diff --git a/.github/workflows/run-cli-e2e-tests.yml b/.github/workflows/run-cli-e2e-tests.yml index 7163d2d3..73ed18dc 100644 --- a/.github/workflows/run-cli-e2e-tests.yml +++ b/.github/workflows/run-cli-e2e-tests.yml @@ -82,8 +82,28 @@ jobs: go-version: "1.25.9" - name: Install dependencies run: go get . + - name: Cache cargo registry + target + uses: actions/cache@v4 + with: + path: | + ~/.cargo/registry + ~/.cargo/git + packages/pam/handlers/rdp/native/target + key: rdp-bridge-cargo-${{ runner.os }}-${{ hashFiles('packages/pam/handlers/rdp/native/Cargo.lock') }} + restore-keys: rdp-bridge-cargo-${{ runner.os }}- + - name: Install pinned Rust toolchain + working-directory: packages/pam/handlers/rdp/native + run: rustup show active-toolchain + - name: Build Rust RDP bridge + working-directory: packages/pam/handlers/rdp/native + run: cargo build --release - name: Build the CLI - run: go build -o infisical-cli + run: CGO_ENABLED=1 go build -tags rdp -o infisical-cli + - name: Install RDP test dependencies + run: | + sudo apt-get update && sudo apt-get install -y --no-install-recommends freerdp3-x11 xvfb + Xvfb :99 -screen 0 1024x768x24 & + echo "DISPLAY=:99" >> "$GITHUB_ENV" - name: Checkout infisical repo uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: diff --git a/e2e/agent/agent_helpers.go b/e2e/agent/agent_helpers.go index 18acede1..f84e6c1c 100644 --- a/e2e/agent/agent_helpers.go +++ b/e2e/agent/agent_helpers.go @@ -63,22 +63,23 @@ func (h *CertAgentTestHelper) CreateInternalCA() { ProjectId: uuid.MustParse(h.ProjectID), Status: client.Active, Configuration: struct { - ActiveCaCertId *openapi_types.UUID `json:"activeCaCertId"` - CommonName *string `json:"commonName,omitempty"` - Country *string `json:"country,omitempty"` - Dn *string `json:"dn"` - FriendlyName *string `json:"friendlyName,omitempty"` - KeyAlgorithm client.CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm `json:"keyAlgorithm"` - Locality *string `json:"locality,omitempty"` - MaxPathLength *float32 `json:"maxPathLength"` - NotAfter *string `json:"notAfter,omitempty"` - NotBefore *string `json:"notBefore,omitempty"` - Organization *string `json:"organization,omitempty"` - Ou *string `json:"ou,omitempty"` - ParentCaId *openapi_types.UUID `json:"parentCaId"` - Province *string `json:"province,omitempty"` - SerialNumber *string `json:"serialNumber"` - Type client.CreateInternalCertificateAuthorityV1JSONBodyConfigurationType `json:"type"` + ActiveCaCertId *openapi_types.UUID `json:"activeCaCertId"` + CommonName *string `json:"commonName,omitempty"` + Country *string `json:"country,omitempty"` + CrlDistributionPointUrls *[]string `json:"crlDistributionPointUrls,omitempty"` + Dn *string `json:"dn"` + FriendlyName *string `json:"friendlyName,omitempty"` + KeyAlgorithm client.CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm `json:"keyAlgorithm"` + Locality *string `json:"locality,omitempty"` + MaxPathLength *float32 `json:"maxPathLength"` + NotAfter *string `json:"notAfter,omitempty"` + NotBefore *string `json:"notBefore,omitempty"` + Organization *string `json:"organization,omitempty"` + Ou *string `json:"ou,omitempty"` + ParentCaId *openapi_types.UUID `json:"parentCaId"` + Province *string `json:"province,omitempty"` + SerialNumber *string `json:"serialNumber"` + Type client.CreateInternalCertificateAuthorityV1JSONBodyConfigurationType `json:"type"` }{ Type: client.Root, FriendlyName: &friendlyName, diff --git a/e2e/openapi-cfg.yaml b/e2e/openapi-cfg.yaml index e40b0472..eafa460d 100644 --- a/e2e/openapi-cfg.yaml +++ b/e2e/openapi-cfg.yaml @@ -37,3 +37,6 @@ output-options: - createSshPamResource - createSshPamAccount - createRedisPamAccount + - createWindowsPamResource + - createWindowsPamAccount + - createAwsAppConnection diff --git a/e2e/packages/client/client.gen.go b/e2e/packages/client/client.gen.go index fbe481fb..6db51fb3 100644 --- a/e2e/packages/client/client.gen.go +++ b/e2e/packages/client/client.gen.go @@ -22,6 +22,16 @@ const ( BearerAuthScopes = "bearerAuth.Scopes" ) +// Defines values for CreateAwsAppConnectionJSONBodyIsAutoRotationEnabled. +const ( + CreateAwsAppConnectionJSONBodyIsAutoRotationEnabledFalse CreateAwsAppConnectionJSONBodyIsAutoRotationEnabled = false +) + +// Defines values for CreateAwsAppConnectionJSONBodyIsPlatformManagedCredentials. +const ( + CreateAwsAppConnectionJSONBodyIsPlatformManagedCredentialsFalse CreateAwsAppConnectionJSONBodyIsPlatformManagedCredentials = false +) + // Defines values for CreateCloudflareAppConnectionJSONBodyIsAutoRotationEnabled. const ( CreateCloudflareAppConnectionJSONBodyIsAutoRotationEnabledFalse CreateCloudflareAppConnectionJSONBodyIsAutoRotationEnabled = false @@ -64,12 +74,27 @@ const ( // Defines values for CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm. const ( - CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmECPrime256v1 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "EC_prime256v1" - CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmECSecp384r1 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "EC_secp384r1" - CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmECSecp521r1 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "EC_secp521r1" - CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmRSA2048 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "RSA_2048" - CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmRSA3072 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "RSA_3072" - CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmRSA4096 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "RSA_4096" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmECPrime256v1 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "EC_prime256v1" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmECSecp384r1 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "EC_secp384r1" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmECSecp521r1 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "EC_secp521r1" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmMLDSA44 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "ML-DSA-44" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmMLDSA65 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "ML-DSA-65" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmMLDSA87 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "ML-DSA-87" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmRSA2048 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "RSA_2048" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmRSA3072 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "RSA_3072" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmRSA4096 CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "RSA_4096" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHA2128f CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHA2-128f" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHA2128s CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHA2-128s" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHA2192f CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHA2-192f" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHA2192s CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHA2-192s" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHA2256f CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHA2-256f" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHA2256s CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHA2-256s" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHAKE128f CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHAKE-128f" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHAKE128s CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHAKE-128s" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHAKE192f CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHAKE-192f" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHAKE192s CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHAKE-192s" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHAKE256f CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHAKE-256f" + CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithmSLHDSASHAKE256s CreateInternalCertificateAuthorityV1JSONBodyConfigurationKeyAlgorithm = "SLH-DSA-SHAKE-256s" ) // Defines values for CreateInternalCertificateAuthorityV1JSONBodyConfigurationType. @@ -191,11 +216,27 @@ const ( // Defines values for CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm. const ( - CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmECPrime256v1 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "EC_prime256v1" - CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmECSecp384r1 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "EC_secp384r1" - CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmRSA2048 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "RSA_2048" - CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmRSA3072 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "RSA_3072" - CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmRSA4096 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "RSA_4096" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmECPrime256v1 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "EC_prime256v1" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmECSecp384r1 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "EC_secp384r1" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmECSecp521r1 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "EC_secp521r1" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmMLDSA44 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "ML-DSA-44" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmMLDSA65 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "ML-DSA-65" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmMLDSA87 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "ML-DSA-87" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmRSA2048 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "RSA_2048" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmRSA3072 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "RSA_3072" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmRSA4096 CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "RSA_4096" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHA2128f CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHA2-128f" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHA2128s CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHA2-128s" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHA2192f CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHA2-192f" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHA2192s CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHA2-192s" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHA2256f CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHA2-256f" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHA2256s CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHA2-256s" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHAKE128f CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHAKE-128f" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHAKE128s CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHAKE-128s" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHAKE192f CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHAKE-192f" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHAKE192s CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHAKE-192s" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHAKE256f CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHAKE-256f" + CreateCertificateProfileJSONBodyDefaultsKeyAlgorithmSLHDSASHAKE256s CreateCertificateProfileJSONBodyDefaultsKeyAlgorithm = "SLH-DSA-SHAKE-256s" ) // Defines values for CreateCertificateProfileJSONBodyDefaultsKeyUsages. @@ -213,12 +254,27 @@ const ( // Defines values for CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm. const ( - ECDSASHA256 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "ECDSA-SHA256" - ECDSASHA384 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "ECDSA-SHA384" - ECDSASHA512 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "ECDSA-SHA512" - RSASHA256 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "RSA-SHA256" - RSASHA384 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "RSA-SHA384" - RSASHA512 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "RSA-SHA512" + ECDSASHA256 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "ECDSA-SHA256" + ECDSASHA384 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "ECDSA-SHA384" + ECDSASHA512 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "ECDSA-SHA512" + MLDSA44 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "ML-DSA-44" + MLDSA65 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "ML-DSA-65" + MLDSA87 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "ML-DSA-87" + RSASHA256 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "RSA-SHA256" + RSASHA384 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "RSA-SHA384" + RSASHA512 CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "RSA-SHA512" + SLHDSASHA2128f CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHA2-128f" + SLHDSASHA2128s CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHA2-128s" + SLHDSASHA2192f CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHA2-192f" + SLHDSASHA2192s CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHA2-192s" + SLHDSASHA2256f CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHA2-256f" + SLHDSASHA2256s CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHA2-256s" + SLHDSASHAKE128f CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHAKE-128f" + SLHDSASHAKE128s CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHAKE-128s" + SLHDSASHAKE192f CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHAKE-192f" + SLHDSASHAKE192s CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHAKE-192s" + SLHDSASHAKE256f CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHAKE-256f" + SLHDSASHAKE256s CreateCertificateProfileJSONBodyDefaultsSignatureAlgorithm = "SLH-DSA-SHAKE-256s" ) // Defines values for CreateCertificateProfileJSONBodyEnrollmentType. @@ -235,6 +291,12 @@ const ( SelfSigned CreateCertificateProfileJSONBodyIssuerType = "self-signed" ) +// Defines values for CreateCertificateProfileJSONBodyScepConfigChallengeType. +const ( + Dynamic CreateCertificateProfileJSONBodyScepConfigChallengeType = "dynamic" + Static CreateCertificateProfileJSONBodyScepConfigChallengeType = "static" +) + // Defines values for CreateSshPamAccountJSONBodyCredentials0AuthMethod. const ( CreateSshPamAccountJSONBodyCredentials0AuthMethodPassword CreateSshPamAccountJSONBodyCredentials0AuthMethod = "password" @@ -250,11 +312,22 @@ const ( CreateSshPamAccountJSONBodyCredentials2AuthMethodCertificate CreateSshPamAccountJSONBodyCredentials2AuthMethod = "certificate" ) +// Defines values for CreateWindowsPamAccountJSONBodyInternalMetadataAccountType. +const ( + Service CreateWindowsPamAccountJSONBodyInternalMetadataAccountType = "service" + User CreateWindowsPamAccountJSONBodyInternalMetadataAccountType = "user" +) + // Defines values for CreateKubernetesPamResourceJSONBodyRotationAccountCredentials0AuthMethod. const ( ServiceAccountToken CreateKubernetesPamResourceJSONBodyRotationAccountCredentials0AuthMethod = "service-account-token" ) +// Defines values for CreateKubernetesPamResourceJSONBodyRotationAccountCredentials1AuthMethod. +const ( + GatewayKubernetesAuth CreateKubernetesPamResourceJSONBodyRotationAccountCredentials1AuthMethod = "gateway-kubernetes-auth" +) + // Defines values for CreateSshPamResourceJSONBodyRotationAccountCredentials0AuthMethod. const ( CreateSshPamResourceJSONBodyRotationAccountCredentials0AuthMethodPassword CreateSshPamResourceJSONBodyRotationAccountCredentials0AuthMethod = "password" @@ -270,6 +343,11 @@ const ( CreateSshPamResourceJSONBodyRotationAccountCredentials2AuthMethodCertificate CreateSshPamResourceJSONBodyRotationAccountCredentials2AuthMethod = "certificate" ) +// Defines values for CreateWindowsPamResourceJSONBodyConnectionDetailsProtocol. +const ( + Rdp CreateWindowsPamResourceJSONBodyConnectionDetailsProtocol = "rdp" +) + // Defines values for CreateProjectJSONBodyType. const ( Ai CreateProjectJSONBodyType = "ai" @@ -366,6 +444,72 @@ type AdminSignUpJSONBody struct { Password string `json:"password"` } +// CreateAwsAppConnectionJSONBody defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBody struct { + // Description An optional description for the AWS Connection. + Description *string `json:"description"` + + // GatewayId Not supported for AWS Connections. + GatewayId *CreateAwsAppConnectionJSONBody_GatewayId `json:"gatewayId,omitempty"` + + // GatewayPoolId Not supported for AWS Connections. + GatewayPoolId *CreateAwsAppConnectionJSONBody_GatewayPoolId `json:"gatewayPoolId,omitempty"` + + // IsAutoRotationEnabled Not supported for AWS Connections. + IsAutoRotationEnabled *CreateAwsAppConnectionJSONBodyIsAutoRotationEnabled `json:"isAutoRotationEnabled,omitempty"` + + // IsPlatformManagedCredentials Not supported for AWS Connections. + IsPlatformManagedCredentials *CreateAwsAppConnectionJSONBodyIsPlatformManagedCredentials `json:"isPlatformManagedCredentials,omitempty"` + + // Name The name of the AWS Connection to create. Must be slug-friendly. + Name string `json:"name"` + + // ProjectId The ID of the project to create the AWS Connection in. + ProjectId *string `json:"projectId,omitempty"` + + // Rotation Not supported for AWS Connections. + Rotation *CreateAwsAppConnectionJSONBody_Rotation `json:"rotation,omitempty"` +} + +// CreateAwsAppConnectionJSONBodyGatewayId0 defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBodyGatewayId0 = interface{} + +// CreateAwsAppConnectionJSONBodyGatewayId1 defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBodyGatewayId1 = interface{} + +// CreateAwsAppConnectionJSONBody_GatewayId defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBody_GatewayId struct { + union json.RawMessage +} + +// CreateAwsAppConnectionJSONBodyGatewayPoolId0 defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBodyGatewayPoolId0 = interface{} + +// CreateAwsAppConnectionJSONBodyGatewayPoolId1 defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBodyGatewayPoolId1 = interface{} + +// CreateAwsAppConnectionJSONBody_GatewayPoolId defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBody_GatewayPoolId struct { + union json.RawMessage +} + +// CreateAwsAppConnectionJSONBodyIsAutoRotationEnabled defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBodyIsAutoRotationEnabled bool + +// CreateAwsAppConnectionJSONBodyIsPlatformManagedCredentials defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBodyIsPlatformManagedCredentials bool + +// CreateAwsAppConnectionJSONBodyRotation0 defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBodyRotation0 = interface{} + +// CreateAwsAppConnectionJSONBodyRotation1 defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBodyRotation1 = interface{} + +// CreateAwsAppConnectionJSONBody_Rotation defines parameters for CreateAwsAppConnection. +type CreateAwsAppConnectionJSONBody_Rotation struct { + union json.RawMessage +} + // CreateCloudflareAppConnectionJSONBody defines parameters for CreateCloudflareAppConnection. type CreateCloudflareAppConnectionJSONBody struct { // Description An optional description for the Cloudflare Connection. @@ -374,6 +518,9 @@ type CreateCloudflareAppConnectionJSONBody struct { // GatewayId Not supported for Cloudflare Connections. GatewayId *CreateCloudflareAppConnectionJSONBody_GatewayId `json:"gatewayId,omitempty"` + // GatewayPoolId Not supported for Cloudflare Connections. + GatewayPoolId *CreateCloudflareAppConnectionJSONBody_GatewayPoolId `json:"gatewayPoolId,omitempty"` + // IsAutoRotationEnabled Not supported for Cloudflare Connections. IsAutoRotationEnabled *CreateCloudflareAppConnectionJSONBodyIsAutoRotationEnabled `json:"isAutoRotationEnabled,omitempty"` @@ -401,6 +548,17 @@ type CreateCloudflareAppConnectionJSONBody_GatewayId struct { union json.RawMessage } +// CreateCloudflareAppConnectionJSONBodyGatewayPoolId0 defines parameters for CreateCloudflareAppConnection. +type CreateCloudflareAppConnectionJSONBodyGatewayPoolId0 = interface{} + +// CreateCloudflareAppConnectionJSONBodyGatewayPoolId1 defines parameters for CreateCloudflareAppConnection. +type CreateCloudflareAppConnectionJSONBodyGatewayPoolId1 = interface{} + +// CreateCloudflareAppConnectionJSONBody_GatewayPoolId defines parameters for CreateCloudflareAppConnection. +type CreateCloudflareAppConnectionJSONBody_GatewayPoolId struct { + union json.RawMessage +} + // CreateCloudflareAppConnectionJSONBodyIsAutoRotationEnabled defines parameters for CreateCloudflareAppConnection. type CreateCloudflareAppConnectionJSONBodyIsAutoRotationEnabled bool @@ -587,7 +745,10 @@ type CreateInternalCertificateAuthorityV1JSONBody struct { // Country The country name (C) for the CA. Country *string `json:"country,omitempty"` - Dn *string `json:"dn"` + + // CrlDistributionPointUrls Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is always included as the primary. + CrlDistributionPointUrls *[]string `json:"crlDistributionPointUrls,omitempty"` + Dn *string `json:"dn"` // FriendlyName A friendly name for the CA. FriendlyName *string `json:"friendlyName,omitempty"` @@ -748,9 +909,12 @@ type CreateCertificateProfileJSONBody struct { IssuerType *CreateCertificateProfileJSONBodyIssuerType `json:"issuerType,omitempty"` ProjectId string `json:"projectId"` ScepConfig *struct { - AllowCertBasedRenewal *bool `json:"allowCertBasedRenewal,omitempty"` - ChallengePassword string `json:"challengePassword"` - IncludeCaCertInResponse *bool `json:"includeCaCertInResponse,omitempty"` + AllowCertBasedRenewal *bool `json:"allowCertBasedRenewal,omitempty"` + ChallengePassword *string `json:"challengePassword,omitempty"` + ChallengeType *CreateCertificateProfileJSONBodyScepConfigChallengeType `json:"challengeType,omitempty"` + DynamicChallengeExpiryMinutes *int `json:"dynamicChallengeExpiryMinutes,omitempty"` + DynamicChallengeMaxPending *int `json:"dynamicChallengeMaxPending,omitempty"` + IncludeCaCertInResponse *bool `json:"includeCaCertInResponse,omitempty"` } `json:"scepConfig,omitempty"` Slug string `json:"slug"` } @@ -785,6 +949,15 @@ type CreateCertificateProfileJSONBodyExternalConfigs2 = map[string]interface{} // CreateCertificateProfileJSONBodyExternalConfigs3 defines parameters for CreateCertificateProfile. type CreateCertificateProfileJSONBodyExternalConfigs3 = map[string]interface{} +// CreateCertificateProfileJSONBodyExternalConfigs4 defines parameters for CreateCertificateProfile. +type CreateCertificateProfileJSONBodyExternalConfigs4 = map[string]interface{} + +// CreateCertificateProfileJSONBodyExternalConfigs5 defines parameters for CreateCertificateProfile. +type CreateCertificateProfileJSONBodyExternalConfigs5 = map[string]interface{} + +// CreateCertificateProfileJSONBodyExternalConfigs6 defines parameters for CreateCertificateProfile. +type CreateCertificateProfileJSONBodyExternalConfigs6 = map[string]interface{} + // CreateCertificateProfileJSONBody_ExternalConfigs defines parameters for CreateCertificateProfile. type CreateCertificateProfileJSONBody_ExternalConfigs struct { union json.RawMessage @@ -793,6 +966,9 @@ type CreateCertificateProfileJSONBody_ExternalConfigs struct { // CreateCertificateProfileJSONBodyIssuerType defines parameters for CreateCertificateProfile. type CreateCertificateProfileJSONBodyIssuerType string +// CreateCertificateProfileJSONBodyScepConfigChallengeType defines parameters for CreateCertificateProfile. +type CreateCertificateProfileJSONBodyScepConfigChallengeType string + // CreateMachineIdentityJSONBody defines parameters for CreateMachineIdentity. type CreateMachineIdentityJSONBody struct { // HasDeleteProtection Prevents deletion of the identity when enabled. @@ -824,9 +1000,10 @@ type CreatePostgresPamAccountJSONBody struct { Key string `json:"key"` Value *string `json:"value,omitempty"` } `json:"metadata,omitempty"` - Name string `json:"name"` - RequireMfa *bool `json:"requireMfa,omitempty"` - ResourceId openapi_types.UUID `json:"resourceId"` + Name string `json:"name"` + PolicyId *openapi_types.UUID `json:"policyId"` + RequireMfa *bool `json:"requireMfa,omitempty"` + ResourceId openapi_types.UUID `json:"resourceId"` } // CreateRedisPamAccountJSONBody defines parameters for CreateRedisPamAccount. @@ -841,9 +1018,10 @@ type CreateRedisPamAccountJSONBody struct { Key string `json:"key"` Value *string `json:"value,omitempty"` } `json:"metadata,omitempty"` - Name string `json:"name"` - RequireMfa *bool `json:"requireMfa,omitempty"` - ResourceId openapi_types.UUID `json:"resourceId"` + Name string `json:"name"` + PolicyId *openapi_types.UUID `json:"policyId"` + RequireMfa *bool `json:"requireMfa,omitempty"` + ResourceId openapi_types.UUID `json:"resourceId"` } // CreateSshPamAccountJSONBody defines parameters for CreateSshPamAccount. @@ -855,9 +1033,10 @@ type CreateSshPamAccountJSONBody struct { Key string `json:"key"` Value *string `json:"value,omitempty"` } `json:"metadata,omitempty"` - Name string `json:"name"` - RequireMfa *bool `json:"requireMfa,omitempty"` - ResourceId openapi_types.UUID `json:"resourceId"` + Name string `json:"name"` + PolicyId *openapi_types.UUID `json:"policyId"` + RequireMfa *bool `json:"requireMfa,omitempty"` + ResourceId openapi_types.UUID `json:"resourceId"` } // CreateSshPamAccountJSONBodyCredentials0 defines parameters for CreateSshPamAccount. @@ -894,6 +1073,34 @@ type CreateSshPamAccountJSONBody_Credentials struct { union json.RawMessage } +// CreateWindowsPamAccountJSONBody defines parameters for CreateWindowsPamAccount. +type CreateWindowsPamAccountJSONBody struct { + Credentials struct { + Password string `json:"password"` + Username string `json:"username"` + } `json:"credentials"` + Description *string `json:"description"` + FolderId *openapi_types.UUID `json:"folderId,omitempty"` + InternalMetadata struct { + AccountType CreateWindowsPamAccountJSONBodyInternalMetadataAccountType `json:"accountType"` + Enabled *bool `json:"enabled,omitempty"` + LastLogon *string `json:"lastLogon,omitempty"` + PasswordLastSet *string `json:"passwordLastSet,omitempty"` + Sid *string `json:"sid,omitempty"` + } `json:"internalMetadata"` + Metadata *[]struct { + Key string `json:"key"` + Value *string `json:"value,omitempty"` + } `json:"metadata,omitempty"` + Name string `json:"name"` + PolicyId *openapi_types.UUID `json:"policyId"` + RequireMfa *bool `json:"requireMfa,omitempty"` + ResourceId openapi_types.UUID `json:"resourceId"` +} + +// CreateWindowsPamAccountJSONBodyInternalMetadataAccountType defines parameters for CreateWindowsPamAccount. +type CreateWindowsPamAccountJSONBodyInternalMetadataAccountType string + // CreateKubernetesPamResourceJSONBody defines parameters for CreateKubernetesPamResource. type CreateKubernetesPamResourceJSONBody struct { ConnectionDetails struct { @@ -901,8 +1108,9 @@ type CreateKubernetesPamResourceJSONBody struct { SslRejectUnauthorized bool `json:"sslRejectUnauthorized"` Url string `json:"url"` } `json:"connectionDetails"` - GatewayId openapi_types.UUID `json:"gatewayId"` - Metadata *[]struct { + GatewayId *openapi_types.UUID `json:"gatewayId,omitempty"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId,omitempty"` + Metadata *[]struct { Key string `json:"key"` Value *string `json:"value,omitempty"` } `json:"metadata,omitempty"` @@ -920,6 +1128,16 @@ type CreateKubernetesPamResourceJSONBodyRotationAccountCredentials0 struct { // CreateKubernetesPamResourceJSONBodyRotationAccountCredentials0AuthMethod defines parameters for CreateKubernetesPamResource. type CreateKubernetesPamResourceJSONBodyRotationAccountCredentials0AuthMethod string +// CreateKubernetesPamResourceJSONBodyRotationAccountCredentials1 defines parameters for CreateKubernetesPamResource. +type CreateKubernetesPamResourceJSONBodyRotationAccountCredentials1 struct { + AuthMethod CreateKubernetesPamResourceJSONBodyRotationAccountCredentials1AuthMethod `json:"authMethod"` + Namespace string `json:"namespace"` + ServiceAccountName string `json:"serviceAccountName"` +} + +// CreateKubernetesPamResourceJSONBodyRotationAccountCredentials1AuthMethod defines parameters for CreateKubernetesPamResource. +type CreateKubernetesPamResourceJSONBodyRotationAccountCredentials1AuthMethod string + // CreateKubernetesPamResourceJSONBody_RotationAccountCredentials defines parameters for CreateKubernetesPamResource. type CreateKubernetesPamResourceJSONBody_RotationAccountCredentials struct { union json.RawMessage @@ -935,8 +1153,9 @@ type CreatePostgresPamResourceJSONBody struct { SslEnabled bool `json:"sslEnabled"` SslRejectUnauthorized bool `json:"sslRejectUnauthorized"` } `json:"connectionDetails"` - GatewayId openapi_types.UUID `json:"gatewayId"` - Metadata *[]struct { + GatewayId *openapi_types.UUID `json:"gatewayId,omitempty"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId,omitempty"` + Metadata *[]struct { Key string `json:"key"` Value *string `json:"value,omitempty"` } `json:"metadata,omitempty"` @@ -957,8 +1176,9 @@ type CreateRedisPamResourceJSONBody struct { SslEnabled bool `json:"sslEnabled"` SslRejectUnauthorized bool `json:"sslRejectUnauthorized"` } `json:"connectionDetails"` - GatewayId openapi_types.UUID `json:"gatewayId"` - Metadata *[]struct { + GatewayId *openapi_types.UUID `json:"gatewayId,omitempty"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId,omitempty"` + Metadata *[]struct { Key string `json:"key"` Value *string `json:"value,omitempty"` } `json:"metadata,omitempty"` @@ -976,8 +1196,9 @@ type CreateSshPamResourceJSONBody struct { Host string `json:"host"` Port float32 `json:"port"` } `json:"connectionDetails"` - GatewayId openapi_types.UUID `json:"gatewayId"` - Metadata *[]struct { + GatewayId *openapi_types.UUID `json:"gatewayId,omitempty"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId,omitempty"` + Metadata *[]struct { Key string `json:"key"` Value *string `json:"value,omitempty"` } `json:"metadata,omitempty"` @@ -1020,6 +1241,36 @@ type CreateSshPamResourceJSONBody_RotationAccountCredentials struct { union json.RawMessage } +// CreateWindowsPamResourceJSONBody defines parameters for CreateWindowsPamResource. +type CreateWindowsPamResourceJSONBody struct { + ConnectionDetails struct { + Hostname string `json:"hostname"` + Port int `json:"port"` + Protocol CreateWindowsPamResourceJSONBodyConnectionDetailsProtocol `json:"protocol"` + UseWinrmHttps bool `json:"useWinrmHttps"` + WinrmCaCert *string `json:"winrmCaCert,omitempty"` + WinrmPort int `json:"winrmPort"` + WinrmRejectUnauthorized bool `json:"winrmRejectUnauthorized"` + WinrmTlsServerName *string `json:"winrmTlsServerName,omitempty"` + } `json:"connectionDetails"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId,omitempty"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId,omitempty"` + Metadata *[]struct { + Key string `json:"key"` + Value *string `json:"value,omitempty"` + } `json:"metadata,omitempty"` + Name string `json:"name"` + ProjectId openapi_types.UUID `json:"projectId"` + RotationAccountCredentials *struct { + Password string `json:"password"` + Username string `json:"username"` + } `json:"rotationAccountCredentials"` +} + +// CreateWindowsPamResourceJSONBodyConnectionDetailsProtocol defines parameters for CreateWindowsPamResource. +type CreateWindowsPamResourceJSONBodyConnectionDetailsProtocol string + // CreateProjectJSONBody defines parameters for CreateProject. type CreateProjectJSONBody struct { HasDeleteProtection *bool `json:"hasDeleteProtection,omitempty"` @@ -1249,6 +1500,9 @@ type CreateSecretV4JSONBodyType string // AdminSignUpJSONRequestBody defines body for AdminSignUp for application/json ContentType. type AdminSignUpJSONRequestBody AdminSignUpJSONBody +// CreateAwsAppConnectionJSONRequestBody defines body for CreateAwsAppConnection for application/json ContentType. +type CreateAwsAppConnectionJSONRequestBody CreateAwsAppConnectionJSONBody + // CreateCloudflareAppConnectionJSONRequestBody defines body for CreateCloudflareAppConnection for application/json ContentType. type CreateCloudflareAppConnectionJSONRequestBody CreateCloudflareAppConnectionJSONBody @@ -1291,6 +1545,9 @@ type CreateRedisPamAccountJSONRequestBody CreateRedisPamAccountJSONBody // CreateSshPamAccountJSONRequestBody defines body for CreateSshPamAccount for application/json ContentType. type CreateSshPamAccountJSONRequestBody CreateSshPamAccountJSONBody +// CreateWindowsPamAccountJSONRequestBody defines body for CreateWindowsPamAccount for application/json ContentType. +type CreateWindowsPamAccountJSONRequestBody CreateWindowsPamAccountJSONBody + // CreateKubernetesPamResourceJSONRequestBody defines body for CreateKubernetesPamResource for application/json ContentType. type CreateKubernetesPamResourceJSONRequestBody CreateKubernetesPamResourceJSONBody @@ -1303,6 +1560,9 @@ type CreateRedisPamResourceJSONRequestBody CreateRedisPamResourceJSONBody // CreateSshPamResourceJSONRequestBody defines body for CreateSshPamResource for application/json ContentType. type CreateSshPamResourceJSONRequestBody CreateSshPamResourceJSONBody +// CreateWindowsPamResourceJSONRequestBody defines body for CreateWindowsPamResource for application/json ContentType. +type CreateWindowsPamResourceJSONRequestBody CreateWindowsPamResourceJSONBody + // CreateProjectJSONRequestBody defines body for CreateProject for application/json ContentType. type CreateProjectJSONRequestBody CreateProjectJSONBody @@ -1396,6 +1656,11 @@ type ClientInterface interface { AdminSignUp(ctx context.Context, body AdminSignUpJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) + // CreateAwsAppConnectionWithBody request with any body + CreateAwsAppConnectionWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) + + CreateAwsAppConnection(ctx context.Context, body CreateAwsAppConnectionJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) + // CreateCloudflareAppConnectionWithBody request with any body CreateCloudflareAppConnectionWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) @@ -1469,6 +1734,11 @@ type ClientInterface interface { CreateSshPamAccount(ctx context.Context, body CreateSshPamAccountJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) + // CreateWindowsPamAccountWithBody request with any body + CreateWindowsPamAccountWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) + + CreateWindowsPamAccount(ctx context.Context, body CreateWindowsPamAccountJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) + // CreateKubernetesPamResourceWithBody request with any body CreateKubernetesPamResourceWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) @@ -1489,6 +1759,11 @@ type ClientInterface interface { CreateSshPamResource(ctx context.Context, body CreateSshPamResourceJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) + // CreateWindowsPamResourceWithBody request with any body + CreateWindowsPamResourceWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) + + CreateWindowsPamResource(ctx context.Context, body CreateWindowsPamResourceJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) + // CreateProjectWithBody request with any body CreateProjectWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) @@ -1551,6 +1826,30 @@ func (c *Client) AdminSignUp(ctx context.Context, body AdminSignUpJSONRequestBod return c.Client.Do(req) } +func (c *Client) CreateAwsAppConnectionWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewCreateAwsAppConnectionRequestWithBody(c.Server, contentType, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + +func (c *Client) CreateAwsAppConnection(ctx context.Context, body CreateAwsAppConnectionJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewCreateAwsAppConnectionRequest(c.Server, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + func (c *Client) CreateCloudflareAppConnectionWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { req, err := NewCreateCloudflareAppConnectionRequestWithBody(c.Server, contentType, body) if err != nil { @@ -1899,6 +2198,30 @@ func (c *Client) CreateSshPamAccount(ctx context.Context, body CreateSshPamAccou return c.Client.Do(req) } +func (c *Client) CreateWindowsPamAccountWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewCreateWindowsPamAccountRequestWithBody(c.Server, contentType, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + +func (c *Client) CreateWindowsPamAccount(ctx context.Context, body CreateWindowsPamAccountJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewCreateWindowsPamAccountRequest(c.Server, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + func (c *Client) CreateKubernetesPamResourceWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { req, err := NewCreateKubernetesPamResourceRequestWithBody(c.Server, contentType, body) if err != nil { @@ -1995,6 +2318,30 @@ func (c *Client) CreateSshPamResource(ctx context.Context, body CreateSshPamReso return c.Client.Do(req) } +func (c *Client) CreateWindowsPamResourceWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewCreateWindowsPamResourceRequestWithBody(c.Server, contentType, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + +func (c *Client) CreateWindowsPamResource(ctx context.Context, body CreateWindowsPamResourceJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewCreateWindowsPamResourceRequest(c.Server, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + func (c *Client) CreateProjectWithBody(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { req, err := NewCreateProjectRequestWithBody(c.Server, contentType, body) if err != nil { @@ -2203,6 +2550,46 @@ func NewAdminSignUpRequestWithBody(server string, contentType string, body io.Re return req, nil } +// NewCreateAwsAppConnectionRequest calls the generic CreateAwsAppConnection builder with application/json body +func NewCreateAwsAppConnectionRequest(server string, body CreateAwsAppConnectionJSONRequestBody) (*http.Request, error) { + var bodyReader io.Reader + buf, err := json.Marshal(body) + if err != nil { + return nil, err + } + bodyReader = bytes.NewReader(buf) + return NewCreateAwsAppConnectionRequestWithBody(server, "application/json", bodyReader) +} + +// NewCreateAwsAppConnectionRequestWithBody generates requests for CreateAwsAppConnection with any type of body +func NewCreateAwsAppConnectionRequestWithBody(server string, contentType string, body io.Reader) (*http.Request, error) { + var err error + + serverURL, err := url.Parse(server) + if err != nil { + return nil, err + } + + operationPath := fmt.Sprintf("/api/v1/app-connections/aws") + if operationPath[0] == '/' { + operationPath = "." + operationPath + } + + queryURL, err := serverURL.Parse(operationPath) + if err != nil { + return nil, err + } + + req, err := http.NewRequest("POST", queryURL.String(), body) + if err != nil { + return nil, err + } + + req.Header.Add("Content-Type", contentType) + + return req, nil +} + // NewCreateCloudflareAppConnectionRequest calls the generic CreateCloudflareAppConnection builder with application/json body func NewCreateCloudflareAppConnectionRequest(server string, body CreateCloudflareAppConnectionJSONRequestBody) (*http.Request, error) { var bodyReader io.Reader @@ -2825,6 +3212,46 @@ func NewCreateSshPamAccountRequestWithBody(server string, contentType string, bo return req, nil } +// NewCreateWindowsPamAccountRequest calls the generic CreateWindowsPamAccount builder with application/json body +func NewCreateWindowsPamAccountRequest(server string, body CreateWindowsPamAccountJSONRequestBody) (*http.Request, error) { + var bodyReader io.Reader + buf, err := json.Marshal(body) + if err != nil { + return nil, err + } + bodyReader = bytes.NewReader(buf) + return NewCreateWindowsPamAccountRequestWithBody(server, "application/json", bodyReader) +} + +// NewCreateWindowsPamAccountRequestWithBody generates requests for CreateWindowsPamAccount with any type of body +func NewCreateWindowsPamAccountRequestWithBody(server string, contentType string, body io.Reader) (*http.Request, error) { + var err error + + serverURL, err := url.Parse(server) + if err != nil { + return nil, err + } + + operationPath := fmt.Sprintf("/api/v1/pam/accounts/windows") + if operationPath[0] == '/' { + operationPath = "." + operationPath + } + + queryURL, err := serverURL.Parse(operationPath) + if err != nil { + return nil, err + } + + req, err := http.NewRequest("POST", queryURL.String(), body) + if err != nil { + return nil, err + } + + req.Header.Add("Content-Type", contentType) + + return req, nil +} + // NewCreateKubernetesPamResourceRequest calls the generic CreateKubernetesPamResource builder with application/json body func NewCreateKubernetesPamResourceRequest(server string, body CreateKubernetesPamResourceJSONRequestBody) (*http.Request, error) { var bodyReader io.Reader @@ -2985,6 +3412,46 @@ func NewCreateSshPamResourceRequestWithBody(server string, contentType string, b return req, nil } +// NewCreateWindowsPamResourceRequest calls the generic CreateWindowsPamResource builder with application/json body +func NewCreateWindowsPamResourceRequest(server string, body CreateWindowsPamResourceJSONRequestBody) (*http.Request, error) { + var bodyReader io.Reader + buf, err := json.Marshal(body) + if err != nil { + return nil, err + } + bodyReader = bytes.NewReader(buf) + return NewCreateWindowsPamResourceRequestWithBody(server, "application/json", bodyReader) +} + +// NewCreateWindowsPamResourceRequestWithBody generates requests for CreateWindowsPamResource with any type of body +func NewCreateWindowsPamResourceRequestWithBody(server string, contentType string, body io.Reader) (*http.Request, error) { + var err error + + serverURL, err := url.Parse(server) + if err != nil { + return nil, err + } + + operationPath := fmt.Sprintf("/api/v1/pam/resources/windows") + if operationPath[0] == '/' { + operationPath = "." + operationPath + } + + queryURL, err := serverURL.Parse(operationPath) + if err != nil { + return nil, err + } + + req, err := http.NewRequest("POST", queryURL.String(), body) + if err != nil { + return nil, err + } + + req.Header.Add("Content-Type", contentType) + + return req, nil +} + // NewCreateProjectRequest calls the generic CreateProject builder with application/json body func NewCreateProjectRequest(server string, body CreateProjectJSONRequestBody) (*http.Request, error) { var bodyReader io.Reader @@ -3665,6 +4132,11 @@ type ClientWithResponsesInterface interface { AdminSignUpWithResponse(ctx context.Context, body AdminSignUpJSONRequestBody, reqEditors ...RequestEditorFn) (*AdminSignUpResponse, error) + // CreateAwsAppConnectionWithBodyWithResponse request with any body + CreateAwsAppConnectionWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateAwsAppConnectionResponse, error) + + CreateAwsAppConnectionWithResponse(ctx context.Context, body CreateAwsAppConnectionJSONRequestBody, reqEditors ...RequestEditorFn) (*CreateAwsAppConnectionResponse, error) + // CreateCloudflareAppConnectionWithBodyWithResponse request with any body CreateCloudflareAppConnectionWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateCloudflareAppConnectionResponse, error) @@ -3738,6 +4210,11 @@ type ClientWithResponsesInterface interface { CreateSshPamAccountWithResponse(ctx context.Context, body CreateSshPamAccountJSONRequestBody, reqEditors ...RequestEditorFn) (*CreateSshPamAccountResponse, error) + // CreateWindowsPamAccountWithBodyWithResponse request with any body + CreateWindowsPamAccountWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateWindowsPamAccountResponse, error) + + CreateWindowsPamAccountWithResponse(ctx context.Context, body CreateWindowsPamAccountJSONRequestBody, reqEditors ...RequestEditorFn) (*CreateWindowsPamAccountResponse, error) + // CreateKubernetesPamResourceWithBodyWithResponse request with any body CreateKubernetesPamResourceWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateKubernetesPamResourceResponse, error) @@ -3758,6 +4235,11 @@ type ClientWithResponsesInterface interface { CreateSshPamResourceWithResponse(ctx context.Context, body CreateSshPamResourceJSONRequestBody, reqEditors ...RequestEditorFn) (*CreateSshPamResourceResponse, error) + // CreateWindowsPamResourceWithBodyWithResponse request with any body + CreateWindowsPamResourceWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateWindowsPamResourceResponse, error) + + CreateWindowsPamResourceWithResponse(ctx context.Context, body CreateWindowsPamResourceJSONRequestBody, reqEditors ...RequestEditorFn) (*CreateWindowsPamResourceResponse, error) + // CreateProjectWithBodyWithResponse request with any body CreateProjectWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateProjectResponse, error) @@ -3839,26 +4321,14 @@ type AdminSignUpResponse struct { } `json:"organization"` Token string `json:"token"` User struct { - AuthMethods *[]string `json:"authMethods"` - ConsecutiveFailedMfaAttempts *float32 `json:"consecutiveFailedMfaAttempts"` - ConsecutiveFailedPasswordAttempts *float32 `json:"consecutiveFailedPasswordAttempts"` - CreatedAt time.Time `json:"createdAt"` - Devices interface{} `json:"devices"` - Email *string `json:"email"` - FirstName *string `json:"firstName"` - Id openapi_types.UUID `json:"id"` - IsAccepted *bool `json:"isAccepted"` - IsEmailVerified *bool `json:"isEmailVerified"` - IsGhost *bool `json:"isGhost,omitempty"` - IsLocked *bool `json:"isLocked"` - IsMfaEnabled *bool `json:"isMfaEnabled"` - LastName *string `json:"lastName"` - MfaMethods *[]string `json:"mfaMethods"` - SelectedMfaMethod *string `json:"selectedMfaMethod"` - SuperAdmin *bool `json:"superAdmin"` - TemporaryLockDateEnd *time.Time `json:"temporaryLockDateEnd"` - UpdatedAt time.Time `json:"updatedAt"` - Username string `json:"username"` + AuthMethods *[]string `json:"authMethods"` + Email *string `json:"email"` + FirstName *string `json:"firstName"` + Id openapi_types.UUID `json:"id"` + IsEmailVerified *bool `json:"isEmailVerified"` + LastName *string `json:"lastName"` + PublicKey *string `json:"publicKey"` + Username string `json:"username"` } `json:"user"` } JSON400 *struct { @@ -3923,6 +4393,181 @@ func (r AdminSignUpResponse) StatusCode() int { return 0 } +type CreateAwsAppConnectionResponse struct { + Body []byte + HTTPResponse *http.Response + JSON200 *struct { + AppConnection CreateAwsAppConnection_200_AppConnection `json:"appConnection"` + } + JSON400 *struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection400StatusCode `json:"statusCode"` + } + JSON401 *struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection401StatusCode `json:"statusCode"` + } + JSON403 *struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection403StatusCode `json:"statusCode"` + } + JSON404 *struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection404StatusCode `json:"statusCode"` + } + JSON422 *struct { + Error string `json:"error"` + Message interface{} `json:"message,omitempty"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection422StatusCode `json:"statusCode"` + } + JSON500 *struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection500StatusCode `json:"statusCode"` + } +} +type CreateAwsAppConnection200AppConnection0 struct { + App CreateAwsAppConnection200AppConnection0App `json:"app"` + CreatedAt time.Time `json:"createdAt"` + Credentials map[string]interface{} `json:"credentials"` + CredentialsHash *string `json:"credentialsHash,omitempty"` + Description *string `json:"description"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + IsAutoRotationEnabled *bool `json:"isAutoRotationEnabled,omitempty"` + IsPlatformManagedCredentials *bool `json:"isPlatformManagedCredentials"` + Method CreateAwsAppConnection200AppConnection0Method `json:"method"` + Name string `json:"name"` + OrgId openapi_types.UUID `json:"orgId"` + Project *struct { + Id string `json:"id"` + Name string `json:"name"` + Slug string `json:"slug"` + Type string `json:"type"` + } `json:"project"` + ProjectId *string `json:"projectId"` + + // Rotation The credential rotation configuration, if configured. + Rotation *struct { + // LastRotationMessage The message from the last rotation attempt. + LastRotationMessage *string `json:"lastRotationMessage"` + + // NextRotationAt The next scheduled rotation time. + NextRotationAt *time.Time `json:"nextRotationAt"` + + // RotateAtUtc The UTC time of day at which rotation should occur. + RotateAtUtc struct { + // Hours The hour (0-23) at which to rotate. + Hours float32 `json:"hours"` + + // Minutes The minute (0-59) at which to rotate. + Minutes float32 `json:"minutes"` + } `json:"rotateAtUtc"` + + // RotationInterval The interval in days between credential rotations. + RotationInterval float32 `json:"rotationInterval"` + + // RotationStatus The status of the last rotation attempt. + RotationStatus CreateAwsAppConnection200AppConnection0RotationRotationStatus `json:"rotationStatus"` + } `json:"rotation,omitempty"` + UpdatedAt time.Time `json:"updatedAt"` + Version *float32 `json:"version,omitempty"` +} +type CreateAwsAppConnection200AppConnection0App string +type