lib

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 7, 2021 License: MIT Imports: 33 Imported by: 0

Documentation

Index

Constants

View Source 
const AWS_FEDERATION_ROLE_SESSION_NAME = "aws_federation_role_session_name"

OIDC config

View Source 
const AWS_FEDERATION_TYPE = "aws_federation_type"
View Source 
const AWS_FEDERATION_TYPE_OIDC = "oidc"

Federation Type

View Source 
const AWS_FEDERATION_TYPE_SAML2 = "saml2"
View Source 
const CLIENT_AUTH_CA = "client_auth_ca"
View Source 
const CLIENT_AUTH_CERT = "client_auth_cert"
View Source 
const CLIENT_AUTH_KEY = "client_auth_key"
View Source 
const CLIENT_ID = "client_id"
View Source 
const CLIENT_SECRET = "client_secret"
View Source 
const DEFAULT_IAM_ROLE_ARN = "default_iam_role_arn"
View Source 
const FAILURE_REDIRECT_URL = "failure_redirect_url"
View Source 
const INSECURE_SKIP_VERIFY = "insecure_skip_verify"
View Source 
const MAX_SESSION_DURATION_SECONDS = "max_session_duration_seconds"
View Source 
const OIDC_AUTHENTICATION_REQUEST_ADDITIONAL_QUERY = "oidc_authentication_request_additional_query"
View Source 
const OIDC_PROVIDER_METADATA_URL = "oidc_provider_metadata_url"
View Source 
const OIDC_PROVIDER_TOKEN_EXCHANGE_AUDIENCE = "oidc_provider_token_exchange_audience"

SAML config

View Source 
const OIDC_PROVIDER_TOKEN_EXCHANGE_SUBJECT_TOKEN_TYPE = "oidc_provider_token_exchange_subject_token_type" // Only support saml2
View Source 
const SUCCESSFUL_REDIRECT_URL = "successful_redirect_url"
View Source 
const TOKEN_TYPE_ACCESS_TOKEN = "urn:ietf:params:oauth:token-type:access_token"

OAuth 2.0 Token Exchange

View Source 
const TOKEN_TYPE_ID_TOKEN = "urn:ietf:params:oauth:token-type:id_token"

Variables

View Source 
var IsTraceEnabled bool

Functions

func Authenticate 

func Authenticate(client *OIDCClient, roleArn string, maxSessionDurationSeconds int64, useSecret, asJson bool)

func Clear 

func Clear() error

func ConfigPath 

func ConfigPath() string

func Exit 

func Exit(err error)

func Export 

func Export(key string, value string)

func GetFreePort 

func GetFreePort() (int, error)

func RunSetup 

func RunSetup(ui *input.UI)

func SaveAWSCredential 

func SaveAWSCredential(roleArn string, cred *AWSCredentials)

func Traceln 

func Traceln(format string, msg ...interface{})

func Write 

func Write(format string, msg ...interface{})

func Writeln 

func Writeln(format string, msg ...interface{})

Types

type AWSCredentials 

type AWSCredentials struct {
	Version         int
	AWSAccessKey    string    `json:"AccessKeyId"`
	AWSSecretKey    string    `json:"SecretAccessKey"`
	AWSSessionToken string    `json:"SessionToken"`
	PrincipalARN    string    `json:"-"`
	Expires         time.Time `json:"Expiration"`
}

func AWSCredential 

func AWSCredential(roleArn string) (*AWSCredentials, error)

func GetCredentialsWithOIDC 

func GetCredentialsWithOIDC(client *OIDCClient, idToken, iamRoleArn string, durationInSeconds int64) (*AWSCredentials, error)

func GetCredentialsWithSAML 

func GetCredentialsWithSAML(samlResponse string, durationSeconds int64, iamRoleArn string) (*AWSCredentials, error)

type LoginParams 

type LoginParams struct {
	ResponseType string `url:"response_type,omitempty"`
	ClientId     string `url:"client_id,omitempty"`
	RedirectUri  string `url:"redirect_uri,omitempty"`
	Display      string `url:"display,omitempty"`
	Scope        string `url:"scope,omitempty"`
}

type OAuthError 

type OAuthError struct {
	// contains filtered or unexported fields
}

type OIDCClient 

type OIDCClient struct {
	// contains filtered or unexported fields
}

func CheckInstalled 

func CheckInstalled(name string) (*OIDCClient, error)

func InitializeClient 

func InitializeClient(ui *input.UI, name string) (*OIDCClient, error)

func (*OIDCClient) Authorization 

func (c *OIDCClient) Authorization() *WebTarget

func (*OIDCClient) ClientForm 

func (c *OIDCClient) ClientForm() url.Values

func (*OIDCClient) RedirectToFailurePage 

func (c *OIDCClient) RedirectToFailurePage() *WebTarget

func (*OIDCClient) RedirectToSuccessfulPage 

func (c *OIDCClient) RedirectToSuccessfulPage() *WebTarget

func (*OIDCClient) Token 

func (c *OIDCClient) Token() *WebTarget

type OIDCMetadataResponse 

type OIDCMetadataResponse struct {
	Issuer                                     string   `json:"issuer"`
	AuthorizationEndpoint                      string   `json:"authorization_endpoint"`
	TokenEndpoint                              string   `json:"token_endpoint"`
	TokenIntrospectionEndpoint                 string   `json:"token_introspection_endpoint"`
	UserinfoEndpoint                           string   `json:"userinfo_endpoint"`
	EndSessionEndpoint                         string   `json:"end_session_endpoint"`
	JwksURI                                    string   `json:"jwks_uri"`
	CheckSessionIframe                         string   `json:"check_session_iframe"`
	GrantTypesSupported                        []string `json:"grant_types_supported"`
	ResponseTypesSupported                     []string `json:"response_types_supported"`
	SubjectTypesSupported                      []string `json:"subject_types_supported"`
	IDTokenSigningAlgValuesSupported           []string `json:"id_token_signing_alg_values_supported"`
	UserinfoSigningAlgValuesSupported          []string `json:"userinfo_signing_alg_values_supported"`
	RequestObjectSigningAlgValuesSupported     []string `json:"request_object_signing_alg_values_supported"`
	ResponseModesSupported                     []string `json:"response_modes_supported"`
	RegistrationEndpoint                       string   `json:"registration_endpoint"`
	TokenEndpointAuthMethodsSupported          []string `json:"token_endpoint_auth_methods_supported"`
	TokenEndpointAuthSigningAlgValuesSupported []string `json:"token_endpoint_auth_signing_alg_values_supported"`
	ClaimsSupported                            []string `json:"claims_supported"`
	ClaimTypesSupported                        []string `json:"claim_types_supported"`
	ClaimsParameterSupported                   bool     `json:"claims_parameter_supported"`
	ScopesSupported                            []string `json:"scopes_supported"`
	RequestParameterSupported                  bool     `json:"request_parameter_supported"`
	RequestURIParameterSupported               bool     `json:"request_uri_parameter_supported"`
	CodeChallengeMethodsSupported              []string `json:"code_challenge_methods_supported"`
	TLSClientCertificateBoundAccessTokens      bool     `json:"tls_client_certificate_bound_access_tokens"`
}

type RESTClient 

type RESTClient struct {
	// contains filtered or unexported fields
}

type Request 

type Request struct {
	// contains filtered or unexported fields
}

func (*Request) Delete 

func (r *Request) Delete() (*Response, error)

func (*Request) Form 

func (r *Request) Form(form url.Values) *Request

func (*Request) Get 

func (r *Request) Get() (*Response, error)

func (*Request) Header 

func (r *Request) Header(name string, value string) *Request

func (*Request) Json 

func (r *Request) Json(v interface{}) *Request

func (*Request) Post 

func (r *Request) Post() (*Response, error)

func (*Request) Put 

func (r *Request) Put() (*Response, error)

type Response 

type Response struct {
	// contains filtered or unexported fields
}

func (*Response) Header 

func (r *Response) Header(name string) string

func (*Response) Location 

func (r *Response) Location() string

func (*Response) MediaType 

func (r *Response) MediaType() string

func (*Response) ReadBytes 

func (r *Response) ReadBytes() ([]byte, error)

func (*Response) ReadJson 

func (r *Response) ReadJson(data interface{}) error

func (*Response) ReadText 

func (r *Response) ReadText() (string, error)

func (*Response) Status 

func (r *Response) Status() int

type RestClient 

type RestClient struct {
	// contains filtered or unexported fields
}

func NewRestClient 

func NewRestClient(config *RestClientConfig) (*RestClient, error)

func (*RestClient) Target 

func (client *RestClient) Target(uri string) *WebTarget

type RestClientConfig 

type RestClientConfig struct {
	ClientCert         string
	ClientKey          string
	ClientCA           string
	InsecureSkipVerify bool
}

type SecretStore 

type SecretStore struct {
	AWSCredentials map[string]string `json:"credentials"`
}
var Secret SecretStore

func (*SecretStore) Load 

func (s *SecretStore) Load()

func (*SecretStore) Save 

func (s *SecretStore) Save(roleArn, cred string)

type TokenResponse 

type TokenResponse struct {
	AccessToken      string `json:"access_token"`
	IDToken          string `json:"id_token"`
	RefreshToken     string `json:"refresh_token"`
	ExpiresIn        int64  `json:"expires_in"`
	RefreshExpiresIn int64  `json:"refresh_expires_in"`
}

type WebTarget 

type WebTarget struct {
	// contains filtered or unexported fields
}

func (*WebTarget) Path 

func (target *WebTarget) Path(path string) *WebTarget

func (*WebTarget) QueryParam 

func (target *WebTarget) QueryParam(name string, value string) *WebTarget

func (*WebTarget) Request 

func (target *WebTarget) Request() *Request

func (*WebTarget) Url 

func (target *WebTarget) Url() url.URL

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.