credscanning

package
v0.0.0-...-a98c674 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 9, 2025 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

Package credscanning is a wrapper for scanning package. Its focus is on scanning Credentials required for catalog provider.

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrProviderNotFound = errors.New("provider not found")
	ErrProviderInfo     = errors.New("provider info is not understood")
)
View Source
var Fields = struct {
	Provider Field
	// Tokens
	AccessToken  Field
	RefreshToken Field
	Expiry       Field
	ExpiryFormat Field
	// Client ID, Secret
	ClientId     Field
	ClientSecret Field
	// Basic Authentication
	Username Field
	Password Field
	// Key
	ApiKey Field
	// Catalog variables
	Workspace Field
	// Oauth2
	State  Field
	Scopes Field
	Secret Field
}{
	Provider: Field{
		Name:      "provider",
		PathJSON:  "provider",
		SuffixENV: "PROVIDER",
	},
	AccessToken: Field{
		Name:      "accessToken",
		PathJSON:  "accessToken",
		SuffixENV: "ACCESS_TOKEN",
	},
	RefreshToken: Field{
		Name:      "refreshToken",
		PathJSON:  "refreshToken",
		SuffixENV: "REFRESH_TOKEN",
	},
	Expiry: Field{
		Name:      "expiry",
		PathJSON:  "expiry",
		SuffixENV: "EXPIRY",
	},
	ExpiryFormat: Field{
		Name:      "expiryFormat",
		PathJSON:  "expiryFormat",
		SuffixENV: "EXPIRY_FORMAT",
	},
	ClientId: Field{
		Name:      "clientId",
		PathJSON:  "clientId",
		SuffixENV: "CLIENT_ID",
	},
	ClientSecret: Field{
		Name:      "clientSecret",
		PathJSON:  "clientSecret",
		SuffixENV: "CLIENT_SECRET",
	},
	Username: Field{
		Name:      "username",
		PathJSON:  "username",
		SuffixENV: "USERNAME",
	},
	Password: Field{
		Name:      "password",
		PathJSON:  "password",
		SuffixENV: "PASSWORD",
	},
	ApiKey: Field{
		Name:      "apiKey",
		PathJSON:  "apiKey",
		SuffixENV: "API_KEY",
	},
	Workspace: Field{
		Name:      "workspace",
		PathJSON:  "substitutions.workspace",
		SuffixENV: "WORKSPACE",
	},
	State: Field{
		Name:      "state",
		PathJSON:  "state",
		SuffixENV: "STATE",
	},
	Scopes: Field{
		Name:      "scopes",
		PathJSON:  "scopes",
		SuffixENV: "SCOPES",
	},
	Secret: Field{
		Name:      "secret",
		PathJSON:  "secret",
		SuffixENV: "SECRET",
	},
}

Fields is a grouping of constant values that dictate the keys that can be present inside *creds.json file.

Functions

func LoadPath

func LoadPath(providerName string) string

LoadPath will give path to creds.json. For provider called `dynamicsCRM` the file location will either be * value of DYNAMICS_CRM_CRED_FILE env var, or * ./dynamics-crm-creds.json.

Types

type Field

type Field struct {
	Name      string
	PathJSON  string
	SuffixENV string
}

func (Field) GetENVReader

func (f Field) GetENVReader(providerName string) *scanning.EnvReader

func (Field) GetJSONReader

func (f Field) GetJSONReader(filepath string) *scanning.JSONReader

type ProviderCredentials

type ProviderCredentials struct {
	Registry       scanning.Registry
	ProviderValues map[string]string
}

ProviderCredentials is a collection of values for a provider that come either from JSON or ENV.

func NewENVProviderCredentials

func NewENVProviderCredentials(
	providerName string,
	withRequiredAccessToken bool,
	withRequiredWorkspace bool,
) (*ProviderCredentials, error)

NewENVProviderCredentials reads ENV variables associated with a provider.

func NewJSONProviderCredentials

func NewJSONProviderCredentials(
	filePath string,
	withRequiredAccessToken bool,
	withRequiredWorkspace bool,
) (*ProviderCredentials, error)

NewJSONProviderCredentials reads JSON fields that must be present for a provider. It performs validation and will tell you fields that are expected for this provider in JSON file.

Note: As of right now there is no way to infer if access token must be provided. Therefore, explicitly state via arguments.

func (ProviderCredentials) Get

func (r ProviderCredentials) Get(field Field) string

func (ProviderCredentials) GetOauthToken

func (r ProviderCredentials) GetOauthToken() *oauth2.Token

GetOauthToken constructs Token group from creds file. Some connectors may implement Refresh tokens, when it happens expiry must be provided alongside. Library shouldn't attempt to refresh tokens if API doesn't support `refresh_token` grant type.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL