Documentation
¶
Index ¶
- func GetSecretFromKeyVault(servicePrincipal azcore.TokenCredential, vaultURI, secret string) string
- func NewJwksProvider(issuer string) *jwkeyset.CachingProvider
- func NewJwtTokenValidator(issuer string, audience string, ...) gin.HandlerFunc
- func NewUdcCachingProvider(credential azcore.TokenCredential, ttl time.Duration) *udcCachingProvider
- func NewUserDelegationSasProvider(udcProvider UdcProvider, maxDuration time.Duration) userDelegationSasProvider
- type SasTokenProvider
- type UdcProvider
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetSecretFromKeyVault ¶
func GetSecretFromKeyVault( servicePrincipal azcore.TokenCredential, vaultURI, secret string, ) string
- Get secret from azure key-vault *
- This function is pure convenience. It hides some noisy lines needed to fetch
- keys from the key vault on server-startup. It will call log.Fatal if for any
- reason the request key cannot be retrieved, which means it's not suited
- to be called while the server is running.
func NewJwksProvider ¶
func NewJwksProvider(issuer string) *jwkeyset.CachingProvider
func NewJwtTokenValidator ¶
func NewJwtTokenValidator( issuer string, audience string, keyFunc func(context.Context) (interface{}, error), ) gin.HandlerFunc
- Authentication middleware *
- Check for- and validate access token in the authorization header on
- incoming requests. If present, the role claim in the token will be extracted
- and added to the gin context as "jwtRolesClaim" as a []string. If "roles" is
- not present "jwtRolesClaim" will be set to []string{}
func NewUdcCachingProvider ¶
func NewUdcCachingProvider( credential azcore.TokenCredential, ttl time.Duration, ) *udcCachingProvider
func NewUserDelegationSasProvider ¶
func NewUserDelegationSasProvider( udcProvider UdcProvider, maxDuration time.Duration, ) userDelegationSasProvider
Types ¶
type SasTokenProvider ¶
* Interface for SAS token providers
type UdcProvider ¶
type UdcProvider interface {
/** Get a udc for a given storage account, that is valid for time.Duration */
UserDelegationCredential(
string,
time.Duration,
) (service.UserDelegationCredential, error)
}
* Interface for User Delegation Credential (udc) Providers
Source Files
Click to show internal directories.
Click to hide internal directories.