oci-go-sdk: github.com/oracle/oci-go-sdk/common/auth Index | Files

package auth

import "github.com/oracle/oci-go-sdk/common/auth"

Package auth provides supporting functions and structs for authentication


Package Files

certificate_retriever.go configuration.go dispatcher_modifier.go federation_client.go instance_principal_key_provider.go jwt.go resouce_principal_key_provider.go utils.go


const (
    //ResourcePrincipalVersion2_2 supported version for resource principals
    ResourcePrincipalVersion2_2 = "2.2"
    //ResourcePrincipalVersionEnvVar environment var name for version
    ResourcePrincipalVersionEnvVar = "OCI_RESOURCE_PRINCIPAL_VERSION"
    //ResourcePrincipalRPSTEnvVar environment var name holding the token or a path to the token
    //ResourcePrincipalPrivatePEMEnvVar environment var holding a rsa private key in pem format or a path to one
    ResourcePrincipalPrivatePEMEnvVar = "OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM"
    //ResourcePrincipalPrivatePEMPassphraseEnvVar environment var holding the passphrase to a key or a path to one
    //ResourcePrincipalRegionEnvVar environment variable holding a region
    ResourcePrincipalRegionEnvVar = "OCI_RESOURCE_PRINCIPAL_REGION"

    // TenancyOCIDClaimKey is the key used to look up the resource tenancy in an RPST
    TenancyOCIDClaimKey = "res_tenant"
    // CompartmentOCIDClaimKey is the key used to look up the resource compartment in an RPST
    CompartmentOCIDClaimKey = "res_compartment"


var (
    // ErrNoSuchClaim is returned when a token does not hold the claim sought
    ErrNoSuchClaim = errors.New("no such claim")
var (
    // ErrNonStringClaim is returned if the token has a claim for a key, but it's not a string value
    ErrNonStringClaim = errors.New("claim does not have a string value")

func InstancePrincipalConfigurationForRegionWithCustomClient Uses

func InstancePrincipalConfigurationForRegionWithCustomClient(region common.Region, modifier func(common.HTTPRequestDispatcher) (common.HTTPRequestDispatcher, error)) (common.ConfigurationProvider, error)

InstancePrincipalConfigurationForRegionWithCustomClient returns a configuration for instance principals with a given region using a modifier function to modify the HTTPRequestDispatcher

func InstancePrincipalConfigurationProvider Uses

func InstancePrincipalConfigurationProvider() (common.ConfigurationProvider, error)

InstancePrincipalConfigurationProvider returns a configuration for instance principals

func InstancePrincipalConfigurationProviderForRegion Uses

func InstancePrincipalConfigurationProviderForRegion(region common.Region) (common.ConfigurationProvider, error)

InstancePrincipalConfigurationProviderForRegion returns a configuration for instance principals with a given region

func InstancePrincipalConfigurationProviderWithCustomClient Uses

func InstancePrincipalConfigurationProviderWithCustomClient(modifier func(common.HTTPRequestDispatcher) (common.HTTPRequestDispatcher, error)) (common.ConfigurationProvider, error)

InstancePrincipalConfigurationProviderWithCustomClient returns a configuration for instance principals using a modifier function to modify the HTTPRequestDispatcher

func InstancePrincipalConfigurationWithCerts Uses

func InstancePrincipalConfigurationWithCerts(region common.Region, leafCertificate, leafPassphrase, leafPrivateKey []byte, intermediateCertificates [][]byte) (common.ConfigurationProvider, error)

InstancePrincipalConfigurationWithCerts returns a configuration for instance principals with a given region and hardcoded certificates in lieu of metadata service certs

type ClaimHolder Uses

type ClaimHolder interface {
    GetClaim(key string) (interface{}, error)

ClaimHolder is implemented by any token interface that provides access to the security claims embedded in the token.

type ConfigurationProviderWithClaimAccess Uses

type ConfigurationProviderWithClaimAccess interface {

ConfigurationProviderWithClaimAccess mixes in a method to access the claims held on the underlying security token

func ResourcePrincipalConfigurationProvider Uses

func ResourcePrincipalConfigurationProvider() (ConfigurationProviderWithClaimAccess, error)

ResourcePrincipalConfigurationProvider returns a resource principal configuration provider using well known environment variables to look up token information. The environment variables can either paths or contain the material value of the keys. However in the case of the keys and tokens paths and values can not be mixed

type Token Uses

type Token struct {
    Token string `mandatory:"true" json:"token,omitempty"`

Token token

type X509FederationDetails Uses

type X509FederationDetails struct {
    Certificate              string   `mandatory:"true" json:"certificate,omitempty"`
    PublicKey                string   `mandatory:"true" json:"publicKey,omitempty"`
    IntermediateCertificates []string `mandatory:"false" json:"intermediateCertificates,omitempty"`

X509FederationDetails x509 federation details

Package auth imports 20 packages (graph) and is imported by 11 packages. Updated 2020-03-24. Refresh now. Tools for package owners.