|
Packit |
63bb0d |
package tokens
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
import (
|
|
Packit |
63bb0d |
"time"
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
"github.com/gophercloud/gophercloud"
|
|
Packit |
63bb0d |
)
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// Endpoint represents a single API endpoint offered by a service.
|
|
Packit |
63bb0d |
// It matches either a public, internal or admin URL.
|
|
Packit |
63bb0d |
// If supported, it contains a region specifier, again if provided.
|
|
Packit |
63bb0d |
// The significance of the Region field will depend upon your provider.
|
|
Packit |
63bb0d |
type Endpoint struct {
|
|
Packit |
63bb0d |
ID string `json:"id"`
|
|
Packit |
63bb0d |
Region string `json:"region"`
|
|
Packit |
63bb0d |
RegionID string `json:"region_id"`
|
|
Packit |
63bb0d |
Interface string `json:"interface"`
|
|
Packit |
63bb0d |
URL string `json:"url"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// CatalogEntry provides a type-safe interface to an Identity API V3 service
|
|
Packit |
63bb0d |
// catalog listing. Each class of service, such as cloud DNS or block storage
|
|
Packit |
63bb0d |
// services, could have multiple CatalogEntry representing it (one by interface
|
|
Packit |
63bb0d |
// type, e.g public, admin or internal).
|
|
Packit |
63bb0d |
//
|
|
Packit |
63bb0d |
// Note: when looking for the desired service, try, whenever possible, to key
|
|
Packit |
63bb0d |
// off the type field. Otherwise, you'll tie the representation of the service
|
|
Packit |
63bb0d |
// to a specific provider.
|
|
Packit |
63bb0d |
type CatalogEntry struct {
|
|
Packit |
63bb0d |
// Service ID
|
|
Packit |
63bb0d |
ID string `json:"id"`
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// Name will contain the provider-specified name for the service.
|
|
Packit |
63bb0d |
Name string `json:"name"`
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// Type will contain a type string if OpenStack defines a type for the
|
|
Packit |
63bb0d |
// service. Otherwise, for provider-specific services, the provider may
|
|
Packit |
63bb0d |
// assign their own type strings.
|
|
Packit |
63bb0d |
Type string `json:"type"`
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// Endpoints will let the caller iterate over all the different endpoints that
|
|
Packit |
63bb0d |
// may exist for the service.
|
|
Packit |
63bb0d |
Endpoints []Endpoint `json:"endpoints"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// ServiceCatalog provides a view into the service catalog from a previous,
|
|
Packit |
63bb0d |
// successful authentication.
|
|
Packit |
63bb0d |
type ServiceCatalog struct {
|
|
Packit |
63bb0d |
Entries []CatalogEntry `json:"catalog"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// Domain provides information about the domain to which this token grants
|
|
Packit |
63bb0d |
// access.
|
|
Packit |
63bb0d |
type Domain struct {
|
|
Packit |
63bb0d |
ID string `json:"id"`
|
|
Packit |
63bb0d |
Name string `json:"name"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// User represents a user resource that exists in the Identity Service.
|
|
Packit |
63bb0d |
type User struct {
|
|
Packit |
63bb0d |
Domain Domain `json:"domain"`
|
|
Packit |
63bb0d |
ID string `json:"id"`
|
|
Packit |
63bb0d |
Name string `json:"name"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// Role provides information about roles to which User is authorized.
|
|
Packit |
63bb0d |
type Role struct {
|
|
Packit |
63bb0d |
ID string `json:"id"`
|
|
Packit |
63bb0d |
Name string `json:"name"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// Project provides information about project to which User is authorized.
|
|
Packit |
63bb0d |
type Project struct {
|
|
Packit |
63bb0d |
Domain Domain `json:"domain"`
|
|
Packit |
63bb0d |
ID string `json:"id"`
|
|
Packit |
63bb0d |
Name string `json:"name"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// commonResult is the response from a request. A commonResult has various
|
|
Packit |
63bb0d |
// methods which can be used to extract different details about the result.
|
|
Packit |
63bb0d |
type commonResult struct {
|
|
Packit |
63bb0d |
gophercloud.Result
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// Extract is a shortcut for ExtractToken.
|
|
Packit |
63bb0d |
// This function is deprecated and still present for backward compatibility.
|
|
Packit |
63bb0d |
func (r commonResult) Extract() (*Token, error) {
|
|
Packit |
63bb0d |
return r.ExtractToken()
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// ExtractToken interprets a commonResult as a Token.
|
|
Packit |
63bb0d |
func (r commonResult) ExtractToken() (*Token, error) {
|
|
Packit |
63bb0d |
var s Token
|
|
Packit |
63bb0d |
err := r.ExtractInto(&s)
|
|
Packit |
63bb0d |
if err != nil {
|
|
Packit |
63bb0d |
return nil, err
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// Parse the token itself from the stored headers.
|
|
Packit |
63bb0d |
s.ID = r.Header.Get("X-Subject-Token")
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
return &s, err
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// ExtractTokenID implements the gophercloud.AuthResult interface. The returned
|
|
Packit |
63bb0d |
// string is the same as the ID field of the Token struct returned from
|
|
Packit |
63bb0d |
// ExtractToken().
|
|
Packit |
63bb0d |
func (r CreateResult) ExtractTokenID() (string, error) {
|
|
Packit |
63bb0d |
return r.Header.Get("X-Subject-Token"), r.Err
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// ExtractTokenID implements the gophercloud.AuthResult interface. The returned
|
|
Packit |
63bb0d |
// string is the same as the ID field of the Token struct returned from
|
|
Packit |
63bb0d |
// ExtractToken().
|
|
Packit |
63bb0d |
func (r GetResult) ExtractTokenID() (string, error) {
|
|
Packit |
63bb0d |
return r.Header.Get("X-Subject-Token"), r.Err
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// ExtractServiceCatalog returns the ServiceCatalog that was generated along
|
|
Packit |
63bb0d |
// with the user's Token.
|
|
Packit |
63bb0d |
func (r commonResult) ExtractServiceCatalog() (*ServiceCatalog, error) {
|
|
Packit |
63bb0d |
var s ServiceCatalog
|
|
Packit |
63bb0d |
err := r.ExtractInto(&s)
|
|
Packit |
63bb0d |
return &s, err
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// ExtractUser returns the User that is the owner of the Token.
|
|
Packit |
63bb0d |
func (r commonResult) ExtractUser() (*User, error) {
|
|
Packit |
63bb0d |
var s struct {
|
|
Packit |
63bb0d |
User *User `json:"user"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
err := r.ExtractInto(&s)
|
|
Packit |
63bb0d |
return s.User, err
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// ExtractRoles returns Roles to which User is authorized.
|
|
Packit |
63bb0d |
func (r commonResult) ExtractRoles() ([]Role, error) {
|
|
Packit |
63bb0d |
var s struct {
|
|
Packit |
63bb0d |
Roles []Role `json:"roles"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
err := r.ExtractInto(&s)
|
|
Packit |
63bb0d |
return s.Roles, err
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// ExtractProject returns Project to which User is authorized.
|
|
Packit |
63bb0d |
func (r commonResult) ExtractProject() (*Project, error) {
|
|
Packit |
63bb0d |
var s struct {
|
|
Packit |
63bb0d |
Project *Project `json:"project"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
err := r.ExtractInto(&s)
|
|
Packit |
63bb0d |
return s.Project, err
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// ExtractDomain returns Domain to which User is authorized.
|
|
Packit |
63bb0d |
func (r commonResult) ExtractDomain() (*Domain, error) {
|
|
Packit |
63bb0d |
var s struct {
|
|
Packit |
63bb0d |
Domain *Domain `json:"domain"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
err := r.ExtractInto(&s)
|
|
Packit |
63bb0d |
return s.Domain, err
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// CreateResult is the response from a Create request. Use ExtractToken()
|
|
Packit |
63bb0d |
// to interpret it as a Token, or ExtractServiceCatalog() to interpret it
|
|
Packit |
63bb0d |
// as a service catalog.
|
|
Packit |
63bb0d |
type CreateResult struct {
|
|
Packit |
63bb0d |
commonResult
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// GetResult is the response from a Get request. Use ExtractToken()
|
|
Packit |
63bb0d |
// to interpret it as a Token, or ExtractServiceCatalog() to interpret it
|
|
Packit |
63bb0d |
// as a service catalog.
|
|
Packit |
63bb0d |
type GetResult struct {
|
|
Packit |
63bb0d |
commonResult
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// RevokeResult is response from a Revoke request.
|
|
Packit |
63bb0d |
type RevokeResult struct {
|
|
Packit |
63bb0d |
commonResult
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// Token is a string that grants a user access to a controlled set of services
|
|
Packit |
63bb0d |
// in an OpenStack provider. Each Token is valid for a set length of time.
|
|
Packit |
63bb0d |
type Token struct {
|
|
Packit |
63bb0d |
// ID is the issued token.
|
|
Packit |
63bb0d |
ID string `json:"id"`
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
// ExpiresAt is the timestamp at which this token will no longer be accepted.
|
|
Packit |
63bb0d |
ExpiresAt time.Time `json:"expires_at"`
|
|
Packit |
63bb0d |
}
|
|
Packit |
63bb0d |
|
|
Packit |
63bb0d |
func (r commonResult) ExtractInto(v interface{}) error {
|
|
Packit |
63bb0d |
return r.ExtractIntoStructPtr(v, "token")
|
|
Packit |
63bb0d |
}
|