authenticator

package
v6.25.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 30, 2024 License: MIT Imports: 17 Imported by: 2

Documentation

Index

Constants

View Source 
const (

	// DemoToken can be used to test with the api without using your own account
	DemoToken = `eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImN3MiFSbDU2eDNoUnkjelM4YmdOIn0.` +
		`eyJpc3MiOiJhcGkudHJhbnNpcC5ubCIsImF1ZCI6ImFwaS50cmFuc2lwLm5sIiwianRpIjoiY3cy` +
		`IVJsNTZ4M2hSeSN6UzhiZ04iLCJpYXQiOjE1ODIyMDE1NTAsIm5iZiI6MTU4MjIwMTU1MCwiZXhw` +
		`IjoyMTE4NzQ1NTUwLCJjaWQiOiI2MDQ0OSIsInJvIjpmYWxzZSwiZ2siOmZhbHNlLCJrdiI6dHJ1` +
		`ZX0.fYBWV4O5WPXxGuWG-vcrFWqmRHBm9yp0PHiYh_oAWxWxCaZX2Rf6WJfc13AxEeZ67-lY0TA2` +
		`kSaOCp0PggBb_MGj73t4cH8gdwDJzANVxkiPL1Saqiw2NgZ3IHASJnisUWNnZp8HnrhLLe5ficvb` +
		`1D9WOUOItmFC2ZgfGObNhlL2y-AMNLT4X7oNgrNTGm-mespo0jD_qH9dK5_evSzS3K8o03gu6p19` +
		`jxfsnIh8TIVRvNdluYC2wo4qDl5EW5BEZ8OSuJ121ncOT1oRpzXB0cVZ9e5_UVAEr9X3f26_Eomg` +
		`52-PjrgcRJ_jPIUYbrlo06KjjX2h0fzMr21ZE023Gw`
)

Variables

View Source 
var (
	// ErrDecodingPrivateKey will be thrown when an invalid private key has been given
	ErrDecodingPrivateKey = errors.New("could not decode private key")
)
View Source 
var (
	// ErrTokenExpired will be throwed when the static token that has been set by the client is expired
	// and we cannot request a new one
	ErrTokenExpired = errors.New("token expired and no private key is set")
)

Functions

This section is empty.

Types

type AuthRequest 

type AuthRequest struct {
	// Account name
	Login string `json:"login"`
	// Unique number for this request
	Nonce string `json:"nonce"`
	// Custom name to give this Token, you can see your tokens in the transip control panel
	Label string `json:"label,omitempty"`
	// Enable read only mode
	ReadOnly bool `json:"read_only"`
	// Unix time stamp of when this Token should expire
	ExpirationTime string `json:"expiration_time"`
	// Whether this key can be used from everywhere, e.g should not be whitelisted to the current requesting ip
	GlobalKey bool `json:"global_key"`
}

AuthRequest will be transformed and send in order to request a new Token for more information, see: https://api.transip.nl/rest/docs.html#header-authentication

type Authenticator 

type Authenticator struct {
	// this contains a []byte representation of the the private key of the customer
	// this key will be used to sign a new Token request
	PrivateKeyBody []byte
	// this is Token, that is filled with a static Token that a customer provides
	// or a Token that we got from a Token request
	Token jwt.Token
	// this is the http client to do auth requests with
	HTTPClient *http.Client
	// this would be the auth path, thus where we will get new tokens from
	BasePath string
	// this would be the account name of customer
	Login string
	// When this is set to true the requested tokens can only be used with the 'ip' we are requesting with
	Whitelisted bool
	// Whether or not we want to request read only Tokens, that can only only be used to retrieve information
	// not to create, modify or delete it
	ReadOnly bool
	// TokenCache is used to retrieve previously acquired tokens and saving new ones
	// If not set we do not use a cache to store the tokens
	TokenCache TokenCache
	// TokenExpiration defines lifetime of generated tokens.
	// If unspecified, the default is 1 day.
	// Has no effect for tokens provided via the Token field
	TokenExpiration time.Duration
	// A KeyManager is used to offload the signing of a new Token request to a third party (e.g. a key vault)
	KeyManager KeyManager
}

Authenticator is used to store,retrieve and request new tokens on every request. It checks the expiry date of a Token and if it is expired it will request a new one

func (*Authenticator) GetToken 

func (a *Authenticator) GetToken() (jwt.Token, error)

GetToken will return the current Token if it is not expired. If it is expired it will try to request a new Token, set and return that.

type FileTokenCache 

type FileTokenCache struct {
	// File contains the cache file
	File *os.File
	// CacheItems contains a list of cache items, all of them have a key
	CacheItems []cacheItem `json:"items"`
	// contains filtered or unexported fields
}

FileTokenCache is a cache that takes a path and writes a json marshalled File to it, it decodes it when created with the NewFileTokenCache method. It has a Set method to save a token by name as jwt.Token and a Get method one to get a previously acquired token by name returned as jwt.Token

func NewFileTokenCache 

func NewFileTokenCache(path string) (*FileTokenCache, error)

NewFileTokenCache opens or creates a filesystem cache File on the specified path

func (*FileTokenCache) Get 

func (f *FileTokenCache) Get(key string) (jwt.Token, error)

Get a previously acquired token by name returned as jwt.Token

func (*FileTokenCache) Set 

func (f *FileTokenCache) Set(key string, token jwt.Token) error

Set will save a token by name as jwt.Token

type KeyManager 

type KeyManager interface {
	Sign(body []byte) (string, error)
}

A KeyManager can be used to offload the signing of a new Token request to a third party

type TokenCache 

type TokenCache interface {
	// Set will save a token by name as byte array
	Set(key string, token jwt.Token) error
	// Get a previously acquired token by name returned as byte array
	Get(key string) (jwt.Token, error)
}

TokenCache asks for two methods, one to save a token by a name and one to get a previously acquired token by name returned as jwt.Token

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.