import "github.com/gemini-oss/rego/pkg/okta"

const (
    OktaApps       = "%s/apps"         // https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Application/
    OktaGroups     = "%s/groups"       // https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Group/
    OktaGroupRules = "%s/groups/rules" // https://developer.okta.com/docs/api/openapi/okta-management/management/tag/GroupRule/
    OktaDevices    = "%s/devices"      // https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Device/
    OktaUsers      = "%s/users"        // https://developer.okta.com/docs/api/openapi/okta-management/management/tag/User/
    OktaIAM        = "%s/iam"          // https://developer.okta.com/docs/api/openapi/okta-management/management/tag/RoleAssignment/
    OktaRoles      = "%s/iam/roles"    // https://developer.okta.com/docs/api/openapi/okta-management/management/tag/Role/
)

var (
    BaseURL = fmt.Sprintf("https://%s.%s.com/api/v1", "%s", "%s") // https://developer.okta.com/docs/api/#versioning
)

type Accessibility struct {
    ErrorRedirectURL  string `json:"errorRedirectUrl,omitempty"`  // The error redirect URL of the application.
    LoginRedirectURL  string `json:"loginRedirectUrl,omitempty"`  // The login redirect URL of the application.
    SelfService       bool   `json:"selfService,omitempty"`       // Indicates whether the application is self-service.
    LoginRedirectURL2 string `json:"loginRedirectUrl2,omitempty"` // The second login redirect URL of the application.
}

type AppLink struct {
    AppAssignmentID  string `json:"appAssignmentId,omitempty"`  // The ID of the app assignment.
    AppInstanceID    string `json:"appInstanceId,omitempty"`    // The ID of the app instance.
    AppName          string `json:"appName,omitempty"`          // The name of the app.
    CredentialsSetup bool   `json:"credentialsSetup,omitempty"` // Indicates whether credentials are set up.
    Hidden           bool   `json:"hidden,omitempty"`           // Indicates whether the app link is hidden.
    ID               string `json:"id,omitempty"`               // The ID of the app link.
    Label            string `json:"label,omitempty"`            // The label of the app link.
    LinkURL          string `json:"linkUrl,omitempty"`          // The URL of the app link.
    LogoURL          string `json:"logoUrl,omitempty"`          // The URL of the logo for the app link.
    SortOrder        int    `json:"sortOrder,omitempty"`        // The sort order of the app link.
}

type AppLinks []*AppLink

type AppQuery struct {
    Q                 string // Searches the records for matching value
    After             string // The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header.
    Limit             string // Default: -1. Specifies the number of results for a page
    Filter            string // Filters apps by `status`, `user.id`, `group.id` or `credentials.signing.kid`` expression
    Expand            string // Traverses users link relationship and optionally embeds Application User resource
    IncludeNonDeleted bool   // Default: false.
}

type Application struct {
    Accessibility Accessibility       `json:"accessibility,omitempty"` // The accessibility of the application.
    Created       time.Time           `json:"created,omitempty"`       // The timestamp when the application was created.
    Features      []string            `json:"features,omitempty"`      // The features of the application.
    ID            string              `json:"id,omitempty"`            // The ID of the application.
    Label         string              `json:"label,omitempty"`         // The label of the application.
    LastUpdated   time.Time           `json:"lastUpdated,omitempty"`   // The timestamp when the application was last updated.
    Licensing     Licensing           `json:"licensing,omitempty"`     // The licensing of the application.
    Profile       ApplicationProfile  `json:"profile,omitempty"`       // The profile of the application.
    SignOnMode    string              `json:"signOnMode,omitempty"`    // The sign-on mode of the application.
    Status        string              `json:"status,omitempty"`        // The status of the application.
    Visibility    Visibility          `json:"visibility,omitempty"`    // The visibility of the application.
    Embedded      ApplicationEmbedded `json:"_embedded,omitempty"`     // The users assigned to the application.
    Links         Links               `json:"_links,omitempty"`        // Links related to the application.
}

type ApplicationEmbedded struct {
    Users *Users `json:"users,omitempty"`
}

type ApplicationProfile struct {
    Property1 map[string]interface{} `json:"property1,omitempty"`
    Property2 map[string]interface{} `json:"property2,omitempty"`
}

type Applications []*Application

type Client struct {
    BaseURL string           // BaseURL is the base URL for Okta API requests.
    HTTP    *requests.Client // HTTPClient is the client used to make HTTP requests.
    Error   *Error           // Error is the error response from the last request made by the client.
    Log     *log.Logger      // Log is the logger used to log messages.
    Cache   *cache.Cache     // Cache is the cache used to store responses from the Okta API.
}

func NewClient(verbosity int) *Client

func (c *Client) BuildURL(endpoint string, identifiers ...string) string

func (c *Client) ConvertApplicationAssignment(appID string, userID string) (*User, error)

func (c *Client) GenerateRoleReport() (*RoleReports, error)

func (c *Client) GetApplicationUser(appID string, userID string) (*User, error)

func (c *Client) GetCache(key string, target interface{}) bool

func (c *Client) GetGroup(groupID string) (*Group, error)

func (c *Client) GetRole(roleID string) (*Role, error)

func (c *Client) GetUser(userID string) (*User, error)

func (c *Client) GetUserAppLinks(userID string) (*AppLinks, error)

func (c *Client) GetUserGroups(userID string) (*Groups, error)

func (c *Client) GetUserRoles(userID string) (*Roles, error)

func (c *Client) ListActiveUsers() (*Users, error)

func (c *Client) ListAllApplicationUsers(appID string) (*Users, error)

func (c *Client) ListAllApplications() (*Applications, error)

func (c *Client) ListAllDevices() (*Devices, error)

func (c *Client) ListAllGroupRules() (*GroupRules, error)

func (c *Client) ListAllGroups() (*Groups, error)

func (c *Client) ListAllRoles() (*RolesList, error)

func (c *Client) ListAllUsers() (*Users, error)

func (c *Client) ListAllUsersWithRoleAssignments() (*Users, error)

func (c *Client) ListDevices(q DeviceQuery) (*Devices, error)

func (c *Client) ListManagedDevices() (*Devices, error)

func (c *Client) ListUsersForDevice(deviceID string) (*DeviceUsers, error)

func (c *Client) SetCache(key string, value interface{}, duration time.Duration)

func (c *Client) UpdateUser(userID string, u *User) (*User, error)

func (c *Client) UseCache() *Client

type Conditions struct {
    Expression GroupExpression `json:"expression,omitempty"` // Expression for the condition.
    People     PeopleCondition `json:"people,omitempty"`     // People involved in the condition.
}

type Device struct {
    Created             string          `json:"created,omitempty"`             // The timestamp when the device was created.
    ID                  string          `json:"id,omitempty"`                  // The unique key for the device.
    LastUpdated         string          `json:"lastUpdated,omitempty"`         // The timestamp when the device was last updated.
    Links               *Link           `json:"_links,omitempty"`              // A set of key/value pairs that provide additional information about the device.
    Profile             *DeviceProfile  `json:"profile,omitempty"`             // The device profile.
    ResourceAlternate   interface{}     `json:"resourceAlternateId,omitempty"` // The alternate ID of the device.
    ResourceDisplayName *DisplayName    `json:"resourceDisplayName,omitempty"` // The display name of the device.
    ResourceID          string          `json:"resourceId,omitempty"`          // The ID of the device.
    ResourceType        string          `json:"resourceType,omitempty"`        // The type of the device.
    Status              string          `json:"status,omitempty"`              // The status of the device.
    Embedded            *DeviceEmbedded `json:"_embedded,omitempty"`           // The users assigned to the device.
}

type DeviceEmbedded struct {
    DeviceUsers *DeviceUsers `json:"users,omitempty"`
}

