Documentation ¶
Index ¶
- Constants
- func AuthenticateServiceAccount(p *print.Printer, rt http.RoundTripper) (email string, err error)
- func AuthenticationConfig(p *print.Printer, ...) (authCfgOption sdkConfig.ConfigurationOption, err error)
- func AuthorizeUser(p *print.Printer, isReauthentication bool) error
- func DeleteProfileFromKeyring(profile string) error
- func GetAuthField(key authFieldKey) (string, error)
- func GetAuthFieldMap(keyMap map[authFieldKey]string) error
- func GetProfileEmail(profile string) string
- func SetAuthField(key authFieldKey, value string) error
- func SetAuthFieldMap(keyMap map[authFieldKey]string) error
- func SetAuthFlow(value AuthFlow) error
- func UserTokenFlow(p *print.Printer) *userTokenFlow
- type AuthFlow
- type User
Constants ¶
const ( SESSION_EXPIRES_AT_UNIX authFieldKey = "session_expires_at_unix" ACCESS_TOKEN authFieldKey = "access_token" REFRESH_TOKEN authFieldKey = "refresh_token" SERVICE_ACCOUNT_TOKEN authFieldKey = "service_account_token" SERVICE_ACCOUNT_EMAIL authFieldKey = "service_account_email" USER_EMAIL authFieldKey = "user_email" SERVICE_ACCOUNT_KEY authFieldKey = "service_account_key" PRIVATE_KEY authFieldKey = "private_key" TOKEN_CUSTOM_ENDPOINT authFieldKey = "token_custom_endpoint" JWKS_CUSTOM_ENDPOINT authFieldKey = "jwks_custom_endpoint" )
Variables ¶
This section is empty.
Functions ¶
func AuthenticateServiceAccount ¶
AuthenticateServiceAccount checks the type of the provided roundtripper, authenticates the CLI accordingly and store the credentials. For the key flow, it fetches an access and refresh token from the Service Account API. For the token flow, it just stores the provided token and doesn't check if it is valid. It returns the email associated with the service account
func AuthenticationConfig ¶
func AuthenticationConfig(p *print.Printer, reauthorizeUserRoutine func(p *print.Printer, isReauthentication bool) error) (authCfgOption sdkConfig.ConfigurationOption, err error)
AuthenticationConfig reads the credentials from the storage and initializes the authentication flow. It returns the configuration option that can be used to create an authenticated SDK client.
If the user was logged in and the user session expired, reauthorizeUserRoutine is called to reauthenticate the user again.
func AuthorizeUser ¶
AuthorizeUser implements the PKCE OAuth2 flow.
func DeleteProfileFromKeyring ¶ added in v0.8.0
func GetAuthField ¶
func GetAuthFieldMap ¶
Populates the values in the given map according to the auth storage
func GetProfileEmail ¶ added in v0.8.0
GetProfileEmail returns the email of the user or service account associated with the given profile. If the profile is not authenticated or the email can't be obtained, it returns an empty string.
func SetAuthField ¶
func SetAuthFieldMap ¶
Sets the values in the auth storage according to the given map
func SetAuthFlow ¶
func UserTokenFlow ¶
Returns a round tripper that adds authentication according to the user token flow