CreateAwsAppConnection200AppConnection0Method string +type CreateAwsAppConnection200AppConnection0RotationRotationStatus string +type CreateAwsAppConnection200AppConnection1 struct { + App CreateAwsAppConnection200AppConnection1App `json:"app"` + CreatedAt time.Time `json:"createdAt"` + Credentials struct { + AccessKeyId string `json:"accessKeyId"` + } `json:"credentials"` + CredentialsHash *string `json:"credentialsHash,omitempty"` + Description *string `json:"description"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + IsAutoRotationEnabled *bool `json:"isAutoRotationEnabled,omitempty"` + IsPlatformManagedCredentials *bool `json:"isPlatformManagedCredentials"` + Method CreateAwsAppConnection200AppConnection1Method `json:"method"` + Name string `json:"name"` + OrgId openapi_types.UUID `json:"orgId"` + Project *struct { + Id string `json:"id"` + Name string `json:"name"` + Slug string `json:"slug"` + Type string `json:"type"` + } `json:"project"` + ProjectId *string `json:"projectId"` + + // Rotation The credential rotation configuration, if configured. + Rotation *struct { + // LastRotationMessage The message from the last rotation attempt. + LastRotationMessage *string `json:"lastRotationMessage"` + + // NextRotationAt The next scheduled rotation time. + NextRotationAt *time.Time `json:"nextRotationAt"` + + // RotateAtUtc The UTC time of day at which rotation should occur. + RotateAtUtc struct { + // Hours The hour (0-23) at which to rotate. + Hours float32 `json:"hours"` + + // Minutes The minute (0-59) at which to rotate. + Minutes float32 `json:"minutes"` + } `json:"rotateAtUtc"` + + // RotationInterval The interval in days between credential rotations. + RotationInterval float32 `json:"rotationInterval"` + + // RotationStatus The status of the last rotation attempt. + RotationStatus CreateAwsAppConnection200AppConnection1RotationRotationStatus `json:"rotationStatus"` + } `json:"rotation,omitempty"` + UpdatedAt time.Time `json:"updatedAt"` + Version *float32 `json:"version,omitempty"` +} +type CreateAwsAppConnection200AppConnection1App string +type CreateAwsAppConnection200AppConnection1Method string +type CreateAwsAppConnection200AppConnection1RotationRotationStatus string +type CreateAwsAppConnection_200_AppConnection struct { + union json.RawMessage +} +type CreateAwsAppConnection400StatusCode float32 +type CreateAwsAppConnection401StatusCode float32 +type CreateAwsAppConnection403StatusCode float32 +type CreateAwsAppConnection404StatusCode float32 +type CreateAwsAppConnection422StatusCode float32 +type CreateAwsAppConnection500StatusCode float32 + +// Status returns HTTPResponse.Status +func (r CreateAwsAppConnectionResponse) Status() string { + if r.HTTPResponse != nil { + return r.HTTPResponse.Status + } + return http.StatusText(0) +} + +// StatusCode returns HTTPResponse.StatusCode +func (r CreateAwsAppConnectionResponse) StatusCode() int { + if r.HTTPResponse != nil { + return r.HTTPResponse.StatusCode + } + return 0 +} + type CreateCloudflareAppConnectionResponse struct { Body []byte HTTPResponse *http.Response @@ -3977,6 +4622,7 @@ type CreateCloudflareAppConnection200AppConnection0 struct { CredentialsHash *string `json:"credentialsHash,omitempty"` Description *string `json:"description"` GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` Id openapi_types.UUID `json:"id"` IsAutoRotationEnabled *bool `json:"isAutoRotationEnabled,omitempty"` IsPlatformManagedCredentials *bool `json:"isPlatformManagedCredentials"` @@ -4051,6 +4697,7 @@ type RefreshAuthTokenResponse struct { HTTPResponse *http.Response JSON200 *struct { OrganizationId *string `json:"organizationId,omitempty"` + RefreshToken *string `json:"refreshToken,omitempty"` SubOrganizationId *string `json:"subOrganizationId,omitempty"` Token string `json:"token"` } @@ -4664,7 +5311,10 @@ type CreateInternalCertificateAuthorityV1Response struct { // Country The country name (C) for the CA. Country *string `json:"country,omitempty"` - Dn *string `json:"dn"` + + // CrlDistributionPointUrls Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is always included as the primary. + CrlDistributionPointUrls *[]string `json:"crlDistributionPointUrls,omitempty"` + Dn *string `json:"dn"` // FriendlyName A friendly name for the CA. FriendlyName *string `json:"friendlyName,omitempty"` @@ -4977,6 +5627,9 @@ type CreateCertificateProfile200CertificateProfileExternalConfigs0 struct { type CreateCertificateProfile200CertificateProfileExternalConfigs1 = map[string]interface{} type CreateCertificateProfile200CertificateProfileExternalConfigs2 = map[string]interface{} type CreateCertificateProfile200CertificateProfileExternalConfigs3 = map[string]interface{} +type CreateCertificateProfile200CertificateProfileExternalConfigs4 = map[string]interface{} +type CreateCertificateProfile200CertificateProfileExternalConfigs5 = map[string]interface{} +type CreateCertificateProfile200CertificateProfileExternalConfigs6 = map[string]interface{} type CreateCertificateProfile_200_CertificateProfile_ExternalConfigs struct { union json.RawMessage } @@ -5095,8 +5748,14 @@ type CreatePostgresPamAccountResponse struct { Credentials struct { Username string `json:"username"` } `json:"credentials"` - Description *string `json:"description"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Description *string `json:"description"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Domain *struct { + DomainType string `json:"domainType"` + Id openapi_types.UUID `json:"id"` + Name string `json:"name"` + } `json:"domain"` + DomainId *openapi_types.UUID `json:"domainId"` EncryptedLastRotationMessage interface{} `json:"encryptedLastRotationMessage"` FolderId *openapi_types.UUID `json:"folderId"` Id openapi_types.UUID `json:"id"` @@ -5108,19 +5767,22 @@ type CreatePostgresPamAccountResponse struct { Key string `json:"key"` Value *string `json:"value"` } `json:"metadata,omitempty"` - Name string `json:"name"` - ProjectId string `json:"projectId"` - RequireMfa *bool `json:"requireMfa"` - Resource struct { + Name string `json:"name"` + ParentType CreatePostgresPamAccount200AccountParentType `json:"parentType"` + PolicyId *openapi_types.UUID `json:"policyId"` + PolicyName *string `json:"policyName"` + ProjectId string `json:"projectId"` + RequireMfa *bool `json:"requireMfa"` + RequireReason *bool `json:"requireReason,omitempty"` + Resource *struct { Id openapi_types.UUID `json:"id"` Name string `json:"name"` ResourceType string `json:"resourceType"` RotationCredentialsConfigured bool `json:"rotationCredentialsConfigured"` } `json:"resource"` - ResourceId openapi_types.UUID `json:"resourceId"` - ResourceType CreatePostgresPamAccount200AccountResourceType `json:"resourceType"` - RotationStatus *string `json:"rotationStatus"` - UpdatedAt time.Time `json:"updatedAt"` + ResourceId *openapi_types.UUID `json:"resourceId"` + RotationStatus *string `json:"rotationStatus"` + UpdatedAt time.Time `json:"updatedAt"` } `json:"account"` } JSON400 *struct { @@ -5162,7 +5824,7 @@ type CreatePostgresPamAccountResponse struct { StatusCode CreatePostgresPamAccount500StatusCode `json:"statusCode"` } } -type CreatePostgresPamAccount200AccountResourceType string +type CreatePostgresPamAccount200AccountParentType string type CreatePostgresPamAccount400StatusCode float32 type CreatePostgresPamAccount401StatusCode float32 type CreatePostgresPamAccount403StatusCode float32 @@ -5195,8 +5857,14 @@ type CreateRedisPamAccountResponse struct { Credentials struct { Username *string `json:"username,omitempty"` } `json:"credentials"` - Description *string `json:"description"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Description *string `json:"description"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Domain *struct { + DomainType string `json:"domainType"` + Id openapi_types.UUID `json:"id"` + Name string `json:"name"` + } `json:"domain"` + DomainId *openapi_types.UUID `json:"domainId"` EncryptedLastRotationMessage interface{} `json:"encryptedLastRotationMessage"` FolderId *openapi_types.UUID `json:"folderId"` Id openapi_types.UUID `json:"id"` @@ -5208,19 +5876,22 @@ type CreateRedisPamAccountResponse struct { Key string `json:"key"` Value *string `json:"value"` } `json:"metadata,omitempty"` - Name string `json:"name"` - ProjectId string `json:"projectId"` - RequireMfa *bool `json:"requireMfa"` - Resource struct { + Name string `json:"name"` + ParentType CreateRedisPamAccount200AccountParentType `json:"parentType"` + PolicyId *openapi_types.UUID `json:"policyId"` + PolicyName *string `json:"policyName"` + ProjectId string `json:"projectId"` + RequireMfa *bool `json:"requireMfa"` + RequireReason *bool `json:"requireReason,omitempty"` + Resource *struct { Id openapi_types.UUID `json:"id"` Name string `json:"name"` ResourceType string `json:"resourceType"` RotationCredentialsConfigured bool `json:"rotationCredentialsConfigured"` } `json:"resource"` - ResourceId openapi_types.UUID `json:"resourceId"` - ResourceType CreateRedisPamAccount200AccountResourceType `json:"resourceType"` - RotationStatus *string `json:"rotationStatus"` - UpdatedAt time.Time `json:"updatedAt"` + ResourceId *openapi_types.UUID `json:"resourceId"` + RotationStatus *string `json:"rotationStatus"` + UpdatedAt time.Time `json:"updatedAt"` } `json:"account"` } JSON400 *struct { @@ -5262,7 +5933,7 @@ type CreateRedisPamAccountResponse struct { StatusCode CreateRedisPamAccount500StatusCode `json:"statusCode"` } } -type CreateRedisPamAccount200AccountResourceType string +type CreateRedisPamAccount200AccountParentType string type CreateRedisPamAccount400StatusCode float32 type CreateRedisPamAccount401StatusCode float32 type CreateRedisPamAccount403StatusCode float32 @@ -5291,34 +5962,43 @@ type CreateSshPamAccountResponse struct { HTTPResponse *http.Response JSON200 *struct { Account struct { - CreatedAt time.Time `json:"createdAt"` - Credentials CreateSshPamAccount_200_Account_Credentials `json:"credentials"` - Description *string `json:"description"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` - EncryptedLastRotationMessage interface{} `json:"encryptedLastRotationMessage"` - FolderId *openapi_types.UUID `json:"folderId"` - Id openapi_types.UUID `json:"id"` - InternalMetadata interface{} `json:"internalMetadata"` - LastRotatedAt *time.Time `json:"lastRotatedAt"` - LastRotationMessage *string `json:"lastRotationMessage"` + CreatedAt time.Time `json:"createdAt"` + Credentials CreateSshPamAccount_200_Account_Credentials `json:"credentials"` + Description *string `json:"description"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Domain *struct { + DomainType string `json:"domainType"` + Id openapi_types.UUID `json:"id"` + Name string `json:"name"` + } `json:"domain"` + DomainId *openapi_types.UUID `json:"domainId"` + EncryptedLastRotationMessage interface{} `json:"encryptedLastRotationMessage"` + FolderId *openapi_types.UUID `json:"folderId"` + Id openapi_types.UUID `json:"id"` + InternalMetadata interface{} `json:"internalMetadata"` + LastRotatedAt *time.Time `json:"lastRotatedAt"` + LastRotationMessage *string `json:"lastRotationMessage"` Metadata *[]struct { Id openapi_types.UUID `json:"id"` Key string `json:"key"` Value *string `json:"value"` } `json:"metadata,omitempty"` - Name string `json:"name"` - ProjectId string `json:"projectId"` - RequireMfa *bool `json:"requireMfa"` - Resource struct { + Name string `json:"name"` + ParentType CreateSshPamAccount200AccountParentType `json:"parentType"` + PolicyId *openapi_types.UUID `json:"policyId"` + PolicyName *string `json:"policyName"` + ProjectId string `json:"projectId"` + RequireMfa *bool `json:"requireMfa"` + RequireReason *bool `json:"requireReason,omitempty"` + Resource *struct { Id openapi_types.UUID `json:"id"` Name string `json:"name"` ResourceType string `json:"resourceType"` RotationCredentialsConfigured bool `json:"rotationCredentialsConfigured"` } `json:"resource"` - ResourceId openapi_types.UUID `json:"resourceId"` - ResourceType CreateSshPamAccount200AccountResourceType `json:"resourceType"` - RotationStatus *string `json:"rotationStatus"` - UpdatedAt time.Time `json:"updatedAt"` + ResourceId *openapi_types.UUID `json:"resourceId"` + RotationStatus *string `json:"rotationStatus"` + UpdatedAt time.Time `json:"updatedAt"` } `json:"account"` } JSON400 *struct { @@ -5378,7 +6058,7 @@ type CreateSshPamAccount200AccountCredentials2AuthMethod string type CreateSshPamAccount_200_Account_Credentials struct { union json.RawMessage } -type CreateSshPamAccount200AccountResourceType string +type CreateSshPamAccount200AccountParentType string type CreateSshPamAccount400StatusCode float32 type CreateSshPamAccount401StatusCode float32 type CreateSshPamAccount403StatusCode float32 @@ -5402,23 +6082,139 @@ func (r CreateSshPamAccountResponse) StatusCode() int { return 0 } +type CreateWindowsPamAccountResponse struct { + Body []byte + HTTPResponse *http.Response + JSON200 *struct { + Account struct { + CreatedAt time.Time `json:"createdAt"` + Credentials struct { + Username string `json:"username"` + } `json:"credentials"` + Description *string `json:"description"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Domain *struct { + DomainType string `json:"domainType"` + Id openapi_types.UUID `json:"id"` + Name string `json:"name"` + } `json:"domain"` + DomainId *openapi_types.UUID `json:"domainId"` + EncryptedLastRotationMessage interface{} `json:"encryptedLastRotationMessage"` + FolderId *openapi_types.UUID `json:"folderId"` + Id openapi_types.UUID `json:"id"` + InternalMetadata struct { + AccountType CreateWindowsPamAccount200AccountInternalMetadataAccountType `json:"accountType"` + Enabled *bool `json:"enabled,omitempty"` + LastLogon *string `json:"lastLogon,omitempty"` + PasswordLastSet *string `json:"passwordLastSet,omitempty"` + Sid *string `json:"sid,omitempty"` + } `json:"internalMetadata"` + LastRotatedAt *time.Time `json:"lastRotatedAt"` + LastRotationMessage *string `json:"lastRotationMessage"` + Metadata *[]struct { + Id openapi_types.UUID `json:"id"` + Key string `json:"key"` + Value *string `json:"value"` + } `json:"metadata,omitempty"` + Name string `json:"name"` + ParentType CreateWindowsPamAccount200AccountParentType `json:"parentType"` + PolicyId *openapi_types.UUID `json:"policyId"` + PolicyName *string `json:"policyName"` + ProjectId string `json:"projectId"` + RequireMfa *bool `json:"requireMfa"` + RequireReason *bool `json:"requireReason,omitempty"` + Resource *struct { + Id openapi_types.UUID `json:"id"` + Name string `json:"name"` + ResourceType string `json:"resourceType"` + RotationCredentialsConfigured bool `json:"rotationCredentialsConfigured"` + } `json:"resource"` + ResourceId *openapi_types.UUID `json:"resourceId"` + RotationStatus *string `json:"rotationStatus"` + UpdatedAt time.Time `json:"updatedAt"` + } `json:"account"` + } + JSON400 *struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount400StatusCode `json:"statusCode"` + } + JSON401 *struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount401StatusCode `json:"statusCode"` + } + JSON403 *struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount403StatusCode `json:"statusCode"` + } + JSON404 *struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount404StatusCode `json:"statusCode"` + } + JSON422 *struct { + Error string `json:"error"` + Message interface{} `json:"message,omitempty"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount422StatusCode `json:"statusCode"` + } + JSON500 *struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount500StatusCode `json:"statusCode"` + } +} +type CreateWindowsPamAccount200AccountInternalMetadataAccountType string +type CreateWindowsPamAccount200AccountParentType string +type CreateWindowsPamAccount400StatusCode float32 +type CreateWindowsPamAccount401StatusCode float32 +type CreateWindowsPamAccount403StatusCode float32 +type CreateWindowsPamAccount404StatusCode float32 +type CreateWindowsPamAccount422StatusCode float32 +type CreateWindowsPamAccount500StatusCode float32 + +// Status returns HTTPResponse.Status +func (r CreateWindowsPamAccountResponse) Status() string { + if r.HTTPResponse != nil { + return r.HTTPResponse.Status + } + return http.StatusText(0) +} + +// StatusCode returns HTTPResponse.StatusCode +func (r CreateWindowsPamAccountResponse) StatusCode() int { + if r.HTTPResponse != nil { + return r.HTTPResponse.StatusCode + } + return 0 +} + type CreateKubernetesPamResourceResponse struct { Body []byte HTTPResponse *http.Response JSON200 *struct { Resource struct { - AdServerResourceId *openapi_types.UUID `json:"adServerResourceId"` - ConnectionDetails struct { + ConnectionDetails struct { SslCertificate *string `json:"sslCertificate,omitempty"` SslRejectUnauthorized bool `json:"sslRejectUnauthorized"` Url string `json:"url"` } `json:"connectionDetails"` - CreatedAt time.Time `json:"createdAt"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` - EncryptedResourceMetadata interface{} `json:"encryptedResourceMetadata"` - GatewayId *openapi_types.UUID `json:"gatewayId"` - Id openapi_types.UUID `json:"id"` - Metadata *[]struct { + CreatedAt time.Time `json:"createdAt"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + Metadata *[]struct { Id openapi_types.UUID `json:"id"` Key string `json:"key"` Value *string `json:"value"` @@ -5427,7 +6223,12 @@ type CreateKubernetesPamResourceResponse struct { ProjectId string `json:"projectId"` ResourceType CreateKubernetesPamResource200ResourceResourceType `json:"resourceType"` RotationAccountCredentials *CreateKubernetesPamResource_200_Resource_RotationAccountCredentials `json:"rotationAccountCredentials"` - UpdatedAt time.Time `json:"updatedAt"` + SessionSummaryConfig *struct { + AiInsightsEnabled bool `json:"aiInsightsEnabled"` + ConnectionId openapi_types.UUID `json:"connectionId"` + Model CreateKubernetesPamResource200ResourceSessionSummaryConfigModel `json:"model"` + } `json:"sessionSummaryConfig"` + UpdatedAt time.Time `json:"updatedAt"` } `json:"resource"` } JSON400 *struct { @@ -5474,9 +6275,16 @@ type CreateKubernetesPamResource200ResourceRotationAccountCredentials0 struct { AuthMethod CreateKubernetesPamResource200ResourceRotationAccountCredentials0AuthMethod `json:"authMethod"` } type CreateKubernetesPamResource200ResourceRotationAccountCredentials0AuthMethod string +type CreateKubernetesPamResource200ResourceRotationAccountCredentials1 struct { + AuthMethod CreateKubernetesPamResource200ResourceRotationAccountCredentials1AuthMethod `json:"authMethod"` + Namespace string `json:"namespace"` + ServiceAccountName string `json:"serviceAccountName"` +} +type CreateKubernetesPamResource200ResourceRotationAccountCredentials1AuthMethod string type CreateKubernetesPamResource_200_Resource_RotationAccountCredentials struct { union json.RawMessage } +type CreateKubernetesPamResource200ResourceSessionSummaryConfigModel string type CreateKubernetesPamResource400StatusCode float32 type CreateKubernetesPamResource401StatusCode float32 type CreateKubernetesPamResource403StatusCode float32 @@ -5505,8 +6313,7 @@ type CreatePostgresPamResourceResponse struct { HTTPResponse *http.Response JSON200 *struct { Resource struct { - AdServerResourceId *openapi_types.UUID `json:"adServerResourceId"` - ConnectionDetails struct { + ConnectionDetails struct { Database string `json:"database"` Host string `json:"host"` Port float32 `json:"port"` @@ -5514,12 +6321,13 @@ type CreatePostgresPamResourceResponse struct { SslEnabled bool `json:"sslEnabled"` SslRejectUnauthorized bool `json:"sslRejectUnauthorized"` } `json:"connectionDetails"` - CreatedAt time.Time `json:"createdAt"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` - EncryptedResourceMetadata interface{} `json:"encryptedResourceMetadata"` - GatewayId *openapi_types.UUID `json:"gatewayId"` - Id openapi_types.UUID `json:"id"` - Metadata *[]struct { + CreatedAt time.Time `json:"createdAt"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + Metadata *[]struct { Id openapi_types.UUID `json:"id"` Key string `json:"key"` Value *string `json:"value"` @@ -5530,6 +6338,11 @@ type CreatePostgresPamResourceResponse struct { RotationAccountCredentials *struct { Username string `json:"username"` } `json:"rotationAccountCredentials"` + SessionSummaryConfig *struct { + AiInsightsEnabled bool `json:"aiInsightsEnabled"` + ConnectionId openapi_types.UUID `json:"connectionId"` + Model CreatePostgresPamResource200ResourceSessionSummaryConfigModel `json:"model"` + } `json:"sessionSummaryConfig"` UpdatedAt time.Time `json:"updatedAt"` } `json:"resource"` } @@ -5573,6 +6386,7 @@ type CreatePostgresPamResourceResponse struct { } } type CreatePostgresPamResource200ResourceResourceType string +type CreatePostgresPamResource200ResourceSessionSummaryConfigModel string type CreatePostgresPamResource400StatusCode float32 type CreatePostgresPamResource401StatusCode float32 type CreatePostgresPamResource403StatusCode float32 @@ -5601,20 +6415,20 @@ type CreateRedisPamResourceResponse struct { HTTPResponse *http.Response JSON200 *struct { Resource struct { - AdServerResourceId *openapi_types.UUID `json:"adServerResourceId"` - ConnectionDetails struct { + ConnectionDetails struct { Host string `json:"host"` Port float32 `json:"port"` SslCertificate *string `json:"sslCertificate,omitempty"` SslEnabled bool `json:"sslEnabled"` SslRejectUnauthorized bool `json:"sslRejectUnauthorized"` } `json:"connectionDetails"` - CreatedAt time.Time `json:"createdAt"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` - EncryptedResourceMetadata interface{} `json:"encryptedResourceMetadata"` - GatewayId *openapi_types.UUID `json:"gatewayId"` - Id openapi_types.UUID `json:"id"` - Metadata *[]struct { + CreatedAt time.Time `json:"createdAt"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + Metadata *[]struct { Id openapi_types.UUID `json:"id"` Key string `json:"key"` Value *string `json:"value"` @@ -5625,6 +6439,11 @@ type CreateRedisPamResourceResponse struct { RotationAccountCredentials *struct { Username *string `json:"username,omitempty"` } `json:"rotationAccountCredentials"` + SessionSummaryConfig *struct { + AiInsightsEnabled bool `json:"aiInsightsEnabled"` + ConnectionId openapi_types.UUID `json:"connectionId"` + Model CreateRedisPamResource200ResourceSessionSummaryConfigModel `json:"model"` + } `json:"sessionSummaryConfig"` UpdatedAt time.Time `json:"updatedAt"` } `json:"resource"` } @@ -5668,6 +6487,7 @@ type CreateRedisPamResourceResponse struct { } } type CreateRedisPamResource200ResourceResourceType string +type CreateRedisPamResource200ResourceSessionSummaryConfigModel string type CreateRedisPamResource400StatusCode float32 type CreateRedisPamResource401StatusCode float32 type CreateRedisPamResource403StatusCode float32 @@ -5696,17 +6516,17 @@ type CreateSshPamResourceResponse struct { HTTPResponse *http.Response JSON200 *struct { Resource struct { - AdServerResourceId *openapi_types.UUID `json:"adServerResourceId"` - ConnectionDetails struct { + ConnectionDetails struct { Host string `json:"host"` Port float32 `json:"port"` } `json:"connectionDetails"` - CreatedAt time.Time `json:"createdAt"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` - EncryptedResourceMetadata interface{} `json:"encryptedResourceMetadata"` - GatewayId *openapi_types.UUID `json:"gatewayId"` - Id openapi_types.UUID `json:"id"` - Metadata *[]struct { + CreatedAt time.Time `json:"createdAt"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + Metadata *[]struct { Id openapi_types.UUID `json:"id"` Key string `json:"key"` Value *string `json:"value"` @@ -5715,7 +6535,12 @@ type CreateSshPamResourceResponse struct { ProjectId string `json:"projectId"` ResourceType CreateSshPamResource200ResourceResourceType `json:"resourceType"` RotationAccountCredentials *CreateSshPamResource_200_Resource_RotationAccountCredentials `json:"rotationAccountCredentials"` - UpdatedAt time.Time `json:"updatedAt"` + SessionSummaryConfig *struct { + AiInsightsEnabled bool `json:"aiInsightsEnabled"` + ConnectionId openapi_types.UUID `json:"connectionId"` + Model CreateSshPamResource200ResourceSessionSummaryConfigModel `json:"model"` + } `json:"sessionSummaryConfig"` + UpdatedAt time.Time `json:"updatedAt"` } `json:"resource"` } JSON400 *struct { @@ -5776,6 +6601,7 @@ type CreateSshPamResource200ResourceRotationAccountCredentials2AuthMethod string type CreateSshPamResource_200_Resource_RotationAccountCredentials struct { union json.RawMessage } +type CreateSshPamResource200ResourceSessionSummaryConfigModel string type CreateSshPamResource400StatusCode float32 type CreateSshPamResource401StatusCode float32 type CreateSshPamResource403StatusCode float32 @@ -5799,6 +6625,111 @@ func (r CreateSshPamResourceResponse) StatusCode() int { return 0 } +type CreateWindowsPamResourceResponse struct { + Body []byte + HTTPResponse *http.Response + JSON200 *struct { + Resource struct { + ConnectionDetails struct { + Hostname string `json:"hostname"` + Port int `json:"port"` + Protocol CreateWindowsPamResource200ResourceConnectionDetailsProtocol `json:"protocol"` + UseWinrmHttps bool `json:"useWinrmHttps"` + WinrmCaCert *string `json:"winrmCaCert,omitempty"` + WinrmPort int `json:"winrmPort"` + WinrmRejectUnauthorized bool `json:"winrmRejectUnauthorized"` + WinrmTlsServerName *string `json:"winrmTlsServerName,omitempty"` + } `json:"connectionDetails"` + CreatedAt time.Time `json:"createdAt"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + Metadata *[]struct { + Id openapi_types.UUID `json:"id"` + Key string `json:"key"` + Value *string `json:"value"` + } `json:"metadata,omitempty"` + Name string `json:"name"` + ProjectId string `json:"projectId"` + ResourceType CreateWindowsPamResource200ResourceResourceType `json:"resourceType"` + RotationAccountCredentials *struct { + Username string `json:"username"` + } `json:"rotationAccountCredentials"` + SessionSummaryConfig *struct { + AiInsightsEnabled bool `json:"aiInsightsEnabled"` + ConnectionId openapi_types.UUID `json:"connectionId"` + Model CreateWindowsPamResource200ResourceSessionSummaryConfigModel `json:"model"` + } `json:"sessionSummaryConfig"` + UpdatedAt time.Time `json:"updatedAt"` + } `json:"resource"` + } + JSON400 *struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource400StatusCode `json:"statusCode"` + } + JSON401 *struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource401StatusCode `json:"statusCode"` + } + JSON403 *struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource403StatusCode `json:"statusCode"` + } + JSON404 *struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource404StatusCode `json:"statusCode"` + } + JSON422 *struct { + Error string `json:"error"` + Message interface{} `json:"message,omitempty"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource422StatusCode `json:"statusCode"` + } + JSON500 *struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource500StatusCode `json:"statusCode"` + } +} +type CreateWindowsPamResource200ResourceConnectionDetailsProtocol string +type CreateWindowsPamResource200ResourceResourceType string +type CreateWindowsPamResource200ResourceSessionSummaryConfigModel string +type CreateWindowsPamResource400StatusCode float32 +type CreateWindowsPamResource401StatusCode float32 +type CreateWindowsPamResource403StatusCode float32 +type CreateWindowsPamResource404StatusCode float32 +type CreateWindowsPamResource422StatusCode float32 +type CreateWindowsPamResource500StatusCode float32 + +// Status returns HTTPResponse.Status +func (r CreateWindowsPamResourceResponse) Status() string { + if r.HTTPResponse != nil { + return r.HTTPResponse.Status + } + return http.StatusText(0) +} + +// StatusCode returns HTTPResponse.StatusCode +func (r CreateWindowsPamResourceResponse) StatusCode() int { + if r.HTTPResponse != nil { + return r.HTTPResponse.StatusCode + } + return 0 +} + type CreateProjectResponse struct { Body []byte HTTPResponse *http.Response @@ -5978,14 +6909,14 @@ type ListGatewaysResponse struct { CreatedAt time.Time `json:"createdAt"` Heartbeat *time.Time `json:"heartbeat"` Id openapi_types.UUID `json:"id"` - Identity struct { + Identity *struct { Id string `json:"id"` Name string `json:"name"` } `json:"identity"` - IdentityId openapi_types.UUID `json:"identityId"` - LastHealthCheckStatus *string `json:"lastHealthCheckStatus"` - Name string `json:"name"` - UpdatedAt time.Time `json:"updatedAt"` + IdentityId *openapi_types.UUID `json:"identityId"` + LastHealthCheckStatus *string `json:"lastHealthCheckStatus"` + Name string `json:"name"` + UpdatedAt time.Time `json:"updatedAt"` } JSON400 *struct { Details interface{} `json:"details,omitempty"` @@ -6718,6 +7649,23 @@ func (c *ClientWithResponses) AdminSignUpWithResponse(ctx context.Context, body return ParseAdminSignUpResponse(rsp) } +// CreateAwsAppConnectionWithBodyWithResponse request with arbitrary body returning *CreateAwsAppConnectionResponse +func (c *ClientWithResponses) CreateAwsAppConnectionWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateAwsAppConnectionResponse, error) { + rsp, err := c.CreateAwsAppConnectionWithBody(ctx, contentType, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseCreateAwsAppConnectionResponse(rsp) +} + +func (c *ClientWithResponses) CreateAwsAppConnectionWithResponse(ctx context.Context, body CreateAwsAppConnectionJSONRequestBody, reqEditors ...RequestEditorFn) (*CreateAwsAppConnectionResponse, error) { + rsp, err := c.CreateAwsAppConnection(ctx, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseCreateAwsAppConnectionResponse(rsp) +} + // CreateCloudflareAppConnectionWithBodyWithResponse request with arbitrary body returning *CreateCloudflareAppConnectionResponse func (c *ClientWithResponses) CreateCloudflareAppConnectionWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateCloudflareAppConnectionResponse, error) { rsp, err := c.CreateCloudflareAppConnectionWithBody(ctx, contentType, body, reqEditors...) @@ -6965,6 +7913,23 @@ func (c *ClientWithResponses) CreateSshPamAccountWithResponse(ctx context.Contex return ParseCreateSshPamAccountResponse(rsp) } +// CreateWindowsPamAccountWithBodyWithResponse request with arbitrary body returning *CreateWindowsPamAccountResponse +func (c *ClientWithResponses) CreateWindowsPamAccountWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateWindowsPamAccountResponse, error) { + rsp, err := c.CreateWindowsPamAccountWithBody(ctx, contentType, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseCreateWindowsPamAccountResponse(rsp) +} + +func (c *ClientWithResponses) CreateWindowsPamAccountWithResponse(ctx context.Context, body CreateWindowsPamAccountJSONRequestBody, reqEditors ...RequestEditorFn) (*CreateWindowsPamAccountResponse, error) { + rsp, err := c.CreateWindowsPamAccount(ctx, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseCreateWindowsPamAccountResponse(rsp) +} + // CreateKubernetesPamResourceWithBodyWithResponse request with arbitrary body returning *CreateKubernetesPamResourceResponse func (c *ClientWithResponses) CreateKubernetesPamResourceWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateKubernetesPamResourceResponse, error) { rsp, err := c.CreateKubernetesPamResourceWithBody(ctx, contentType, body, reqEditors...) @@ -7033,6 +7998,23 @@ func (c *ClientWithResponses) CreateSshPamResourceWithResponse(ctx context.Conte return ParseCreateSshPamResourceResponse(rsp) } +// CreateWindowsPamResourceWithBodyWithResponse request with arbitrary body returning *CreateWindowsPamResourceResponse +func (c *ClientWithResponses) CreateWindowsPamResourceWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateWindowsPamResourceResponse, error) { + rsp, err := c.CreateWindowsPamResourceWithBody(ctx, contentType, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseCreateWindowsPamResourceResponse(rsp) +} + +func (c *ClientWithResponses) CreateWindowsPamResourceWithResponse(ctx context.Context, body CreateWindowsPamResourceJSONRequestBody, reqEditors ...RequestEditorFn) (*CreateWindowsPamResourceResponse, error) { + rsp, err := c.CreateWindowsPamResource(ctx, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseCreateWindowsPamResourceResponse(rsp) +} + // CreateProjectWithBodyWithResponse request with arbitrary body returning *CreateProjectResponse func (c *ClientWithResponses) CreateProjectWithBodyWithResponse(ctx context.Context, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*CreateProjectResponse, error) { rsp, err := c.CreateProjectWithBody(ctx, contentType, body, reqEditors...) @@ -7209,26 +8191,14 @@ func ParseAdminSignUpResponse(rsp *http.Response) (*AdminSignUpResponse, error) } `json:"organization"` Token string `json:"token"` User struct { - AuthMethods *[]string `json:"authMethods"` - ConsecutiveFailedMfaAttempts *float32 `json:"consecutiveFailedMfaAttempts"` - ConsecutiveFailedPasswordAttempts *float32 `json:"consecutiveFailedPasswordAttempts"` - CreatedAt time.Time `json:"createdAt"` - Devices interface{} `json:"devices"` - Email *string `json:"email"` - FirstName *string `json:"firstName"` - Id openapi_types.UUID `json:"id"` - IsAccepted *bool `json:"isAccepted"` - IsEmailVerified *bool `json:"isEmailVerified"` - IsGhost *bool `json:"isGhost,omitempty"` - IsLocked *bool `json:"isLocked"` - IsMfaEnabled *bool `json:"isMfaEnabled"` - LastName *string `json:"lastName"` - MfaMethods *[]string `json:"mfaMethods"` - SelectedMfaMethod *string `json:"selectedMfaMethod"` - SuperAdmin *bool `json:"superAdmin"` - TemporaryLockDateEnd *time.Time `json:"temporaryLockDateEnd"` - UpdatedAt time.Time `json:"updatedAt"` - Username string `json:"username"` + AuthMethods *[]string `json:"authMethods"` + Email *string `json:"email"` + FirstName *string `json:"firstName"` + Id openapi_types.UUID `json:"id"` + IsEmailVerified *bool `json:"isEmailVerified"` + LastName *string `json:"lastName"` + PublicKey *string `json:"publicKey"` + Username string `json:"username"` } `json:"user"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { @@ -7263,11 +8233,113 @@ func ParseAdminSignUpResponse(rsp *http.Response) (*AdminSignUpResponse, error) case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 403: var dest struct { - Details interface{} `json:"details,omitempty"` - Error string `json:"error"` - Message string `json:"message"` - ReqId string `json:"reqId"` - StatusCode AdminSignUp403StatusCode `json:"statusCode"` + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode AdminSignUp403StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON403 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 404: + var dest struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode AdminSignUp404StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON404 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 422: + var dest struct { + Error string `json:"error"` + Message interface{} `json:"message,omitempty"` + ReqId string `json:"reqId"` + StatusCode AdminSignUp422StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON422 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 500: + var dest struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode AdminSignUp500StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON500 = &dest + + } + + return response, nil +} + +// ParseCreateAwsAppConnectionResponse parses an HTTP response from a CreateAwsAppConnectionWithResponse call +func ParseCreateAwsAppConnectionResponse(rsp *http.Response) (*CreateAwsAppConnectionResponse, error) { + bodyBytes, err := io.ReadAll(rsp.Body) + defer func() { _ = rsp.Body.Close() }() + if err != nil { + return nil, err + } + + response := &CreateAwsAppConnectionResponse{ + Body: bodyBytes, + HTTPResponse: rsp, + } + + switch { + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: + var dest struct { + AppConnection CreateAwsAppConnection_200_AppConnection `json:"appConnection"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON200 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 400: + var dest struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection400StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON400 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 401: + var dest struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection401StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON401 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 403: + var dest struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection403StatusCode `json:"statusCode"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { return nil, err @@ -7276,10 +8348,10 @@ func ParseAdminSignUpResponse(rsp *http.Response) (*AdminSignUpResponse, error) case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 404: var dest struct { - Error string `json:"error"` - Message string `json:"message"` - ReqId string `json:"reqId"` - StatusCode AdminSignUp404StatusCode `json:"statusCode"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection404StatusCode `json:"statusCode"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { return nil, err @@ -7288,10 +8360,10 @@ func ParseAdminSignUpResponse(rsp *http.Response) (*AdminSignUpResponse, error) case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 422: var dest struct { - Error string `json:"error"` - Message interface{} `json:"message,omitempty"` - ReqId string `json:"reqId"` - StatusCode AdminSignUp422StatusCode `json:"statusCode"` + Error string `json:"error"` + Message interface{} `json:"message,omitempty"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection422StatusCode `json:"statusCode"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { return nil, err @@ -7300,10 +8372,10 @@ func ParseAdminSignUpResponse(rsp *http.Response) (*AdminSignUpResponse, error) case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 500: var dest struct { - Error string `json:"error"` - Message string `json:"message"` - ReqId string `json:"reqId"` - StatusCode AdminSignUp500StatusCode `json:"statusCode"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateAwsAppConnection500StatusCode `json:"statusCode"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { return nil, err @@ -7434,6 +8506,7 @@ func ParseRefreshAuthTokenResponse(rsp *http.Response) (*RefreshAuthTokenRespons case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: var dest struct { OrganizationId *string `json:"organizationId,omitempty"` + RefreshToken *string `json:"refreshToken,omitempty"` SubOrganizationId *string `json:"subOrganizationId,omitempty"` Token string `json:"token"` } @@ -8278,7 +9351,10 @@ func ParseCreateInternalCertificateAuthorityV1Response(rsp *http.Response) (*Cre // Country The country name (C) for the CA. Country *string `json:"country,omitempty"` - Dn *string `json:"dn"` + + // CrlDistributionPointUrls Additional CRL Distribution Point URLs (HTTP/HTTPS) embedded in every certificate issued by this CA. Up to 4 URLs; the Infisical-managed CRL endpoint is always included as the primary. + CrlDistributionPointUrls *[]string `json:"crlDistributionPointUrls,omitempty"` + Dn *string `json:"dn"` // FriendlyName A friendly name for the CA. FriendlyName *string `json:"friendlyName,omitempty"` @@ -8818,8 +9894,14 @@ func ParseCreatePostgresPamAccountResponse(rsp *http.Response) (*CreatePostgresP Credentials struct { Username string `json:"username"` } `json:"credentials"` - Description *string `json:"description"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Description *string `json:"description"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Domain *struct { + DomainType string `json:"domainType"` + Id openapi_types.UUID `json:"id"` + Name string `json:"name"` + } `json:"domain"` + DomainId *openapi_types.UUID `json:"domainId"` EncryptedLastRotationMessage interface{} `json:"encryptedLastRotationMessage"` FolderId *openapi_types.UUID `json:"folderId"` Id openapi_types.UUID `json:"id"` @@ -8831,19 +9913,22 @@ func ParseCreatePostgresPamAccountResponse(rsp *http.Response) (*CreatePostgresP Key string `json:"key"` Value *string `json:"value"` } `json:"metadata,omitempty"` - Name string `json:"name"` - ProjectId string `json:"projectId"` - RequireMfa *bool `json:"requireMfa"` - Resource struct { + Name string `json:"name"` + ParentType CreatePostgresPamAccount200AccountParentType `json:"parentType"` + PolicyId *openapi_types.UUID `json:"policyId"` + PolicyName *string `json:"policyName"` + ProjectId string `json:"projectId"` + RequireMfa *bool `json:"requireMfa"` + RequireReason *bool `json:"requireReason,omitempty"` + Resource *struct { Id openapi_types.UUID `json:"id"` Name string `json:"name"` ResourceType string `json:"resourceType"` RotationCredentialsConfigured bool `json:"rotationCredentialsConfigured"` } `json:"resource"` - ResourceId openapi_types.UUID `json:"resourceId"` - ResourceType CreatePostgresPamAccount200AccountResourceType `json:"resourceType"` - RotationStatus *string `json:"rotationStatus"` - UpdatedAt time.Time `json:"updatedAt"` + ResourceId *openapi_types.UUID `json:"resourceId"` + RotationStatus *string `json:"rotationStatus"` + UpdatedAt time.Time `json:"updatedAt"` } `json:"account"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { @@ -8951,8 +10036,14 @@ func ParseCreateRedisPamAccountResponse(rsp *http.Response) (*CreateRedisPamAcco Credentials struct { Username *string `json:"username,omitempty"` } `json:"credentials"` - Description *string `json:"description"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Description *string `json:"description"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Domain *struct { + DomainType string `json:"domainType"` + Id openapi_types.UUID `json:"id"` + Name string `json:"name"` + } `json:"domain"` + DomainId *openapi_types.UUID `json:"domainId"` EncryptedLastRotationMessage interface{} `json:"encryptedLastRotationMessage"` FolderId *openapi_types.UUID `json:"folderId"` Id openapi_types.UUID `json:"id"` @@ -8964,19 +10055,22 @@ func ParseCreateRedisPamAccountResponse(rsp *http.Response) (*CreateRedisPamAcco Key string `json:"key"` Value *string `json:"value"` } `json:"metadata,omitempty"` - Name string `json:"name"` - ProjectId string `json:"projectId"` - RequireMfa *bool `json:"requireMfa"` - Resource struct { + Name string `json:"name"` + ParentType CreateRedisPamAccount200AccountParentType `json:"parentType"` + PolicyId *openapi_types.UUID `json:"policyId"` + PolicyName *string `json:"policyName"` + ProjectId string `json:"projectId"` + RequireMfa *bool `json:"requireMfa"` + RequireReason *bool `json:"requireReason,omitempty"` + Resource *struct { Id openapi_types.UUID `json:"id"` Name string `json:"name"` ResourceType string `json:"resourceType"` RotationCredentialsConfigured bool `json:"rotationCredentialsConfigured"` } `json:"resource"` - ResourceId openapi_types.UUID `json:"resourceId"` - ResourceType CreateRedisPamAccount200AccountResourceType `json:"resourceType"` - RotationStatus *string `json:"rotationStatus"` - UpdatedAt time.Time `json:"updatedAt"` + ResourceId *openapi_types.UUID `json:"resourceId"` + RotationStatus *string `json:"rotationStatus"` + UpdatedAt time.Time `json:"updatedAt"` } `json:"account"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { @@ -9080,34 +10174,43 @@ func ParseCreateSshPamAccountResponse(rsp *http.Response) (*CreateSshPamAccountR case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: var dest struct { Account struct { - CreatedAt time.Time `json:"createdAt"` - Credentials CreateSshPamAccount_200_Account_Credentials `json:"credentials"` - Description *string `json:"description"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` - EncryptedLastRotationMessage interface{} `json:"encryptedLastRotationMessage"` - FolderId *openapi_types.UUID `json:"folderId"` - Id openapi_types.UUID `json:"id"` - InternalMetadata interface{} `json:"internalMetadata"` - LastRotatedAt *time.Time `json:"lastRotatedAt"` - LastRotationMessage *string `json:"lastRotationMessage"` + CreatedAt time.Time `json:"createdAt"` + Credentials CreateSshPamAccount_200_Account_Credentials `json:"credentials"` + Description *string `json:"description"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Domain *struct { + DomainType string `json:"domainType"` + Id openapi_types.UUID `json:"id"` + Name string `json:"name"` + } `json:"domain"` + DomainId *openapi_types.UUID `json:"domainId"` + EncryptedLastRotationMessage interface{} `json:"encryptedLastRotationMessage"` + FolderId *openapi_types.UUID `json:"folderId"` + Id openapi_types.UUID `json:"id"` + InternalMetadata interface{} `json:"internalMetadata"` + LastRotatedAt *time.Time `json:"lastRotatedAt"` + LastRotationMessage *string `json:"lastRotationMessage"` Metadata *[]struct { Id openapi_types.UUID `json:"id"` Key string `json:"key"` Value *string `json:"value"` } `json:"metadata,omitempty"` - Name string `json:"name"` - ProjectId string `json:"projectId"` - RequireMfa *bool `json:"requireMfa"` - Resource struct { + Name string `json:"name"` + ParentType CreateSshPamAccount200AccountParentType `json:"parentType"` + PolicyId *openapi_types.UUID `json:"policyId"` + PolicyName *string `json:"policyName"` + ProjectId string `json:"projectId"` + RequireMfa *bool `json:"requireMfa"` + RequireReason *bool `json:"requireReason,omitempty"` + Resource *struct { Id openapi_types.UUID `json:"id"` Name string `json:"name"` ResourceType string `json:"resourceType"` RotationCredentialsConfigured bool `json:"rotationCredentialsConfigured"` } `json:"resource"` - ResourceId openapi_types.UUID `json:"resourceId"` - ResourceType CreateSshPamAccount200AccountResourceType `json:"resourceType"` - RotationStatus *string `json:"rotationStatus"` - UpdatedAt time.Time `json:"updatedAt"` + ResourceId *openapi_types.UUID `json:"resourceId"` + RotationStatus *string `json:"rotationStatus"` + UpdatedAt time.Time `json:"updatedAt"` } `json:"account"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { @@ -9194,6 +10297,154 @@ func ParseCreateSshPamAccountResponse(rsp *http.Response) (*CreateSshPamAccountR return response, nil } +// ParseCreateWindowsPamAccountResponse parses an HTTP response from a CreateWindowsPamAccountWithResponse call +func ParseCreateWindowsPamAccountResponse(rsp *http.Response) (*CreateWindowsPamAccountResponse, error) { + bodyBytes, err := io.ReadAll(rsp.Body) + defer func() { _ = rsp.Body.Close() }() + if err != nil { + return nil, err + } + + response := &CreateWindowsPamAccountResponse{ + Body: bodyBytes, + HTTPResponse: rsp, + } + + switch { + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: + var dest struct { + Account struct { + CreatedAt time.Time `json:"createdAt"` + Credentials struct { + Username string `json:"username"` + } `json:"credentials"` + Description *string `json:"description"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + Domain *struct { + DomainType string `json:"domainType"` + Id openapi_types.UUID `json:"id"` + Name string `json:"name"` + } `json:"domain"` + DomainId *openapi_types.UUID `json:"domainId"` + EncryptedLastRotationMessage interface{} `json:"encryptedLastRotationMessage"` + FolderId *openapi_types.UUID `json:"folderId"` + Id openapi_types.UUID `json:"id"` + InternalMetadata struct { + AccountType CreateWindowsPamAccount200AccountInternalMetadataAccountType `json:"accountType"` + Enabled *bool `json:"enabled,omitempty"` + LastLogon *string `json:"lastLogon,omitempty"` + PasswordLastSet *string `json:"passwordLastSet,omitempty"` + Sid *string `json:"sid,omitempty"` + } `json:"internalMetadata"` + LastRotatedAt *time.Time `json:"lastRotatedAt"` + LastRotationMessage *string `json:"lastRotationMessage"` + Metadata *[]struct { + Id openapi_types.UUID `json:"id"` + Key string `json:"key"` + Value *string `json:"value"` + } `json:"metadata,omitempty"` + Name string `json:"name"` + ParentType CreateWindowsPamAccount200AccountParentType `json:"parentType"` + PolicyId *openapi_types.UUID `json:"policyId"` + PolicyName *string `json:"policyName"` + ProjectId string `json:"projectId"` + RequireMfa *bool `json:"requireMfa"` + RequireReason *bool `json:"requireReason,omitempty"` + Resource *struct { + Id openapi_types.UUID `json:"id"` + Name string `json:"name"` + ResourceType string `json:"resourceType"` + RotationCredentialsConfigured bool `json:"rotationCredentialsConfigured"` + } `json:"resource"` + ResourceId *openapi_types.UUID `json:"resourceId"` + RotationStatus *string `json:"rotationStatus"` + UpdatedAt time.Time `json:"updatedAt"` + } `json:"account"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON200 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 400: + var dest struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount400StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON400 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 401: + var dest struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount401StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON401 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 403: + var dest struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount403StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON403 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 404: + var dest struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount404StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON404 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 422: + var dest struct { + Error string `json:"error"` + Message interface{} `json:"message,omitempty"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount422StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON422 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 500: + var dest struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamAccount500StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON500 = &dest + + } + + return response, nil +} + // ParseCreateKubernetesPamResourceResponse parses an HTTP response from a CreateKubernetesPamResourceWithResponse call func ParseCreateKubernetesPamResourceResponse(rsp *http.Response) (*CreateKubernetesPamResourceResponse, error) { bodyBytes, err := io.ReadAll(rsp.Body) @@ -9211,18 +10462,18 @@ func ParseCreateKubernetesPamResourceResponse(rsp *http.Response) (*CreateKubern case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: var dest struct { Resource struct { - AdServerResourceId *openapi_types.UUID `json:"adServerResourceId"` - ConnectionDetails struct { + ConnectionDetails struct { SslCertificate *string `json:"sslCertificate,omitempty"` SslRejectUnauthorized bool `json:"sslRejectUnauthorized"` Url string `json:"url"` } `json:"connectionDetails"` - CreatedAt time.Time `json:"createdAt"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` - EncryptedResourceMetadata interface{} `json:"encryptedResourceMetadata"` - GatewayId *openapi_types.UUID `json:"gatewayId"` - Id openapi_types.UUID `json:"id"` - Metadata *[]struct { + CreatedAt time.Time `json:"createdAt"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + Metadata *[]struct { Id openapi_types.UUID `json:"id"` Key string `json:"key"` Value *string `json:"value"` @@ -9231,7 +10482,12 @@ func ParseCreateKubernetesPamResourceResponse(rsp *http.Response) (*CreateKubern ProjectId string `json:"projectId"` ResourceType CreateKubernetesPamResource200ResourceResourceType `json:"resourceType"` RotationAccountCredentials *CreateKubernetesPamResource_200_Resource_RotationAccountCredentials `json:"rotationAccountCredentials"` - UpdatedAt time.Time `json:"updatedAt"` + SessionSummaryConfig *struct { + AiInsightsEnabled bool `json:"aiInsightsEnabled"` + ConnectionId openapi_types.UUID `json:"connectionId"` + Model CreateKubernetesPamResource200ResourceSessionSummaryConfigModel `json:"model"` + } `json:"sessionSummaryConfig"` + UpdatedAt time.Time `json:"updatedAt"` } `json:"resource"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { @@ -9335,8 +10591,7 @@ func ParseCreatePostgresPamResourceResponse(rsp *http.Response) (*CreatePostgres case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: var dest struct { Resource struct { - AdServerResourceId *openapi_types.UUID `json:"adServerResourceId"` - ConnectionDetails struct { + ConnectionDetails struct { Database string `json:"database"` Host string `json:"host"` Port float32 `json:"port"` @@ -9344,12 +10599,13 @@ func ParseCreatePostgresPamResourceResponse(rsp *http.Response) (*CreatePostgres SslEnabled bool `json:"sslEnabled"` SslRejectUnauthorized bool `json:"sslRejectUnauthorized"` } `json:"connectionDetails"` - CreatedAt time.Time `json:"createdAt"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` - EncryptedResourceMetadata interface{} `json:"encryptedResourceMetadata"` - GatewayId *openapi_types.UUID `json:"gatewayId"` - Id openapi_types.UUID `json:"id"` - Metadata *[]struct { + CreatedAt time.Time `json:"createdAt"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + Metadata *[]struct { Id openapi_types.UUID `json:"id"` Key string `json:"key"` Value *string `json:"value"` @@ -9360,6 +10616,11 @@ func ParseCreatePostgresPamResourceResponse(rsp *http.Response) (*CreatePostgres RotationAccountCredentials *struct { Username string `json:"username"` } `json:"rotationAccountCredentials"` + SessionSummaryConfig *struct { + AiInsightsEnabled bool `json:"aiInsightsEnabled"` + ConnectionId openapi_types.UUID `json:"connectionId"` + Model CreatePostgresPamResource200ResourceSessionSummaryConfigModel `json:"model"` + } `json:"sessionSummaryConfig"` UpdatedAt time.Time `json:"updatedAt"` } `json:"resource"` } @@ -9464,20 +10725,20 @@ func ParseCreateRedisPamResourceResponse(rsp *http.Response) (*CreateRedisPamRes case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: var dest struct { Resource struct { - AdServerResourceId *openapi_types.UUID `json:"adServerResourceId"` - ConnectionDetails struct { + ConnectionDetails struct { Host string `json:"host"` Port float32 `json:"port"` SslCertificate *string `json:"sslCertificate,omitempty"` SslEnabled bool `json:"sslEnabled"` SslRejectUnauthorized bool `json:"sslRejectUnauthorized"` } `json:"connectionDetails"` - CreatedAt time.Time `json:"createdAt"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` - EncryptedResourceMetadata interface{} `json:"encryptedResourceMetadata"` - GatewayId *openapi_types.UUID `json:"gatewayId"` - Id openapi_types.UUID `json:"id"` - Metadata *[]struct { + CreatedAt time.Time `json:"createdAt"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + Metadata *[]struct { Id openapi_types.UUID `json:"id"` Key string `json:"key"` Value *string `json:"value"` @@ -9488,6 +10749,11 @@ func ParseCreateRedisPamResourceResponse(rsp *http.Response) (*CreateRedisPamRes RotationAccountCredentials *struct { Username *string `json:"username,omitempty"` } `json:"rotationAccountCredentials"` + SessionSummaryConfig *struct { + AiInsightsEnabled bool `json:"aiInsightsEnabled"` + ConnectionId openapi_types.UUID `json:"connectionId"` + Model CreateRedisPamResource200ResourceSessionSummaryConfigModel `json:"model"` + } `json:"sessionSummaryConfig"` UpdatedAt time.Time `json:"updatedAt"` } `json:"resource"` } @@ -9592,17 +10858,17 @@ func ParseCreateSshPamResourceResponse(rsp *http.Response) (*CreateSshPamResourc case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: var dest struct { Resource struct { - AdServerResourceId *openapi_types.UUID `json:"adServerResourceId"` - ConnectionDetails struct { + ConnectionDetails struct { Host string `json:"host"` Port float32 `json:"port"` } `json:"connectionDetails"` - CreatedAt time.Time `json:"createdAt"` - DiscoveryFingerprint *string `json:"discoveryFingerprint"` - EncryptedResourceMetadata interface{} `json:"encryptedResourceMetadata"` - GatewayId *openapi_types.UUID `json:"gatewayId"` - Id openapi_types.UUID `json:"id"` - Metadata *[]struct { + CreatedAt time.Time `json:"createdAt"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + Metadata *[]struct { Id openapi_types.UUID `json:"id"` Key string `json:"key"` Value *string `json:"value"` @@ -9611,7 +10877,12 @@ func ParseCreateSshPamResourceResponse(rsp *http.Response) (*CreateSshPamResourc ProjectId string `json:"projectId"` ResourceType CreateSshPamResource200ResourceResourceType `json:"resourceType"` RotationAccountCredentials *CreateSshPamResource_200_Resource_RotationAccountCredentials `json:"rotationAccountCredentials"` - UpdatedAt time.Time `json:"updatedAt"` + SessionSummaryConfig *struct { + AiInsightsEnabled bool `json:"aiInsightsEnabled"` + ConnectionId openapi_types.UUID `json:"connectionId"` + Model CreateSshPamResource200ResourceSessionSummaryConfigModel `json:"model"` + } `json:"sessionSummaryConfig"` + UpdatedAt time.Time `json:"updatedAt"` } `json:"resource"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { @@ -9698,6 +10969,142 @@ func ParseCreateSshPamResourceResponse(rsp *http.Response) (*CreateSshPamResourc return response, nil } +// ParseCreateWindowsPamResourceResponse parses an HTTP response from a CreateWindowsPamResourceWithResponse call +func ParseCreateWindowsPamResourceResponse(rsp *http.Response) (*CreateWindowsPamResourceResponse, error) { + bodyBytes, err := io.ReadAll(rsp.Body) + defer func() { _ = rsp.Body.Close() }() + if err != nil { + return nil, err + } + + response := &CreateWindowsPamResourceResponse{ + Body: bodyBytes, + HTTPResponse: rsp, + } + + switch { + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: + var dest struct { + Resource struct { + ConnectionDetails struct { + Hostname string `json:"hostname"` + Port int `json:"port"` + Protocol CreateWindowsPamResource200ResourceConnectionDetailsProtocol `json:"protocol"` + UseWinrmHttps bool `json:"useWinrmHttps"` + WinrmCaCert *string `json:"winrmCaCert,omitempty"` + WinrmPort int `json:"winrmPort"` + WinrmRejectUnauthorized bool `json:"winrmRejectUnauthorized"` + WinrmTlsServerName *string `json:"winrmTlsServerName,omitempty"` + } `json:"connectionDetails"` + CreatedAt time.Time `json:"createdAt"` + DiscoveryFingerprint *string `json:"discoveryFingerprint"` + DomainId *openapi_types.UUID `json:"domainId"` + GatewayId *openapi_types.UUID `json:"gatewayId"` + GatewayPoolId *openapi_types.UUID `json:"gatewayPoolId"` + Id openapi_types.UUID `json:"id"` + Metadata *[]struct { + Id openapi_types.UUID `json:"id"` + Key string `json:"key"` + Value *string `json:"value"` + } `json:"metadata,omitempty"` + Name string `json:"name"` + ProjectId string `json:"projectId"` + ResourceType CreateWindowsPamResource200ResourceResourceType `json:"resourceType"` + RotationAccountCredentials *struct { + Username string `json:"username"` + } `json:"rotationAccountCredentials"` + SessionSummaryConfig *struct { + AiInsightsEnabled bool `json:"aiInsightsEnabled"` + ConnectionId openapi_types.UUID `json:"connectionId"` + Model CreateWindowsPamResource200ResourceSessionSummaryConfigModel `json:"model"` + } `json:"sessionSummaryConfig"` + UpdatedAt time.Time `json:"updatedAt"` + } `json:"resource"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON200 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 400: + var dest struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource400StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON400 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 401: + var dest struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource401StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON401 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 403: + var dest struct { + Details interface{} `json:"details,omitempty"` + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource403StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON403 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 404: + var dest struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource404StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON404 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 422: + var dest struct { + Error string `json:"error"` + Message interface{} `json:"message,omitempty"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource422StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON422 = &dest + + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 500: + var dest struct { + Error string `json:"error"` + Message string `json:"message"` + ReqId string `json:"reqId"` + StatusCode CreateWindowsPamResource500StatusCode `json:"statusCode"` + } + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON500 = &dest + + } + + return response, nil +} + // ParseCreateProjectResponse parses an HTTP response from a CreateProjectWithResponse call func ParseCreateProjectResponse(rsp *http.Response) (*CreateProjectResponse, error) { bodyBytes, err := io.ReadAll(rsp.Body) @@ -9957,14 +11364,14 @@ func ParseListGatewaysResponse(rsp *http.Response) (*ListGatewaysResponse, error CreatedAt time.Time `json:"createdAt"` Heartbeat *time.Time `json:"heartbeat"` Id openapi_types.UUID `json:"id"` - Identity struct { + Identity *struct { Id string `json:"id"` Name string `json:"name"` } `json:"identity"` - IdentityId openapi_types.UUID `json:"identityId"` - LastHealthCheckStatus *string `json:"lastHealthCheckStatus"` - Name string `json:"name"` - UpdatedAt time.Time `json:"updatedAt"` + IdentityId *openapi_types.UUID `json:"identityId"` + LastHealthCheckStatus *string `json:"lastHealthCheckStatus"` + Name string `json:"name"` + UpdatedAt time.Time `json:"updatedAt"` } if err := json.Unmarshal(bodyBytes, &dest); err != nil { return nil, err diff --git a/e2e/packages/infisical/compose.go b/e2e/packages/infisical/compose.go index 967fbe2b..2fddff44 100644 --- a/e2e/packages/infisical/compose.go +++ b/e2e/packages/infisical/compose.go @@ -283,6 +283,21 @@ func WithRedisService() StackOption { } } +func WithLocalStackService() StackOption { + return func(s *Stack) { + if s.Project.Services == nil { + s.Project.Services = types.Services{} + } + s.Project.Services["localstack"] = types.ServiceConfig{ + Image: "localstack/localstack:4.4", + Ports: []types.ServicePortConfig{{Published: "", Target: 4566}}, + Environment: types.NewMappingWithEquals([]string{ + "SERVICES=s3,sts", + }), + } + } +} + func WithPebbleService() StackOption { return func(s *Stack) { if s.Project.Services == nil { diff --git a/e2e/pam/pam_helpers.go b/e2e/pam/pam_helpers.go index 701872a6..4cbc2e7c 100644 --- a/e2e/pam/pam_helpers.go +++ b/e2e/pam/pam_helpers.go @@ -14,6 +14,7 @@ import ( "github.com/compose-spec/compose-go/v2/types" "github.com/infisical/cli/e2e-tests/packages/client" + infisicalpkg "github.com/infisical/cli/e2e-tests/packages/infisical" helpers "github.com/infisical/cli/e2e-tests/util" openapitypes "github.com/oapi-codegen/runtime/types" "github.com/stretchr/testify/require" @@ -48,16 +49,32 @@ type PAMTestInfra struct { SharedHomeDir string } -func SetupPAMInfra(t *testing.T, ctx context.Context) *PAMTestInfra { - infisical := helpers.NewInfisicalService(). - WithBackendEnvironment(types.NewMappingWithEquals([]string{ - "ALLOW_INTERNAL_IP_CONNECTIONS=true", - "NODE_ENV=test", - })). - Up(t, ctx) +type SetupPAMOption func(svc *helpers.InfisicalService, extraEnv *[]string) - c := infisical.ApiClient() - identity := infisical.CreateMachineIdentity(t, ctx, helpers.WithTokenAuth()) +func WithLocalStack() SetupPAMOption { + return func(svc *helpers.InfisicalService, extraEnv *[]string) { + infisicalpkg.WithLocalStackService()(svc.Stack) + *extraEnv = append(*extraEnv, "AWS_ENDPOINT_URL=http://localstack:4566") + } +} + +func SetupPAMInfra(t *testing.T, ctx context.Context, opts ...SetupPAMOption) *PAMTestInfra { + svc := helpers.NewInfisicalService() + + var extraEnv []string + for _, opt := range opts { + opt(svc, &extraEnv) + } + + env := append([]string{ + "ALLOW_INTERNAL_IP_CONNECTIONS=true", + "NODE_ENV=test", + }, extraEnv...) + + svc.WithBackendEnvironment(types.NewMappingWithEquals(env)).Up(t, ctx) + + c := svc.ApiClient() + identity := svc.CreateMachineIdentity(t, ctx, helpers.WithTokenAuth()) require.NotNil(t, identity) // Start relay. @@ -67,9 +84,9 @@ func SetupPAMInfra(t *testing.T, ctx context.Context) *PAMTestInfra { relayName := helpers.RandomSlug(2) relayCmd := &helpers.Command{ Test: t, - Args: []string{"relay", "start", "--domain", infisical.ApiUrl(t)}, + Args: []string{"relay", "start", "--domain", svc.ApiUrl(t)}, Env: map[string]string{ - "INFISICAL_API_URL": infisical.ApiUrl(t), + "INFISICAL_API_URL": svc.ApiUrl(t), "INFISICAL_RELAY_NAME": relayName, "INFISICAL_RELAY_HOST": relayHost, "INFISICAL_TOKEN": *identity.TokenAuthToken, @@ -95,7 +112,7 @@ func SetupPAMInfra(t *testing.T, ctx context.Context) *PAMTestInfra { fmt.Sprintf("--pam-session-recording-path=%s", sessionRecordingPath), }, Env: map[string]string{ - "INFISICAL_API_URL": infisical.ApiUrl(t), + "INFISICAL_API_URL": svc.ApiUrl(t), "INFISICAL_TOKEN": *identity.TokenAuthToken, }, } @@ -152,14 +169,14 @@ func SetupPAMInfra(t *testing.T, ctx context.Context) *PAMTestInfra { )) return &PAMTestInfra{ - Infisical: infisical, + Infisical: svc, ApiClient: c, Identity: identity, ProjectId: projectId, GatewayId: gatewayId, RelayCmd: relayCmd, GatewayCmd: gatewayCmd, - ProvisionResult: infisical.ProvisionResult(), + ProvisionResult: svc.ProvisionResult(), SharedHomeDir: sharedHomeDir, } } diff --git a/e2e/pam/postgres_test.go b/e2e/pam/postgres_test.go index a245a645..b76acc5e 100644 --- a/e2e/pam/postgres_test.go +++ b/e2e/pam/postgres_test.go @@ -67,7 +67,7 @@ func TestPAM_Postgres_ConnectToDatabase(t *testing.T) { ctx, client.CreatePostgresPamResourceJSONRequestBody{ ProjectId: uuid.MustParse(infra.ProjectId), - GatewayId: infra.GatewayId, + GatewayId: &infra.GatewayId, Name: resourceName, ConnectionDetails: struct { Database string `json:"database"` diff --git a/e2e/pam/rdp_test.go b/e2e/pam/rdp_test.go new file mode 100644 index 00000000..ffe817a7 --- /dev/null +++ b/e2e/pam/rdp_test.go @@ -0,0 +1,405 @@ +package pam + +import ( + "bytes" + "context" + "encoding/json" + "fmt" + "log/slog" + "net/http" + "os" + "os/exec" + "strings" + "sync" + "testing" + "time" + + "github.com/docker/docker/api/types/container" + "github.com/docker/go-connections/nat" + "github.com/google/uuid" + "github.com/infisical/cli/e2e-tests/packages/client" + helpers "github.com/infisical/cli/e2e-tests/util" + "github.com/jackc/pgx/v5" + openapitypes "github.com/oapi-codegen/runtime/types" + "github.com/stretchr/testify/require" + "github.com/testcontainers/testcontainers-go" + "github.com/testcontainers/testcontainers-go/wait" +) + +const ( + rdpUser = "testuser" + rdpPassword = "testpass" +) + +func startRDPContainer(t *testing.T, ctx context.Context) (testcontainers.Container, string, int) { + ctr, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{ + ContainerRequest: testcontainers.ContainerRequest{ + FromDockerfile: testcontainers.FromDockerfile{ + Context: "testdata/rdp-server", + Dockerfile: "Dockerfile", + }, + ExposedPorts: []string{"3389/tcp"}, + HostConfigModifier: func(hc *container.HostConfig) { + hc.ExtraHosts = append(hc.ExtraHosts, "host.docker.internal:host-gateway") + }, + WaitingFor: wait.ForListeningPort("3389/tcp").WithStartupTimeout(60 * time.Second), + }, + Started: true, + }) + require.NoError(t, err) + t.Cleanup(func() { + if err := ctr.Terminate(ctx); err != nil { + t.Logf("Failed to terminate RDP container: %v", err) + } + }) + + host, err := ctr.Host(ctx) + require.NoError(t, err) + port, err := ctr.MappedPort(ctx, "3389") + require.NoError(t, err) + return ctr, host, port.Int() +} + +// Inserts recording config directly into Postgres. The API route validates +// the bucket via S3 HeadBucket using virtual-hosted-style addressing, which +// fails in Docker because "bucket.localstack" doesn't resolve. +func setupRecordingConfig(t *testing.T, ctx context.Context, infra *PAMTestInfra) { + connectionID := createAwsAppConnection(t, ctx, infra) + + dbContainer, err := infra.Infisical.Compose().ServiceContainer(ctx, "db") + require.NoError(t, err) + dbPort, err := dbContainer.MappedPort(ctx, nat.Port("5432")) + require.NoError(t, err) + + conn, err := pgx.Connect(ctx, fmt.Sprintf("postgres://infisical:infisical@localhost:%s/infisical", dbPort.Port())) + require.NoError(t, err) + defer conn.Close(ctx) + + _, err = conn.Exec(ctx, ` + INSERT INTO pam_project_recording_configs (id, "projectId", "storageBackend", "connectionId", bucket, region) + VALUES ($1, $2, 'aws-s3', $3, 'e2e-unused', 'us-east-1') + ON CONFLICT ("projectId") DO NOTHING`, + uuid.New().String(), infra.ProjectId, connectionID, + ) + require.NoError(t, err) + slog.Info("Inserted recording config", "projectId", infra.ProjectId) +} + +func createAwsAppConnection(t *testing.T, ctx context.Context, infra *PAMTestInfra) string { + body, err := json.Marshal(map[string]interface{}{ + "name": "e2e-localstack-aws", + "method": "access-key", + "credentials": map[string]string{ + "accessKeyId": "test", + "secretAccessKey": "test", + }, + }) + require.NoError(t, err) + + resp, err := infra.ApiClient.CreateAwsAppConnectionWithBodyWithResponse(ctx, "application/json", bytes.NewReader(body)) + require.NoError(t, err) + require.Equal(t, http.StatusOK, resp.StatusCode(), "create AWS app connection: %s", string(resp.Body)) + + var result struct { + AppConnection struct { + ID string `json:"id"` + } `json:"appConnection"` + } + require.NoError(t, json.Unmarshal(resp.Body, &result)) + slog.Info("Created AWS app connection", "id", result.AppConnection.ID) + return result.AppConnection.ID +} + +func createRDPPamResource(t *testing.T, ctx context.Context, infra *PAMTestInfra, name, host string, port int) uuid.UUID { + gatewayId := openapitypes.UUID(infra.GatewayId) + resp, err := infra.ApiClient.CreateWindowsPamResourceWithResponse( + ctx, + client.CreateWindowsPamResourceJSONRequestBody{ + ProjectId: openapitypes.UUID(uuid.MustParse(infra.ProjectId)), + GatewayId: &gatewayId, + Name: name, + ConnectionDetails: struct { + Hostname string `json:"hostname"` + Port int `json:"port"` + Protocol client.CreateWindowsPamResourceJSONBodyConnectionDetailsProtocol `json:"protocol"` + UseWinrmHttps bool `json:"useWinrmHttps"` + WinrmCaCert *string `json:"winrmCaCert,omitempty"` + WinrmPort int `json:"winrmPort"` + WinrmRejectUnauthorized bool `json:"winrmRejectUnauthorized"` + WinrmTlsServerName *string `json:"winrmTlsServerName,omitempty"` + }{ + Hostname: host, + Port: port, + Protocol: client.Rdp, + WinrmPort: 5985, + UseWinrmHttps: false, + WinrmRejectUnauthorized: false, + }, + }, + ) + require.NoError(t, err) + require.Equal(t, http.StatusOK, resp.StatusCode(), "create Windows resource: %s", string(resp.Body)) + slog.Info("Created Windows PAM resource", "resourceId", resp.JSON200.Resource.Id, "name", name) + return uuid.UUID(resp.JSON200.Resource.Id) +} + +func createRDPPamAccount(t *testing.T, ctx context.Context, infra *PAMTestInfra, resourceId uuid.UUID, name, username, password string) { + body, err := json.Marshal(map[string]interface{}{ + "resourceId": resourceId.String(), + "name": name, + "credentials": map[string]interface{}{ + "username": username, + "password": password, + }, + "internalMetadata": map[string]interface{}{ + "accountType": "user", + }, + }) + require.NoError(t, err) + + result := helpers.WaitFor(t, helpers.WaitForOptions{ + Timeout: 90 * time.Second, + Interval: 3 * time.Second, + Condition: func() helpers.ConditionResult { + resp, callErr := infra.ApiClient.CreateWindowsPamAccountWithBodyWithResponse( + ctx, "application/json", bytes.NewReader(append([]byte(nil), body...)), + ) + if callErr != nil { + slog.Warn("Windows PAM account creation attempt failed, retrying...", "error", callErr) + return helpers.ConditionWait + } + if resp.StatusCode() != http.StatusOK { + slog.Warn("Windows PAM account creation returned non-200, retrying...", "status", resp.StatusCode(), "body", string(resp.Body)) + return helpers.ConditionWait + } + return helpers.ConditionSuccess + }, + }) + require.Equal(t, helpers.WaitSuccess, result, "Windows PAM account creation should succeed for %s", name) + slog.Info("Created Windows PAM account", "name", name) +} + +func startRDPProxy(t *testing.T, ctx context.Context, infra *PAMTestInfra, resourceName, accountName, duration string, port int) (int, *helpers.Command) { + pamCmd := helpers.Command{ + Test: t, + RunMethod: helpers.RunMethodSubprocess, + DisableTempHomeDir: true, + Args: []string{ + "pam", "rdp", "access", + "--resource", resourceName, + "--account", accountName, + "--project-id", infra.ProjectId, + "--duration", duration, + "--port", fmt.Sprintf("%d", port), + "--no-launch", + }, + Env: map[string]string{ + "HOME": infra.SharedHomeDir, + "INFISICAL_API_URL": infra.Infisical.ApiUrl(t), + }, + } + pamCmd.Start(ctx) + t.Cleanup(pamCmd.Stop) + + result := helpers.WaitFor(t, helpers.WaitForOptions{ + EnsureCmdRunning: &pamCmd, + Condition: func() helpers.ConditionResult { + if strings.Contains(pamCmd.Stderr(), "RDP Proxy Session Started") { + return helpers.ConditionSuccess + } + return helpers.ConditionWait + }, + }) + if result != helpers.WaitSuccess { + pamCmd.DumpOutput() + } + require.Equal(t, helpers.WaitSuccess, result, "RDP proxy should start successfully") + + return port, &pamCmd +} + +func findFreeRDPBinary(t *testing.T) string { + for _, name := range []string{"xfreerdp3", "xfreerdp"} { + if path, err := exec.LookPath(name); err == nil { + return path + } + } + t.Skip("xfreerdp not found; install freerdp2-x11 or freerdp3-x11") + return "" +} + +func buildFreeRDPArgs(t *testing.T, binary string, host string, port int, user, pass string) []string { + rdpArgs := []string{ + binary, + fmt.Sprintf("/v:%s:%d", host, port), + fmt.Sprintf("/u:%s", user), + fmt.Sprintf("/p:%s", pass), + "/cert:ignore", + } + + if os.Getenv("DISPLAY") == "" { + if xvfb, err := exec.LookPath("xvfb-run"); err == nil { + return append([]string{xvfb, "--auto-servernum", "--"}, rdpArgs...) + } + t.Skip("no DISPLAY and xvfb-run not found") + } + return rdpArgs +} + +func tryConnectFreeRDP(ctx context.Context, args []string, holdTime time.Duration) error { + cmd := exec.CommandContext(ctx, args[0], args[1:]...) + var output bytes.Buffer + cmd.Stdout = &output + cmd.Stderr = &output + + if err := cmd.Start(); err != nil { + return fmt.Errorf("failed to start xfreerdp: %w", err) + } + + exited := make(chan error, 1) + go func() { exited <- cmd.Wait() }() + + select { + case err := <-exited: + return fmt.Errorf("xfreerdp exited early (exit %v): %s", err, output.String()) + case <-time.After(holdTime): + cmd.Process.Kill() + <-exited + return nil + case <-ctx.Done(): + cmd.Process.Kill() + <-exited + return ctx.Err() + } +} + +// Retries on transport failures from bridge startup latency. +func connectFreeRDP(t *testing.T, ctx context.Context, binary string, host string, port int, user, pass string, holdTime time.Duration) error { + args := buildFreeRDPArgs(t, binary, host, port, user, pass) + + var lastErr error + for attempt := 0; attempt < 3; attempt++ { + if attempt > 0 { + slog.Info("Retrying xfreerdp after transport failure", "attempt", attempt+1) + time.Sleep(2 * time.Second) + } + lastErr = tryConnectFreeRDP(ctx, args, holdTime) + if lastErr == nil { + return nil + } + if !strings.Contains(lastErr.Error(), "ERRCONNECT_CONNECT_TRANSPORT_FAILED") { + return lastErr + } + } + return lastErr +} + +func expectFreeRDPFailure(t *testing.T, ctx context.Context, binary string, host string, port int, user, pass string, timeout time.Duration) error { + args := buildFreeRDPArgs(t, binary, host, port, user, pass) + + cmdCtx, cancel := context.WithTimeout(ctx, timeout) + defer cancel() + + cmd := exec.CommandContext(cmdCtx, args[0], args[1:]...) + out, err := cmd.CombinedOutput() + if err != nil { + return fmt.Errorf("xfreerdp failed as expected (exit %v): %s", err, string(out)) + } + return nil +} + +func TestPAM_RDP(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) + t.Cleanup(cancel) + + infra := SetupPAMInfra(t, ctx, WithLocalStack()) + LoginUser(t, ctx, infra) + setupRecordingConfig(t, ctx, infra) + + rdpBinary := findFreeRDPBinary(t) + + t.Run("connection", func(t *testing.T) { + _, resourceHost, rdpPort := startRDPContainer(t, ctx) + slog.Info("RDP container started", "host", resourceHost, "port", rdpPort) + + resourceName := "rdp-connection-resource" + resourceId := createRDPPamResource(t, ctx, infra, resourceName, resourceHost, rdpPort) + createRDPPamAccount(t, ctx, infra, resourceId, "rdp-connection-account", rdpUser, rdpPassword) + + proxyPort := helpers.GetFreePort() + startRDPProxy(t, ctx, infra, resourceName, "rdp-connection-account", "5m", proxyPort) + + err := connectFreeRDP(t, ctx, rdpBinary, "127.0.0.1", proxyPort, "testuser", "", 10*time.Second) + require.NoError(t, err, "xfreerdp should connect through proxy") + slog.Info("RDP connection test passed") + }) + + t.Run("bad-credentials", func(t *testing.T) { + _, resourceHost, rdpPort := startRDPContainer(t, ctx) + + resourceName := "rdp-badcreds-resource" + resourceId := createRDPPamResource(t, ctx, infra, resourceName, resourceHost, rdpPort) + createRDPPamAccount(t, ctx, infra, resourceId, "rdp-badcreds-account", rdpUser, "wrong-password") + + proxyPort := helpers.GetFreePort() + startRDPProxy(t, ctx, infra, resourceName, "rdp-badcreds-account", "5m", proxyPort) + + err := expectFreeRDPFailure(t, ctx, rdpBinary, "127.0.0.1", proxyPort, "testuser", "", 60*time.Second) + require.Error(t, err, "xfreerdp should fail with bad credentials") + slog.Info("Bad credentials test passed", "error", err) + }) + + t.Run("unreachable-target", func(t *testing.T) { + ctr, resourceHost, rdpPort := startRDPContainer(t, ctx) + + resourceName := "rdp-unreachable-resource" + resourceId := createRDPPamResource(t, ctx, infra, resourceName, resourceHost, rdpPort) + createRDPPamAccount(t, ctx, infra, resourceId, "rdp-unreachable-account", rdpUser, rdpPassword) + + require.NoError(t, ctr.Terminate(ctx)) + + proxyPort := helpers.GetFreePort() + startRDPProxy(t, ctx, infra, resourceName, "rdp-unreachable-account", "5m", proxyPort) + + err := expectFreeRDPFailure(t, ctx, rdpBinary, "127.0.0.1", proxyPort, "testuser", "", 60*time.Second) + require.Error(t, err, "xfreerdp should fail when target is down") + slog.Info("Unreachable target test passed", "error", err) + }) + + t.Run("concurrent-connections", func(t *testing.T) { + _, resourceHost, rdpPort := startRDPContainer(t, ctx) + + resourceName := "rdp-concurrent-resource" + resourceId := createRDPPamResource(t, ctx, infra, resourceName, resourceHost, rdpPort) + createRDPPamAccount(t, ctx, infra, resourceId, "rdp-concurrent-account", rdpUser, rdpPassword) + + const numClients = 3 + var wg sync.WaitGroup + errs := make([]error, numClients) + + type proxyInfo struct { + port int + args []string + } + proxies := make([]proxyInfo, numClients) + for i := 0; i < numClients; i++ { + port := helpers.GetFreePort() + startRDPProxy(t, ctx, infra, resourceName, "rdp-concurrent-account", "5m", port) + proxies[i] = proxyInfo{port: port, args: buildFreeRDPArgs(t, rdpBinary, "127.0.0.1", port, "testuser", "")} + } + + for i, p := range proxies { + wg.Add(1) + go func(idx int, args []string) { + defer wg.Done() + errs[idx] = tryConnectFreeRDP(ctx, args, 10*time.Second) + }(i, p.args) + } + + wg.Wait() + for i, err := range errs { + require.NoError(t, err, "concurrent RDP client %d should connect", i) + } + slog.Info("All concurrent RDP connections succeeded", "numClients", numClients) + }) +} diff --git a/e2e/pam/redis_test.go b/e2e/pam/redis_test.go index 2f05c632..7225d5ef 100644 --- a/e2e/pam/redis_test.go +++ b/e2e/pam/redis_test.go @@ -45,7 +45,7 @@ func createRedisPamResource(t *testing.T, ctx context.Context, infra *PAMTestInf ctx, client.CreateRedisPamResourceJSONRequestBody{ ProjectId: uuid.MustParse(infra.ProjectId), - GatewayId: infra.GatewayId, + GatewayId: &infra.GatewayId, Name: name, ConnectionDetails: struct { Host string `json:"host"` diff --git a/e2e/pam/ssh_test.go b/e2e/pam/ssh_test.go index df329af5..33e4dd98 100644 --- a/e2e/pam/ssh_test.go +++ b/e2e/pam/ssh_test.go @@ -70,7 +70,7 @@ func createSSHPamResource(t *testing.T, ctx context.Context, infra *PAMTestInfra ctx, client.CreateSshPamResourceJSONRequestBody{ ProjectId: uuid.MustParse(infra.ProjectId), - GatewayId: infra.GatewayId, + GatewayId: &infra.GatewayId, Name: name, ConnectionDetails: struct { Host string `json:"host"` diff --git a/e2e/pam/testdata/rdp-server/Dockerfile b/e2e/pam/testdata/rdp-server/Dockerfile new file mode 100644 index 00000000..e07c9fcb --- /dev/null +++ b/e2e/pam/testdata/rdp-server/Dockerfile @@ -0,0 +1,16 @@ +FROM ubuntu:22.04 + +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + xrdp xorgxrdp openbox dbus-x11 xterm && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* + +COPY entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh + +EXPOSE 3389 + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/e2e/pam/testdata/rdp-server/entrypoint.sh b/e2e/pam/testdata/rdp-server/entrypoint.sh new file mode 100644 index 00000000..8cd4917b --- /dev/null +++ b/e2e/pam/testdata/rdp-server/entrypoint.sh @@ -0,0 +1,20 @@ +#!/bin/bash +set -e + +useradd -m -s /bin/bash testuser +echo "testuser:testpass" | chpasswd + +mkdir -p /home/testuser +echo "openbox-session" > /home/testuser/.xsession +chown testuser:testuser /home/testuser/.xsession + +if [ ! -f /etc/xrdp/rsakeys.ini ]; then + xrdp-keygen xrdp auto +fi + +mkdir -p /run/dbus +dbus-daemon --system --fork + +xrdp-sesman --nodaemon & + +exec xrdp --nodaemon diff --git a/e2e/relay/gateway_test.go b/e2e/relay/gateway_test.go index d3071e73..4b9ce6e4 100644 --- a/e2e/relay/gateway_test.go +++ b/e2e/relay/gateway_test.go @@ -263,7 +263,7 @@ func TestGateway_RelayGatewayConnectivity(t *testing.T) { ctx, client.CreateKubernetesPamResourceJSONRequestBody{ ProjectId: uuid.MustParse(projectId), - GatewayId: gatewayId, + GatewayId: &gatewayId, Name: "k8s-resource", ConnectionDetails: struct { SslCertificate *string `json:"sslCertificate,omitempty"` @@ -321,7 +321,7 @@ func TestGateway_RelayGatewayConnectivity(t *testing.T) { ctx, client.CreateRedisPamResourceJSONRequestBody{ ProjectId: uuid.MustParse(projectId), - GatewayId: gatewayId, + GatewayId: &gatewayId, Name: "redis-resource", ConnectionDetails: struct { Host string `json:"host"`