|  | package tokens | 
|  |  | 
|  | import ( | 
|  | "time" | 
|  |  | 
|  | "github.com/mitchellh/mapstructure" | 
|  | "github.com/rackspace/gophercloud" | 
|  | "github.com/rackspace/gophercloud/openstack/identity/v2/tenants" | 
|  | ) | 
|  |  | 
|  | // Token provides only the most basic information related to an authentication token. | 
|  | type Token struct { | 
|  | // ID provides the primary means of identifying a user to the OpenStack API. | 
|  | // OpenStack defines this field as an opaque value, so do not depend on its content. | 
|  | // It is safe, however, to compare for equality. | 
|  | ID string | 
|  |  | 
|  | // ExpiresAt provides a timestamp in ISO 8601 format, indicating when the authentication token becomes invalid. | 
|  | // After this point in time, future API requests made using this authentication token will respond with errors. | 
|  | // Either the caller will need to reauthenticate manually, or more preferably, the caller should exploit automatic re-authentication. | 
|  | // See the AuthOptions structure for more details. | 
|  | ExpiresAt time.Time | 
|  |  | 
|  | // Tenant provides information about the tenant to which this token grants access. | 
|  | Tenant tenants.Tenant | 
|  | } | 
|  |  | 
|  | // Authorization need user info which can get from token authentication's response | 
|  | type Role struct { | 
|  | Name string `mapstructure:"name"` | 
|  | } | 
|  | type User struct { | 
|  | ID       string `mapstructure:"id"` | 
|  | Name     string `mapstructure:"name"` | 
|  | UserName string `mapstructure:"username"` | 
|  | Roles    []Role `mapstructure:"roles"` | 
|  | } | 
|  |  | 
|  | // Endpoint represents a single API endpoint offered by a service. | 
|  | // It provides the public and internal URLs, if supported, along with a region specifier, again if provided. | 
|  | // The significance of the Region field will depend upon your provider. | 
|  | // | 
|  | // In addition, the interface offered by the service will have version information associated with it | 
|  | // through the VersionId, VersionInfo, and VersionList fields, if provided or supported. | 
|  | // | 
|  | // In all cases, fields which aren't supported by the provider and service combined will assume a zero-value (""). | 
|  | type Endpoint struct { | 
|  | TenantID    string `mapstructure:"tenantId"` | 
|  | PublicURL   string `mapstructure:"publicURL"` | 
|  | InternalURL string `mapstructure:"internalURL"` | 
|  | AdminURL    string `mapstructure:"adminURL"` | 
|  | Region      string `mapstructure:"region"` | 
|  | VersionID   string `mapstructure:"versionId"` | 
|  | VersionInfo string `mapstructure:"versionInfo"` | 
|  | VersionList string `mapstructure:"versionList"` | 
|  | } | 
|  |  | 
|  | // CatalogEntry provides a type-safe interface to an Identity API V2 service catalog listing. | 
|  | // Each class of service, such as cloud DNS or block storage services, will have a single | 
|  | // CatalogEntry representing it. | 
|  | // | 
|  | // Note: when looking for the desired service, try, whenever possible, to key off the type field. | 
|  | // Otherwise, you'll tie the representation of the service to a specific provider. | 
|  | type CatalogEntry struct { | 
|  | // Name will contain the provider-specified name for the service. | 
|  | Name string `mapstructure:"name"` | 
|  |  | 
|  | // Type will contain a type string if OpenStack defines a type for the service. | 
|  | // Otherwise, for provider-specific services, the provider may assign their own type strings. | 
|  | Type string `mapstructure:"type"` | 
|  |  | 
|  | // Endpoints will let the caller iterate over all the different endpoints that may exist for | 
|  | // the service. | 
|  | Endpoints []Endpoint `mapstructure:"endpoints"` | 
|  | } | 
|  |  | 
|  | // ServiceCatalog provides a view into the service catalog from a previous, successful authentication. | 
|  | type ServiceCatalog struct { | 
|  | Entries []CatalogEntry | 
|  | } | 
|  |  | 
|  | // CreateResult defers the interpretation of a created token. | 
|  | // Use ExtractToken() to interpret it as a Token, or ExtractServiceCatalog() to interpret it as a service catalog. | 
|  | type CreateResult struct { | 
|  | gophercloud.Result | 
|  | } | 
|  |  | 
|  | // GetResult is the deferred response from a Get call, which is the same with a Created token. | 
|  | // Use ExtractUser() to interpret it as a User. | 
|  | type GetResult struct { | 
|  | CreateResult | 
|  | } | 
|  |  | 
|  | // ExtractToken returns the just-created Token from a CreateResult. | 
|  | func (result CreateResult) ExtractToken() (*Token, error) { | 
|  | if result.Err != nil { | 
|  | return nil, result.Err | 
|  | } | 
|  |  | 
|  | var response struct { | 
|  | Access struct { | 
|  | Token struct { | 
|  | Expires string         `mapstructure:"expires"` | 
|  | ID      string         `mapstructure:"id"` | 
|  | Tenant  tenants.Tenant `mapstructure:"tenant"` | 
|  | } `mapstructure:"token"` | 
|  | } `mapstructure:"access"` | 
|  | } | 
|  |  | 
|  | err := mapstructure.Decode(result.Body, &response) | 
|  | if err != nil { | 
|  | return nil, err | 
|  | } | 
|  |  | 
|  | expiresTs, err := time.Parse(gophercloud.RFC3339Milli, response.Access.Token.Expires) | 
|  | if err != nil { | 
|  | return nil, err | 
|  | } | 
|  |  | 
|  | return &Token{ | 
|  | ID:        response.Access.Token.ID, | 
|  | ExpiresAt: expiresTs, | 
|  | Tenant:    response.Access.Token.Tenant, | 
|  | }, nil | 
|  | } | 
|  |  | 
|  | // ExtractServiceCatalog returns the ServiceCatalog that was generated along with the user's Token. | 
|  | func (result CreateResult) ExtractServiceCatalog() (*ServiceCatalog, error) { | 
|  | if result.Err != nil { | 
|  | return nil, result.Err | 
|  | } | 
|  |  | 
|  | var response struct { | 
|  | Access struct { | 
|  | Entries []CatalogEntry `mapstructure:"serviceCatalog"` | 
|  | } `mapstructure:"access"` | 
|  | } | 
|  |  | 
|  | err := mapstructure.Decode(result.Body, &response) | 
|  | if err != nil { | 
|  | return nil, err | 
|  | } | 
|  |  | 
|  | return &ServiceCatalog{Entries: response.Access.Entries}, nil | 
|  | } | 
|  |  | 
|  | // createErr quickly packs an error in a CreateResult. | 
|  | func createErr(err error) CreateResult { | 
|  | return CreateResult{gophercloud.Result{Err: err}} | 
|  | } | 
|  |  | 
|  | // ExtractUser returns the User from a GetResult. | 
|  | func (result GetResult) ExtractUser() (*User, error) { | 
|  | if result.Err != nil { | 
|  | return nil, result.Err | 
|  | } | 
|  |  | 
|  | var response struct { | 
|  | Access struct { | 
|  | User User `mapstructure:"user"` | 
|  | } `mapstructure:"access"` | 
|  | } | 
|  |  | 
|  | err := mapstructure.Decode(result.Body, &response) | 
|  | if err != nil { | 
|  | return nil, err | 
|  | } | 
|  |  | 
|  | return &response.Access.User, nil | 
|  | } |