credentials

package
v1.13.0-prerelease Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 22, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ChainProvider

type ChainProvider struct {
	Providers []Provider
	// contains filtered or unexported fields
}

A ChainProvider will search for a provider which returns credentials and cache that provider until Retrieve is called again.

The ChainProvider provides a way of chaining multiple providers together which will pick the first available using priority order of the Providers in the list.

If none of the Providers retrieve valid credentials Value, ChainProvider's Retrieve() will return the error ErrNoValidProvidersFoundInChain.

If a Provider is found which returns valid credentials Value ChainProvider will cache that Provider for all calls to IsExpired(), until Retrieve is called again.

func (*ChainProvider) IsExpired

func (c *ChainProvider) IsExpired() bool

IsExpired will returned the expired state of the currently cached provider if there is one. If there is no current provider, true will be returned.

func (*ChainProvider) Retrieve

func (c *ChainProvider) Retrieve() (Value, error)

Retrieve returns the credentials value or error if no provider returned without error.

If a provider is found it will be cached and any calls to IsExpired() will return the expired state of the cached provider.

type Credentials

type Credentials struct {
	// contains filtered or unexported fields
}

A Credentials provides concurrency safe retrieval of AWS credentials Value.

A Credentials is also used to fetch Azure credentials Value.

Credentials will cache the credentials value until they expire. Once the value expires the next Get will attempt to retrieve valid credentials.

Credentials is safe to use across multiple goroutines and will manage the synchronous state so the Providers do not need to implement their own synchronization.

The first Credentials.Get() will always call Provider.Retrieve() to get the first instance of the credentials Value. All calls to Get() after that will return the cached credentials Value until IsExpired() returns true.

func NewChainCredentials

func NewChainCredentials(providers []Provider) *Credentials

NewChainCredentials returns a pointer to a new Credentials object wrapping a chain of providers.

func NewCredentials

func NewCredentials(provider Provider) *Credentials

NewCredentials returns a pointer to a new Credentials with the provider set.

func (*Credentials) GetWithContext

func (c *Credentials) GetWithContext(ctx context.Context) (Value, error)

GetWithContext returns the credentials value, or error if the credentials Value failed to be retrieved. Will return early if the passed in context is canceled.

Will return the cached credentials Value if it has not expired. If the credentials Value has expired the Provider's Retrieve() will be called to refresh the credentials.

If Credentials.Expire() was called the credentials Value will be force expired, and the next call to Get() will cause them to be refreshed.

type Provider

type Provider interface {
	// Retrieve returns nil if it successfully retrieved the value.
	// Error is returned if the value were not obtainable, or empty.
	Retrieve() (Value, error)

	// IsExpired returns if the credentials are no longer valid, and need
	// to be retrieved.
	IsExpired() bool
}

A Provider is the interface for any component which will provide credentials Value. A provider is required to manage its own Expired state, and what to be expired means.

The Provider should not need to implement its own mutexes, because that will be managed by Credentials.

type ProviderWithContext

type ProviderWithContext interface {
	Provider

	RetrieveWithContext(context.Context) (Value, error)
}

ProviderWithContext is a Provider that can retrieve credentials with a Context

type Value

type Value struct {
	// AWS Access key ID
	AccessKeyID string

	// AWS Secret Access Key
	SecretAccessKey string

	// AWS Session Token
	SessionToken string

	// Provider used to get credentials
	ProviderName string
}

A Value is the AWS credentials value for individual credential fields.

A Value is also used to represent Azure credentials. Azure credentials only consist of an access token, which is stored in the `SessionToken` field.

func (Value) HasKeys

func (v Value) HasKeys() bool

HasKeys returns if the credentials Value has both AccessKeyID and SecretAccessKey value set.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL