auth

package
v0.72.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 22, 2023 License: Apache-2.0 Imports: 5 Imported by: 42

Documentation

Overview

Package auth implements the configuration settings to ensure authentication on incoming requests, and allows exporters to add authentication on outgoing requests.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client

type Client interface {
	extension.Extension

	// RoundTripper returns a RoundTripper that can be used to authenticate HTTP requests.
	RoundTripper(base http.RoundTripper) (http.RoundTripper, error)

	// PerRPCCredentials returns a PerRPCCredentials that can be used to authenticate gRPC requests.
	PerRPCCredentials() (credentials.PerRPCCredentials, error)
}

Client is an Extension that can be used as an authenticator for the configauth.Authentication option. Authenticators are then included as part of OpenTelemetry Collector builds and can be referenced by their names from the Authentication configuration.

func NewClient

func NewClient(options ...ClientOption) Client

NewClient returns a Client configured with the provided options.

type ClientOption

type ClientOption func(*defaultClient)

ClientOption represents the possible options for NewServerAuthenticator.

func WithClientPerRPCCredentials

func WithClientPerRPCCredentials(perRPCCredentialsFunc ClientPerRPCCredentialsFunc) ClientOption

WithClientPerRPCCredentials provides a `PerRPCCredentials` function for this client authenticator. There's no default.

func WithClientRoundTripper

func WithClientRoundTripper(roundTripperFunc ClientRoundTripperFunc) ClientOption

WithClientRoundTripper provides a `RoundTripper` function for this client authenticator. The default round tripper is no-op.

func WithClientShutdown

func WithClientShutdown(shutdownFunc component.ShutdownFunc) ClientOption

WithClientShutdown overrides the default `Shutdown` function for a component.Component. The default always returns nil.

func WithClientStart

func WithClientStart(startFunc component.StartFunc) ClientOption

WithClientStart overrides the default `Start` function for a component.Component. The default always returns nil.

type ClientPerRPCCredentialsFunc

type ClientPerRPCCredentialsFunc func() (credentials.PerRPCCredentials, error)

ClientPerRPCCredentialsFunc specifies the function that returns a PerRPCCredentials that can be used to authenticate gRPC requests.

func (ClientPerRPCCredentialsFunc) PerRPCCredentials

type ClientRoundTripperFunc

type ClientRoundTripperFunc func(base http.RoundTripper) (http.RoundTripper, error)

ClientRoundTripperFunc specifies the function that returns a RoundTripper that can be used to authenticate HTTP requests.

func (ClientRoundTripperFunc) RoundTripper

type Server

type Server interface {
	extension.Extension

	// Authenticate checks whether the given headers map contains valid auth data. Successfully authenticated calls will always return a nil error.
	// When the authentication fails, an error must be returned and the caller must not retry. This function is typically called from interceptors,
	// on behalf of receivers, but receivers can still call this directly if the usage of interceptors isn't suitable.
	// The deadline and cancellation given to this function must be respected, but note that authentication data has to be part of the map, not context.
	// The resulting context should contain the authentication data, such as the principal/username, group membership (if available), and the raw
	// authentication data (if possible). This will allow other components in the pipeline to make decisions based on that data, such as routing based
	// on tenancy as determined by the group membership, or passing through the authentication data to the next collector/backend.
	// The context keys to be used are not defined yet.
	Authenticate(ctx context.Context, headers map[string][]string) (context.Context, error)
}

Server is an Extension that can be used as an authenticator for the configauth.Authentication option. Authenticators are then included as part of OpenTelemetry Collector builds and can be referenced by their names from the Authentication configuration. Each Server is free to define its own behavior and configuration options, but note that the expectations that come as part of Extensions exist here as well. For instance, multiple instances of the same authenticator should be possible to exist under different names.

func NewServer

func NewServer(options ...ServerOption) Server

NewServer returns a Server configured with the provided options.

type ServerAuthenticateFunc

type ServerAuthenticateFunc func(ctx context.Context, headers map[string][]string) (context.Context, error)

ServerAuthenticateFunc defines the signature for the function responsible for performing the authentication based on the given headers map. See Server.Authenticate.

func (ServerAuthenticateFunc) Authenticate

func (f ServerAuthenticateFunc) Authenticate(ctx context.Context, headers map[string][]string) (context.Context, error)

type ServerOption

type ServerOption func(*defaultServer)

ServerOption represents the possible options for NewServer.

func WithServerAuthenticate

func WithServerAuthenticate(authFunc ServerAuthenticateFunc) ServerOption

WithServerAuthenticate specifies which function to use to perform the authentication.

func WithServerShutdown

func WithServerShutdown(shutdownFunc component.ShutdownFunc) ServerOption

WithServerShutdown overrides the default `Shutdown` function for a component.Component. The default always returns nil.

func WithServerStart

func WithServerStart(startFunc component.StartFunc) ServerOption

WithServerStart overrides the default `Start` function for a component.Component. The default always returns nil.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL