admin

package
v0.16.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 10, 2020 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source
const DefaultAuthorizationHeader = "authorization"

Variables

This section is empty.

Functions

func GetAdditionalAdminClientConfigOptions

func GetAdditionalAdminClientConfigOptions(cfg Config) []grpc.DialOption

func InitializeAdminClient

func InitializeAdminClient(ctx context.Context, cfg Config) service.AdminServiceClient

Create an AdminClient with a shared Admin connection for the process

func InitializeAdminClientFromConfig

func InitializeAdminClientFromConfig(ctx context.Context) (service.AdminServiceClient, error)

func InitializeMockAdminClient

func InitializeMockAdminClient() service.AdminServiceClient

func NewAdminClient

func NewAdminClient(ctx context.Context, conn *grpc.ClientConn) service.AdminServiceClient

func NewAdminConnection

func NewAdminConnection(ctx context.Context, cfg Config) (*grpc.ClientConn, error)

Types

type Config

type Config struct {
	Endpoint              config.URL      `json:"endpoint" pflag:",For admin types, specify where the uri of the service is located."`
	UseInsecureConnection bool            `json:"insecure" pflag:",Use insecure connection."`
	MaxBackoffDelay       config.Duration `json:"maxBackoffDelay" pflag:",Max delay for grpc backoff"`
	PerRetryTimeout       config.Duration `json:"perRetryTimeout" pflag:",gRPC per retry timeout"`
	MaxRetries            int             `json:"maxRetries" pflag:",Max number of gRPC retries"`

	// Auth can only be used if also running with a secure connection. If UseInsecureConnection is set to true, none
	// of the following options will even be referenced.
	UseAuth              bool     `json:"useAuth" pflag:",Whether or not to try to authenticate with options below"`
	ClientId             string   `json:"clientId" pflag:",Client ID"`
	ClientSecretLocation string   `json:"clientSecretLocation" pflag:",File containing the client secret"`
	Scopes               []string `json:"scopes" pflag:",List of scopes to request"`

	// There are two ways to get the token URL. If the authorization server url is provided, the client will try to use RFC 8414 to
	// try to get the token URL. Or it can be specified directly through TokenURL config.
	AuthorizationServerURL string `json:"authorizationServerUrl" pflag:",This is the URL to your IDP's authorization server'"`
	TokenURL               string `json:"tokenUrl" pflag:",Your IDPs token endpoint"`

	// See the implementation of the 'grpcAuthorizationHeader' option in Flyte Admin for more information. But
	// basically we want to be able to use a different string to pass the token from this client to the the Admin service
	// because things might be running in a service mesh (like Envoy) that already uses the default 'authorization' header
	AuthorizationHeader string `json:"authorizationHeader" pflag:",Custom metadata header to pass JWT"`
}

func GetConfig

func GetConfig(ctx context.Context) *Config

func (Config) GetPFlagSet

func (cfg Config) GetPFlagSet(prefix string) *pflag.FlagSet

GetPFlagSet will return strongly types pflags for all fields in Config and its nested types. The format of the flags is json-name.json-sub-name... etc.

type CustomHeaderTokenSource added in v0.16.3

type CustomHeaderTokenSource struct {
	oauth2.TokenSource
	// contains filtered or unexported fields
}

This class is here because we cannot use the normal "github.com/grpc/grpc-go/credentials/oauth" package to satisfy the credentials.PerRPCCredentials interface. This is because we want to be able to support a different 'header' when passing the token in the gRPC call's metadata. The default is filled in in the constructor if none is supplied.

func NewCustomHeaderTokenSource added in v0.16.3

func NewCustomHeaderTokenSource(source oauth2.TokenSource, customHeader string) CustomHeaderTokenSource

func (CustomHeaderTokenSource) GetRequestMetadata added in v0.16.3

func (ts CustomHeaderTokenSource) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error)

GetRequestMetadata gets the authorization metadata as a map using a TokenSource to generate a token

func (CustomHeaderTokenSource) RequireTransportSecurity added in v0.16.3

func (ts CustomHeaderTokenSource) RequireTransportSecurity() bool

Even though Admin is capable of serving authentication without SSL, we're going to require it here. That is, this module's canonical Admin client will only do auth over SSL.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL