Documentation ¶
Overview ¶
Package client contains clients for the CYBERCRYPT D1 Generic service.
Example ¶
package main import ( "context" "fmt" "log" "os" client "github.com/cybercryptio/d1-client-go/d1-generic" pbauthn "github.com/cybercryptio/d1-client-go/d1-generic/protobuf/authn" pbgeneric "github.com/cybercryptio/d1-client-go/d1-generic/protobuf/generic" "google.golang.org/grpc/credentials/insecure" "google.golang.org/grpc/metadata" ) var endpoint = os.Getenv("D1_ENDPOINT") var uid = os.Getenv("D1_UID") var password = os.Getenv("D1_PASS") var creds = insecure.NewCredentials() func main() { // Create a new D1 Generic client providing the hostname, and optionally, the client connection level credentials. client, err := client.NewGenericClient(endpoint, client.WithTransportCredentials(creds)) if err != nil { log.Fatal(err) } ctx := context.Background() // Login the user with their credentials. loginResponse, err := client.Authn.LoginUser( ctx, &pbauthn.LoginUserRequest{ UserId: uid, Password: password, }, ) if err != nil { log.Fatal(err) } // Set access token for future calls. ctx = metadata.AppendToOutgoingContext(ctx, "authorization", "bearer "+loginResponse.AccessToken) // Encrypt sensitive data. encryptResponse, err := client.Generic.Encrypt( ctx, &pbgeneric.EncryptRequest{ Plaintext: []byte("secret data"), AssociatedData: []byte("metadata"), }, ) if err != nil { log.Fatal(err) } // Decrypt the response. decryptResponse, err := client.Generic.Decrypt( ctx, &pbgeneric.DecryptRequest{ ObjectId: encryptResponse.ObjectId, Ciphertext: encryptResponse.Ciphertext, AssociatedData: encryptResponse.AssociatedData, }, ) if err != nil { log.Fatal(err) } fmt.Printf("plaintext:%q associated_data:%q", decryptResponse.Plaintext, decryptResponse.AssociatedData, ) }
Output: plaintext:"secret data" associated_data:"metadata"
Example (WithPerRPCCredentials) ¶
// Create a new D1 Generic client providing the hostname, and optionally, the client connection level and per RPC credentials. client, err := client.NewGenericClient(endpoint, client.WithTransportCredentials(creds), client.WithPerRPCCredentials( client.NewStandalonePerRPCToken(endpoint, uid, password, creds), ), ) if err != nil { log.Fatal(err) } ctx := context.Background() // Encrypt sensitive data. encryptResponse, err := client.Generic.Encrypt( ctx, &pbgeneric.EncryptRequest{ Plaintext: []byte("secret data"), AssociatedData: []byte("metadata"), }, ) if err != nil { log.Fatal(err) } // Decrypt the response. decryptResponse, err := client.Generic.Decrypt( ctx, &pbgeneric.DecryptRequest{ ObjectId: encryptResponse.ObjectId, Ciphertext: encryptResponse.Ciphertext, AssociatedData: encryptResponse.AssociatedData, }, ) if err != nil { log.Fatal(err) } fmt.Printf("plaintext:%q associated_data:%q", decryptResponse.Plaintext, decryptResponse.AssociatedData, )
Output: plaintext:"secret data" associated_data:"metadata"
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BaseClient ¶
type BaseClient struct { Version pbversion.VersionClient Authn pbauthn.AuthnClient Authz pbauthz.AuthzClient Health grpc_health_v1.HealthClient Index pbindex.IndexClient Connection *grpc.ClientConn // contains filtered or unexported fields }
BaseClient represents the shared functionality between various D1 services.
func NewBaseClient ¶
func NewBaseClient(endpoint string, opts ...Option) (BaseClient, error)
NewBaseClient creates a new client for the given endpoint, configured with the provided options.
func (*BaseClient) Close ¶
func (b *BaseClient) Close() error
Close closes all connections to the server.
type GenericClient ¶
type GenericClient struct { BaseClient Generic pb.GenericClient }
GenericClient can be used to make calls to a D1 Generic service.
func NewGenericClient ¶
func NewGenericClient(endpoint string, opts ...Option) (GenericClient, error)
NewGenericClient creates a new client for the given endpoint, configured with the provided options.
type Option ¶ added in v1.0.0
type Option func(*BaseClient)
Option is used configure optional settings on the client.
func WithPerRPCCredentials ¶ added in v1.0.0
func WithPerRPCCredentials(credentials credentials.PerRPCCredentials) Option
WithPerRPCCredentials returns an Option which configures security credentials to be attached to every RPC (e.g., oauth2).
func WithTransportCredentials ¶ added in v1.0.0
func WithTransportCredentials(credentials credentials.TransportCredentials) Option
WithTransportCredentials returns an Option which configures the connection level security credentials (e.g., TLS/SSL).
type PerRPCToken ¶ added in v1.0.0
PerRPCToken is an implementation of credentials.PerRPCCredentials that calls a function on every RPC to generate an access token. The access token will not be encrypted during transport.
func NewStandalonePerRPCToken ¶ added in v1.0.0
func NewStandalonePerRPCToken(endpoint, uid, pwd string, creds credentials.TransportCredentials) PerRPCToken
NewStandalonePerRPCToken creates a new instance of PerRPCToken to be used with the Standalone ID Provider. It requires the transport credentials used to communicate with the D1 Service in order to call the Login endpoint.
func (PerRPCToken) GetRequestMetadata ¶ added in v1.0.0
func (PerRPCToken) RequireTransportSecurity ¶ added in v1.0.0
func (getToken PerRPCToken) RequireTransportSecurity() bool