Documentation
¶
Overview ¶
Package auth contains various implementations for authenticating with Cerberus. These implementations can be used standalone from the main Cerberus client to get a login token or manage authentication without having to set up a full client
Index ¶
- func Logout(builtURL url.URL, headers http.Header) error
- func Refresh(builtURL url.URL, headers http.Header) (*api.UserAuthResponse, error)
- type Auth
- type STSAuth
- type TokenAuth
- func (t *TokenAuth) GetExpiry() (time.Time, error)
- func (t *TokenAuth) GetHeaders() (http.Header, error)
- func (t *TokenAuth) GetToken(f *os.File) (string, error)
- func (t *TokenAuth) GetURL() *url.URL
- func (t *TokenAuth) IsAuthenticated() bool
- func (t *TokenAuth) Logout() error
- func (t *TokenAuth) Refresh() error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Auth ¶
type Auth interface {
// GetToken should either return an existing token or perform all authentication steps
// necessary to get a new token.
GetToken(*os.File) (string, error)
//IsAuthenticated should return whether or not there is a valid token. A valid token
// is one that exists and is not expired
IsAuthenticated() bool
// Refresh uses the current valid token to retrieve a new one
Refresh() error
// Logout revokes the current token
Logout() error
// GetHeaders is a helper for any client using the authentication strategy.
// It returns a basic set of headers asking for a JSON response and has
// the authorization header set with the proper token
GetHeaders() (http.Header, error)
GetURL() *url.URL
// GetExpiry either returns the expiry time of an existing token, or a zero-valued
// time.Time struct and an error if a token doesn't exist
GetExpiry() (time.Time, error)
}
The Auth interface describes the methods that all authentication providers must satisfy
type STSAuth ¶ added in v1.0.0
type STSAuth struct {
// contains filtered or unexported fields
}
STSAuth uses AWS V4 signing authenticate to Cerberus.
func NewSTSAuth ¶ added in v1.0.0
NewSTSAuth returns an STSAuth given a valid URL and region. Valid AWS credentials configured either by environment or through a credentials config file are also required.
func (*STSAuth) GetExpiry ¶ added in v1.2.0
GetExpiry returns the expiry time of the token if it already exists. Otherwise, it returns a zero-valued time.Time struct and an error.
func (*STSAuth) GetHeaders ¶ added in v1.0.0
GetHeaders returns the headers needed to authenticate against Cerberus. This will return an error if the token is expired or non-existent.
func (*STSAuth) GetToken ¶ added in v1.0.0
GetToken returns a token if it already exists and is not expired. Otherwise, it authenticates using the provided URL and region and then returns the token.
func (*STSAuth) IsAuthenticated ¶ added in v1.0.0
IsAuthenticated returns whether or not the current token is set and is not expired.
type TokenAuth ¶
type TokenAuth struct {
// contains filtered or unexported fields
}
TokenAuth uses a preexisting token to authenticate to Cerberus
func NewTokenAuth ¶
NewTokenAuth takes a Cerberus URL and valid token and returns a new TokenAuth. There is no checking done on whether or not the token is valid, so the function expects the a valid token.
func (*TokenAuth) GetExpiry ¶ added in v1.3.0
Always return zero-valued time.Time struct and a non-nil error
func (*TokenAuth) GetHeaders ¶
GetHeaders returns HTTP headers used for requests if the method is currently authenticated. Returns an error otherwise
func (*TokenAuth) GetToken ¶
GetToken returns the token passed when creating the TokenAuth. Nil should be passed as the argument to the function. The argument exists for compatibility with the Auth interface
func (*TokenAuth) IsAuthenticated ¶
IsAuthenticated always returns true if there is a token. If Logout has been called, it will return false
Source Files