go/jwx/v2 v2.0.18 h1:HHZkYS5wWDDyAiNBwztEtDoX07WDhGEdixm8G06R50o= -github.com/lestrrat-go/jwx/v2 v2.0.18/go.mod h1:fAJ+k5eTgKdDqanzCuK6DAt3W7n3cs2/FX7JhQdk83U= -github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= -github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU= -github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys= -github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs= -github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= -github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/exp v0.0.0-20231214170342-aacd6d4b4611 h1:qCEDpW1G+vcj3Y7Fy52pEM1AWm3abj8WimGYejI3SC4= -golang.org/x/exp v0.0.0-20231214170342-aacd6d4b4611/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/examples/managementcli/main.go b/examples/managementcli/main.go deleted file mode 100644 index 51cf3d57..00000000 --- a/examples/managementcli/main.go +++ /dev/null @@ -1,860 +0,0 @@ -package main - -import ( - "context" - "encoding/json" - "errors" - "fmt" - "os" - "strconv" - "strings" - - "github.com/descope/go-sdk/descope" - "github.com/descope/go-sdk/descope/client" - "github.com/spf13/cobra" -) - -// Command line flags - -var flags struct { - LoginID string - Email string - Phone string - Name string - Tenants []string - Domains []string - Description string - Permissions []string - AdditionalLoginIDs []string - LoginPageURL string - SPMetadataURL string - EntityID string - ACSURL string - Certificate string - FlowIDs []string -} - -// Descope SDK - -var descopeClient *client.DescopeClient - -func prepare() (err error) { - descopeConfig := &client.Config{ - ProjectID: os.Getenv(descope.EnvironmentVariableProjectID), - ManagementKey: os.Getenv(descope.EnvironmentVariableManagementKey), - DescopeBaseURL: os.Getenv(descope.EnvironmentVariableBaseURL), - } - if descopeConfig.ProjectID == "" { - // the projectID can be found in the Project section of the admin console: https://app.descope.com/settings/project - return errors.New("the DESCOPE_PROJECT_ID environment variable must be set") - } - if descopeConfig.ManagementKey == "" { - // generate a management key in the Company section of the admin console: https://app.descope.com/settings/company - return errors.New("the DESCOPE_MANAGEMENT_KEY environment variable must be set") - } - descopeClient, err = client.NewWithConfig(descopeConfig) - return err -} - -func userCreate(args []string) error { - tenants := []*descope.AssociatedTenant{} - for _, tenantID := range flags.Tenants { - tenants = append(tenants, &descope.AssociatedTenant{TenantID: tenantID}) - } - user := &descope.UserRequest{} - user.Email = flags.Email - user.Phone = flags.Phone - if flags.Email == "" && flags.Phone == "" { - user.Email = "foo@bar.com" // email or phone are required - } - user.Name = flags.Name - user.Tenants = tenants - user.AdditionalLoginIDs = flags.AdditionalLoginIDs - _, err := descopeClient.Management.User().Create(context.Background(), args[0], user) - return err -} - -func userUpdate(args []string) error { - tenants := []*descope.AssociatedTenant{} - for _, tenantID := range flags.Tenants { - tenants = append(tenants, &descope.AssociatedTenant{TenantID: tenantID}) - } - user := &descope.UserRequest{} - user.Email = flags.Email - user.Phone = flags.Phone - if flags.Email == "" && flags.Phone == "" { - user.Email = "foo@bar.com" // email or phone are required - } - user.Name = flags.Name - user.Tenants = tenants - user.AdditionalLoginIDs = flags.AdditionalLoginIDs - - _, err := descopeClient.Management.User().Update(context.Background(), args[0], user) - return err -} - -func userDelete(args []string) error { - return descopeClient.Management.User().Delete(context.Background(), args[0]) -} - -func userLoad(args []string) error { - res, err := descopeClient.Management.User().Load(context.Background(), args[0]) - if err == nil { - fmt.Println("Found:", res) - } - return err -} - -func userUpdateLoginID(args []string) error { - res, err := descopeClient.Management.User().UpdateLoginID(context.Background(), args[0], args[1]) - if err == nil { - fmt.Println("Updated user:", res) - } - return err -} - -func userSearchAll(args []string) error { - limit, err := strconv.ParseInt(args[0], 10, 64) - if err != nil { - return err - } - - page, err := strconv.ParseInt(args[1], 10, 64) - if err != nil { - return err - } - - res, err := descopeClient.Management.User().SearchAll(context.Background(), &descope.UserSearchOptions{Limit: int32(limit), Page: int32(page)}) - if err == nil { - for _, u := range res { - fmt.Println("Found:", u) - } - } - return err -} - -func setUserTemporaryPassword(args []string) error { - loginID := args[0] - password := args[1] - return descopeClient.Management.User().SetTemporaryPassword(context.Background(), loginID, password) -} - -func setUserActivePassword(args []string) error { - loginID := args[0] - password := args[1] - return descopeClient.Management.User().SetActivePassword(context.Background(), loginID, password) -} - -func expireUserPassword(args []string) error { - loginID := args[0] - return descopeClient.Management.User().ExpirePassword(context.Background(), loginID) -} - -func getUserProviderToken(args []string) error { - loginID := args[0] - provider := args[1] - res, err := descopeClient.Management.User().GetProviderToken(context.Background(), loginID, provider) - if err == nil { - fmt.Println("Found:", res) - } - return err -} - -func accessKeyCreate(args []string) error { - tenants := []*descope.AssociatedTenant{} - for _, tenantID := range flags.Tenants { - tenants = append(tenants, &descope.AssociatedTenant{TenantID: tenantID}) - } - expireTime, err := strconv.ParseInt(args[1], 10, 64) - if err != nil { - return err - } - userID := "" - if len(args) > 2 { - userID = args[2] - } - cleartext, res, err := descopeClient.Management.AccessKey().Create(context.Background(), args[0], expireTime, nil, tenants, userID, nil) - if err != nil { - return err - } - fmt.Println("Access Key Created with ID: ", res.ID) - fmt.Println("Cleartext:", cleartext) - return nil -} - -func accessKeyLoad(args []string) error { - res, err := descopeClient.Management.AccessKey().Load(context.Background(), args[0]) - if err == nil { - fmt.Println("Found:", res) - } - return err -} - -func accessKeySearchAll(args []string) error { - res, err := descopeClient.Management.AccessKey().SearchAll(context.Background(), nil) - if err == nil { - for _, u := range res { - fmt.Println("Found:", u) - } - } - return err -} - -func accessKeyUpdate(args []string) error { - _, err := descopeClient.Management.AccessKey().Update(context.Background(), args[0], args[1]) - return err -} - -func accessKeyDeactivate(args []string) error { - return descopeClient.Management.AccessKey().Deactivate(context.Background(), args[0]) -} - -func accessKeyActivate(args []string) error { - return descopeClient.Management.AccessKey().Activate(context.Background(), args[0]) -} - -func accessKeyDelete(args []string) error { - return descopeClient.Management.AccessKey().Delete(context.Background(), args[0]) -} - -func tenantCreate(args []string) error { - tr := &descope.TenantRequest{Name: args[0], SelfProvisioningDomains: flags.Domains} - if flags.LoginID != "" { - return descopeClient.Management.Tenant().CreateWithID(context.Background(), flags.LoginID, tr) - } - tenantID, err := descopeClient.Management.Tenant().Create(context.Background(), tr) - if err == nil { - fmt.Println("Created new tenant with id:", tenantID) - } - return err -} - -func tenantUpdate(args []string) error { - - if flags.LoginID != "" { - tr := &descope.TenantRequest{Name: args[0], SelfProvisioningDomains: flags.Domains} - return descopeClient.Management.Tenant().CreateWithID(context.Background(), flags.LoginID, tr) - } - tr := &descope.TenantRequest{Name: args[1], SelfProvisioningDomains: flags.Domains} - return descopeClient.Management.Tenant().Update(context.Background(), args[0], tr) -} - -func tenantDelete(args []string) error { - return descopeClient.Management.Tenant().Delete(context.Background(), args[0]) -} - -func tenantLoad(args []string) error { - tenant, err := descopeClient.Management.Tenant().Load(context.Background(), args[0]) - if err == nil { - fmt.Println("Found:", tenant) - } - return err -} - -func tenantLoadAll(args []string) error { - res, err := descopeClient.Management.Tenant().LoadAll(context.Background()) - if err == nil { - for _, t := range res { - fmt.Println("Found:", t) - } - } - return err -} - -func oidcSSOApplicationCreate(args []string) error { - req := &descope.OIDCApplicationRequest{Name: args[0], Enabled: true, LoginPageURL: args[1]} - appID, err := descopeClient.Management.SSOApplication().CreateOIDCApplication(context.Background(), req) - if err == nil { - fmt.Println("Created new OIDC sso application with id:", appID) - } - return err -} - -func samlSSOApplicationCreate(args []string) error { - req := &descope.SAMLApplicationRequest{Name: args[0], Enabled: true, LoginPageURL: args[1], UseMetadataInfo: true, MetadataURL: args[2]} - appID, err := descopeClient.Management.SSOApplication().CreateSAMLApplication(context.Background(), req) - if err == nil { - fmt.Println("Created new SAML sso application with id:", appID) - } - return err -} - -func oidcSSOApplicationUpdate(args []string) error { - req := &descope.OIDCApplicationRequest{Name: args[0], Enabled: true, LoginPageURL: args[1]} - return descopeClient.Management.SSOApplication().UpdateOIDCApplication(context.Background(), req) -} - -func samlSSOApplicationUpdate(args []string) error { - req := &descope.SAMLApplicationRequest{Name: args[0], Enabled: true, LoginPageURL: args[1], UseMetadataInfo: false, EntityID: args[2], AcsURL: args[3], Certificate: args[4]} - return descopeClient.Management.SSOApplication().UpdateSAMLApplication(context.Background(), req) -} - -func ssoApplicationLoad(args []string) error { - app, err := descopeClient.Management.SSOApplication().Load(context.Background(), args[0]) - if err == nil { - fmt.Println("Found:", app) - } - return err -} - -func ssoApplicationLoadAll(args []string) error { - res, err := descopeClient.Management.SSOApplication().LoadAll(context.Background()) - if err == nil { - for _, app := range res { - fmt.Println("Found:", app) - } - } - return err -} - -func ssoApplicationDelete(args []string) error { - return descopeClient.Management.SSOApplication().Delete(context.Background(), args[0]) -} - -func permissionCreate(args []string) error { - return descopeClient.Management.Permission().Create(context.Background(), args[0], flags.Description) -} - -func permissionUpdate(args []string) error { - return descopeClient.Management.Permission().Update(context.Background(), args[0], args[1], flags.Description) -} - -func permissionDelete(args []string) error { - return descopeClient.Management.Permission().Delete(context.Background(), args[0]) -} - -func permissionAll(args []string) error { - res, err := descopeClient.Management.Permission().LoadAll(context.Background()) - if err == nil { - for _, p := range res { - fmt.Println("Found:", p) - } - } - return err -} - -func roleCreate(args []string) error { - return descopeClient.Management.Role().Create(context.Background(), args[0], flags.Description, flags.Permissions, "") -} - -func roleUpdate(args []string) error { - return descopeClient.Management.Role().Update(context.Background(), args[0], "", args[1], flags.Description, flags.Permissions) -} - -func roleDelete(args []string) error { - return descopeClient.Management.Role().Delete(context.Background(), args[0], "") -} - -func roleAll(args []string) error { - res, err := descopeClient.Management.Role().LoadAll(context.Background()) - if err == nil { - for _, p := range res { - fmt.Println("Found:", p) - } - } - return err -} - -func groupAllForTenant(args []string) error { - tenantID := args[0] - res, err := descopeClient.Management.Group().LoadAllGroups(context.Background(), tenantID) - if err == nil { - for _, p := range res { - fmt.Printf("Found group: %s, %s. Members: %v\n", p.ID, p.Display, p.Members) - } - } - return err -} - -func writeToFile(fileName string, data any) error { - b, err := json.Marshal(data) - if err != nil { - return err - } - return os.WriteFile(fileName, b, 0644) -} - -func listFlows(args []string) error { - res, err := descopeClient.Management.Flow().ListFlows(context.Background()) - if err == nil { - for _, f := range res.Flows { - fmt.Printf("ID: %s, Name: %s, Description: %s, Disabled: %t\n", f.ID, f.Name, f.Description, f.Disabled) - } - } - return err -} - -func deleteFlows(args []string) error { - err := descopeClient.Management.Flow().DeleteFlows(context.Background(), flags.FlowIDs) - if err == nil { - fmt.Print("Flows deleted successfully\n") - } - return err -} - -func exportFlow(args []string) error { - flowID := args[0] - res, err := descopeClient.Management.Flow().ExportFlow(context.Background(), flowID) - if err != nil { - return err - } - err = writeToFile(fmt.Sprintf("%s.json", flowID), res) - if err == nil { - fmt.Printf("Found flow [%s] named %s with %d screens\n", res.Flow.ID, res.Flow.Name, len(res.Screens)) - } - return err -} - -func importFlow(args []string) error { - fileName := args[0] - flowID := args[1] - b, err := os.ReadFile(fileName) - if err != nil { - return err - } - data := &descope.FlowResponse{} - err = json.Unmarshal(b, data) - if err != nil { - return err - } - - res, err := descopeClient.Management.Flow().ImportFlow(context.Background(), flowID, data.Flow, data.Screens) - if err == nil { - fmt.Printf("Imported flow [%s] named %s with %d screens\n", res.Flow.ID, res.Flow.Name, len(res.Screens)) - } - return err -} - -func importTheme(args []string) error { - fileName := args[0] - b, err := os.ReadFile(fileName) - if err != nil { - return err - } - data := &descope.Theme{} - err = json.Unmarshal(b, data) - if err != nil { - return err - } - - _, err = descopeClient.Management.Flow().ImportTheme(context.Background(), data) - if err == nil { - fmt.Println("Imported theme") - } - return err -} - -func exportTheme(args []string) error { - res, err := descopeClient.Management.Flow().ExportTheme(context.Background()) - if err != nil { - return err - } - err = writeToFile("theme.json", res) - if err == nil { - fmt.Println("Found theme") - } - return err -} - -func groupAllForMembersUserIDs(args []string) error { - tenantID := args[0] - userIDs := strings.Split(args[1], ",") - res, err := descopeClient.Management.Group().LoadAllGroupsForMembers(context.Background(), tenantID, userIDs, nil) - if err == nil { - for _, p := range res { - fmt.Printf("Found group: %s, %s. Members: %v\n", p.ID, p.Display, p.Members) - } - } - return err -} - -func groupAllForMembersLoginIDs(args []string) error { - tenantID := args[0] - loginIDs := strings.Split(args[1], ",") - res, err := descopeClient.Management.Group().LoadAllGroupsForMembers(context.Background(), tenantID, nil, loginIDs) - if err == nil { - for _, p := range res { - fmt.Printf("Found group: %s, %s. Members: %v\n", p.ID, p.Display, p.Members) - } - } - return err -} - -func groupAllGroupMembers(args []string) error { - tenantID := args[0] - groupID := args[1] - res, err := descopeClient.Management.Group().LoadAllGroupMembers(context.Background(), tenantID, groupID) - if err == nil { - for _, p := range res { - fmt.Printf("Found group: %s, %s. Members: %v\n", p.ID, p.Display, p.Members) - } - } - return err -} - -func auditFullTextSearch(args []string) error { - res, err := descopeClient.Management.Audit().Search(context.Background(), &descope.AuditSearchOptions{Text: args[0]}) - if err == nil { - var b []byte - b, err = json.MarshalIndent(res, "", " ") - fmt.Println(string(b)) - } - return err -} - -func authzLoadSchema(args []string) error { - res, err := descopeClient.Management.Authz().LoadSchema(context.Background()) - if err == nil { - var b []byte - b, err = json.MarshalIndent(res, "", " ") - fmt.Println(string(b)) - } - return err -} - -func authzSaveSchema(args []string) error { - schemaFile, err := os.ReadFile(args[0]) - if err != nil { - return err - } - var schema *descope.AuthzSchema - err = json.Unmarshal(schemaFile, &schema) - if err != nil { - return err - } - oldSchema, err := descopeClient.Management.Authz().LoadSchema(context.Background()) - if err != nil { - return err - } - upgrade, err := strconv.ParseBool(args[1]) - if err != nil { - return err - } - err = descopeClient.Management.Authz().SaveSchema(context.Background(), schema, upgrade) - if err == nil { - if oldSchema.Name != schema.Name { - fmt.Printf("Schema %s upgraded to %s.\n", oldSchema.Name, schema.Name) - } else { - fmt.Printf("Schema %s saved.\n", schema.Name) - } - } - return err -} - -func authzHasRelation(args []string) error { - res, err := descopeClient.Management.Authz().HasRelations(context.Background(), []*descope.AuthzRelationQuery{ - { - Resource: args[0], - RelationDefinition: args[1], - Namespace: args[2], - Target: args[3], - }, - }) - if err == nil { - var b []byte - b, err = json.MarshalIndent(res, "", " ") - fmt.Println(string(b)) - } - return err -} - -func authzAddRelation(args []string) error { - err := descopeClient.Management.Authz().CreateRelations(context.Background(), []*descope.AuthzRelation{ - { - Resource: args[0], - RelationDefinition: args[1], - Namespace: args[2], - Target: args[3], - }, - }) - if err == nil { - fmt.Println("Relation added.") - } - return err -} - -func authzAddRelationTargetSet(args []string) error { - err := descopeClient.Management.Authz().CreateRelations(context.Background(), []*descope.AuthzRelation{ - { - Resource: args[0], - RelationDefinition: args[1], - Namespace: args[2], - TargetSetResource: args[3], - TargetSetRelationDefinition: args[4], - TargetSetRelationDefinitionNamespace: args[5], - }, - }) - if err == nil { - fmt.Println("Relation to target set added.") - } - return err -} - -// Command line setup - -var cli = &cobra.Command{ - Use: "managementcli", - Short: "A command line utility for working with the Descope management APIs", - PersistentPreRunE: func(cmd *cobra.Command, args []string) error { - return prepare() - }, -} - -func addCommand(action func([]string) error, use string, help string, setup func(*cobra.Command)) { - cmd := &cobra.Command{ - Use: use, - Short: help, - Run: func(_ *cobra.Command, args []string) { - if err := action(args); err != nil { - fmt.Fprintln(os.Stderr, "The management operation failed:", err) - } - }, - } - setup(cmd) - cmd.DisableFlagsInUseLine = !cmd.HasLocalFlags() - cmd.Flags().SortFlags = false - cli.AddCommand(cmd) -} - -func main() { - addCommand(userCreate, "user-create ", "Create a new user", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - cmd.Flags().StringVarP(&flags.Email, "email", "E", "", "the user's email address") - cmd.Flags().StringVarP(&flags.Phone, "phone", "P", "", "the user's phone number") - cmd.Flags().StringVarP(&flags.Name, "name", "N", "", "the user's display name") - cmd.Flags().StringSliceVarP(&flags.Tenants, "tenants", "T", nil, "the ids of the user's tenants") - cmd.Flags().StringSliceVar(&flags.AdditionalLoginIDs, "additional-login-ids", nil, "the user's additional login id") - }) - - addCommand(userUpdate, "user-update ", "Update an existing user", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - cmd.Flags().StringVarP(&flags.Email, "email", "E", "", "the user's email address") - cmd.Flags().StringVarP(&flags.Phone, "phone", "P", "", "the user's phone number") - cmd.Flags().StringVarP(&flags.Name, "name", "N", "", "the user's display name") - cmd.Flags().StringSliceVarP(&flags.Tenants, "tenants", "T", nil, "the ids of the user's tenants") - cmd.Flags().StringSliceVar(&flags.AdditionalLoginIDs, "additional-login-ids", nil, "the user's additional login id") - }) - - addCommand(userDelete, "user-delete ", "Delete an existing user", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(accessKeyCreate, "access-key-create ", "Create a new access key", func(cmd *cobra.Command) { - cmd.Args = cobra.RangeArgs(2, 3) - cmd.Flags().StringSliceVarP(&flags.Tenants, "tenants", "T", nil, "the ids of the user's tenants") - }) - - addCommand(accessKeyLoad, "access-key-loa ", "Load an access key", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(accessKeySearchAll, "access-key-search-all", "Search all access keys", func(cmd *cobra.Command) { - }) - - addCommand(accessKeyUpdate, "access-key-update ", "Update an access key", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(accessKeyDeactivate, "access-key-deactivate ", "Deactivate an access key", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(accessKeyActivate, "access-key-activate ", "Activate an access key", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(accessKeyDelete, "access-key-delete ", "Delete an access key", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(tenantCreate, "tenant-create ", "Create a new tenant", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - cmd.Flags().StringVarP(&flags.LoginID, "id", "I", "", "the tenant's custom id") - cmd.Flags().StringSliceVarP(&flags.Domains, "domains", "D", nil, "the tenant's self provisioning domains") - }) - - addCommand(tenantUpdate, "tenant-update ", "Update an existing tenant", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - cmd.Flags().StringSliceVarP(&flags.Domains, "domains", "D", nil, "the tenant's self provisioning domains") - }) - - addCommand(tenantDelete, "tenant-delete ", "Delete an existing tenant", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(tenantLoad, "tenant-load", "Load tenant by id", func(cmd *cobra.Command) { - }) - - addCommand(tenantLoadAll, "tenant-all", "Load all tenants", func(cmd *cobra.Command) { - }) - - addCommand(oidcSSOApplicationCreate, "oidc-sso-application-create ", "Create a new OIDC SSO application", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - cmd.Flags().StringVarP(&flags.Name, "name", "n", "", "the sso application's name") - cmd.Flags().StringVarP(&flags.LoginPageURL, "loginPageUrl", "l", "", "the URL where login page is hosted") - }) - - addCommand(samlSSOApplicationCreate, "saml-sso-application-create ", "Create a new SAML SSO application", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(3) - cmd.Flags().StringVarP(&flags.Name, "name", "n", "", "the sso application's name") - cmd.Flags().StringVarP(&flags.LoginPageURL, "loginPageUrl", "l", "", "the URL where login page is hosted") - cmd.Flags().StringVarP(&flags.SPMetadataURL, "metadataUrl", "m", "", "SP metadata url which include all the SP SAML info") - }) - - addCommand(oidcSSOApplicationUpdate, "oidc-sso-application-update ", "Update an existing OIDC SSO application", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - cmd.Flags().StringVarP(&flags.Name, "name", "n", "", "the sso application's name") - cmd.Flags().StringVarP(&flags.LoginPageURL, "loginPageUrl", "l", "", "the URL where login page is hosted") - }) - - addCommand(samlSSOApplicationUpdate, "saml-sso-application-update ", "Update an existing SAML SSO application", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(5) - cmd.Flags().StringVarP(&flags.Name, "name", "n", "", "the sso application's name") - cmd.Flags().StringVarP(&flags.LoginPageURL, "loginPageUrl", "l", "", "the URL where login page is hosted") - cmd.Flags().StringVarP(&flags.EntityID, "entityId", "e", "", "SP entity id") - cmd.Flags().StringVarP(&flags.ACSURL, "acsURL", "a", "", "SP ACS (saml callback) url") - cmd.Flags().StringVarP(&flags.Certificate, "certificate", "c", "", "SP certificate") - }) - - addCommand(ssoApplicationLoad, "sso-application-load ", "Load SSO application by id", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(ssoApplicationLoadAll, "sso-application-load-all", "Load all SSO applications", func(cmd *cobra.Command) { - }) - - addCommand(ssoApplicationDelete, "sso-application-delete ", "Delete an existing SSO application", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(userLoad, "user-load ", "Load an existing user", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(userUpdateLoginID, "user-update-loginid ", "Update loginId of user", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(userSearchAll, "user-search-all", "Search existing users", func(cmd *cobra.Command) { - // Currently not accepting any filters - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(setUserTemporaryPassword, "user-set-temporary-password ", "Set user password, the password will be initially set as expired", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(setUserActivePassword, "user-set-active-password ", "Set user password", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(expireUserPassword, "user-expire-password ", "Expire user password", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(getUserProviderToken, "user-provider-token ", "Get user provider token", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(permissionCreate, "permission-create ", "Create a new permission", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - cmd.Flags().StringVarP(&flags.Description, "description", "D", "", "the permission's description") - }) - - addCommand(permissionUpdate, "permission-update ", "Update a permission", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - cmd.Flags().StringVarP(&flags.Description, "description", "D", "", "the permission's description") - }) - - addCommand(permissionDelete, "permission-delete ", "Delete a permission", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(permissionAll, "permission-all", "Load all permissions", func(cmd *cobra.Command) { - }) - - addCommand(roleCreate, "role-create ", "Create a new role", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - cmd.Flags().StringVarP(&flags.Description, "description", "D", "", "the role's description") - cmd.Flags().StringSliceVarP(&flags.Permissions, "permissions", "P", nil, "the permission names included in this role") - }) - - addCommand(roleUpdate, "role-update ", "Update a role", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - cmd.Flags().StringVarP(&flags.Description, "description", "D", "", "the role's description") - cmd.Flags().StringSliceVarP(&flags.Permissions, "permissions", "P", nil, "the permission names included in this role") - }) - - addCommand(roleDelete, "role-delete ", "Delete a role", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(roleAll, "role-all", "Load all roles", func(cmd *cobra.Command) { - }) - - addCommand(groupAllForTenant, "group-all-for-tenant ", "Load all groups for a given tenant id", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(listFlows, "list-flows", "List all flows in project", func(cmd *cobra.Command) { - }) - - addCommand(deleteFlows, "delete-flows", "Delete flows by the given flows' ids", func(cmd *cobra.Command) { - cmd.Flags().StringSliceVarP(&flags.FlowIDs, "flowIDs", "f", nil, "the flows' ids to delete") - }) - - addCommand(exportFlow, "export-flow ", "Export the flow and screens for a given flow id", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(importFlow, "import-flow ", "load flow and screens from given fileName and import as flowId", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(exportTheme, "export-theme", "Export the theme for the project", func(cmd *cobra.Command) { - }) - - addCommand(importTheme, "import-theme ", "Import a theme for the project", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(1) - }) - - addCommand(groupAllForMembersUserIDs, "group-all-for-members-user-ids ", "Load all groups for the given user's ID (can be found in the user's JWT)", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(groupAllForMembersLoginIDs, "group-all-for-members-loginIds ", "Load all groups for the given user's loginIds (used for sign-in)", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(groupAllGroupMembers, "group-members ", "Load all group's members by the given group id", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(auditFullTextSearch, "audit-search ", "Full text search up to last 30 days of audit. From can be specified in plain English (last 5 minutes, last day)", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(authzLoadSchema, "authz-load-schema", "Load and display the current AuthZ ReBAC schema", func(cmd *cobra.Command) { - }) - - addCommand(authzSaveSchema, "authz-save-schema ", "Save (and potentially upgrade) the AuthZ ReBAC schema from the given file", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(2) - }) - - addCommand(authzHasRelation, "authz-has-relation ", "Check if the given relation exists", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(4) - }) - - addCommand(authzAddRelation, "authz-add-relation ", "Add a relation from a resource to a given target", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(4) - }) - - addCommand(authzAddRelationTargetSet, "authz-add-relation-targetset ", "Add a relation from a resource to a given target set", func(cmd *cobra.Command) { - cmd.Args = cobra.ExactArgs(6) - }) - - err := cli.Execute() - if err != nil { - os.Exit(1) - } -} diff --git a/scripts/build/ci/build_go.sh b/scripts/build/ci/build_go.sh index ad150edd..28ce0098 100755 --- a/scripts/build/ci/build_go.sh +++ b/scripts/build/ci/build_go.sh @@ -25,8 +25,3 @@ echo 'Building importusers example..' if [ $? -ne 0 ]; then exit 1 fi -echo 'Building managementcli example..' -(cd examples/managementcli && go mod tidy && go mod vendor && go build) -if [ $? -ne 0 ]; then - exit 1 -fi