ias

package

v0.0.0-...-7502457 Latest Latest Go to latest Published: Jan 9, 2025 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kyma-project/eventing-auth-manager

Documentation ¶

Index ¶

Variables
type Application
- func NewApplication(id, clientID, clientSecret, tokenURL, certsURL string) Application
- func (a Application) GetID() string
- func (a Application) ToSecret(name, ns string) kcorev1.Secret
type Client
type Credentials
- func NewCredentials(url, username, password string) *Credentials

Constants ¶

This section is empty.

Variables ¶

View Source

var NewClient = func(iasTenantUrl, user, password string) (Client, error) {
	basicAuthProvider, err := securityprovider.NewSecurityProviderBasicAuth(user, password)
	if err != nil {
		return nil, err
	}

	applicationsEndpointURL := fmt.Sprintf("%s/Applications/v1/", iasTenantUrl)
	apiClient, err := api.NewClientWithResponses(applicationsEndpointURL, api.WithRequestEditorFn(basicAuthProvider.Intercept))
	if err != nil {
		return nil, err
	}

	const timeout = time.Second * 5
	oidcHTTPClient := &http.Client{
		Timeout: timeout,
	}

	return &client{
		api:         apiClient,
		oidcClient:  oidc.NewOidcClient(oidcHTTPClient, iasTenantUrl),
		credentials: &Credentials{URL: iasTenantUrl, Username: user, Password: password},
	}, nil
}

View Source

var ReadCredentials = func(namespace, name string, k8sClient kpkgclient.Client) (*Credentials, error) {
	namespacedName := types.NamespacedName{
		Namespace: namespace,
		Name:      name,
	}
	iasSecret := &kcorev1.Secret{}
	if err := k8sClient.Get(context.TODO(), namespacedName, iasSecret); err != nil {
		return nil, err
	}

	var exists bool
	var url, username, password []byte
	var err error
	if url, exists = iasSecret.Data[urlString]; !exists {
		err = errors.Errorf("key %s is not found in ias secret", urlString)
	}
	if username, exists = iasSecret.Data[usernameString]; !exists {
		if err != nil {
			err = errors.Wrapf(err, "key %s is not found in ias secret", usernameString)
		} else {
			err = errors.Errorf("key %s is not found in ias secret", usernameString)
		}
	}
	if password, exists = iasSecret.Data[passwordString]; !exists {
		if err != nil {
			err = errors.Wrapf(err, "key %s is not found in ias secret", passwordString)
		} else {
			err = errors.Errorf("key %s is not found in ias secret", passwordString)
		}
	}
	if err != nil {
		return nil, err
	}
	iasConfig := NewCredentials(string(url), string(username), string(password))
	return iasConfig, nil
}

ReadCredentials fetches ias credentials from secret in the cluster. Reads from env vars if secret is missing.

Functions ¶

This section is empty.

Types ¶

type Application ¶

type Application struct {
	// contains filtered or unexported fields
}

func NewApplication ¶

func NewApplication(id, clientID, clientSecret, tokenURL, certsURL string) Application

func (Application) GetID ¶

func (a Application) GetID() string

func (Application) ToSecret ¶

func (a Application) ToSecret(name, ns string) kcorev1.Secret

type Client ¶

type Client interface {
	CreateApplication(ctx context.Context, name, globalAccountID string) (Application, error)
	DeleteApplication(ctx context.Context, name string) error
	GetCredentials() *Credentials
}

type Credentials ¶

type Credentials struct {
	URL      string
	Username string
	Password string
}

func NewCredentials ¶

func NewCredentials(url, username, password string) *Credentials

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
internal
api Package api provides primitives to interact with the openapi HTTP API.	Package api provides primitives to interact with the openapi HTTP API.
api/mocks
mocks
oidc
oidc/mocks

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL