Documentation
¶
Index ¶
- Variables
- func DeleteAPI(serv *server.Server, audience string) error
- func GetAPI(serv *server.Server, audience string) (*api.API, error)
- func ListAPI(serv *server.Server, limit int) ([]*api.API, error)
- func NewAPI(serv *server.Server, name string, audience string, tokenType api.TokenType) error
- func UpdateAPI(serv *server.Server, audience string, patch *api.API) error
Constants ¶
This section is empty.
Variables ¶
var ErrApiAlreadyExists = credstackError.NewError(409, "API_ALREADY_EXIST", "api: API already exists under the specified domain")
ErrApiAlreadyExists - Provides a named error for when you try to insert an API with a domain that already exists
var ErrApiDoesNotExist = credstackError.NewError(404, "API_DOES_NOT_EXIST", "api: API does not exist under the specified domain")
ErrApiDoesNotExist - Provides a named error for when you try and fetch an API with a domain that does not exist
var ErrApiMissingIdentifier = credstackError.NewError(400, "API_MISSING_ID", "api: API is missing a domain identifier or a name")
ErrApiMissingIdentifier - Provides a named error for when you try and insert or fetch an API with no domain or name
Functions ¶
func DeleteAPI ¶
DeleteAPI - Completely removes the API from Credstack. A valid, non-empty domain must be provided here to serve as the lookup key. If DeletedCount == 0 here, then the API is considered not to exist. Any other errors here are propagated through the error return type
func GetAPI ¶
GetAPI - Fetches an API document from the database and marshals it into a API protobuf. The domain parameter cannot be an empty string, but does not need to be a valid domain as this is used merely as an identifier. Named errors are propagated here and returned. If an error occurs, API is returned as nil
func ListAPI ¶
ListAPI - Lists all user defined API's present in the database. Optionally, a limit can be specified here to limit the amount of data returned at once. The maximum that can be returned in a single call is 10, and if a limit exceeds this, it will be reset to 10
func NewAPI ¶
NewAPI - Creates a new API for use with credstack. While the application determines your use case for authentication, the API controls both what claims get inserted into generated tokens, but also what token types you utilize. Additionally, it controls if RBAC is enforced on the API (validation of scopes and roles). This gets disabled by default, to ensure the caller is fully aware of how the API authenticates users.
Any errors propagated here are returned. Little validation needs to happen on this model, so it only ensures that you do not try and insert an API with the same domain as an existing one
TODO: Update this to not generate a key everytime, only RS256 tokens need keys generated
func UpdateAPI ¶
UpdateAPI - Provides functionality for updating the API connected to the given domain. Only the following fields can be updated here: Name, TokenType, EnforceRBAC, and Applications. To update any other fields, you must delete the existing API and then re-create it. The domain field is never mutable as this is used as the basis for header.Identifier
Types ¶
This section is empty.
Source Files