auth

package
v1.23.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 26, 2024 License: Apache-2.0 Imports: 18 Imported by: 9

Documentation

Overview

Package auth contains all the possible ways to authenticate against the Elastic Cloud API. Although there are different ways, the recommended authentication mechanism are API Keys, manageable via the UI or API Key management APIs.

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrNoTokenAvailable should be returned by any implementations which
	// fail to find any persisted token for the user.
	ErrNoTokenAvailable = errors.New("auth: no persisted token available for the user")
)

Functions

This section is empty.

Types

type APIKey

type APIKey string

APIKey represents an APIKey used in the Authorization header as means of authentication. It is the preferred method of authentication.

func NewAPIKey

func NewAPIKey(key string) (*APIKey, error)

NewAPIKey constructs a new APIKey, returns an error if the key is invalid.

func (APIKey) AuthRequest

func (k APIKey) AuthRequest(req *http.Request) *http.Request

AuthRequest adds the Authorization header to an http.Request

func (APIKey) AuthenticateRequest

func (k APIKey) AuthenticateRequest(c runtime.ClientRequest, r strfmt.Registry) error

AuthenticateRequest authenticates a runtime.ClientRequest. Implements the runtime.ClientAuthInfoWriter interface.

func (APIKey) String

func (k APIKey) String() string

func (APIKey) Validate

func (k APIKey) Validate() error

Validate ensures the validity of the data container.

type Config

type Config struct {
	APIKey   string
	Password string
	Username string
}

Config to create e new AuthWriters

func (Config) Validate

func (c Config) Validate() error

Validate ensures that the config is usable.

type GenericHolder

type GenericHolder struct {
	// contains filtered or unexported fields
}

GenericHolder is a simple implementation of TokenHandler which persists the token in an inmemory struct field which is guarded by a RWMutex.

func (*GenericHolder) Load

func (t *GenericHolder) Load() (string, error)

Load returns a persisted token scoped to the current authenticated user.

func (*GenericHolder) Token

func (t *GenericHolder) Token() string

Token returns current token.

func (*GenericHolder) Update

func (t *GenericHolder) Update(s string) error

Update replaces the token with a new one.

type RefreshTokenParams

type RefreshTokenParams struct {
	Client           *client.Rest
	Frequency        time.Duration
	ErrorDevice      io.Writer
	InterruptChannel chan os.Signal
}

RefreshTokenParams is used to refresh a bearer token, which is necessary before its validity expires.

func (*RefreshTokenParams) Validate

func (params *RefreshTokenParams) Validate() error

Validate ensures that the parameters are valid.

type TokenHandler

type TokenHandler interface {
	// Load returns a persisted token scoped to the current authenticated user.
	Load() (string, error)

	// Update replaces the token with a new one.
	Update(string) error

	// Token returns current token.
	Token() string
}

TokenHandler is an interface which abstracts the application management of JWT Bearer tokens. Lightweight on purpose to allow loose implementations.

type UserLogin

type UserLogin struct {
	Username, Password string
	Holder             TokenHandler
}

UserLogin uses a user's username and password to login against the Login API Endpoint. Doing so obtains a JWT token which is then persisted in the token field, guarded by a mutex. This is a form of user authentication, but API Keys are still the preferred authentication mechanism.

func NewUserLogin

func NewUserLogin(username, password string) (*UserLogin, error)

NewUserLogin creates a UserLogin from a username and password. It does not automatically login against the API until Auth() is called.

func (*UserLogin) AuthRequest

func (t *UserLogin) AuthRequest(req *http.Request) *http.Request

AuthRequest adds the Authorization header to an http.Request

func (*UserLogin) AuthenticateRequest

func (t *UserLogin) AuthenticateRequest(c runtime.ClientRequest, r strfmt.Registry) error

AuthenticateRequest authenticates a runtime.ClientRequest. Implements the runtime.ClientAuthInfoWriter interface using the JWT Bearer token.

func (*UserLogin) Login

func (t *UserLogin) Login(c *client.Rest) error

Login calls the authentication/login endpoint with a username and password persisting the returned token.

func (*UserLogin) RefreshToken

func (t *UserLogin) RefreshToken(params RefreshTokenParams) error

RefreshToken creates a goroutine which will run in the background refreshing the token every Frequency. It does not refresh the token until the first period has passed.

func (*UserLogin) RefreshTokenOnce

func (t *UserLogin) RefreshTokenOnce(c *client.Rest) error

RefreshTokenOnce refreshRefreshTokenOncees the current JWT token once.

func (*UserLogin) Validate

func (t *UserLogin) Validate() error

Validate ensures the validity of the data container.

type Writer

type Writer interface {
	runtime.ClientAuthInfoWriter
	AuthRequest(req *http.Request) *http.Request
}

Writer wraps the runtime.ClientAuthInfoWriter interface adding a method to Auth generic http.Request.

func NewAuthWriter

func NewAuthWriter(c Config) (Writer, error)

NewAuthWriter creates a new instance of one of the implementations of Writer *APIKey or *UserLogin.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL