sts

package

v1.67.0-dev Latest Latest Go to latest Published: Aug 16, 2024 License: Apache-2.0 Imports: 15 Imported by: 4

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Package sts implements call credentials using STS (Security Token Service) as defined in https://tools.ietf.org/html/rfc8693.

Experimental ¶

Notice: All APIs in this package are experimental and may be changed or removed in a later release.

Index ¶

func NewCredentials(opts Options) (credentials.PerRPCCredentials, error)
type Options
- func (o Options) String() string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewCredentials ¶

func NewCredentials(opts Options) (credentials.PerRPCCredentials, error)

NewCredentials returns a new PerRPCCredentials implementation, configured using opts, which performs token exchange using STS.

Types ¶

type Options ¶

type Options struct {
	// TokenExchangeServiceURI is the address of the server which implements STS
	// token exchange functionality.
	TokenExchangeServiceURI string // Required.

	// Resource is a URI that indicates the target service or resource where the
	// client intends to use the requested security token.
	Resource string // Optional.

	// Audience is the logical name of the target service where the client
	// intends to use the requested security token
	Audience string // Optional.

	// Scope is a list of space-delimited, case-sensitive strings, that allow
	// the client to specify the desired scope of the requested security token
	// in the context of the service or resource where the token will be used.
	// If this field is left unspecified, a default value of
	// https://www.googleapis.com/auth/cloud-platform will be used.
	Scope string // Optional.

	// RequestedTokenType is an identifier, as described in
	// https://tools.ietf.org/html/rfc8693#section-3, that indicates the type of
	// the requested security token.
	RequestedTokenType string // Optional.

	// SubjectTokenPath is a filesystem path which contains the security token
	// that represents the identity of the party on behalf of whom the request
	// is being made.
	SubjectTokenPath string // Required.

	// SubjectTokenType is an identifier, as described in
	// https://tools.ietf.org/html/rfc8693#section-3, that indicates the type of
	// the security token in the "subject_token_path" parameter.
	SubjectTokenType string // Required.

	// ActorTokenPath is a  security token that represents the identity of the
	// acting party.
	ActorTokenPath string // Optional.

	// ActorTokenType is an identifier, as described in
	// https://tools.ietf.org/html/rfc8693#section-3, that indicates the type of
	// the security token in the "actor_token_path" parameter.
	ActorTokenType string // Optional.
}

Options configures the parameters used for an STS based token exchange.

func (Options) String ¶ added in v1.33.0

func (o Options) String() string

Source Files ¶

View all Source files

sts.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL