auth

package
v24.3.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 8, 2020 License: Apache-2.0, UPL-1.0 Imports: 20 Imported by: 40

Documentation

Overview

Package auth provides supporting functions and structs for authentication

Index

Constants

View Source 
const (
	//ResourcePrincipalVersion2_2 supported version for resource principals
	ResourcePrincipalVersion2_2 = "2.2"
	//ResourcePrincipalVersionEnvVar environment var name for version
	ResourcePrincipalVersionEnvVar = "OCI_RESOURCE_PRINCIPAL_VERSION"
	//ResourcePrincipalRPSTEnvVar environment var name holding the token or a path to the token
	ResourcePrincipalRPSTEnvVar = "OCI_RESOURCE_PRINCIPAL_RPST"
	//ResourcePrincipalPrivatePEMEnvVar environment var holding a rsa private key in pem format or a path to one
	ResourcePrincipalPrivatePEMEnvVar = "OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM"
	//ResourcePrincipalPrivatePEMPassphraseEnvVar environment var holding the passphrase to a key or a path to one
	ResourcePrincipalPrivatePEMPassphraseEnvVar = "OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE"
	//ResourcePrincipalRegionEnvVar environment variable holding a region
	ResourcePrincipalRegionEnvVar = "OCI_RESOURCE_PRINCIPAL_REGION"

	// TenancyOCIDClaimKey is the key used to look up the resource tenancy in an RPST
	TenancyOCIDClaimKey = "res_tenant"
	// CompartmentOCIDClaimKey is the key used to look up the resource compartment in an RPST
	CompartmentOCIDClaimKey = "res_compartment"
)

Variables

View Source 
var (
	// ErrNoSuchClaim is returned when a token does not hold the claim sought
	ErrNoSuchClaim = errors.New("no such claim")
)
View Source 
var (
	// ErrNonStringClaim is returned if the token has a claim for a key, but it's not a string value
	ErrNonStringClaim = errors.New("claim does not have a string value")
)

Functions

func InstancePrincipalConfigurationForRegionWithCustomClient 

func InstancePrincipalConfigurationForRegionWithCustomClient(region common.Region, modifier func(common.HTTPRequestDispatcher) (common.HTTPRequestDispatcher, error)) (common.ConfigurationProvider, error)

InstancePrincipalConfigurationForRegionWithCustomClient returns a configuration for instance principals with a given region using a modifier function to modify the HTTPRequestDispatcher

func InstancePrincipalConfigurationProvider 

func InstancePrincipalConfigurationProvider() (common.ConfigurationProvider, error)

InstancePrincipalConfigurationProvider returns a configuration for instance principals

func InstancePrincipalConfigurationProviderForRegion 

func InstancePrincipalConfigurationProviderForRegion(region common.Region) (common.ConfigurationProvider, error)

InstancePrincipalConfigurationProviderForRegion returns a configuration for instance principals with a given region

func InstancePrincipalConfigurationProviderWithCustomClient 

func InstancePrincipalConfigurationProviderWithCustomClient(modifier func(common.HTTPRequestDispatcher) (common.HTTPRequestDispatcher, error)) (common.ConfigurationProvider, error)

InstancePrincipalConfigurationProviderWithCustomClient returns a configuration for instance principals using a modifier function to modify the HTTPRequestDispatcher

func InstancePrincipalConfigurationWithCerts 

func InstancePrincipalConfigurationWithCerts(region common.Region, leafCertificate, leafPassphrase, leafPrivateKey []byte, intermediateCertificates [][]byte) (common.ConfigurationProvider, error)

InstancePrincipalConfigurationWithCerts returns a configuration for instance principals with a given region and hardcoded certificates in lieu of metadata service certs

Types

type ClaimHolder 

type ClaimHolder interface {
	GetClaim(key string) (interface{}, error)
}

ClaimHolder is implemented by any token interface that provides access to the security claims embedded in the token.

type ConfigurationProviderWithClaimAccess 

type ConfigurationProviderWithClaimAccess interface {
	common.ConfigurationProvider
	ClaimHolder
}

ConfigurationProviderWithClaimAccess mixes in a method to access the claims held on the underlying security token

func ResourcePrincipalConfigurationProvider 

func ResourcePrincipalConfigurationProvider() (ConfigurationProviderWithClaimAccess, error)

ResourcePrincipalConfigurationProvider returns a resource principal configuration provider using well known environment variables to look up token information. The environment variables can either paths or contain the material value of the keys. However in the case of the keys and tokens paths and values can not be mixed

type Token 

type Token struct {
	Token string `mandatory:"true" json:"token,omitempty"`
}

Token token

type X509FederationDetails 

type X509FederationDetails struct {
	Certificate              string   `mandatory:"true" json:"certificate,omitempty"`
	PublicKey                string   `mandatory:"true" json:"publicKey,omitempty"`
	IntermediateCertificates []string `mandatory:"false" json:"intermediateCertificates,omitempty"`
}

X509FederationDetails x509 federation details

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.