Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type TokenProvider ¶
type TokenProvider struct {
// contains filtered or unexported fields
}
TokenProvider is a grpc PerRPCCredentials that can be used to attach a JWT token to each gRPC call. TokenProvider can be used for XDS, which may involve token exchange through STS.
func NewCATokenProvider ¶
func NewCATokenProvider(opts *security.Options) *TokenProvider
TODO add metrics TODO change package
func NewXDSTokenProvider ¶
func NewXDSTokenProvider(opts *security.Options) *TokenProvider
func (*TokenProvider) GetRequestMetadata ¶
func (*TokenProvider) GetToken ¶
func (t *TokenProvider) GetToken() (string, error)
GetToken fetches a token to attach to a request. Returning "", nil will cause no header to be added; while a non-nil error will block the request If the token selected is not found, no error will be returned, causing no authorization header to be set. This ensures that even if the JWT token is missing (for example, on a VM that has rebooted, causing the token to be removed from volatile memory), we can still proceed and allow other authentication methods to potentially handle the request, such as mTLS.
func (*TokenProvider) RequireTransportSecurity ¶
func (t *TokenProvider) RequireTransportSecurity() bool
Allow the token provider to be used regardless of transport security; callers can determine whether this is safe themselves.