Documentation ¶
Overview ¶
Package adapter allows the DAM to take actions.
Index ¶
- Constants
- func GetItemVariables(adapters *ServiceAdapters, adapterName string, item *pb.View_Item) (map[string]string, string, error)
- func ResolveServiceRole(roleName string, view *pb.View, res *pb.Resource, cfg *pb.DamConfig) (*pb.ServiceRole, error)
- type Action
- type AggregateView
- type AggregatorAdapter
- func (a *AggregatorAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, ...) (string, error)
- func (a *AggregatorAdapter) Descriptors() map[string]*pb.ServiceDescriptor
- func (a *AggregatorAdapter) IsAggregator() bool
- func (a *AggregatorAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)
- func (a *AggregatorAdapter) Name() string
- func (a *AggregatorAdapter) Platform() string
- type AwsAdapter
- func (a *AwsAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, ...) (string, error)
- func (a *AwsAdapter) Descriptors() map[string]*pb.ServiceDescriptor
- func (a *AwsAdapter) IsAggregator() bool
- func (a *AwsAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)
- func (a *AwsAdapter) Name() string
- func (a *AwsAdapter) Platform() string
- type GatekeeperAdapter
- func (a *GatekeeperAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, ...) (string, error)
- func (a *GatekeeperAdapter) Descriptors() map[string]*pb.ServiceDescriptor
- func (a *GatekeeperAdapter) IsAggregator() bool
- func (a *GatekeeperAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)
- func (a *GatekeeperAdapter) Name() string
- func (a *GatekeeperAdapter) Platform() string
- type GatekeeperToken
- type MintTokenResult
- type Options
- type SawAdapter
- func (a *SawAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, ...) (string, error)
- func (a *SawAdapter) Descriptors() map[string]*pb.ServiceDescriptor
- func (a *SawAdapter) IsAggregator() bool
- func (a *SawAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)
- func (a *SawAdapter) Name() string
- func (a *SawAdapter) Platform() string
- type ServiceAdapter
- func NewAggregatorAdapter(adapters *ServiceAdapters) (ServiceAdapter, error)
- func NewAwsAdapter(store storage.Store, awsClient aws.APIClient) (ServiceAdapter, error)
- func NewGatekeeperAdapter(signer kms.Signer) (ServiceAdapter, error)
- func NewSawAdapter(warehouse clouds.ResourceTokenCreator) (ServiceAdapter, error)
- type ServiceAdapters
Constants ¶
const ( // SawAdapterName is the name identifier exposed in config files. SawAdapterName = "saw" // SawMaxUserIDLength is the service account desc max length. SawMaxUserIDLength = 100 )
const (
// AdapterDataType is the name of adapter file types.
AdapterDataType = "adapter"
)
const (
// AwsAdapterName is the name identifier exposed in config files.
AwsAdapterName = "aws"
)
Variables ¶
This section is empty.
Functions ¶
func GetItemVariables ¶
func GetItemVariables(adapters *ServiceAdapters, adapterName string, item *pb.View_Item) (map[string]string, string, error)
GetItemVariables returns a map of variables and their values for a given view item.
Types ¶
type Action ¶
type Action struct { Aggregates []*AggregateView ClientID string Config *pb.DamConfig GrantRole string Identity *ga4gh.Identity Issuer string MaxTTL time.Duration ResourceID string Resource *pb.Resource ServiceRole *pb.ServiceRole ServiceTemplate *pb.ServiceTemplate TTL time.Duration ViewID string View *pb.View Interface string TokenFormat string }
Action provides inputs to action methods on adapters.
type AggregateView ¶
AggregateView defines an aggregated view.
type AggregatorAdapter ¶
type AggregatorAdapter struct {
// contains filtered or unexported fields
}
AggregatorAdapter combines views from other adapters.
