/
configuration.go
128 lines (110 loc) · 6.93 KB
/
configuration.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
/*
* MDS API
*
* ## Confluent Metadata API - Swagger UI --- This tool (SwaggerUI) and the Open API spec file are provided _for development / test purposes only_: - **Do _not_ enable in Production.** - **This tool only works with HTTP.** ### Authenticating Authentication is performed by HTTP Basic Auth or by presenting a bearer token. In this UI, click **Authorize** to enter credentials. To get a bearer token, first call the authenticate endpoint with basic auth, and then extract the auth_token part of the request, and pass that as the bearer token. ### Access Restrictions - Who can call what? Some endpoints can be called by any authenticated user, while others can only be called by \"admins\". Additionally, many of the endpoints in the API involve two users: the user who is calling the endpoint (the \"calling\" principal) and the user that the API call is about (the \"target\" principal). Example: User \"alice\", who has the UserAdmin role, and is identifed by her basic auth credentials or a bearer token, calls the CRUD endpoint to modify role bindings about user \"bob\". To document what access restrictions each endpoint has, use the following legend, which lists access in order from least restrictive to most restrictive: * **LDAP**: Any authenticated LDAP user * **Admins+User**: Admins or the user requesting information about themself * **Admins+ResourceOwners**: Admins or users with ResourceOwner role * **Admins+AclUsers**: Admins or the user having the required ACL permissions * **Admins**: Admins only, which can be UserAdmin, SystemAdmin, broker super.user, or SecurityAdmin as \"Read\" ### Overview of Responses **Valid** * 200 - Successful call with a return body. * 204 - Sucessuful call with **no** return body. **Errors** * 400 - Invalid request. JSON parsing error, or otherwise incorrect request. * 401 - Not Authenticated. You need to pass valid basic auth credentials or a user bearer token. * 403 - Not Authorized. Valid request, but you aren't authorized to perform the requested action. * 404 - Invalid URL. If you get this error from the authenticate endpoint, it means bearer token authentication needs to be enabled in the configuration. * ``confluent.metadata.server.authentication.method=BEARER`` * 405 - Method Not Allowed. Using the wrong HTTP method on a valid endpoint (for example, GET instead of POST). * 409 - Conflict. Adding a new resource or updating an existing resource which would result in a conflict with existing state. * can be thrown by Audit Logs and Cluster Registry APIs * 415 - Invalid Content Type. Usually, not sending \"application/json\" as request body header. * 500 - Server Error. ### Special Resource Types Cluster and KsqlCluster are special ResourceTypes because they grant resource-scoped roles like ResourceOwner and DeveloperManage limited access to cluster-level operations (for example, Describe Configs on Kafka clusters). These special resource types only accept LITERAL patterns with the values \"kafka-cluster\" and \"kql-cluster\", respectively. ### Private RBAC UI Endpoints These endpoints were developed specifically to power the Confluent Control Center UI. As such, they only focus on those use cases and have only been tested in the context of Confluent Control Center. These endpoints have not been tested, nor has their usability been evaluated with respect to manual API calls.
*
* API version: 1.0
* Generated by: OpenAPI Generator (https://openapi-generator.tech)
*/
package mdsv1
import (
"fmt"
"net/http"
"strings"
)
// contextKeys are used to identify the type of value in the context.
// Since these are string, it is possible to get a short description of the
// context key for logging and debugging using key.String().
type contextKey string
func (c contextKey) String() string {
return "auth " + string(c)
}
var (
// ContextOAuth2 takes an oauth2.TokenSource as authentication for the request.
ContextOAuth2 = contextKey("token")
// ContextBasicAuth takes BasicAuth as authentication for the request.
ContextBasicAuth = contextKey("basic")
// ContextAccessToken takes a string oauth2 access token as authentication for the request.
ContextAccessToken = contextKey("accesstoken")
// ContextAPIKey takes an APIKey as authentication for the request
ContextAPIKey = contextKey("apikey")
)
// BasicAuth provides basic http authentication to a request passed via context using ContextBasicAuth
type BasicAuth struct {
UserName string `json:"userName,omitempty"`
Password string `json:"password,omitempty"`
}
// APIKey provides API key based authentication to a request passed via context using ContextAPIKey
type APIKey struct {
Key string
Prefix string
}
// ServerVariable stores the information about a server variable
type ServerVariable struct {
Description string
DefaultValue string
EnumValues []string
}
// ServerConfiguration stores the information about a server
type ServerConfiguration struct {
Url string
Description string
Variables map[string]ServerVariable
}
// Configuration stores the configuration of the API client
type Configuration struct {
BasePath string `json:"basePath,omitempty"`
Host string `json:"host,omitempty"`
Scheme string `json:"scheme,omitempty"`
DefaultHeader map[string]string `json:"defaultHeader,omitempty"`
UserAgent string `json:"userAgent,omitempty"`
Debug bool `json:"debug,omitempty"`
Servers []ServerConfiguration
HTTPClient *http.Client
}
// NewConfiguration returns a new Configuration object
func NewConfiguration() *Configuration {
cfg := &Configuration{
BasePath: "http://localhost",
DefaultHeader: make(map[string]string),
UserAgent: "OpenAPI-Generator/1.0.0/go",
Debug: false,
Servers: []ServerConfiguration{
{
Url: "",
Description: "No description provided",
},
},
}
return cfg
}
// AddDefaultHeader adds a new HTTP header to the default header in the request
func (c *Configuration) AddDefaultHeader(key string, value string) {
c.DefaultHeader[key] = value
}
// ServerUrl returns URL based on server settings
func (c *Configuration) ServerUrl(index int, variables map[string]string) (string, error) {
if index < 0 || len(c.Servers) <= index {
return "", fmt.Errorf("Index %v out of range %v", index, len(c.Servers)-1)
}
server := c.Servers[index]
url := server.Url
// go through variables and replace placeholders
for name, variable := range server.Variables {
if value, ok := variables[name]; ok {
found := bool(len(variable.EnumValues) == 0)
for _, enumValue := range variable.EnumValues {
if value == enumValue {
found = true
}
}
if !found {
return "", fmt.Errorf("The variable %s in the server URL has invalid value %v. Must be %v", name, value, variable.EnumValues)
}
url = strings.Replace(url, "{"+name+"}", value, -1)
} else {
url = strings.Replace(url, "{"+name+"}", variable.DefaultValue, -1)
}
}
return url, nil
}