Documentation
¶
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type TokenManager ¶
type TokenManager interface {
// GetAuthToken retrieves an auth.Token or returns an error if the retrieval fails.
// auth.Token can be created with built-in functions such as:
// - `neo4j.NoAuth`
// - `neo4j.BasicAuth`
// - `neo4j.KerberosAuth`
// - `neo4j.BearerAuth`
// - `neo4j.CustomAuth`
//
// The token returned must always belong to the same identity.
// Switching identities using the `TokenManager` is undefined behavior.
GetAuthToken(ctx context.Context) (auth.Token, error)
// OnTokenExpired is called by the driver when the provided token expires
// OnTokenExpired should invalidate the current token if it matches the provided one
OnTokenExpired(context.Context, auth.Token) error
}
TokenManager is an interface for components that can provide auth tokens. The `neo4j` package provides default implementations of `auth.TokenManager` for common authentication schemes. See `neo4j.NewDriverWithContext`. Custom implementations of this class can be used to provide more complex authentication refresh functionality.
WARNING:
The manager *must not* interact with the driver in any way as this can cause deadlocks and undefined behaviour. Furthermore, the manager is expected to be thread-safe.
TokenManager is part of the re-authentication preview feature (see README on what it means in terms of support and compatibility guarantees)
func ExpirationBasedTokenManager ¶
func ExpirationBasedTokenManager(provider authTokenWithExpirationProvider) TokenManager
ExpirationBasedTokenManager creates a token manager for potentially expiring auth info.
The first and only argument is a provider function that returns auth information and an optional expiration time. If the expiration time is nil, the auth info is assumed to never expire.
WARNING:
The provider function *must not* interact with the driver in any way as this can cause deadlocks and undefined behaviour. The provider function only ever return auth information belonging to the same identity. Switching identities is undefined behavior.
ExpirationBasedTokenManager is part of the re-authentication preview feature (see README on what it means in terms of support and compatibility guarantees)
Example ¶
/*
* Copyright (c) "Neo4j"
* Neo4j Sweden AB [https://neo4j.com]
*
* This file is part of Neo4j.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package main
import (
"context"
"fmt"
"github.com/SGNL-ai/neo4j-go-driver/v5/neo4j"
"github.com/SGNL-ai/neo4j-go-driver/v5/neo4j/auth"
"os"
"time"
)
func main() {
myProvider := func(ctx context.Context) (neo4j.AuthToken, *time.Time, error) {
// some way to getting a token
token, err := getSsoToken(ctx)
if err != nil {
return neo4j.AuthToken{}, nil, err
}
// assume we know our tokens expire every 60 seconds
expiresIn := time.Now().Add(60 * time.Second)
// Include a little buffer so that we fetch a new token *before* the old one expires
expiresIn = expiresIn.Add(-10 * time.Second)
// or return nil instead of `&expiresIn` if we don't expect it to expire
return token, &expiresIn, nil
}
_, _ = neo4j.NewDriverWithContext(getUrl(), auth.ExpirationBasedTokenManager(myProvider))
}
func getSsoToken(context.Context) (neo4j.AuthToken, error) {
return neo4j.NoAuth(), nil
}
func getUrl() string {
return fmt.Sprintf("%s://%s:%s", os.Getenv("TEST_NEO4J_SCHEME"), os.Getenv("TEST_NEO4J_HOST"), os.Getenv("TEST_NEO4J_PORT"))
}
Output:
Source Files