diff --git a/identityClient/api.go b/identityClient/api.go index 687807e..cfc9077 100644 --- a/identityClient/api.go +++ b/identityClient/api.go @@ -94,7 +94,7 @@ type PrivateRealmInfo struct { TozIDFederationEnabled bool `json:"tozid_federation_enabled"` MPCEnabled bool `json:"mpc_enabled"` DisableAccountTabForIdentities bool `json:"disable_account_tab_for_identities"` - AllowCrossRealmCommunication bool `json:"allow_cross_realm_communication,omitempty"` + BlockCrossRealmCommunication bool `json:"block_cross_realm_communication,omitempty"` } // PublicRealm represents the public information about a realm resource @@ -1001,7 +1001,7 @@ type RealmSettingsUpdateRequest struct { MPCEnabled *bool `json:"mpc_enabled,omitempty"` ForgotPasswordCustomLink *string `json:"forgot_password_custom_link,omitempty"` ForgotPasswordCustomText *string `json:"forgot_password_custom_text,omitempty"` - AllowCrossRealmCommunication *bool `json:"allow_cross_realm_communication,omitempty"` + BlockCrossRealmCommunication *bool `json:"block_cross_realm_communication,omitempty"` } // CreateAccessRequestRequest wraps parameters for creating a new open Access Request @@ -1580,3 +1580,30 @@ type InternalFetchClientsRealmsRequest struct { type InternalFetchClientsRealmsResponse struct { Results map[uuid.UUID]string `json:"results"` // map of client id to realm name } + +// AllowedSharesRequest wraps a request to get a list of users that a user is allowed to share with +type AllowedSharesRequest struct { + Sharer string `json:"sharer"` + Recipients []string `json:"recipients"` +} + +// AllowedSharesResponse returns a list of users that a user is allowed to share with +type AllowedSharesResponse struct { + ValidRecipients []string `json:"valid_recipients"` + InvalidRecipients []string `json:"invalid_recipients"` +} + +type AddTrustedRealmRequest struct { + RequestedRealm string `json:"requested_realm"` +} + +type AddTrustedRealmResponse struct { + RequestingRealmStatus string `json:"requesting_realm_status"` + RequestedRealmStatus string `json:"requested_realm_status"` +} + +type GetTrustedRealmsResponse struct { + MutuallyTrusted []string `json:"mutually_trusted"` + OutgoingRequests []string `json:"outgoing_requests"` + IncomingRequests []string `json:"incoming_requests"` +} diff --git a/identityClient/identityClient.go b/identityClient/identityClient.go index 56a07ce..c9bc64f 100644 --- a/identityClient/identityClient.go +++ b/identityClient/identityClient.go @@ -1729,3 +1729,37 @@ func (c *E3dbIdentityClient) InitiateIdentityProviderLogin(ctx context.Context, err = e3dbClients.MakeRawServiceCall(c.requester, req, &resp) return resp, err } + +// GetAllowedReads gets a list of all users that a specific user is allowed to share with, based on realm sharing settings +func (c *E3dbIdentityClient) GetAllowedReads(ctx context.Context, params AllowedSharesRequest) (*AllowedSharesResponse, error) { + var resp *AllowedSharesResponse + path := c.Host + internalIdentityServiceBasePath + "/" + realmResourceName + "/allowed_shares" + req, err := e3dbClients.CreateRequest("POST", path, params) + if err != nil { + return nil, err + } + err = e3dbClients.MakeSignedServiceCall(ctx, c.requester, req, c.SigningKeys, c.ClientID, &resp) + return resp, err +} + +func (c *E3dbIdentityClient) AddTrustedRealm(ctx context.Context, requestingRealm string, params AddTrustedRealmRequest) (*AddTrustedRealmResponse, error) { + var resp *AddTrustedRealmResponse + path := c.Host + identityServiceBasePath + "/admin/realm/" + requestingRealm + "/trusted" + req, err := e3dbClients.CreateRequest("POST", path, params) + if err != nil { + return nil, err + } + err = e3dbClients.MakeSignedServiceCall(ctx, c.requester, req, c.SigningKeys, c.ClientID, &resp) + return resp, err +} + +func (c *E3dbIdentityClient) GetTrustedRealms(ctx context.Context, requestingRealm string) (*GetTrustedRealmsResponse, error) { + var resp *GetTrustedRealmsResponse + path := c.Host + identityServiceBasePath + "/admin/realm/" + requestingRealm + "/trusted" + req, err := e3dbClients.CreateRequest("GET", path, nil) + if err != nil { + return nil, err + } + err = e3dbClients.MakeSignedServiceCall(ctx, c.requester, req, c.SigningKeys, c.ClientID, &resp) + return resp, err +}