open-vault/vendor/github.com/sstarcher/go-okta/api.go
2017-04-28 17:21:49 -04:00

124 lines
2.6 KiB
Go

package okta
import (
"bytes"
"encoding/json"
"fmt"
"io/ioutil"
"net/http"
)
// Client to access okta
type Client struct {
client *http.Client
org string
Url string
ApiToken string
}
// errorResponse is an error wrapper for the okta response
type errorResponse struct {
HTTPCode int
Response ErrorResponse
Endpoint string
}
func (e *errorResponse) Error() string {
return fmt.Sprintf("Error hitting api endpoint %s %s", e.Endpoint, e.Response.ErrorCode)
}
// NewClient object for calling okta
func NewClient(org string) *Client {
client := Client{
client: &http.Client{},
org: org,
Url: "okta.com",
}
return &client
}
// Authenticate with okta using username and password
func (c *Client) Authenticate(username, password string) (*AuthnResponse, error) {
var request = &AuthnRequest{
Username: username,
Password: password,
}
var response = &AuthnResponse{}
err := c.call("authn", "POST", request, response)
return response, err
}
// Session takes a session token and always fails
func (c *Client) Session(sessionToken string) (*SessionResponse, error) {
var request = &SessionRequest{
SessionToken: sessionToken,
}
var response = &SessionResponse{}
err := c.call("sessions", "POST", request, response)
return response, err
}
// User takes a user id and returns data about that user
func (c *Client) User(userID string) (*User, error) {
var response = &User{}
err := c.call("users/"+userID, "GET", nil, response)
return response, err
}
// Groups takes a user id and returns the groups the user belongs to
func (c *Client) Groups(userID string) (*Groups, error) {
var response = &Groups{}
err := c.call("users/"+userID+"/groups", "GET", nil, response)
return response, err
}
func (c *Client) call(endpoint, method string, request, response interface{}) error {
data, _ := json.Marshal(request)
var url = "https://" + c.org + "." + c.Url + "/api/v1/" + endpoint
req, err := http.NewRequest(method, url, bytes.NewBuffer(data))
if err != nil {
return err
}
req.Header.Add("Accept", `application/json`)
req.Header.Add("Content-Type", `application/json`)
if c.ApiToken != "" {
req.Header.Add("Authorization", "SSWS "+c.ApiToken)
}
resp, err := c.client.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return err
}
if resp.StatusCode == http.StatusOK {
err := json.Unmarshal(body, &response)
if err != nil {
return err
}
} else {
var errors ErrorResponse
err = json.Unmarshal(body, &errors)
return &errorResponse{
HTTPCode: resp.StatusCode,
Response: errors,
Endpoint: url,
}
}
return nil
}