Documentation
¶
Overview ¶
Package auth contains authentication related code supporting secret passwords and oauth2 tokens on GCE.
Index ¶
Constants ¶
const ( // The official google oauth2 endpoint. GoogleTokenInfoEndpoint = "https://oauth2.googleapis.com/tokeninfo" // Used in the config map as a prefix to distinguish auth identifiers from secret passwords // (which contain arbitrary strings, that can't have this prefix). OauthMagic = "OauthSubject:" )
const (
DashboardAudience = "https://syzkaller.appspot.com/api"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Endpoint ¶
type Endpoint struct {
// contains filtered or unexported fields
}
Represent a verification backend.
func MakeEndpoint ¶
func (*Endpoint) DetermineAuthSubj ¶
Returns the verified subject value based on the provided header value or "" if it can't be determined. A valid result starts with auth.OauthMagic. The now parameter is the current time to compare the claims against. The authHeader is styled as is typical for HTTP headers which carry the tokens prefixed by "Bearer " string.
type TokenCache ¶
type TokenCache struct {
// contains filtered or unexported fields
}
TokenCache keeps the tokens for reuse by Get.
func MakeCache ¶
func MakeCache(ctor func(method, url string, body io.Reader) (*http.Request, error), doer func(req *http.Request) (*http.Response, error)) (*TokenCache, error)
MakeCache creates a new cache or returns an error if tokens aren't available.
func (*TokenCache) Get ¶
func (cache *TokenCache) Get(now time.Time) (string, error)
Get returns a potentially cached value of the token or renews as necessary. The now parameter provides the current time for cache expiration. The returned value is suitable for Authorization header and syz-hub Key requests.
Source Files