endpointcreds

package
v1.17.24 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 3, 2024 License: Apache-2.0 Imports: 7 Imported by: 56

Documentation

Overview

Package endpointcreds provides support for retrieving credentials from an arbitrary HTTP endpoint.

The credentials endpoint Provider can receive both static and refreshable credentials that will expire. Credentials are static when an "Expiration" value is not provided in the endpoint's response.

Static credentials will never expire once they have been retrieved. The format of the static credentials response:

{
    "AccessKeyId" : "MUA...",
    "SecretAccessKey" : "/7PC5om....",
}

Refreshable credentials will expire within the "ExpiryWindow" of the Expiration value in the response. The format of the refreshable credentials response:

{
    "AccessKeyId" : "MUA...",
    "SecretAccessKey" : "/7PC5om....",
    "Token" : "AQoDY....=",
    "Expiration" : "2016-02-25T06:03:31Z"
}

Errors should be returned in the following format and only returned with 400 or 500 HTTP status codes.

{
    "code": "ErrorCode",
    "message": "Helpful error message."
}

Index

Constants

View Source
const ProviderName = `CredentialsEndpointProvider`

ProviderName is the name of the credentials provider.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthTokenProvider added in v1.16.0

type AuthTokenProvider interface {
	GetToken() (string, error)
}

AuthTokenProvider defines an interface to dynamically load a value to be passed for the Authorization header of a credentials request.

type HTTPClient

type HTTPClient interface {
	Do(*http.Request) (*http.Response, error)
}

HTTPClient is a client for sending HTTP requests

type Options

type Options struct {
	// Endpoint to retrieve credentials from. Required
	Endpoint string

	// HTTPClient to handle sending HTTP requests to the target endpoint.
	HTTPClient HTTPClient

	// Set of options to modify how the credentials operation is invoked.
	APIOptions []func(*middleware.Stack) error

	// The Retryer to be used for determining whether a failed requested should be retried
	Retryer aws.Retryer

	// Optional authorization token value if set will be used as the value of
	// the Authorization header of the endpoint credential request.
	//
	// When constructed from environment, the provider will use the value of
	// AWS_CONTAINER_AUTHORIZATION_TOKEN environment variable as the token
	//
	// Will be overridden if AuthorizationTokenProvider is configured
	AuthorizationToken string

	// Optional auth provider func to dynamically load the auth token from a file
	// everytime a credential is retrieved
	//
	// When constructed from environment, the provider will read and use the content
	// of the file pointed to by AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE environment variable
	// as the auth token everytime credentials are retrieved
	//
	// Will override AuthorizationToken if configured
	AuthorizationTokenProvider AuthTokenProvider
}

Options is structure of configurable options for Provider

type Provider

type Provider struct {
	// contains filtered or unexported fields
}

Provider satisfies the aws.CredentialsProvider interface, and is a client to retrieve credentials from an arbitrary endpoint.

func New

func New(endpoint string, optFns ...func(*Options)) *Provider

New returns a credentials Provider for retrieving AWS credentials from arbitrary endpoint.

func (*Provider) Retrieve

func (p *Provider) Retrieve(ctx context.Context) (aws.Credentials, error)

Retrieve will attempt to request the credentials from the endpoint the Provider was configured for. And error will be returned if the retrieval fails.

type TokenProviderFunc added in v1.16.0

type TokenProviderFunc func() (string, error)

TokenProviderFunc is a func type implementing AuthTokenProvider interface and enables customizing token provider behavior

func (TokenProviderFunc) GetToken added in v1.16.0

func (p TokenProviderFunc) GetToken() (string, error)

GetToken func retrieves auth token according to TokenProviderFunc implementation

Directories

Path Synopsis
internal

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL