-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
114 lines (91 loc) · 2.62 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
package main
import (
"bytes"
"encoding/json"
"fmt"
"io"
"net/http"
"os"
"github.com/ManEelyMan/OktaEnumerator/okta"
)
const Domain = "nydig.okta.com"
func main() {
var oktaDomain string
var oktaToken string
if !getAndValidateArgs(&oktaDomain, &oktaToken) {
usage()
return
}
// Get our groups
oktaGroups, err := getGroups(oktaDomain, oktaToken)
fmt.Printf("%v, %v\n", oktaGroups, err)
// TODO: fill in the groups' users (and apps?)
}
func getAndValidateArgs(oktaDomain *string, oktaToken *string) bool {
numArgs := len(os.Args)
if numArgs == 2 {
*oktaDomain = os.Args[0]
*oktaToken = os.Args[1]
} else if numArgs == 0 {
fmt.Println("No arguments given, looking for parameters from the environment...")
*oktaDomain = getEnv("OKTA_DOMAIN", "") // Only use the fallback for dev. DO NOT CHECK IN SENSITIVE DATA!
if len(*oktaDomain) == 0 {
fmt.Println("No value given for OKTA_DOMAIN environment variable.")
return false
}
*oktaToken = getEnv("OKTA_TOKEN", "") // Only use the fallback for dev. DO NOT CHECK IN SENSITIVE DATA!
if len(*oktaToken) == 0 {
fmt.Println("No value given for OKTA_TOKEN environment variable.")
return false
}
} else {
fmt.Println("Incorrect number of arguments received.")
return false
}
return true
}
func getEnv(key, fallback string) string {
if val, ok := os.LookupEnv(key); ok {
fmt.Printf("Found environment variable '%v'\n", key)
return val
} else {
fmt.Printf("Environment Variable '%v' not found. Using fallback value of '%v'.\n", key, fallback)
return fallback
}
}
func usage() {
// TODO:
}
func getGroups(oktaDomain string, oktaToken string) (*okta.OktaGroups, error) {
headers := make(map[string]string)
headers["Accept"] = "application/json"
headers["Authorization"] = fmt.Sprintf("SSWS %v", oktaToken)
url := fmt.Sprintf("https://%v/api/v1/groups?limit=200", oktaDomain) // Docs said group limit was 200. That... should be enough. Otherwise we'll have to do some lame paging stuff. :( )
result, err := httpRequest("GET", url, headers, make([]byte, 0))
if err != nil {
return nil, err
}
var groups okta.OktaGroups
err = json.Unmarshal([]byte(result), &groups)
if err != nil {
return nil, err
}
return &groups, nil
}
func httpRequest(method string, url string, headers map[string]string, data []byte) (string, error) {
client := http.DefaultClient
rq, err := http.NewRequest(method, url, bytes.NewBuffer(data))
if err != nil {
return "", err
}
// Add any headers
for k, v := range headers {
rq.Header.Add(k, v)
}
rsp, err := client.Do(rq)
if err != nil {
return "", err
}
b, _ := io.ReadAll(rsp.Body)
return string(b), nil
}