auth

package
v0.19.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 9, 2024 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

View Source
const (
	SESSION_EXPIRES_AT_UNIX authFieldKey = "session_expires_at_unix"
	ACCESS_TOKEN            authFieldKey = "access_token"
	REFRESH_TOKEN           authFieldKey = "refresh_token"
	SERVICE_ACCOUNT_TOKEN   authFieldKey = "service_account_token"
	SERVICE_ACCOUNT_EMAIL   authFieldKey = "service_account_email"
	USER_EMAIL              authFieldKey = "user_email"
	SERVICE_ACCOUNT_KEY     authFieldKey = "service_account_key"
	PRIVATE_KEY             authFieldKey = "private_key"
	TOKEN_CUSTOM_ENDPOINT   authFieldKey = "token_custom_endpoint"
	IDP_TOKEN_ENDPOINT      authFieldKey = "idp_token_endpoint" //nolint:gosec // linter false positive
)

Variables

This section is empty.

Functions

func AuthenticateServiceAccount

func AuthenticateServiceAccount(p *print.Printer, rt http.RoundTripper) (email string, err error)

AuthenticateServiceAccount checks the type of the provided roundtripper, authenticates the CLI accordingly and store the credentials. For the key flow, it fetches an access and refresh token from the Service Account API. For the token flow, it just stores the provided token and doesn't check if it is valid. It returns the email associated with the service account

func AuthenticationConfig

func AuthenticationConfig(p *print.Printer, reauthorizeUserRoutine func(p *print.Printer, _ bool) error) (authCfgOption sdkConfig.ConfigurationOption, err error)

AuthenticationConfig reads the credentials from the storage and initializes the authentication flow. It returns the configuration option that can be used to create an authenticated SDK client.

If the user was logged in and the user session expired, reauthorizeUserRoutine is called to reauthenticate the user again.

func AuthorizeUser

func AuthorizeUser(p *print.Printer, isReauthentication bool) error

AuthorizeUser implements the PKCE OAuth2 flow.

func DeleteAuthField added in v0.10.0

func DeleteAuthField(key authFieldKey) error

func DeleteProfileAuth added in v0.10.0

func DeleteProfileAuth(profile string) error

func GetAuthField

func GetAuthField(key authFieldKey) (string, error)

func GetAuthFieldMap

func GetAuthFieldMap(keyMap map[authFieldKey]string) error

Populates the values in the given map according to the auth storage

func GetProfileEmail added in v0.8.0

func GetProfileEmail(profile string) string

GetProfileEmail returns the email of the user or service account associated with the given profile. If the profile is not authenticated or the email can't be obtained, it returns an empty string.

func LoginUser added in v0.10.0

func LoginUser(email, accessToken, refreshToken, sessionExpiresAtUnix string) error

func LogoutUser added in v0.10.0

func LogoutUser() error

func SetAuthField

func SetAuthField(key authFieldKey, value string) error

func SetAuthFieldMap

func SetAuthFieldMap(keyMap map[authFieldKey]string) error

Sets the values in the auth storage according to the given map

func SetAuthFlow

func SetAuthFlow(value AuthFlow) error

func UserTokenFlow

func UserTokenFlow(p *print.Printer) *userTokenFlow

Returns a round tripper that adds authentication according to the user token flow

Types

type AuthFlow

type AuthFlow string

Possible values of authentication flows

const (
	AUTH_FLOW_USER_TOKEN            AuthFlow = "user_token"
	AUTH_FLOW_SERVICE_ACCOUNT_TOKEN AuthFlow = "sa_token"
	AUTH_FLOW_SERVICE_ACCOUNT_KEY   AuthFlow = "sa_key"
)

func GetAuthFlow

func GetAuthFlow() (AuthFlow, error)

type User

type User struct {
	Email string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL