1/* 2* Copyright 2018 - Present Okta, Inc. 3* 4* Licensed under the Apache License, Version 2.0 (the "License"); 5* you may not use this file except in compliance with the License. 6* You may obtain a copy of the License at 7* 8* http://www.apache.org/licenses/LICENSE-2.0 9* 10* Unless required by applicable law or agreed to in writing, software 11* distributed under the License is distributed on an "AS IS" BASIS, 12* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13* See the License for the specific language governing permissions and 14* limitations under the License. 15 */ 16 17// AUTO-GENERATED! DO NOT EDIT FILE DIRECTLY 18 19package okta 20 21import ( 22 "context" 23 "fmt" 24 "github.com/okta/okta-sdk-golang/v2/okta/query" 25 "time" 26) 27 28type IdentityProviderResource resource 29 30type IdentityProvider struct { 31 Links interface{} `json:"_links,omitempty"` 32 Created *time.Time `json:"created,omitempty"` 33 Id string `json:"id,omitempty"` 34 IssuerMode string `json:"issuerMode,omitempty"` 35 LastUpdated *time.Time `json:"lastUpdated,omitempty"` 36 Name string `json:"name,omitempty"` 37 Policy *IdentityProviderPolicy `json:"policy,omitempty"` 38 Protocol *Protocol `json:"protocol,omitempty"` 39 Status string `json:"status,omitempty"` 40 Type string `json:"type,omitempty"` 41} 42 43// Adds a new IdP to your organization. 44func (m *IdentityProviderResource) CreateIdentityProvider(ctx context.Context, body IdentityProvider) (*IdentityProvider, *Response, error) { 45 url := fmt.Sprintf("/api/v1/idps") 46 47 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("POST", url, body) 48 if err != nil { 49 return nil, nil, err 50 } 51 52 var identityProvider *IdentityProvider 53 54 resp, err := m.client.requestExecutor.Do(ctx, req, &identityProvider) 55 if err != nil { 56 return nil, resp, err 57 } 58 59 return identityProvider, resp, nil 60} 61 62// Fetches an IdP by `id`. 63func (m *IdentityProviderResource) GetIdentityProvider(ctx context.Context, idpId string) (*IdentityProvider, *Response, error) { 64 url := fmt.Sprintf("/api/v1/idps/%v", idpId) 65 66 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 67 if err != nil { 68 return nil, nil, err 69 } 70 71 var identityProvider *IdentityProvider 72 73 resp, err := m.client.requestExecutor.Do(ctx, req, &identityProvider) 74 if err != nil { 75 return nil, resp, err 76 } 77 78 return identityProvider, resp, nil 79} 80 81// Updates the configuration for an IdP. 82func (m *IdentityProviderResource) UpdateIdentityProvider(ctx context.Context, idpId string, body IdentityProvider) (*IdentityProvider, *Response, error) { 83 url := fmt.Sprintf("/api/v1/idps/%v", idpId) 84 85 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("PUT", url, body) 86 if err != nil { 87 return nil, nil, err 88 } 89 90 var identityProvider *IdentityProvider 91 92 resp, err := m.client.requestExecutor.Do(ctx, req, &identityProvider) 93 if err != nil { 94 return nil, resp, err 95 } 96 97 return identityProvider, resp, nil 98} 99 100// Removes an IdP from your organization. 101func (m *IdentityProviderResource) DeleteIdentityProvider(ctx context.Context, idpId string) (*Response, error) { 102 url := fmt.Sprintf("/api/v1/idps/%v", idpId) 103 104 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("DELETE", url, nil) 105 if err != nil { 106 return nil, err 107 } 108 109 resp, err := m.client.requestExecutor.Do(ctx, req, nil) 110 if err != nil { 111 return resp, err 112 } 113 114 return resp, nil 115} 116 117// Enumerates IdPs in your organization with pagination. A subset of IdPs can be returned that match a supported filter expression or query. 118func (m *IdentityProviderResource) ListIdentityProviders(ctx context.Context, qp *query.Params) ([]*IdentityProvider, *Response, error) { 119 url := fmt.Sprintf("/api/v1/idps") 120 if qp != nil { 121 url = url + qp.String() 122 } 123 124 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 125 if err != nil { 126 return nil, nil, err 127 } 128 129 var identityProvider []*IdentityProvider 130 131 resp, err := m.client.requestExecutor.Do(ctx, req, &identityProvider) 132 if err != nil { 133 return nil, resp, err 134 } 135 136 return identityProvider, resp, nil 137} 138 139// Enumerates IdP key credentials. 140func (m *IdentityProviderResource) ListIdentityProviderKeys(ctx context.Context, qp *query.Params) ([]*JsonWebKey, *Response, error) { 141 url := fmt.Sprintf("/api/v1/idps/credentials/keys") 142 if qp != nil { 143 url = url + qp.String() 144 } 145 146 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 147 if err != nil { 148 return nil, nil, err 149 } 150 151 var jsonWebKey []*JsonWebKey 152 153 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 154 if err != nil { 155 return nil, resp, err 156 } 157 158 return jsonWebKey, resp, nil 159} 160 161// Adds a new X.509 certificate credential to the IdP key store. 162func (m *IdentityProviderResource) CreateIdentityProviderKey(ctx context.Context, body JsonWebKey) (*JsonWebKey, *Response, error) { 163 url := fmt.Sprintf("/api/v1/idps/credentials/keys") 164 165 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("POST", url, body) 166 if err != nil { 167 return nil, nil, err 168 } 169 170 var jsonWebKey *JsonWebKey 171 172 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 173 if err != nil { 174 return nil, resp, err 175 } 176 177 return jsonWebKey, resp, nil 178} 179 180// Deletes a specific IdP Key Credential by `kid` if it is not currently being used by an Active or Inactive IdP. 181func (m *IdentityProviderResource) DeleteIdentityProviderKey(ctx context.Context, keyId string) (*Response, error) { 182 url := fmt.Sprintf("/api/v1/idps/credentials/keys/%v", keyId) 183 184 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("DELETE", url, nil) 185 if err != nil { 186 return nil, err 187 } 188 189 resp, err := m.client.requestExecutor.Do(ctx, req, nil) 190 if err != nil { 191 return resp, err 192 } 193 194 return resp, nil 195} 196 197// Gets a specific IdP Key Credential by `kid` 198func (m *IdentityProviderResource) GetIdentityProviderKey(ctx context.Context, keyId string) (*JsonWebKey, *Response, error) { 199 url := fmt.Sprintf("/api/v1/idps/credentials/keys/%v", keyId) 200 201 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 202 if err != nil { 203 return nil, nil, err 204 } 205 206 var jsonWebKey *JsonWebKey 207 208 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 209 if err != nil { 210 return nil, resp, err 211 } 212 213 return jsonWebKey, resp, nil 214} 215 216// Enumerates Certificate Signing Requests for an IdP 217func (m *IdentityProviderResource) ListCsrsForIdentityProvider(ctx context.Context, idpId string) ([]*Csr, *Response, error) { 218 url := fmt.Sprintf("/api/v1/idps/%v/credentials/csrs", idpId) 219 220 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 221 if err != nil { 222 return nil, nil, err 223 } 224 225 var csr []*Csr 226 227 resp, err := m.client.requestExecutor.Do(ctx, req, &csr) 228 if err != nil { 229 return nil, resp, err 230 } 231 232 return csr, resp, nil 233} 234 235// Generates a new key pair and returns a Certificate Signing Request for it. 236func (m *IdentityProviderResource) GenerateCsrForIdentityProvider(ctx context.Context, idpId string, body CsrMetadata) (*Csr, *Response, error) { 237 url := fmt.Sprintf("/api/v1/idps/%v/credentials/csrs", idpId) 238 239 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("POST", url, body) 240 if err != nil { 241 return nil, nil, err 242 } 243 244 var csr *Csr 245 246 resp, err := m.client.requestExecutor.Do(ctx, req, &csr) 247 if err != nil { 248 return nil, resp, err 249 } 250 251 return csr, resp, nil 252} 253 254// Revoke a Certificate Signing Request and delete the key pair from the IdP 255func (m *IdentityProviderResource) RevokeCsrForIdentityProvider(ctx context.Context, idpId string, csrId string) (*Response, error) { 256 url := fmt.Sprintf("/api/v1/idps/%v/credentials/csrs/%v", idpId, csrId) 257 258 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("DELETE", url, nil) 259 if err != nil { 260 return nil, err 261 } 262 263 resp, err := m.client.requestExecutor.Do(ctx, req, nil) 264 if err != nil { 265 return resp, err 266 } 267 268 return resp, nil 269} 270 271// Gets a specific Certificate Signing Request model by id 272func (m *IdentityProviderResource) GetCsrForIdentityProvider(ctx context.Context, idpId string, csrId string) (*Csr, *Response, error) { 273 url := fmt.Sprintf("/api/v1/idps/%v/credentials/csrs/%v", idpId, csrId) 274 275 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 276 if err != nil { 277 return nil, nil, err 278 } 279 280 var csr *Csr 281 282 resp, err := m.client.requestExecutor.Do(ctx, req, &csr) 283 if err != nil { 284 return nil, resp, err 285 } 286 287 return csr, resp, nil 288} 289 290// Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP. 291func (m *IdentityProviderResource) PublishCerCertForIdentityProvider(ctx context.Context, idpId string, csrId string, body string) (*JsonWebKey, *Response, error) { 292 url := fmt.Sprintf("/api/v1/idps/%v/credentials/csrs/%v/lifecycle/publish", idpId, csrId) 293 294 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/x-x509-ca-cert").NewRequest("POST", url, body) 295 if err != nil { 296 return nil, nil, err 297 } 298 299 var jsonWebKey *JsonWebKey 300 301 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 302 if err != nil { 303 return nil, resp, err 304 } 305 306 return jsonWebKey, resp, nil 307} 308 309// Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP. 310func (m *IdentityProviderResource) PublishBinaryCerCertForIdentityProvider(ctx context.Context, idpId string, csrId string, body string) (*JsonWebKey, *Response, error) { 311 url := fmt.Sprintf("/api/v1/idps/%v/credentials/csrs/%v/lifecycle/publish", idpId, csrId) 312 313 req, err := m.client.requestExecutor.AsBinary().WithAccept("application/json").WithContentType("application/x-x509-ca-cert").NewRequest("POST", url, body) 314 if err != nil { 315 return nil, nil, err 316 } 317 318 var jsonWebKey *JsonWebKey 319 320 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 321 if err != nil { 322 return nil, resp, err 323 } 324 325 return jsonWebKey, resp, nil 326} 327 328// Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP. 329func (m *IdentityProviderResource) PublishDerCertForIdentityProvider(ctx context.Context, idpId string, csrId string, body string) (*JsonWebKey, *Response, error) { 330 url := fmt.Sprintf("/api/v1/idps/%v/credentials/csrs/%v/lifecycle/publish", idpId, csrId) 331 332 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/pkix-cert").NewRequest("POST", url, body) 333 if err != nil { 334 return nil, nil, err 335 } 336 337 var jsonWebKey *JsonWebKey 338 339 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 340 if err != nil { 341 return nil, resp, err 342 } 343 344 return jsonWebKey, resp, nil 345} 346 347// Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP. 348func (m *IdentityProviderResource) PublishBinaryDerCertForIdentityProvider(ctx context.Context, idpId string, csrId string, body string) (*JsonWebKey, *Response, error) { 349 url := fmt.Sprintf("/api/v1/idps/%v/credentials/csrs/%v/lifecycle/publish", idpId, csrId) 350 351 req, err := m.client.requestExecutor.AsBinary().WithAccept("application/json").WithContentType("application/pkix-cert").NewRequest("POST", url, body) 352 if err != nil { 353 return nil, nil, err 354 } 355 356 var jsonWebKey *JsonWebKey 357 358 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 359 if err != nil { 360 return nil, resp, err 361 } 362 363 return jsonWebKey, resp, nil 364} 365 366// Update the Certificate Signing Request with a signed X.509 certificate and add it into the signing key credentials for the IdP. 367func (m *IdentityProviderResource) PublishBinaryPemCertForIdentityProvider(ctx context.Context, idpId string, csrId string, body string) (*JsonWebKey, *Response, error) { 368 url := fmt.Sprintf("/api/v1/idps/%v/credentials/csrs/%v/lifecycle/publish", idpId, csrId) 369 370 req, err := m.client.requestExecutor.AsBinary().WithAccept("application/json").WithContentType("application/x-pem-file").NewRequest("POST", url, body) 371 if err != nil { 372 return nil, nil, err 373 } 374 375 var jsonWebKey *JsonWebKey 376 377 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 378 if err != nil { 379 return nil, resp, err 380 } 381 382 return jsonWebKey, resp, nil 383} 384 385// Enumerates signing key credentials for an IdP 386func (m *IdentityProviderResource) ListIdentityProviderSigningKeys(ctx context.Context, idpId string) ([]*JsonWebKey, *Response, error) { 387 url := fmt.Sprintf("/api/v1/idps/%v/credentials/keys", idpId) 388 389 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 390 if err != nil { 391 return nil, nil, err 392 } 393 394 var jsonWebKey []*JsonWebKey 395 396 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 397 if err != nil { 398 return nil, resp, err 399 } 400 401 return jsonWebKey, resp, nil 402} 403 404// Generates a new X.509 certificate for an IdP signing key credential to be used for signing assertions sent to the IdP 405func (m *IdentityProviderResource) GenerateIdentityProviderSigningKey(ctx context.Context, idpId string, qp *query.Params) (*JsonWebKey, *Response, error) { 406 url := fmt.Sprintf("/api/v1/idps/%v/credentials/keys/generate", idpId) 407 if qp != nil { 408 url = url + qp.String() 409 } 410 411 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("POST", url, nil) 412 if err != nil { 413 return nil, nil, err 414 } 415 416 var jsonWebKey *JsonWebKey 417 418 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 419 if err != nil { 420 return nil, resp, err 421 } 422 423 return jsonWebKey, resp, nil 424} 425 426// Gets a specific IdP Key Credential by `kid` 427func (m *IdentityProviderResource) GetIdentityProviderSigningKey(ctx context.Context, idpId string, keyId string) (*JsonWebKey, *Response, error) { 428 url := fmt.Sprintf("/api/v1/idps/%v/credentials/keys/%v", idpId, keyId) 429 430 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 431 if err != nil { 432 return nil, nil, err 433 } 434 435 var jsonWebKey *JsonWebKey 436 437 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 438 if err != nil { 439 return nil, resp, err 440 } 441 442 return jsonWebKey, resp, nil 443} 444 445// Clones a X.509 certificate for an IdP signing key credential from a source IdP to target IdP 446func (m *IdentityProviderResource) CloneIdentityProviderKey(ctx context.Context, idpId string, keyId string, qp *query.Params) (*JsonWebKey, *Response, error) { 447 url := fmt.Sprintf("/api/v1/idps/%v/credentials/keys/%v/clone", idpId, keyId) 448 if qp != nil { 449 url = url + qp.String() 450 } 451 452 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("POST", url, nil) 453 if err != nil { 454 return nil, nil, err 455 } 456 457 var jsonWebKey *JsonWebKey 458 459 resp, err := m.client.requestExecutor.Do(ctx, req, &jsonWebKey) 460 if err != nil { 461 return nil, resp, err 462 } 463 464 return jsonWebKey, resp, nil 465} 466 467// Activates an inactive IdP. 468func (m *IdentityProviderResource) ActivateIdentityProvider(ctx context.Context, idpId string) (*IdentityProvider, *Response, error) { 469 url := fmt.Sprintf("/api/v1/idps/%v/lifecycle/activate", idpId) 470 471 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("POST", url, nil) 472 if err != nil { 473 return nil, nil, err 474 } 475 476 var identityProvider *IdentityProvider 477 478 resp, err := m.client.requestExecutor.Do(ctx, req, &identityProvider) 479 if err != nil { 480 return nil, resp, err 481 } 482 483 return identityProvider, resp, nil 484} 485 486// Deactivates an active IdP. 487func (m *IdentityProviderResource) DeactivateIdentityProvider(ctx context.Context, idpId string) (*IdentityProvider, *Response, error) { 488 url := fmt.Sprintf("/api/v1/idps/%v/lifecycle/deactivate", idpId) 489 490 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("POST", url, nil) 491 if err != nil { 492 return nil, nil, err 493 } 494 495 var identityProvider *IdentityProvider 496 497 resp, err := m.client.requestExecutor.Do(ctx, req, &identityProvider) 498 if err != nil { 499 return nil, resp, err 500 } 501 502 return identityProvider, resp, nil 503} 504 505// Find all the users linked to an identity provider 506func (m *IdentityProviderResource) ListIdentityProviderApplicationUsers(ctx context.Context, idpId string) ([]*IdentityProviderApplicationUser, *Response, error) { 507 url := fmt.Sprintf("/api/v1/idps/%v/users", idpId) 508 509 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 510 if err != nil { 511 return nil, nil, err 512 } 513 514 var identityProviderApplicationUser []*IdentityProviderApplicationUser 515 516 resp, err := m.client.requestExecutor.Do(ctx, req, &identityProviderApplicationUser) 517 if err != nil { 518 return nil, resp, err 519 } 520 521 return identityProviderApplicationUser, resp, nil 522} 523 524// Removes the link between the Okta user and the IdP user. 525func (m *IdentityProviderResource) UnlinkUserFromIdentityProvider(ctx context.Context, idpId string, userId string) (*Response, error) { 526 url := fmt.Sprintf("/api/v1/idps/%v/users/%v", idpId, userId) 527 528 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("DELETE", url, nil) 529 if err != nil { 530 return nil, err 531 } 532 533 resp, err := m.client.requestExecutor.Do(ctx, req, nil) 534 if err != nil { 535 return resp, err 536 } 537 538 return resp, nil 539} 540 541// Fetches a linked IdP user by ID 542func (m *IdentityProviderResource) GetIdentityProviderApplicationUser(ctx context.Context, idpId string, userId string) (*IdentityProviderApplicationUser, *Response, error) { 543 url := fmt.Sprintf("/api/v1/idps/%v/users/%v", idpId, userId) 544 545 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 546 if err != nil { 547 return nil, nil, err 548 } 549 550 var identityProviderApplicationUser *IdentityProviderApplicationUser 551 552 resp, err := m.client.requestExecutor.Do(ctx, req, &identityProviderApplicationUser) 553 if err != nil { 554 return nil, resp, err 555 } 556 557 return identityProviderApplicationUser, resp, nil 558} 559 560// Links an Okta user to an existing Social Identity Provider. This does not support the SAML2 Identity Provider Type 561func (m *IdentityProviderResource) LinkUserToIdentityProvider(ctx context.Context, idpId string, userId string, body UserIdentityProviderLinkRequest) (*IdentityProviderApplicationUser, *Response, error) { 562 url := fmt.Sprintf("/api/v1/idps/%v/users/%v", idpId, userId) 563 564 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("POST", url, body) 565 if err != nil { 566 return nil, nil, err 567 } 568 569 var identityProviderApplicationUser *IdentityProviderApplicationUser 570 571 resp, err := m.client.requestExecutor.Do(ctx, req, &identityProviderApplicationUser) 572 if err != nil { 573 return nil, resp, err 574 } 575 576 return identityProviderApplicationUser, resp, nil 577} 578 579// Fetches the tokens minted by the Social Authentication Provider when the user authenticates with Okta via Social Auth. 580func (m *IdentityProviderResource) ListSocialAuthTokens(ctx context.Context, idpId string, userId string) ([]*SocialAuthToken, *Response, error) { 581 url := fmt.Sprintf("/api/v1/idps/%v/users/%v/credentials/tokens", idpId, userId) 582 583 req, err := m.client.requestExecutor.WithAccept("application/json").WithContentType("application/json").NewRequest("GET", url, nil) 584 if err != nil { 585 return nil, nil, err 586 } 587 588 var socialAuthToken []*SocialAuthToken 589 590 resp, err := m.client.requestExecutor.Do(ctx, req, &socialAuthToken) 591 if err != nil { 592 return nil, resp, err 593 } 594 595 return socialAuthToken, resp, nil 596} 597