auth

package
v0.12.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 24, 2023 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package auth provides interface for retrieving and caching iam tokens.

Index

Constants

View Source 
const (
	DefaultAudience = "https://iam.api.cloud.yandex.net/iam/v1/tokens"
	DefaultEndpoint = "iam.api.cloud.yandex.net:443"
	DefaultTokenTTL = time.Hour
)

Default client parameters.

Variables

View Source 
var (
	ErrServiceFileInvalid = errors.New("service account file is not valid")
	ErrKeyCannotBeParsed  = errors.New("private key can not be parsed")
)

Functions

func NewClient 

func NewClient(opts ...ClientOption) (_ credentials.Credentials, err error)

NewClient creates IAM (jwt) authorized client from provided ClientOptions list.

To create successfully at least one of endpoint options must be provided.

Types

type ClientOption 

type ClientOption func(*client) error

func WithAudience 

func WithAudience(audience string) ClientOption

WithAudience set provided audience.

func WithCertPool 

func WithCertPool(certPool *x509.CertPool) ClientOption

WithCertPool set provided certPool.

func WithCertPoolFile 

func WithCertPoolFile(caFile string) ClientOption

WithCertPoolFile try set root certPool from provided cert file path.

func WithDefaultEndpoint 

func WithDefaultEndpoint() ClientOption

WithDefaultEndpoint set endpoint with default value.

func WithEndpoint 

func WithEndpoint(endpoint string) ClientOption

WithEndpoint set provided endpoint.

func WithFallbackCredentials added in v0.7.0 

func WithFallbackCredentials(fallback credentials.Credentials) ClientOption

WithFallbackCredentials makes fallback credentials if primary credentials are failed

func WithInsecureSkipVerify 

func WithInsecureSkipVerify(insecure bool) ClientOption

WithInsecureSkipVerify set insecureSkipVerify to true which force client accepts any TLS certificate presented by the iam server and any host name in that certificate.

If insecureSkipVerify is set, then certPool field is not used.

This should be used only for testing purposes.

func WithIssuer 

func WithIssuer(issuer string) ClientOption

WithIssuer set provided issuer.

func WithKeyID 

func WithKeyID(keyID string) ClientOption

WithKeyID set provided keyID.

func WithPrivateKey 

func WithPrivateKey(key *rsa.PrivateKey) ClientOption

WithPrivateKey set provided private key.

func WithPrivateKeyFile 

func WithPrivateKeyFile(path string) ClientOption

WithPrivateKeyFile try set key from provided private key file path

func WithServiceFile 

func WithServiceFile(path string) ClientOption

WithServiceFile try set key, keyID, issuer from provided service account file path.

Do not mix this option with WithKeyID, WithIssuer and key options (WithPrivateKey, WithPrivateKeyFile, etc).

func WithServiceKey added in v0.10.0 

func WithServiceKey(key string) ClientOption

WithServiceKey try set key, keyID, issuer from provided service account data key.

Do not mix this option with WithKeyID, WithIssuer and key options (WithPrivateKey, WithPrivateKeyFile, etc).

func WithSourceInfo 

func WithSourceInfo(sourceInfo string) ClientOption

WithSourceInfo set sourceInfo

func WithSystemCertPool 

func WithSystemCertPool() ClientOption

WithSystemCertPool try set certPool with system root certificates.

func WithTokenTTL 

func WithTokenTTL(tokenTTL time.Duration) ClientOption

WithTokenTTL set provided tokenTTL duration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.