Add AuthN user password expiration (PAN-15056)

pangeacyber · Jun 27, 2024 · 51bcf65 · 51bcf65
1 parent e70116a
commit 51bcf65
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Doc example for unredact.
 - Vault `/export` support
 - `exportable` field support in Vault `/key/store` and `/key/generate`
+- AuthN user password expiration support.
 
 ## [3.9.0] - 2024-06-07
 

diff --git a/pangea-sdk/v3/service/authn/api.go b/pangea-sdk/v3/service/authn/api.go
@@ -124,6 +124,27 @@ func (a *ClientPassword) Change(ctx context.Context, input ClientPasswordChangeR
 	return request.DoPost(ctx, a.Client, "v2/client/password/change", &input, &ClientPasswordChangeResult{})
 }
 
+type ExpirePasswordRequest struct {
+	// Base request has ConfigID for multi-config projects
+	pangea.BaseRequest
+
+	ID string `json:"id"` // The identity of a user or a service.
+}
+
+// @summary Expire a user's password
+//
+// @description Expire a user's password.
+//
+// @operationId authn_post_v2_user_password_expire
+//
+// @example
+//
+//	resp, err := authncli.Client.Password.Expire(ctx, "pui_[...]")
+func (a *ClientPassword) Expire(ctx context.Context, id string) (*pangea.PangeaResponse[struct{}], error) {
+	var result struct{}
+	return request.DoPost(ctx, a.Client, "v2/user/password/expire", &ExpirePasswordRequest{ID: id}, &result)
+}
+
 type IDProvider string
 
 const (

diff --git a/pangea-sdk/v3/service/authn/integration_test.go b/pangea-sdk/v3/service/authn/integration_test.go
@@ -445,6 +445,11 @@ func Test_Integration_Session(t *testing.T) {
 		assert.NoError(t, err)
 		assert.NotNil(t, resp3)
 	}
+
+	expireResp, err := client.Client.Password.Expire(ctx, USER_ID)
+	assert.NoError(t, err)
+	assert.NotNil(t, expireResp)
+	assert.Equal(t, "Success", pangea.StringValue(expireResp.Status))
 }
 
 func Test_Integration_User_Invite(t *testing.T) {