Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ChainProvider ¶
type ChainProvider struct { Providers []Provider // contains filtered or unexported fields }
A ChainProvider will search for a provider which returns credentials and cache that provider until Retrieve is called again.
The ChainProvider provides a way of chaining multiple providers together which will pick the first available using priority order of the Providers in the list.
If none of the Providers retrieve valid credentials Value, ChainProvider's Retrieve() will return the error ErrNoValidProvidersFoundInChain.
If a Provider is found which returns valid credentials Value ChainProvider will cache that Provider for all calls to IsExpired(), until Retrieve is called again.
func (*ChainProvider) IsExpired ¶
func (c *ChainProvider) IsExpired() bool
IsExpired will returned the expired state of the currently cached provider if there is one. If there is no current provider, true will be returned.
func (*ChainProvider) Retrieve ¶
func (c *ChainProvider) Retrieve() (Value, error)
Retrieve returns the credentials value or error if no provider returned without error.
If a provider is found it will be cached and any calls to IsExpired() will return the expired state of the cached provider.
type Credentials ¶
type Credentials struct {
// contains filtered or unexported fields
}
A Credentials provides concurrency safe retrieval of AWS credentials Value.
A Credentials is also used to fetch Azure credentials Value.
Credentials will cache the credentials value until they expire. Once the value expires the next Get will attempt to retrieve valid credentials.
Credentials is safe to use across multiple goroutines and will manage the synchronous state so the Providers do not need to implement their own synchronization.
The first Credentials.Get() will always call Provider.Retrieve() to get the first instance of the credentials Value. All calls to Get() after that will return the cached credentials Value until IsExpired() returns true.
func NewChainCredentials ¶
func NewChainCredentials(providers []Provider) *Credentials
NewChainCredentials returns a pointer to a new Credentials object wrapping a chain of providers.
func NewCredentials ¶
func NewCredentials(provider Provider) *Credentials
NewCredentials returns a pointer to a new Credentials with the provider set.
func (*Credentials) GetWithContext ¶
func (c *Credentials) GetWithContext(ctx context.Context) (Value, error)
GetWithContext returns the credentials value, or error if the credentials Value failed to be retrieved. Will return early if the passed in context is canceled.
Will return the cached credentials Value if it has not expired. If the credentials Value has expired the Provider's Retrieve() will be called to refresh the credentials.
If Credentials.Expire() was called the credentials Value will be force expired, and the next call to Get() will cause them to be refreshed.
type Provider ¶
type Provider interface { // Retrieve returns nil if it successfully retrieved the value. // Error is returned if the value were not obtainable, or empty. Retrieve() (Value, error) // IsExpired returns if the credentials are no longer valid, and need // to be retrieved. IsExpired() bool }
A Provider is the interface for any component which will provide credentials Value. A provider is required to manage its own Expired state, and what to be expired means.
The Provider should not need to implement its own mutexes, because that will be managed by Credentials.
type ProviderWithContext ¶
ProviderWithContext is a Provider that can retrieve credentials with a Context
type Value ¶
type Value struct { // AWS Access key ID AccessKeyID string // AWS Secret Access Key SecretAccessKey string // AWS Session Token SessionToken string // Provider used to get credentials ProviderName string }
A Value is the AWS credentials value for individual credential fields.
A Value is also used to represent Azure credentials. Azure credentials only consist of an access token, which is stored in the `SessionToken` field.