authlib

package
v0.11.19 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 2, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewX509TokenManager 

func NewX509TokenManager(
	sourceNamespace string,
	sourceName string,
	opts ...Option,
) manipulate.SelfTokenManager

NewX509TokenManager returns a new X.509 backed manipulate.SelfTokenManager.

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

A Client to authenticate and retrieve an A3S token using one of the supported authentication sources.

func NewClient 

func NewClient(m manipulate.Manipulator) *Client

NewClient returns a new Client.

func (*Client) AuthFromA3S 

func (a *Client) AuthFromA3S(ctx context.Context, token string, options ...Option) (string, error)

AuthFromA3S requests a token using the provided local a3s token.

func (*Client) AuthFromAWS 

func (a *Client) AuthFromAWS(ctx context.Context, accessKeyID, secretAccessKey, token string, options ...Option) (string, error)

AuthFromAWS requests a token using the provided AWS sts information. If accessKeyID, secretAccessKey and token are empty, the function will assume it is running on an AWS instance and will try to retrieve them using the magic IP.

func (*Client) AuthFromAzure 

func (a *Client) AuthFromAzure(ctx context.Context, token string, options ...Option) (string, error)

AuthFromAzure requests a token using the provided Azure token. If token is empty, the function will assume it is running on an Azure instance and will try to retrieve it using the magic IP.

func (*Client) AuthFromCertificate 

func (a *Client) AuthFromCertificate(ctx context.Context, sourceNamespace string, sourceName string, options ...Option) (string, error)

AuthFromCertificate requests an identity token from the currently configured Certificate in the manipulator that was provided during initialization. If the manipulator has no configured Certificate, this function will fail.

func (*Client) AuthFromGCP 

func (a *Client) AuthFromGCP(ctx context.Context, token string, audience string, options ...Option) (string, error)

AuthFromGCP requests a token using the provided GCP token. If token is empty, the function will assume it is running on an GCP instance and will try to retrieve it using the magic IP.

func (*Client) AuthFromHTTP 

func (a *Client) AuthFromHTTP(ctx context.Context, username string, password string, totp string, sourceNamespace string, sourceName string, options ...Option) (string, error)

AuthFromHTTP requests a token using the provided username and password from the source with the given namespace and name.

func (*Client) AuthFromLDAP 

func (a *Client) AuthFromLDAP(ctx context.Context, username string, password string, sourceNamespace string, sourceName string, options ...Option) (string, error)

AuthFromLDAP requests a token using the provided credentials with the LDAP auth source with the given namespace and namespace.

func (*Client) AuthFromOIDCStep1 

func (a *Client) AuthFromOIDCStep1(ctx context.Context, sourceNamespace string, sourceName string, redirectURL string) (string, error)

AuthFromOIDCStep1 performs the first step of the OIDC ceremony using the configured OIDC auth source identified by its name and namespace. The functiion will return the provider URL to use to autenticate.

func (*Client) AuthFromOIDCStep2 

func (a *Client) AuthFromOIDCStep2(ctx context.Context, sourceNamespace string, sourceName string, code string, state string, options ...Option) (string, error)

AuthFromOIDCStep2 finishes the OIDC ceremony using the code and state you obtained after performing the authentication against the OIDC provider.

func (*Client) AuthFromRemoteA3S 

func (a *Client) AuthFromRemoteA3S(ctx context.Context, token string, sourceNamespace string, sourceName string, options ...Option) (string, error)

AuthFromRemoteA3S requests a token using the provided remote a3s token with the provided RemoteA3S source with the given namespace and name.

type Option 

type Option func(*config)

An Option is the type of various options You can add the issue requests.

func OptAudience 

func OptAudience(audience ...string) Option

OptAudience passes the requested audience for the token.

func OptCloak 

func OptCloak(cloaking ...string) Option

OptCloak sets the claims cloaking option for the token.

func OptOpaque 

func OptOpaque(opaque map[string]string) Option

OptOpaque passes opaque data that will be included in the JWT.

func OptRefresh 

func OptRefresh(refresh bool) Option

OptRefresh asks for a refresh token.

func OptRestrictions 

func OptRestrictions(restrictions permissions.Restrictions) Option

OptRestrictions sets the request restrictions for the token.

func OptValidity 

func OptValidity(validity time.Duration) Option

OptValidity sets the validity to request for the token.

type PeriodicTokenManager 

type PeriodicTokenManager struct {
	// contains filtered or unexported fields
}

A PeriodicTokenManager issues an renew tokens periodically.

func NewPeriodicTokenManager 

func NewPeriodicTokenManager(validity time.Duration, issuerFunc TokenIssuerFunc) *PeriodicTokenManager

NewPeriodicTokenManager returns a new PeriodicTokenManager backed by midgard.

func (*PeriodicTokenManager) Issue 

func (m *PeriodicTokenManager) Issue(ctx context.Context) (token string, err error)

Issue issues a token.

func (*PeriodicTokenManager) Run 

func (m *PeriodicTokenManager) Run(ctx context.Context, tokenCh chan string)

Run runs the token renewal job.

type TokenIssuerFunc 

type TokenIssuerFunc func(context.Context, time.Duration) (string, error)

TokenIssuerFunc is the type of function that can be used to retrieve a token.

Source Files

View all Source files

Directories

Path Synopsis
internal
providers

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.