vendor/github.com/vmware/photon-controller-go-sdk/photon/auth.go - cloudstack-kubernetes-provider - Git at Google

 // Copyright (c) 2016 VMware, Inc. All Rights Reserved.
 //
 // This product is licensed to you under the Apache License, Version 2.0 (the "License").
 // You may not use this product except in compliance with the License.
 //
 // This product may include a number of subcomponents with separate copyright notices and
 // license terms. Your use of these subcomponents is subject to the terms and conditions
 // of the subcomponent's license, as noted in the LICENSE file.

 package photon

 import (
 	"encoding/json"
 	"fmt"

 	"github.com/vmware/photon-controller-go-sdk/photon/lightwave"
 )

 // Contains functionality for auth API.
 type AuthAPI struct {
 	client *Client
 }

 const authUrl string = rootUrl + "/auth"

 // Gets authentication info.
 func (api *AuthAPI) Get() (info *AuthInfo, err error) {
 	res, err := api.client.restClient.Get(api.client.Endpoint+authUrl, nil)
 	if err != nil {
 		return
 	}
 	defer res.Body.Close()
 	res, err = getError(res)
 	if err != nil {
 		return
 	}
 	info = &AuthInfo{}
 	err = json.NewDecoder(res.Body).Decode(info)
 	return
 }

 // Gets Tokens from username/password.
 func (api *AuthAPI) GetTokensByPassword(username string, password string) (tokenOptions *TokenOptions, err error) {
 	oidcClient, err := api.buildOIDCClient()
 	if err != nil {
 		return
 	}

 	tokenResponse, err := oidcClient.GetTokenByPasswordGrant(username, password)
 	if err != nil {
 		return
 	}

 	return api.toTokenOptions(tokenResponse), nil
 }

 // GetTokensFromWindowsLogInContext gets tokens based on Windows logged in context
 // In case of running on platform other than Windows, it returns error
 func (api *AuthAPI) GetTokensFromWindowsLogInContext() (tokenOptions *TokenOptions, err error) {
 	oidcClient, err := api.buildOIDCClient()
 	if err != nil {
 		return
 	}

 	tokenResponse, err := oidcClient.GetTokensFromWindowsLogInContext()
 	if err != nil {
 		return
 	}

 	return api.toTokenOptions(tokenResponse), nil
 }

 // Gets tokens from refresh token.
 func (api *AuthAPI) GetTokensByRefreshToken(refreshtoken string) (tokenOptions *TokenOptions, err error) {
 	oidcClient, err := api.buildOIDCClient()
 	if err != nil {
 		return
 	}

 	tokenResponse, err := oidcClient.GetTokenByRefreshTokenGrant(refreshtoken)
 	if err != nil {
 		return
 	}

 	return api.toTokenOptions(tokenResponse), nil
 }

 func (api *AuthAPI) getAuthEndpoint() (endpoint string, err error) {
 	authInfo, err := api.client.Auth.Get()
 	if err != nil {
 		return
 	}

 	if authInfo.Port == 0 {
 		authInfo.Port = 443
 	}

 	return fmt.Sprintf("https://%s:%d", authInfo.Endpoint, authInfo.Port), nil
 }

 func (api *AuthAPI) buildOIDCClient() (client *lightwave.OIDCClient, err error) {
 	authEndPoint, err := api.getAuthEndpoint()
 	if err != nil {
 		return
 	}

 	return lightwave.NewOIDCClient(
 		authEndPoint,
 		api.buildOIDCClientOptions(&api.client.options),
 		api.client.restClient.logger), nil
 }

 const tokenScope string = "openid offline_access rs_photon_platform at_groups"

 func (api *AuthAPI) buildOIDCClientOptions(options *ClientOptions) *lightwave.OIDCClientOptions {
 	return &lightwave.OIDCClientOptions{
 		IgnoreCertificate: api.client.options.IgnoreCertificate,
 		RootCAs:           api.client.options.RootCAs,
 		TokenScope:        tokenScope,
 	}
 }

 func (api *AuthAPI) toTokenOptions(response *lightwave.OIDCTokenResponse) *TokenOptions {
 	return &TokenOptions{
 		AccessToken:  response.AccessToken,
 		ExpiresIn:    response.ExpiresIn,
 		RefreshToken: response.RefreshToken,
 		IdToken:      response.IdToken,
 		TokenType:    response.TokenType,
 	}
 }

 // Parse the given token details.
 func (api *AuthAPI) parseTokenDetails(token string) (jwtToken *lightwave.JWTToken, err error) {
 	jwtToken = lightwave.ParseTokenDetails(token)
 	return jwtToken, nil
 }

 // Parse the given token raw details.
 func (api *AuthAPI) parseRawTokenDetails(token string) (jwtToken []string, err error) {
 	jwtToken, err = lightwave.ParseRawTokenDetails(token)
 	return jwtToken, err
 }
	// Copyright (c) 2016 VMware, Inc. All Rights Reserved.
	//
	// This product is licensed to you under the Apache License, Version 2.0 (the "License").
	// You may not use this product except in compliance with the License.
	//
	// This product may include a number of subcomponents with separate copyright notices and
	// license terms. Your use of these subcomponents is subject to the terms and conditions
	// of the subcomponent's license, as noted in the LICENSE file.

	package photon

	import (
	"encoding/json"
	"fmt"

	"github.com/vmware/photon-controller-go-sdk/photon/lightwave"
	)

	// Contains functionality for auth API.
	type AuthAPI struct {
	client *Client
	}

	const authUrl string = rootUrl + "/auth"

	// Gets authentication info.
	func (api AuthAPI) Get() (info AuthInfo, err error) {
	res, err := api.client.restClient.Get(api.client.Endpoint+authUrl, nil)
	if err != nil {
	return
	}
	defer res.Body.Close()
	res, err = getError(res)
	if err != nil {
	return
	}
	info = &AuthInfo{}
	err = json.NewDecoder(res.Body).Decode(info)
	return
	}

	// Gets Tokens from username/password.
	func (api AuthAPI) GetTokensByPassword(username string, password string) (tokenOptions TokenOptions, err error) {
	oidcClient, err := api.buildOIDCClient()
	if err != nil {
	return
	}

	tokenResponse, err := oidcClient.GetTokenByPasswordGrant(username, password)
	if err != nil {
	return
	}

	return api.toTokenOptions(tokenResponse), nil
	}

	// GetTokensFromWindowsLogInContext gets tokens based on Windows logged in context
	// In case of running on platform other than Windows, it returns error
	func (api AuthAPI) GetTokensFromWindowsLogInContext() (tokenOptions TokenOptions, err error) {
	oidcClient, err := api.buildOIDCClient()
	if err != nil {
	return
	}

	tokenResponse, err := oidcClient.GetTokensFromWindowsLogInContext()
	if err != nil {
	return
	}

	return api.toTokenOptions(tokenResponse), nil
	}

	// Gets tokens from refresh token.
	func (api AuthAPI) GetTokensByRefreshToken(refreshtoken string) (tokenOptions TokenOptions, err error) {
	oidcClient, err := api.buildOIDCClient()
	if err != nil {
	return
	}

	tokenResponse, err := oidcClient.GetTokenByRefreshTokenGrant(refreshtoken)
	if err != nil {
	return
	}

	return api.toTokenOptions(tokenResponse), nil
	}

	func (api *AuthAPI) getAuthEndpoint() (endpoint string, err error) {
	authInfo, err := api.client.Auth.Get()
	if err != nil {
	return
	}

	if authInfo.Port == 0 {
	authInfo.Port = 443
	}

	return fmt.Sprintf("https://%s:%d", authInfo.Endpoint, authInfo.Port), nil
	}

	func (api AuthAPI) buildOIDCClient() (client lightwave.OIDCClient, err error) {
	authEndPoint, err := api.getAuthEndpoint()
	if err != nil {
	return
	}

	return lightwave.NewOIDCClient(
	authEndPoint,
	api.buildOIDCClientOptions(&api.client.options),
	api.client.restClient.logger), nil
	}

	const tokenScope string = "openid offline_access rs_photon_platform at_groups"

	func (api AuthAPI) buildOIDCClientOptions(options ClientOptions) *lightwave.OIDCClientOptions {
	return &lightwave.OIDCClientOptions{
	IgnoreCertificate: api.client.options.IgnoreCertificate,
	RootCAs: api.client.options.RootCAs,
	TokenScope: tokenScope,
	}
	}

	func (api AuthAPI) toTokenOptions(response lightwave.OIDCTokenResponse) *TokenOptions {
	return &TokenOptions{
	AccessToken: response.AccessToken,
	ExpiresIn: response.ExpiresIn,
	RefreshToken: response.RefreshToken,
	IdToken: response.IdToken,
	TokenType: response.TokenType,
	}
	}

	// Parse the given token details.
	func (api AuthAPI) parseTokenDetails(token string) (jwtToken lightwave.JWTToken, err error) {
	jwtToken = lightwave.ParseTokenDetails(token)
	return jwtToken, nil
	}

	// Parse the given token raw details.
	func (api *AuthAPI) parseRawTokenDetails(token string) (jwtToken []string, err error) {
	jwtToken, err = lightwave.ParseRawTokenDetails(token)
	return jwtToken, err
	}