credentials

package

v0.0.0-...-608cf2c Latest Latest Go to latest Published: Mar 16, 2023 License: GPL-3.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/vapor-ware/sctl

Links

Open Source Insights

Documentation ¶

Constants ¶

View Source

const CredentialVar = "GOOGLE_APPLICATION_CREDENTIALS"

CredentialVar is a reference to the google application credential env configuration path which can be used to short-circuit the credential provider storage and read directly from the provided credential.json

View Source

const KeyNamespace = "scuttle"

KeyNamespace is the application domain in which we will store credentials in the OS keyring

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type GoogleClientConfig ¶

type GoogleClientConfig struct {
	AuthProviderX509CertURL string   `json:"auth_provider_x509_cert_url"`
	AuthURI                 string   `json:"auth_uri"`
	ClientID                string   `json:"client_id"`
	ClientSecret            string   `json:"client_secret"`
	ProjectID               string   `json:"project_id"`
	RedirectUris            []string `json:"redirect_uris"`
	TokenURI                string   `json:"token_uri"`
}

GoogleClientConfig is a struct wrapping the credential detail needed to provide sctl to identify itself to the google API.

type GoogleClientJSON ¶

type GoogleClientJSON struct {
	ClientConfig GoogleClientConfig `json:"installed"`
}

GoogleClientJSON is the wrapping object in a downloaded client configuration.

type GoogleCredential ¶

type GoogleCredential struct {
	Name string
}

GoogleCredential represents the workflow needed to attain a google client credential from the google API. The resulting credential will be a RefreshToken scoped to the google cloud platform KMS api.

func (GoogleCredential) DeleteCredential ¶

func (gc GoogleCredential) DeleteCredential(credentialName string) error

DeleteCredential removes a stored credential from the system keystore, and will remove the assigned defualt credential from configuration.

func (GoogleCredential) GetCredential ¶

func (gc GoogleCredential) GetCredential(credentialName string) (GoogleToken, error)

GetCredential returns a decoded GoogleToken from the system keystore. The resulting object is serializeable and should be used in conjunction with API Options configFromJSON()

func (GoogleCredential) JSON ¶

func (gc GoogleCredential) JSON() ([]byte, error)

JSON will attempt to return a byte array representation of a given google credential. This method passively checks for the environment variable GOOGLE_APPLICATION_CREDENTIALS and will short circuit based on this ENV VAR. Otherwise it tries to retrieve the default application credentials from the OS Keystore. If all else fails, it halts execution with helpful messaging on how to possibly correct the issue

func (gc GoogleCredential) Login(c utils.Configuration, credentialName string, port int) error

Login initiates a CLI workflow to authenticate the user with offline credentials limited to the KMS scope

func (GoogleCredential) SaveCredential ¶

func (gc GoogleCredential) SaveCredential(credentialName string, credential GoogleToken) error

SaveCredential marshals the received GoogleToken and stores the resulting json blob in the system keystore for secure storage at rest.

func (GoogleCredential) ValidateContext ¶

func (gc GoogleCredential) ValidateContext() error

ValidateContext scans the environment for a declaration of authentication via ENV In the case of the GCP provider, we scan for GOOGLE_APPLICAITON_CREDENTIALS and return an error if the environment variable is declared.

type GoogleToken ¶

type GoogleToken struct {
	ClientID     string `json:"client_id"`
	ClientSecret string `json:"client_secret"`
	RefreshToken string `json:"refresh_token"`
	TheType      string `json:"type"`
}

GoogleToken is the data structure to be used when serializing to token storage. This json object contains all the details needed to configure the client.

Source Files ¶

View all Source files

gcp.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL