-
Notifications
You must be signed in to change notification settings - Fork 1
/
vpncredentials.go
151 lines (123 loc) · 5.1 KB
/
vpncredentials.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
package vpncredentials
import (
"errors"
"fmt"
"net/http"
"net/url"
"strings"
"github.com/zscaler/zscaler-sdk-go/v2/zia/services/common"
)
const (
vpnCredentialsEndpoint = "/vpnCredentials"
)
type VPNCredentials struct {
// VPN credential id
ID int `json:"id"`
// VPN authentication type (i.e., how the VPN credential is sent to the server). It is not modifiable after VpnCredential is created.
// Note: Zscaler no longer supports adding a new XAUTH VPN credential, but existing entries can be edited or deleted using the respective endpoints.
Type string `json:"type,omitempty"`
// Fully Qualified Domain Name. Applicable only to UFQDN or XAUTH (or HOSTED_MOBILE_USERS) auth type.
FQDN string `json:"fqdn,omitempty"`
// Static IP address for VPN that is self-provisioned or provisioned by Zscaler. This is a required field for IP auth type and is not applicable to other auth types.
// Note: If you want Zscaler to provision static IP addresses for your organization, contact Zscaler Support.
IPAddress string `json:"ipAddress,omitempty"`
// Pre-shared key. This is a required field for UFQDN and IP auth type.
PreSharedKey string `json:"preSharedKey,omitempty"`
// Additional information about this VPN credential.
Comments string `json:"comments,omitempty"`
// Location that is associated to this VPN credential. Non-existence means not associated to any location.
Location *Location `json:"location,omitempty"`
// SD-WAN Partner that manages the location. If a partner does not manage the location, this is set to Self.
ManagedBy *ManagedBy `json:"managedBy,omitempty"`
}
type Location struct {
ID int `json:"id"`
Name string `json:"name"`
Extensions map[string]interface{} `json:"extensions,omitempty"`
}
type ManagedBy struct {
ID int `json:"id"`
Name string `json:"name"`
Extensions map[string]interface{} `json:"extensions,omitempty"`
}
func (service *Service) Get(vpnCredentialID int) (*VPNCredentials, error) {
var vpnCredentials VPNCredentials
err := service.Client.Read(fmt.Sprintf("%s/%d", vpnCredentialsEndpoint, vpnCredentialID), &vpnCredentials)
if err != nil {
return nil, err
}
service.Client.Logger.Printf("[DEBUG]Returning VPN Credentials from Get: %d", vpnCredentials.ID)
return &vpnCredentials, nil
}
func (service *Service) GetVPNByType(vpnType string) (*VPNCredentials, error) {
var vpnTypes []VPNCredentials
err := common.ReadAllPages(service.Client, fmt.Sprintf("%s?type=%s", vpnCredentialsEndpoint, url.QueryEscape(vpnType)), &vpnTypes)
if err != nil {
return nil, err
}
for _, vpn := range vpnTypes {
if strings.EqualFold(vpn.Type, vpnType) {
return &vpn, nil
}
}
return nil, fmt.Errorf("no VPN found with type: %s", vpnType)
}
func (service *Service) GetByFQDN(vpnCredentialName string) (*VPNCredentials, error) {
var vpnCredentials []VPNCredentials
err := common.ReadAllPages(service.Client, vpnCredentialsEndpoint, &vpnCredentials)
if err != nil {
return nil, err
}
for _, vpnCredential := range vpnCredentials {
if strings.EqualFold(vpnCredential.FQDN, vpnCredentialName) {
return &vpnCredential, nil
}
}
return nil, fmt.Errorf("no vpn credentials found with fqdn: %s", vpnCredentialName)
}
func (service *Service) GetByIP(vpnCredentialIP string) (*VPNCredentials, error) {
var vpnCredentials []VPNCredentials
err := common.ReadAllPages(service.Client, vpnCredentialsEndpoint, &vpnCredentials)
if err != nil {
return nil, err
}
for _, vpnCredential := range vpnCredentials {
if strings.EqualFold(vpnCredential.IPAddress, vpnCredentialIP) {
return &vpnCredential, nil
}
}
return nil, fmt.Errorf("no vpn credentials found with ip: %s", vpnCredentialIP)
}
func (service *Service) Create(vpnCredentials *VPNCredentials) (*VPNCredentials, *http.Response, error) {
resp, err := service.Client.Create(vpnCredentialsEndpoint, *vpnCredentials)
if err != nil {
return nil, nil, err
}
createdVpnCredentials, ok := resp.(*VPNCredentials)
if !ok {
return nil, nil, errors.New("object returned from api was not a vpn credential pointer")
}
service.Client.Logger.Printf("[DEBUG]returning vpn credential from create: %d", createdVpnCredentials.ID)
return createdVpnCredentials, nil, nil
}
func (service *Service) Update(vpnCredentialID int, vpnCredentials *VPNCredentials) (*VPNCredentials, *http.Response, error) {
resp, err := service.Client.UpdateWithPut(fmt.Sprintf("%s/%d", vpnCredentialsEndpoint, vpnCredentialID), *vpnCredentials)
if err != nil {
return nil, nil, err
}
updatedVpnCredentials, _ := resp.(*VPNCredentials)
service.Client.Logger.Printf("[DEBUG]returning vpn credential from Update: %d", updatedVpnCredentials.ID)
return updatedVpnCredentials, nil, nil
}
func (service *Service) Delete(vpnCredentialID int) error {
err := service.Client.Delete(fmt.Sprintf("%s/%d", vpnCredentialsEndpoint, vpnCredentialID))
if err != nil {
return err
}
return nil
}
func (service *Service) GetAll() ([]VPNCredentials, error) {
var vpnTypes []VPNCredentials
err := common.ReadAllPages(service.Client, vpnCredentialsEndpoint, &vpnTypes)
return vpnTypes, err
}