type DeviceProfile struct {
    DisplayName           string `json:"displayName,omitempty"`           // The display name of the device.
    Manufacturer          string `json:"manufacturer,omitempty"`          // The manufacturer of the device.
    Model                 string `json:"model,omitempty"`                 // The model of the device.
    OSVersion             string `json:"osVersion,omitempty"`             // The OS version of the device.
    Platform              string `json:"platform,omitempty"`              // The platform of the device.
    Registered            bool   `json:"registered,omitempty"`            // Indicates whether the device is registered with Okta.
    SecureHardwarePresent bool   `json:"secureHardwarePresent,omitempty"` // Indicates whether the device has secure hardware.
    SerialNumber          string `json:"serialNumber,omitempty"`          // The serial number of the device.
    SID                   string `json:"sid,omitempty"`                   // The SID of the device.
    UDID                  string `json:"udid,omitempty"`                  // The UDID of the device.
}

type DeviceQuery struct {
    After  string `url:"after,omitempty"`  // The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header.
    Limit  string `url:"limit,omitempty"`  // Default: 200. A limit on the number of objects to return
    Search string `url:"search,omitempty"` // A SCIM filter expression that filters the results. Searches include all Device profile properties and the Device `id``, `status``, and `lastUpdated`` properties.
    Expand string `url:"expand,omitempty"` // Lists associated users for the device in `_embedded` element
}

type DeviceUser struct {
    Created          time.Time `json:"created,omitempty"`          // The timestamp when the device user was created.
    ManagementStatus string    `json:"managementStatus,omitempty"` // The management status of the device user.
    User             *User     `json:"user,omitempty"`             // The user assigned to the device.
}

type DeviceUsers []*DeviceUser

type Devices []*Device

type DisplayName struct {
    Value     string `json:"value"`     // The display name of the device.
    Sensitive bool   `json:"sensitive"` // Indicates whether the display name is sensitive.
}

type Error struct {
    ErrorCauses  []ErrorCause `json:"errorCauses,omitempty"`
    ErrorCode    string       `json:"errorCode,omitempty"`
    ErrorId      string       `json:"errorId,omitempty"`
    ErrorLink    string       `json:"errorLink,omitempty"`
    ErrorSummary string       `json:"errorSummary,omitempty"`
}

type ErrorCause struct {
    ErrorSummary string `json:"errorSummary,omitempty"`
}

type Group struct {
    Created               time.Time     `json:"created,omitempty"`               // The creation time of the user group.
    ID                    string        `json:"id,omitempty"`                    // The ID of the user group.
    LastMembershipUpdated time.Time     `json:"lastMembershipUpdated,omitempty"` // The last time the membership of the user group was updated.
    LastUpdated           time.Time     `json:"lastUpdated,omitempty"`           // The last time the user group was updated.
    ObjectClass           []string      `json:"objectClass,omitempty"`           // Array of object classes.
    Profile               GroupProfile  `json:"profile,omitempty"`               // The profile of the user group.
    Type                  string        `json:"type,omitempty"`                  // The type of the user group.
    Embedded              GroupEmbedded `json:"_embedded,omitempty"`             // Embedded properties, to be revisited.
    Links                 Links         `json:"_links,omitempty"`                // Links related to the user group.
}

type GroupActions struct {
    AssignUserToGroups GroupRuleGroupAssignment `json:"assignUserToGroups,omitempty"` // Group assignments for the action.
}

type GroupCondition struct {
    Exclude []string `json:"exclude,omitempty"` // Excluded from the condition.
    Include []string `json:"include,omitempty"` // Included in the condition.
}

type GroupEmbedded interface{}

type GroupExpression struct {
    Type  string `json:"type,omitempty"`  // Type of the expression.
    Value string `json:"value,omitempty"` // Value of the expression.
}

type GroupParameters struct {
    Q         string `json:"q,omitempty"`         // Searches the name property of groups for matching value.
    After     string `json:"after,omitempty"`     // Specifies the pagination cursor for the next page of groups.
    Expand    string `json:"expand,omitempty"`    // If specified, it causes additional metadata to be included in the response.
    Filter    string `json:"filter,omitempty"`    // Filter expression for groups.
    Limit     int32  `json:"limit,omitempty"`     // Default: (10000 for `Groups`) and (50 for Group Rules) . Specifies the number of group results in a page.
    Search    string `json:"search,omitempty"`    // Searches for groups with a supported filtering expression for all attributes except for _embedded, _links, and objectClass.
    SortBy    string `json:"sortBy,omitempty"`    // Specifies field to sort by and can be any single property (for search queries only).
    SortOrder string `json:"sortOrder,omitempty"` // Specifies sort order asc or desc (for search queries only). This parameter is ignored if sortBy is not present. Groups with the same value for the sortBy parameter are ordered by id.
}

type GroupProfile struct {
    Description string `json:"description,omitempty"` // The description of the user group.
    Name        string `json:"name,omitempty"`        // The name of the user group.
}

type GroupRule struct {
    Actions     GroupActions `json:"actions,omitempty"`     // Defines the actions to be taken when the rule is triggered.
    Conditions  Conditions   `json:"conditions,omitempty"`  // Defines the conditions that would trigger the rule.
    Created     string       `json:"created,omitempty"`     // Date and time when the rule was created.
    ID          string       `json:"id,omitempty"`          // ID of the rule.
    LastUpdated string       `json:"lastUpdated,omitempty"` // Date and time when the rule was last updated.
    Name        string       `json:"name,omitempty"`        // Name of the rule.
    Status      string       `json:"status,omitempty"`      // Status of the rule.
    Type        string       `json:"type,omitempty"`        // Type of the rule.
}

type GroupRuleGroupAssignment struct {
    GroupIDs []string `json:"groupIds,omitempty"` // IDs of the groups involved in the assignment.
}

type GroupRules []*GroupRule

type Groups []*Group

type Hints struct {
    Allow []string `json:"allow,omitempty"` // Allow is a list of allowed methods.
}

type Licensing struct {
    SeatCount int `json:"seatCount,omitempty"` // The seat count of the application.
}

type Link struct {
    Hints  Hints  `json:"hints,omitempty"`  // Hints is a list of hints for the link.
    Href   string `json:"href,omitempty"`   // Href is the URL for the link.
    Method string `json:"method,omitempty"` // Method is the HTTP method for the link.
    Type   string `json:"type,omitempty"`   // Type is the type of link.
}

type Links struct {
    AccessPolicy           Link   `json:"accessPolicy,omitempty"`           // AccessPolicy is a link to the access policy.
    Activate               Link   `json:"activate,omitempty"`               // Activate is a link to activate the user.
    ChangePassword         Link   `json:"changePassword,omitempty"`         // ChangePassword is a link to change the user's password.
    ChangeRecoveryQuestion Link   `json:"changeRecoveryQuestion,omitempty"` // ChangeRecoveryQuestion is a link to change the user's recovery question.
    Deactivate             Link   `json:"deactivate,omitempty"`             // Deactivate is a link to deactivate the user.
    ExpirePassword         Link   `json:"expirePassword,omitempty"`         // ExpirePassword is a link to expire the user's password.
    ForgotPassword         Link   `json:"forgotPassword,omitempty"`         // ForgotPassword is a link to reset the user's password.
    Groups                 Link   `json:"groups,omitempty"`                 // Groups is a link to the user's groups.
    Logo                   []Link `json:"logo,omitempty"`                   // Logo is a list of links to the logo.
    Metadata               Link   `json:"metadata,omitempty"`               // Metadata is a link to the user's metadata.
    ResetFactors           Link   `json:"resetFactors,omitempty"`           // ResetFactors is a link to reset the user's factors.
    ResetPassword          Link   `json:"resetPassword,omitempty"`          // ResetPassword is a link to reset the user's password.
    Schema                 Link   `json:"schema,omitempty"`                 // Schema is a link to the user's schema.
    Self                   Link   `json:"self,omitempty"`                   // Self is a link to the user.
    Suspend                Link   `json:"suspend,omitempty"`                // Suspend is a link to suspend the user.
    Users                  Link   `json:"users,omitempty"`                  // Users is a link to the user's users.
}

type OktaPage struct {
    Self          string   `json:"self"`
    NextPageLink  string   `json:"next"`
    NextPageToken string   `json:"next_page_token"`
    Paged         bool     `json:"paged"`
    Links         []string `json:"links"`
}

func (p *OktaPage) HasNextPage(links []string) bool

func (p *OktaPage) NextPage(links []string) string

type PagedSlice[T Slice[E], E any] struct {
    Results *T
    *OktaPage
}

type PagedStruct[T any] struct {
    Results *T
    *OktaPage
}

type PasswordCredentials struct {
    Hook  *PasswordHook `json:"hook,omitempty"`  // The password hook.
    Value string        `json:"value,omitempty"` // The password value.
    Hash  *PasswordHash `json:"hash,omitempty"`  // The password hash.
}

type PasswordHash struct {
    Algorithm       string `json:"algorithm,omitempty"`       // The algorithm used to hash the password.
    DigestAlgorithm string `json:"digestAlgorithm,omitempty"` // The digest algorithm used to hash the password.
    IterationCount  int    `json:"iterationCount,omitempty"`  // The iteration count used to hash the password.
    KeySize         int    `json:"keySize,omitempty"`         // The key size used to hash the password.
    Salt            string `json:"salt,omitempty"`            // The salt used to hash the password.
    SaltOrder       string `json:"saltOrder,omitempty"`       // The salt order used to hash the password.
    Value           string `json:"value,omitempty"`           // The password hash value.
    WorkFactor      int    `json:"workFactor,omitempty"`      // The work factor used to hash the password.
}

type PasswordHook struct {
    Type string `json:"type,omitempty"` // The type of the password hook.
}

type PeopleCondition struct {
    Groups GroupCondition `json:"groups,omitempty"` // Groups involved in the people condition.
    Users  GroupCondition `json:"users,omitempty"`  // Users involved in the people condition.
}

type Permission struct {
    Created     time.Time `json:"created,omitempty"`     // The timestamp when the permission was created.
    Label       string    `json:"label,omitempty"`       // The label of the permission.
    LastUpdated time.Time `json:"lastUpdated,omitempty"` // The timestamp when the permission was last updated.
    Links       *Links    `json:"_links,omitempty"`      // Links related to the permission.
}

type Provider struct {
    Name string `json:"name,omitempty"` // The name of the provider.
    Type string `json:"type,omitempty"` // The type of the provider. Enum: "ACTIVE_DIRECTORY" "FEDERATION" "IMPORT" "LDAP" "OKTA" "SOCIAL"
}

type RecoveryQuestion struct {
    Answer   string `json:"answer,omitempty"`   // The answer to the user's recovery question.
    Question string `json:"question,omitempty"` // The user's recovery question.
}

type Role struct {
    AssignmentType string    `json:"assignmentType,omitempty"` // The assignment type of the role.
    Created        time.Time `json:"created,omitempty"`        // The timestamp when the role was created.
    Description    string    `json:"description,omitempty"`    // The description of the role.
    ID             string    `json:"id,omitempty"`             // The ID of the role.
    Label          string    `json:"label,omitempty"`          // The label of the role.
    LastUpdated    time.Time `json:"lastUpdated,omitempty"`    // The timestamp when the role was last updated.
    Links          *Links    `json:"_links,omitempty"`         // Links related to the role.
    Status         string    `json:"status,omitempty"`         // The status of the role.
    Type           string    `json:"type,omitempty"`           // The type of the role.
}

type RoleReport struct {
    Role  *Role  // The role.
    Users *Users // The users assigned to the role.
}

type RoleReports []*RoleReport

type Roles []*Role

type RolesList struct {
    Roles *Roles `json:"roles,omitempty"`
}

func (r RolesList) Append(result interface{})

func (r RolesList) Init() *RolesList

type Slice[T any] interface {
    // contains filtered or unexported methods
}

type Struct[T any] interface {
    Init() *T
    Append(interface{})
}

type User struct {
    Activated             time.Time        `json:"activated,omitempty"`             // The timestamp when the user was activated.
    Created               time.Time        `json:"created,omitempty"`               // The timestamp when the user was created.
    Credentials           *UserCredentials `json:"credentials,omitempty"`           // The user's credentials.
    ID                    string           `json:"id,omitempty"`                    // The ID of the user.
    LastLogin             time.Time        `json:"lastLogin,omitempty"`             // The timestamp when the user last logged in.
    LastUpdated           time.Time        `json:"lastUpdated,omitempty"`           // The timestamp when the user was last updated.
    PasswordChanged       time.Time        `json:"passwordChanged,omitempty"`       // The timestamp when the user's password was last changed.
    Profile               *UserProfile     `json:"profile,omitempty"`               // The user's profile.
    Scope                 string           `json:"scope,omitempty"`                 // The user's assignment to an application [Individually,group assigned] {"USER","GROUP"}
    Status                string           `json:"status,omitempty"`                // The status of the user.
    StatusChanged         time.Time        `json:"statusChanged,omitempty"`         // The timestamp when the user's status was last changed.
    TransitioningToStatus string           `json:"transitioningToStatus,omitempty"` // The status that the user is transitioning to.
    Type                  *UserType        `json:"type,omitempty"`                  // The type of the user.
    Embedded              *UserEmbedded    `json:"_embedded,omitempty"`             // Embedded properties, to be revisited.
    Links                 *Links           `json:"_links,omitempty"`                // Links related to the user.
}

type UserCredentials struct {
    Password         *PasswordCredentials `json:"password,omitempty"`          // The user's password credentials.
    Provider         *Provider            `json:"provider,omitempty"`          // The user's provider credentials.
    RecoveryQuestion *RecoveryQuestion    `json:"recovery_question,omitempty"` // The user's recovery question credentials.
}

type UserEmbedded interface{}

type UserProfile struct {
    Aliases           []string `json:"emailAliases,omitempty"`      // Custom Property: The email aliases of the user.
    City              string   `json:"city,omitempty"`              // The city of the user's address. Maximum length is 128 characters.
    CostCenter        string   `json:"costCenter,omitempty"`        // The cost center of the user.
    CountryCode       string   `json:"countryCode,omitempty"`       // The country code of the user's address. [ISO 3166-1 alpha-2 country code](https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) specification. Limit: <= 2 characters.
    Department        string   `json:"department,omitempty"`        // The department of the user.
    DisplayName       string   `json:"displayName,omitempty"`       // The display name of the user.
    Division          string   `json:"division,omitempty"`          // The division of the user.
    Email             string   `json:"email,omitempty"`             // The primary email address of the user, used as the login name and is always required for `create` requests. Must be unique. Limit: [5 - 100] characters.
    EmployeeNumber    string   `json:"employeeNumber,omitempty"`    // The employee number of the user.
    FirstName         string   `json:"firstName,omitempty"`         // The first name of the user. Limit: [1 .. 50] characters.
    HonorificPrefix   string   `json:"honorificPrefix,omitempty"`   // The honorific prefix of the user's name.
    HonorificSuffix   string   `json:"honorificSuffix,omitempty"`   // The honorific suffix of the user's name.
    LastName          string   `json:"lastName,omitempty"`          // The last name of the user. Limit: [1 .. 50] characters.
    Locale            string   `json:"locale,omitempty"`            // The locale of the user. Specified according to [IETF BCP 47 language tag](https://datatracker.ietf.org/doc/html/rfc5646). Example: `en-US`.
    Login             string   `json:"login,omitempty"`             // The login name of the user.
    Manager           string   `json:"manager,omitempty"`           // The manager of the user.
    ManagerId         string   `json:"managerId,omitempty"`         // The ID of the user's manager.
    MiddleName        string   `json:"middleName,omitempty"`        // The middle name of the user.
    MobilePhone       string   `json:"mobilePhone,omitempty"`       // The mobile phone number of the user. Maximum length is 100 characters.
    NickName          string   `json:"nickName,omitempty"`          // The nickname of the user.
    Organization      string   `json:"organization,omitempty"`      // The organization of the user.
    PostalAddress     string   `json:"postalAddress,omitempty"`     // The postal address of the user. Limit: <= 4096 characters.
    PreferredLanguage string   `json:"preferredLanguage,omitempty"` // The preferred language of the user.
    PrimaryPhone      string   `json:"primaryPhone,omitempty"`      // The primary phone number of the user.
    ProfileUrl        string   `json:"profileUrl,omitempty"`        // The profile URL of the user.
    SecondEmail       string   `json:"secondEmail,omitempty"`       // The secondary email address of the user. Limit: [5 - 100] characters.
    State             string   `json:"state,omitempty"`             // The state of the user's address. Limit: <= 128 characters.
    StreetAddress     string   `json:"streetAddress,omitempty"`     // The street address of the user. Limit: <= 1024 characters.
    Timezone          string   `json:"timezone,omitempty"`          // The time zone of the user.
    Title             string   `json:"title,omitempty"`             // The title of the user.
    UserType          string   `json:"userType,omitempty"`          // The type of the user.
    ZipCode           string   `json:"zipCode,omitempty"`           // The zip code of the user's address. Limit: <= 12 characters.
}

type UserQuery struct {
    Q         string // Searches the records for matching value
    After     string // The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the `Link` response header.
    Limit     string // Default: 200. Specifies the number of results returned. Defaults to 10 if `q` is provided
    Filter    string // Filters users with a supported expression for a subset of properties
    Search    string // A SCIM filter expression for most properties. Okta recommends using this parameter for search for best performance
    SortBy    string // Specifies the attribute by which to sort the results. Valid values are `id`, `created`, `activated`, `status`, and `lastUpdated`. The default is `id`
    SoftOrder string // Sorting is done in ASCII sort order (that is, by ASCII character value), but isn't case sensitive
}

type UserType struct {
    Created       time.Time `json:"created,omitempty"`       // The timestamp when the user type was created.
    CreatedBy     string    `json:"createdBy,omitempty"`     // The ID of the user who created the user type.
    Default       bool      `json:"default,omitempty"`       // Indicates whether the user type is the default.
    Description   string    `json:"description,omitempty"`   // The description of the user type.
    DisplayName   string    `json:"displayName,omitempty"`   // The display name of the user type.
    ID            string    `json:"id,omitempty"`            // The ID of the user type.
    LastUpdated   time.Time `json:"lastUpdated,omitempty"`   // The timestamp when the user type was last updated.
    LastUpdatedBy string    `json:"lastUpdatedBy,omitempty"` // The ID of the user who last updated the user type.
    Name          string    `json:"name,omitempty"`          // The name of the user type.
    Links         *Links    `json:"_links,omitempty"`        // Links related to the user type.
}

type Users []*User

type Visibility struct {
    AppLinks          map[string]bool `json:"appLinks,omitempty"`
    AutoLaunch        bool            `json:"autoLaunch,omitempty"`
    AutoSubmitToolbar bool            `json:"autoSubmitToolbar,omitempty"`
    Hide              map[string]bool `json:"hide,omitempty"`
}