Documentation
¶
Overview ¶
CredHub authentication strategies
Index ¶
- type Builder
- type Config
- type NoopStrategy
- type OAuthClient
- type OAuthStrategy
- func (a *OAuthStrategy) AccessToken() string
- func (a *OAuthStrategy) Do(req *http.Request) (*http.Response, error)
- func (a *OAuthStrategy) Login() error
- func (a *OAuthStrategy) Logout() error
- func (a *OAuthStrategy) Refresh() error
- func (a *OAuthStrategy) RefreshToken() string
- func (a *OAuthStrategy) SetTokens(access, refresh string)
- type Strategy
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Builder ¶
Builder constructs the auth type given a configuration
A builder is required by the credhub.Auth() option for credhub.New()
var Noop Builder = func(config Config) (Strategy, error) { return &NoopStrategy{config.Client()}, nil }
Noop builds a NoopStrategy
func Uaa ¶
func Uaa(clientId, clientSecret, username, password, accessToken, refreshToken string, usingClientCrendentials bool) Builder
Uaa builds an OauthStrategy for a UAA using existing tokens
func UaaClientCredentials ¶
UaaClientCredential builds an OauthStrategy for UAA using client_credential_grant token requests
func UaaPassword ¶
UaaPassword builds an OauthStrategy for UAA using password_grant token requests
type Config ¶
Config provides the CredHub configuration necessary to build an auth Strategy
The credhub.CredHub struct conforms to this interface
type NoopStrategy ¶
NoopStrategy will submit requests with no additional authentication
type OAuthClient ¶
type OAuthClient interface {
ClientCredentialGrant(clientId, clientSecret string) (string, error)
PasswordGrant(clientId, clientSecret, username, password string) (string, string, error)
RefreshTokenGrant(clientId, clientSecret, refreshToken string) (string, string, error)
RevokeToken(token string) error
}
type OAuthStrategy ¶
type OAuthStrategy struct {
Username string
Password string
ClientId string
ClientSecret string
ApiClient *http.Client
OAuthClient OAuthClient
ClientCredentialRefresh bool
// contains filtered or unexported fields
}
OAuth authentication strategy
func (*OAuthStrategy) AccessToken ¶
func (a *OAuthStrategy) AccessToken() string
AccessToken is the Bearer token to be used for authenticated requests
func (*OAuthStrategy) Do ¶
Do submits requests with bearer token authorization, using the AccessToken as the bearer token.
Will automatically refresh the AccessToken and retry the request if the token has expired.
func (*OAuthStrategy) Login ¶
func (a *OAuthStrategy) Login() error
Login will make a token grant request to the OAuth server
The grant type will be password grant if Username is not empty, and client credentials grant otherwise.
On success, the AccessToken and RefreshToken (if given) will be populated.
Login will be a no-op if the AccessToken is not empty when invoked.
func (*OAuthStrategy) Logout ¶
func (a *OAuthStrategy) Logout() error
Logout will send a revoke token request
On success, the AccessToken and RefreshToken will be empty
func (*OAuthStrategy) Refresh ¶
func (a *OAuthStrategy) Refresh() error
Refresh will get a new AccessToken
If RefreshToken is available, a refresh token grant will be used, otherwise client credential grant will be used.
func (*OAuthStrategy) RefreshToken ¶
func (a *OAuthStrategy) RefreshToken() string
RefreshToken is used to by Refresh() to get a new AccessToken. Only applies for password grants.
func (*OAuthStrategy) SetTokens ¶
func (a *OAuthStrategy) SetTokens(access, refresh string)
SetToken sets the AccessToken and RefreshTokens
Source Files
Directories