github.com/vmware/go-vcloud-director/v2@v2.24.0/samples/saml_auth_adfs/main.go

github.com/vmware/go-vcloud-director/v2@v2.24.0/samples/saml_auth_adfs/main.go (about)

     1  /*
     2   * Copyright 2020 VMware, Inc.  All rights reserved.  Licensed under the Apache v2 License.
     3   */
     4  package main
     5  
     6  import (
     7  	"flag"
     8  	"fmt"
     9  	"net/url"
    10  	"os"
    11  
    12  	"github.com/vmware/go-vcloud-director/v2/govcd"
    13  )
    14  
    15  var (
    16  	username        string
    17  	password        string
    18  	org             string
    19  	apiEndpoint     string
    20  	customAdfsRptId string
    21  )
    22  
    23  func init() {
    24  	flag.StringVar(&username, "username", "", "Username")
    25  	flag.StringVar(&password, "password", "", "Password")
    26  	flag.StringVar(&org, "org", "System", "Org name. Default is 'System'")
    27  	flag.StringVar(&apiEndpoint, "endpoint", "", "API endpoint (e.g. 'https://hostname/api')")
    28  	flag.StringVar(&customAdfsRptId, "rpt", "", "Custom Relaying party trust ID. Default is vCD SAML Entity ID")
    29  }
    30  
    31  // Usage:
    32  // # go build -o auth
    33  // # ./auth --username test@test-forest.net --password asdasd --org my-org --endpoint https://192.168.1.160/api
    34  func main() {
    35  	flag.Parse()
    36  
    37  	if username == "" || password == "" || org == "" || apiEndpoint == "" {
    38  		fmt.Printf("At least 'username', 'password', 'org' and 'endpoint' must be specified\n")
    39  		os.Exit(1)
    40  	}
    41  
    42  	vcdURL, err := url.Parse(apiEndpoint)
    43  	if err != nil {
    44  		fmt.Printf("Error parsing supplied endpoint %s: %s", apiEndpoint, err)
    45  		os.Exit(2)
    46  	}
    47  
    48  	// Create VCD client allowing insecure TLS connection and using SAML auth.
    49  	// WithSamlAdfs() allows SAML authentication when vCD uses Microsoft Active Directory
    50  	// Federation Services (ADFS) as SAML IdP. The code below allows to authenticate ADFS using
    51  	// WS-TRUST endpoint "/adfs/services/trust/13/usernamemixed"
    52  	// Input parameters:
    53  	// user - username for authentication against ADFS server (e.g. 'test@test-forest.net' or 'test-forest.net\test')
    54  	// password - password for authentication against ADFS server
    55  	// org  - Org to authenticate to. Can be 'System'.
    56  	// customAdfsRptId - override relaying party trust ID. If it is empty - vCD Entity ID will be used
    57  	// as Relaying Party Trust ID.
    58  	vcdCli := govcd.NewVCDClient(*vcdURL, true, govcd.WithSamlAdfs(true, customAdfsRptId))
    59  	err = vcdCli.Authenticate(username, password, org)
    60  	if err != nil {
    61  
    62  		fmt.Println(err)
    63  		os.Exit(3)
    64  	}
    65  
    66  	// To prove authentication worked - just fetch all edge gateways and dump them on the screen
    67  	edgeGatewayResults, err := vcdCli.Query(map[string]string{"type": "edgeGateway"})
    68  	if err != nil {
    69  		fmt.Printf("Error retrieving Edge Gateways: %s\n", err)
    70  		os.Exit(4)
    71  	}
    72  
    73  	fmt.Printf("Found %d Edge Gateways\n", len(edgeGatewayResults.Results.EdgeGatewayRecord))
    74  	for _, v := range edgeGatewayResults.Results.EdgeGatewayRecord {
    75  		fmt.Println(v.Name)
    76  	}
    77  }