func (*AggregatorAdapter) CheckConfig ¶
func (a *AggregatorAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, adapters *ServiceAdapters) (string, error)
CheckConfig validates that a new configuration is compatible with this adapter.
func (*AggregatorAdapter) Descriptors ¶ added in v0.8.4
func (a *AggregatorAdapter) Descriptors() map[string]*pb.ServiceDescriptor
Descriptors returns a map of Service descriptors.
func (*AggregatorAdapter) IsAggregator ¶
func (a *AggregatorAdapter) IsAggregator() bool
IsAggregator returns true if this adapter requires TokenAction.Aggregates.
func (*AggregatorAdapter) MintToken ¶
func (a *AggregatorAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)
MintToken has the adapter mint a token.
func (*AggregatorAdapter) Name ¶
func (a *AggregatorAdapter) Name() string
Name returns the name identifier of the adapter as used in configurations.
func (*AggregatorAdapter) Platform ¶
func (a *AggregatorAdapter) Platform() string
Platform returns the name identifier of the platform on which this adapter operates.
type AwsAdapter ¶ added in v0.9.7
type AwsAdapter struct {
// contains filtered or unexported fields
}
AwsAdapter is the AWS IAM adapter.
func (*AwsAdapter) CheckConfig ¶ added in v0.9.7
func (a *AwsAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, adapters *ServiceAdapters) (string, error)
CheckConfig validates that a new configuration is compatible with this adapter.
func (*AwsAdapter) Descriptors ¶ added in v0.9.7
func (a *AwsAdapter) Descriptors() map[string]*pb.ServiceDescriptor
Descriptors returns a map of ServiceDescriptor descriptor.
func (*AwsAdapter) IsAggregator ¶ added in v0.9.7
func (a *AwsAdapter) IsAggregator() bool
IsAggregator returns true if this adapter requires TokenAction.Aggregates.
func (*AwsAdapter) MintToken ¶ added in v0.9.7
func (a *AwsAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)
MintToken has the adapter mint a token.
func (*AwsAdapter) Name ¶ added in v0.9.7
func (a *AwsAdapter) Name() string
Name returns the name identifier of the adapter as used in configurations.
func (*AwsAdapter) Platform ¶ added in v0.9.7
func (a *AwsAdapter) Platform() string
Platform returns the name identifier of the platform on which this adapter operates.
type GatekeeperAdapter ¶
type GatekeeperAdapter struct {
// contains filtered or unexported fields
}
GatekeeperAdapter generates downstream access tokens.
func (*GatekeeperAdapter) CheckConfig ¶
func (a *GatekeeperAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, adapters *ServiceAdapters) (string, error)
CheckConfig validates that a new configuration is compatible with this adapter.
func (*GatekeeperAdapter) Descriptors ¶ added in v0.8.4
func (a *GatekeeperAdapter) Descriptors() map[string]*pb.ServiceDescriptor
Descriptors returns a map of ServiceAdapter descriptors.
func (*GatekeeperAdapter) IsAggregator ¶
func (a *GatekeeperAdapter) IsAggregator() bool
IsAggregator returns true if this adapter requires TokenAction.Aggregates.
func (*GatekeeperAdapter) MintToken ¶
func (a *GatekeeperAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)
MintToken has the adapter mint a token.
func (*GatekeeperAdapter) Name ¶
func (a *GatekeeperAdapter) Name() string
Name returns the name identifier of the adapter as used in configurations.
func (*GatekeeperAdapter) Platform ¶
func (a *GatekeeperAdapter) Platform() string
Platform returns the name identifier of the platform on which this adapter operates.
type GatekeeperToken ¶
GatekeeperToken is the token format that is minted here.
type MintTokenResult ¶
type MintTokenResult struct { // A set of credential information like "account" and "access_token", or whatever // may apply for the given target service. Credentials map[string]string // A set of metadata labels about the result to provide context to the client application. Labels map[string]string // The type of token, if applicable, that was able to be generated, which may vary from // the TokenFormat requested in the Action depending on service requirements. TokenFormat string }
MintTokenResult is returned by the MintToken() method.
type Options ¶ added in v0.9.7
type Options struct { // Store: data storage and configuration storage Store storage.Store // Warehouse: resource token creator service Warehouse clouds.ResourceTokenCreator // AWSClient: a client for interacting with the AWS API AWSClient aws.APIClient // Signer: the signer use for signing jwt. Signer kms.Signer }
Options contains parameters to adapters.
type SawAdapter ¶
type SawAdapter struct {
// contains filtered or unexported fields
}
SawAdapter is a Service Account Warehouse (SAW) adapter.
func (*SawAdapter) CheckConfig ¶
func (a *SawAdapter) CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, adapters *ServiceAdapters) (string, error)
CheckConfig validates that a new configuration is compatible with this adapter.
func (*SawAdapter) Descriptors ¶ added in v0.8.4
func (a *SawAdapter) Descriptors() map[string]*pb.ServiceDescriptor
Descriptors returns a map of ServiceDescriptor descriptor.
func (*SawAdapter) IsAggregator ¶
func (a *SawAdapter) IsAggregator() bool
IsAggregator returns true if this adapter requires TokenAction.Aggregates.
func (*SawAdapter) MintToken ¶
func (a *SawAdapter) MintToken(ctx context.Context, input *Action) (*MintTokenResult, error)
MintToken has the adapter mint a token.
func (*SawAdapter) Name ¶
func (a *SawAdapter) Name() string
Name returns the name identifier of the adapter as used in configurations.
func (*SawAdapter) Platform ¶
func (a *SawAdapter) Platform() string
Platform returns the name identifier of the platform on which this adapter operates.
type ServiceAdapter ¶ added in v0.8.4
type ServiceAdapter interface { // Name returns the name identifier of the adapter as used in configurations. Name() string // Platform returns the name identifier of the platform on which this adapter operates. Platform() string // Descriptors returns a map of service descriptors. Descriptors() map[string]*pb.ServiceDescriptor // IsAggregator returns true if this adapter requires TokenAction.Aggregates. IsAggregator() bool // CheckConfig validates that a new configuration is compatible with this adapter. CheckConfig(templateName string, template *pb.ServiceTemplate, resName, viewName string, view *pb.View, cfg *pb.DamConfig, adapters *ServiceAdapters) (string, error) // MintToken has the adapter mint a token. MintToken(ctx context.Context, input *Action) (*MintTokenResult, error) }
ServiceAdapter defines the interface for all DAM adapters that take access actions.
func NewAggregatorAdapter ¶
func NewAggregatorAdapter(adapters *ServiceAdapters) (ServiceAdapter, error)
NewAggregatorAdapter creates a AggregatorAdapter.
func NewAwsAdapter ¶ added in v0.9.7
NewAwsAdapter creates a new AwsAdapter.
func NewGatekeeperAdapter ¶
func NewGatekeeperAdapter(signer kms.Signer) (ServiceAdapter, error)
NewGatekeeperAdapter creates a GatekeeperAdapter.
func NewSawAdapter ¶
func NewSawAdapter(warehouse clouds.ResourceTokenCreator) (ServiceAdapter, error)
NewSawAdapter creates a Service Account Warehouse (SAW) adapter.
type ServiceAdapters ¶ added in v0.8.4
type ServiceAdapters struct { ByAdapterName map[string]ServiceAdapter ByServiceName map[string]ServiceAdapter Descriptors map[string]*pb.ServiceDescriptor VariableREs map[string]map[string]*regexp.Regexp // serviceName.variableName.regexp // contains filtered or unexported fields }
ServiceAdapters includes all adapters that are registered with the system.
func CreateAdapters ¶
func CreateAdapters(opts *Options) (*ServiceAdapters, error)
CreateAdapters registers and collects all adapters with the system.