Documentation ¶
Overview ¶
Package configauth implements the configuration settings to ensure authentication on incoming requests, and allows exporters to add authentication on outgoing requests.
Index ¶
- type AuthenticateFunc
- type Authentication
- type ClientAuthenticator
- type ClientOption
- func WithClientRoundTripper(roundTripperFunc func(base http.RoundTripper) (http.RoundTripper, error)) ClientOption
- func WithClientShutdown(shutdownFunc component.ShutdownFunc) ClientOption
- func WithClientStart(startFunc component.StartFunc) ClientOption
- func WithPerRPCCredentials(perRPCCredentialsFunc func() (credentials.PerRPCCredentials, error)) ClientOption
- type MockClientAuthenticator
- func (m *MockClientAuthenticator) PerRPCCredentials() (credentials.PerRPCCredentials, error)
- func (m *MockClientAuthenticator) RoundTripper(base http.RoundTripper) (http.RoundTripper, error)
- func (m *MockClientAuthenticator) Shutdown(ctx context.Context) error
- func (m *MockClientAuthenticator) Start(ctx context.Context, host component.Host) error
- type Option
- type ServerAuthenticator
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticateFunc ¶ added in v0.26.0
type AuthenticateFunc func(ctx context.Context, headers map[string][]string) (context.Context, error)
AuthenticateFunc defines the signature for the function responsible for performing the authentication based on the given headers map. See ServerAuthenticator.Authenticate.
type Authentication ¶
type Authentication struct { // AuthenticatorID specifies the name of the extension to use in order to authenticate the incoming data point. AuthenticatorID config.ComponentID `mapstructure:"authenticator"` }
Authentication defines the auth settings for the receiver.
func (Authentication) GetClientAuthenticator ¶ added in v0.38.0
func (a Authentication) GetClientAuthenticator(extensions map[config.ComponentID]component.Extension) (ClientAuthenticator, error)
GetClientAuthenticator attempts to select the appropriate ClientAuthenticator from the list of extensions, based on the component id of the extension. If an authenticator is not found, an error is returned. This should be only used by HTTP clients.
func (Authentication) GetServerAuthenticator ¶ added in v0.38.0
func (a Authentication) GetServerAuthenticator(extensions map[config.ComponentID]component.Extension) (ServerAuthenticator, error)
GetServerAuthenticator attempts to select the appropriate ServerAuthenticator from the list of extensions, based on the requested extension name. If an authenticator is not found, an error is returned.
type ClientAuthenticator ¶ added in v0.28.0
type ClientAuthenticator interface { component.Extension // RoundTripper returns a RoundTripper that can be used to authenticate HTTP requests. RoundTripper(base http.RoundTripper) (http.RoundTripper, error) // PerRPCCredentials returns a PerRPCCredentials that can be used to authenticate gRPC requests. PerRPCCredentials() (credentials.PerRPCCredentials, error) }
ClientAuthenticator is an Extension that can be used as an authenticator for the configauth.Authentication option. Authenticators are then included as part of OpenTelemetry Collector builds and can be referenced by their names from the Authentication configuration.
func NewClientAuthenticator ¶ added in v0.47.0
func NewClientAuthenticator(options ...ClientOption) ClientAuthenticator
NewClientAuthenticator returns a ClientAuthenticator configured with the provided options.
type ClientOption ¶ added in v0.47.0
type ClientOption func(*defaultClientAuthenticator)
Option represents the possible options for NewServerAuthenticator.
func WithClientRoundTripper ¶ added in v0.47.0
func WithClientRoundTripper(roundTripperFunc func(base http.RoundTripper) (http.RoundTripper, error)) ClientOption
WithClientRoundTripper provides a `RoundTripper` function for this client authenticator. The default round tripper is no-op.
func WithClientShutdown ¶ added in v0.47.0
func WithClientShutdown(shutdownFunc component.ShutdownFunc) ClientOption
WithClientShutdown overrides the default `Shutdown` function for a component.Component. The default always returns nil.
func WithClientStart ¶ added in v0.47.0
func WithClientStart(startFunc component.StartFunc) ClientOption
WithClientStart overrides the default `Start` function for a component.Component. The default always returns nil.
func WithPerRPCCredentials ¶ added in v0.47.0
func WithPerRPCCredentials(perRPCCredentialsFunc func() (credentials.PerRPCCredentials, error)) ClientOption
WithPerRPCCredentials provides a `PerRPCCredentials` function for this client authenticator. There's no default.
type MockClientAuthenticator ¶ added in v0.28.0
type MockClientAuthenticator struct { ResultRoundTripper http.RoundTripper ResultPerRPCCredentials credentials.PerRPCCredentials MustError bool }
MockClientAuthenticator provides a mock implementation of GRPCClientAuthenticator and HTTPClientAuthenticator interfaces
func (*MockClientAuthenticator) PerRPCCredentials ¶ added in v0.28.0
func (m *MockClientAuthenticator) PerRPCCredentials() (credentials.PerRPCCredentials, error)
PerRPCCredentials for the MockClientAuthenticator either returns error if the mock authenticator is forced to or returns the supplied resultPerRPCCredentials.
func (*MockClientAuthenticator) RoundTripper ¶ added in v0.28.0
func (m *MockClientAuthenticator) RoundTripper(base http.RoundTripper) (http.RoundTripper, error)
RoundTripper for the MockClientAuthenticator either returns error if the mock authenticator is forced to or returns the supplied resultRoundTripper.
type Option ¶ added in v0.42.0
type Option func(*defaultServerAuthenticator)
Option represents the possible options for NewServerAuthenticator.
func WithAuthenticate ¶ added in v0.42.0
func WithAuthenticate(authenticateFunc AuthenticateFunc) Option
WithAuthenticate specifies which function to use to perform the authentication.
func WithShutdown ¶ added in v0.42.0
func WithShutdown(shutdownFunc component.ShutdownFunc) Option
WithShutdown overrides the default `Shutdown` function for a component.Component. The default always returns nil.
type ServerAuthenticator ¶ added in v0.28.0
type ServerAuthenticator interface { component.Extension // Authenticate checks whether the given headers map contains valid auth data. Successfully authenticated calls will always return a nil error. // When the authentication fails, an error must be returned and the caller must not retry. This function is typically called from interceptors, // on behalf of receivers, but receivers can still call this directly if the usage of interceptors isn't suitable. // The deadline and cancellation given to this function must be respected, but note that authentication data has to be part of the map, not context. // The resulting context should contain the authentication data, such as the principal/username, group membership (if available), and the raw // authentication data (if possible). This will allow other components in the pipeline to make decisions based on that data, such as routing based // on tenancy as determined by the group membership, or passing through the authentication data to the next collector/backend. // The context keys to be used are not defined yet. Authenticate(ctx context.Context, headers map[string][]string) (context.Context, error) }
ServerAuthenticator is an Extension that can be used as an authenticator for the configauth.Authentication option. Authenticators are then included as part of OpenTelemetry Collector builds and can be referenced by their names from the Authentication configuration. Each ServerAuthenticator is free to define its own behavior and configuration options, but note that the expectations that come as part of Extensions exist here as well. For instance, multiple instances of the same authenticator should be possible to exist under different names.
func NewServerAuthenticator ¶ added in v0.42.0
func NewServerAuthenticator(options ...Option) ServerAuthenticator
NewServerAuthenticator returns a ServerAuthenticator configured with the provided options.