Documentation
¶
Index ¶
- Variables
- func AuthenticateRequest(authnURL string, conjurVersion string, account string, username string) (*http.Request, error)
- func DataResponse(resp *http.Response) ([]byte, error)
- func EmptyResponse(resp *http.Response) error
- func LoginRequest(authnURL string, conjurVersion string, csrBytes []byte, usernamePrefix string) (*http.Request, error)
- func NewError(resp *http.Response) error
- type Authenticator
- func (auth *Authenticator) Authenticate() ([]byte, error)
- func (auth *Authenticator) GenerateCSR(commonName string) ([]byte, error)
- func (auth *Authenticator) IsCertExpired() bool
- func (auth *Authenticator) IsLoggedIn() bool
- func (auth *Authenticator) Login() error
- func (auth *Authenticator) ParseAuthenticationResponse(response []byte) error
- type Error
- type ErrorDetails
Constants ¶
This section is empty.
Variables ¶
var FullVersionName = fmt.Sprintf("%s-%s", Version, Tag)
FullVersionName is the user-visible aggregation of version and tag of this codebase
var Tag = "dev"
Tag field denotes the specific build type for the client. It may be replaced by compile-time variables if needed to provide the git commit information in the final binary
var Version = "0.19.0"
Version field is a SemVer that should indicate the baked-in version of the authn-k8s-client
Functions ¶
func AuthenticateRequest ¶
func AuthenticateRequest(authnURL string, conjurVersion string, account string, username string) (*http.Request, error)
AuthenticateRequest sends an authenticate request
func DataResponse ¶
DataResponse checks the HTTP status of the response. If it's less than 300, it returns the response body as a byte array. Otherwise it returns a NewError.
func EmptyResponse ¶
EmptyResponse checks the HTTP status of the response. If it's less than 300, it returns without an error. Otherwise it returns a NewError.
Types ¶
type Authenticator ¶
type Authenticator struct {
AccessToken access_token.AccessToken
Config authnConfig.Config
PublicCert *x509.Certificate
// contains filtered or unexported fields
}
Authenticator contains the configuration and client for the authentication connection to Conjur
func New ¶
func New(config authnConfig.Config) (*Authenticator, error)
New creates a new authenticator instance from a token file
func NewWithAccessToken ¶
func NewWithAccessToken(config authnConfig.Config, accessToken access_token.AccessToken) (*Authenticator, error)
NewWithAccessToken creates a new authenticator instance from a given access token
func (*Authenticator) Authenticate ¶
func (auth *Authenticator) Authenticate() ([]byte, error)
Authenticate sends Conjur an authenticate request and returns the response data. Also manages state of certificates.
func (*Authenticator) GenerateCSR ¶
func (auth *Authenticator) GenerateCSR(commonName string) ([]byte, error)
GenerateCSR prepares the CSR
func (*Authenticator) IsCertExpired ¶
func (auth *Authenticator) IsCertExpired() bool
IsCertExpired returns true if certificate is expired or close to expiring
func (*Authenticator) IsLoggedIn ¶
func (auth *Authenticator) IsLoggedIn() bool
IsLoggedIn returns true if we are logged in (have a cert)
func (*Authenticator) Login ¶
func (auth *Authenticator) Login() error
Login sends Conjur a CSR and verifies that the client cert is successfully retrieved
func (*Authenticator) ParseAuthenticationResponse ¶
func (auth *Authenticator) ParseAuthenticationResponse(response []byte) error
ParseAuthenticationResponse takes the response from the Authenticate request, decrypts if needed, and writes to the token file
type Error ¶
type Error struct {
Code int
Message string
Details *ErrorDetails `json:"error"`
}
Error includes the error info for Authenticator-related errors
type ErrorDetails ¶
ErrorDetails includes JSON data on authenticator.Errors
Source Files
Directories