credentials

package

v0.0.46 Latest Latest Go to latest Published: Jul 13, 2022 License: BSD-3-Clause Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/broadinstitute/thelma

Links

Open Source Insights

Documentation ¶

Index ¶

type Credentials
- func New(thelmaConfig config.Config, thelmaRoot root.Root) (Credentials, error)
- func NewWithStore(store stores.Store) Credentials
type TokenOption
type TokenOptions
type TokenProvider
- func WithMasking(p TokenProvider) TokenProvider

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Credentials ¶

type Credentials interface {
	// NewTokenProvider returns a new TokenProvider for the given key
	NewTokenProvider(key string, opts ...TokenOption) TokenProvider
}

func New ¶

func New(thelmaConfig config.Config, thelmaRoot root.Root) (Credentials, error)

New returns a new Credentials instance using a directory store rooted at credentialsDir

func NewWithStore ¶ added in v0.0.31

func NewWithStore(store stores.Store) Credentials

NewWithStore returns a new Credentials instance backed by the given store

type TokenOption ¶

type TokenOption func(*TokenOptions)

TokenOption function for configuring a token's Options

type TokenOptions ¶

type TokenOptions struct {
	// EnvVar (optional) environment variable to use for this token. Defaults to key (upper-cased with s/-/_/, eg. "vault-token" -> "VAULT_TOKEN")
	EnvVar string
	// PromptEnabled (optional) if true, user will be prompted to manually enter a token value if one does not exist in credential store.
	PromptEnabled bool
	// PromptMessage (optional) Override default prompt message ("Please enter VAULT_TOKEN: ")
	PromptMessage string
	// ValidateFn (optional) Optional function for validating a token. If supplied, stored credentials will be validated before being returned to caller
	ValidateFn func([]byte) error
	// RefreshFn (optional) Optional function for refreshing a token. Called if a stored credential turns out to be invalid. If an error is returned, IssueFn will be called to issue a new credential.
	RefreshFn func([]byte) ([]byte, error)
	// IssueFn (optional) Optional function for issuing a new token. If supplied, prompt options are ignored.
	IssueFn func() ([]byte, error)
	// CredentialStore (optional) Use a custom credential store instead of the default store (~/.thelma/credentials/$key)
	CredentialStore stores.Store
}

TokenOptions configuration options for a TokenProvider

type TokenProvider ¶

type TokenProvider interface {
	// Get returns the value of the token. Based on the token's options, it will attempt to resolve a value for
	// the token by:
	// (1) Looking it up in environment variables
	// (2) Looking it up in local credential store (~/.thelma/credentials)
	// (3) Issue a new token (if issuer function configured)
	// (4) Prompting user for value (if enabled)
	// If none of the token resolution options succeed an error is returned.
	Get() ([]byte, error)
	// Reissue forces re-issue of the token, without checking environment variables or for a valid existing
	// credential in the store
	Reissue() ([]byte, error)
}

TokenProvider manages a token used for authentication, possibly stored on the local filesystem

func WithMasking ¶ added in v0.0.34

func WithMasking(p TokenProvider) TokenProvider

WithMasking decorates TokenProvider by configuring Thelma's logger to mask any secrets it returns

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
stores
testing

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL