Documentation
¶
Index ¶
- Constants
- func DecodePEMBytes(buf []byte) ([]*pem.Block, []byte, error)
- func FindCACertificate(caCertificatePath string) ([]*x509.Certificate, error)
- func LoadCACertificates(certFile string) (*x509.CertPool, error)
- type Authenticator
- type BasicAuthAuthenticator
- type CommandAuthConfig
- func (c *CommandAuthConfig) Authenticate() error
- func (c *CommandAuthConfig) BuildTransport() (*http.Transport, error)
- func (c *CommandAuthConfig) LoadConfig(profile string, configFilePath string, silentLoad bool) (*authconfig.Server, error)
- func (c *CommandAuthConfig) SetClient(client *http.Client) *http.Client
- func (c *CommandAuthConfig) ValidateAuthConfig() error
- func (c *CommandAuthConfig) WithClientTimeout(timeout int) *CommandAuthConfig
- func (c *CommandAuthConfig) WithCommandAPIPath(apiPath string) *CommandAuthConfig
- func (c *CommandAuthConfig) WithCommandCACert(caCert string) *CommandAuthConfig
- func (c *CommandAuthConfig) WithCommandHostName(hostName string) *CommandAuthConfig
- func (c *CommandAuthConfig) WithCommandPort(port int) *CommandAuthConfig
- func (c *CommandAuthConfig) WithConfigFile(configFilePath string) *CommandAuthConfig
- func (c *CommandAuthConfig) WithConfigProfile(profile string) *CommandAuthConfig
- func (c *CommandAuthConfig) WithHttpClient(client *http.Client) *CommandAuthConfig
- func (c *CommandAuthConfig) WithSkipVerify(skipVerify bool) *CommandAuthConfig
- type CommandAuthConfigBasic
- func (a *CommandAuthConfigBasic) Authenticate() error
- func (a *CommandAuthConfigBasic) Build() (Authenticator, error)
- func (a *CommandAuthConfigBasic) GetHttpClient() (*http.Client, error)
- func (a *CommandAuthConfigBasic) ValidateAuthConfig() error
- func (a *CommandAuthConfigBasic) WithDomain(domain string) *CommandAuthConfigBasic
- func (a *CommandAuthConfigBasic) WithPassword(password string) *CommandAuthConfigBasic
- func (a *CommandAuthConfigBasic) WithUsername(username string) *CommandAuthConfigBasic
- type CommandConfigOauth
- func (b *CommandConfigOauth) Authenticate() error
- func (b *CommandConfigOauth) Build() (Authenticator, error)
- func (b *CommandConfigOauth) GetHttpClient() (*http.Client, error)
- func (b *CommandConfigOauth) LoadConfig(profile, path string, silentLoad bool) (*authconfig.Server, error)
- func (b *CommandConfigOauth) ValidateAuthConfig() error
- func (b *CommandConfigOauth) WithAccessToken(accessToken string) *CommandConfigOauth
- func (b *CommandConfigOauth) WithAudience(audience string) *CommandConfigOauth
- func (b *CommandConfigOauth) WithCaCertificatePath(caCertificatePath string) *CommandConfigOauth
- func (b *CommandConfigOauth) WithCaCertificates(caCertificates []*x509.Certificate) *CommandConfigOauth
- func (b *CommandConfigOauth) WithClientId(clientId string) *CommandConfigOauth
- func (b *CommandConfigOauth) WithClientSecret(clientSecret string) *CommandConfigOauth
- func (b *CommandConfigOauth) WithScopes(scopes []string) *CommandConfigOauth
- func (b *CommandConfigOauth) WithTokenUrl(tokenUrl string) *CommandConfigOauth
- type OAuthAuthenticator
Constants ¶
View Source
const ( EnvKeyfactorUsername = "KEYFACTOR_USERNAME" EnvKeyfactorPassword = "KEYFACTOR_PASSWORD" EnvKeyfactorDomain = "KEYFACTOR_DOMAIN" )
View Source
const ( DefaultCommandPort = 443 DefaultCommandAPIPath = "KeyfactorAPI" DefaultAPIVersion = "1" DefaultAPIClientName = "APIClient" DefaultProductVersion = "10.5.0.0" DefaultConfigFilePath = ".keyfactor/command_config.json" DefaultConfigProfile = "default" DefaultClientTimeout = 60 EnvKeyfactorHostName = "KEYFACTOR_HOSTNAME" EnvKeyfactorPort = "KEYFACTOR_PORT" EnvKeyfactorAPIPath = "KEYFACTOR_API_PATH" EnvKeyfactorSkipVerify = "KEYFACTOR_SKIP_VERIFY" EnvKeyfactorCACert = "KEYFACTOR_CA_CERT" EnvKeyfactorAuthProvider = "KEYFACTOR_AUTH_PROVIDER" EnvKeyfactorAuthProfile = "KEYFACTOR_AUTH_CONFIG_PROFILE" EnvKeyfactorConfigFile = "KEYFACTOR_AUTH_CONFIG_FILE" EnvKeyfactorClientTimeout = "KEYFACTOR_CLIENT_TIMEOUT" )
View Source
const ( // DefaultKeyfactorAuthPort is the default port for Keyfactor authentication DefaultKeyfactorAuthPort = "8444" // DefaultTokenPrefix is the default token prefix for Keyfactor authentication headers DefaultTokenPrefix = "Bearer" // EnvKeyfactorClientID is the environment variable used to set the Client ID for oauth Client credentials authentication EnvKeyfactorClientID = "KEYFACTOR_AUTH_CLIENT_ID" // EnvKeyfactorClientSecret is the environment variable used to set the Client secret for oauth Client credentials authentication EnvKeyfactorClientSecret = "KEYFACTOR_AUTH_CLIENT_SECRET" // EnvKeyfactorAuthTokenURL EnvCommandTokenURL is the environment variable used to set the token URL for oauth Client credentials authentication EnvKeyfactorAuthTokenURL = "KEYFACTOR_AUTH_TOKEN_URL" // EnvKeyfactorAccessToken is the environment variable used to set the access token for oauth Client credentials authentication EnvKeyfactorAccessToken = "KEYFACTOR_AUTH_ACCESS_TOKEN" // EnvKeyfactorAuthAudience is the environment variable used to set the audience for oauth Client credentials //authentication EnvKeyfactorAuthAudience = "KEYFACTOR_AUTH_AUDIENCE" // EnvKeyfactorAuthScopes is the environment variable used to set the scopes for oauth Client credentials authentication EnvKeyfactorAuthScopes = "KEYFACTOR_AUTH_SCOPES" // EnvAuthCACert is a path to a CA certificate for the OAuth Client credentials authentication EnvAuthCACert = "KEYFACTOR_AUTH_CA_CERT" )
Variables ¶
This section is empty.
Functions ¶
func DecodePEMBytes ¶
DecodePEMBytes decodes the PEM encoded bytes into a slice of PEM blocks.
func FindCACertificate ¶
func FindCACertificate(caCertificatePath string) ([]*x509.Certificate, error)
FindCACertificate reads the CA certificate from a file and returns a slice of x509.Certificate.
Types ¶
type Authenticator ¶
Authenticator is an interface for authentication to Keyfactor Command API.
type BasicAuthAuthenticator ¶
BasicAuthAuthenticator is an Authenticator that uses Basic Auth for authentication.
func (*BasicAuthAuthenticator) GetHttpClient ¶
func (b *BasicAuthAuthenticator) GetHttpClient() (*http.Client, error)
GetHttpClient returns the http client
type CommandAuthConfig ¶
type CommandAuthConfig struct {
// ConfigType is the type of configuration
ConfigType string `json:"config_type"`
//ConfigProfile is the profile of the configuration
ConfigProfile string
//ConfigFilePath is the path to the configuration file
ConfigFilePath string
// FileConfig
FileConfig *authconfig.Server
// AuthHeader is the header to be used for authentication to Keyfactor Command API
AuthHeader string `json:"auth_header"`
// CommandHostName is the hostname of the Keyfactor Command API
CommandHostName string `json:"command_host_name"`
// CommandPort is the port of the Keyfactor Command API
CommandPort int `json:"command_port"`
// CommandAPIPath is the path of the Keyfactor Command API, default is "KeyfactorAPI"
CommandAPIPath string `json:"command_api_path"`
// CommandAPIVersion is the version of the Keyfactor Command API, default is "1"
CommandVersion string `json:"command_version"`
// CommandCACert is the CA certificate to be used for authentication to Keyfactor Command API for use with not widely trusted certificates. This can be a filepath or a string of the certificate in PEM format.
CommandCACert string `json:"command_ca_cert"`
// SkipVerify is a flag to skip verification of the server's certificate chain and host name. Default is false.
SkipVerify bool `json:"skip_verify"`
// HttpClientTimeout is the timeout for the http Client
HttpClientTimeout int `json:"client_timeout"`
// UserAgent is the user agent to be used for authentication to Keyfactor Command API
UserAgent string `json:"user_agent,omitempty"`
// Debug
Debug bool `json:"debug,omitempty"`
// HttpClient is the http Client to be used for authentication to Keyfactor Command API
HttpClient *http.Client
}
CommandAuthConfig represents the base configuration needed for authentication to Keyfactor Command API.
func (*CommandAuthConfig) Authenticate ¶
func (c *CommandAuthConfig) Authenticate() error
Authenticate performs the authentication test to Keyfactor Command API and sets Command product version.
func (*CommandAuthConfig) BuildTransport ¶
func (c *CommandAuthConfig) BuildTransport() (*http.Transport, error)
BuildTransport creates a custom http Transport for authentication to Keyfactor Command API.
func (*CommandAuthConfig) LoadConfig ¶
func (c *CommandAuthConfig) LoadConfig(profile string, configFilePath string, silentLoad bool) ( *authconfig.Server, error, )
LoadConfig loads the configuration file and returns the server configuration.
func (*CommandAuthConfig) SetClient ¶
func (c *CommandAuthConfig) SetClient(client *http.Client) *http.Client
SetClient sets the http Client for authentication to Keyfactor Command API.
func (*CommandAuthConfig) ValidateAuthConfig ¶
func (c *CommandAuthConfig) ValidateAuthConfig() error
ValidateAuthConfig validates the authentication configuration for Keyfactor Command API.
func (*CommandAuthConfig) WithClientTimeout ¶
func (c *CommandAuthConfig) WithClientTimeout(timeout int) *CommandAuthConfig
WithClientTimeout sets the timeout for the http Client.
func (*CommandAuthConfig) WithCommandAPIPath ¶
func (c *CommandAuthConfig) WithCommandAPIPath(apiPath string) *CommandAuthConfig
WithCommandAPIPath sets the API path for authentication to Keyfactor Command API.
func (*CommandAuthConfig) WithCommandCACert ¶
func (c *CommandAuthConfig) WithCommandCACert(caCert string) *CommandAuthConfig
WithCommandCACert sets the CA certificate for authentication to Keyfactor Command API.
func (*CommandAuthConfig) WithCommandHostName ¶
func (c *CommandAuthConfig) WithCommandHostName(hostName string) *CommandAuthConfig
WithCommandHostName sets the hostname for authentication to Keyfactor Command API.
func (*CommandAuthConfig) WithCommandPort ¶
func (c *CommandAuthConfig) WithCommandPort(port int) *CommandAuthConfig
WithCommandPort sets the port for authentication to Keyfactor Command API.
func (*CommandAuthConfig) WithConfigFile ¶
func (c *CommandAuthConfig) WithConfigFile(configFilePath string) *CommandAuthConfig
WithConfigFile sets the configuration file for authentication to Keyfactor Command API.
func (*CommandAuthConfig) WithConfigProfile ¶
func (c *CommandAuthConfig) WithConfigProfile(profile string) *CommandAuthConfig
WithConfigProfile sets the configuration profile for authentication to Keyfactor Command API.
func (*CommandAuthConfig) WithHttpClient ¶
func (c *CommandAuthConfig) WithHttpClient(client *http.Client) *CommandAuthConfig
WithHttpClient sets the http Client for authentication to Keyfactor Command API.
func (*CommandAuthConfig) WithSkipVerify ¶
func (c *CommandAuthConfig) WithSkipVerify(skipVerify bool) *CommandAuthConfig
WithSkipVerify sets the flag to skip verification of the server's certificate chain and host name.
type CommandAuthConfigBasic ¶
type CommandAuthConfigBasic struct {
// CommandAuthConfig is a reference to the base configuration needed for authentication to Keyfactor Command API
CommandAuthConfig
// Username is the username to be used for authentication to Keyfactor Command API
Username string `json:"username,omitempty"`
// Password is the password to be used for authentication to Keyfactor Command API
Password string `json:"password,omitempty"`
// Domain is the domain of the Active Directory used to authenticate to Keyfactor Command API
Domain string `json:"domain,omitempty"`
}
CommandAuthConfigBasic represents the base configuration needed for authentication to Keyfactor Command API.
func NewBasicAuthAuthenticatorBuilder ¶
func NewBasicAuthAuthenticatorBuilder() *CommandAuthConfigBasic
NewBasicAuthAuthenticatorBuilder creates a new instance of CommandAuthConfigBasic
func (*CommandAuthConfigBasic) Authenticate ¶
func (a *CommandAuthConfigBasic) Authenticate() error
Authenticate authenticates the user
func (*CommandAuthConfigBasic) Build ¶
func (a *CommandAuthConfigBasic) Build() (Authenticator, error)
Build creates a new instance of BasicAuthAuthenticator
func (*CommandAuthConfigBasic) GetHttpClient ¶
func (a *CommandAuthConfigBasic) GetHttpClient() (*http.Client, error)
GetHttpClient returns the http client
func (*CommandAuthConfigBasic) ValidateAuthConfig ¶
func (a *CommandAuthConfigBasic) ValidateAuthConfig() error
ValidateAuthConfig validates the configuration
func (*CommandAuthConfigBasic) WithDomain ¶
func (a *CommandAuthConfigBasic) WithDomain(domain string) *CommandAuthConfigBasic
WithDomain sets the domain for authentication
func (*CommandAuthConfigBasic) WithPassword ¶
func (a *CommandAuthConfigBasic) WithPassword(password string) *CommandAuthConfigBasic
WithPassword sets the password for authentication
func (*CommandAuthConfigBasic) WithUsername ¶
func (a *CommandAuthConfigBasic) WithUsername(username string) *CommandAuthConfigBasic
WithUsername sets the username for authentication
type CommandConfigOauth ¶
type CommandConfigOauth struct {
CommandAuthConfig
// ClientID is the Client ID for Keycloak authentication
ClientID string `json:"client_id,omitempty"`
// ClientSecret is the Client secret for Keycloak authentication
ClientSecret string `json:"client_secret,omitempty"`
// Audience is the audience for Keycloak authentication
Audience string `json:"audience,omitempty"`
// Scopes is the scopes for Keycloak authentication
Scopes []string `json:"scopes,omitempty"`
// CACertificatePath is the path to the CA certificate for Keycloak authentication
CACertificatePath string `json:"idp_ca_cert,omitempty"`
// CACertificates is the CA certificates for authentication
CACertificates []*x509.Certificate `json:"-"`
// AccessToken is the access token for Keycloak authentication
AccessToken string `json:"access_token;omitempty"`
// RefreshToken is the refresh token for Keycloak authentication
RefreshToken string `json:"refresh_token;omitempty"`
// Expiry is the expiry time of the access token
Expiry time.Time `json:"expiry;omitempty"`
// TokenURL is the token URL for Keycloak authentication
TokenURL string `json:"token_url"`
}
func NewOAuthAuthenticatorBuilder ¶
func NewOAuthAuthenticatorBuilder() *CommandConfigOauth
NewOAuthAuthenticatorBuilder creates a new CommandConfigOauth instance.
func (*CommandConfigOauth) Authenticate ¶
func (b *CommandConfigOauth) Authenticate() error
func (*CommandConfigOauth) Build ¶
func (b *CommandConfigOauth) Build() (Authenticator, error)
func (*CommandConfigOauth) GetHttpClient ¶
func (b *CommandConfigOauth) GetHttpClient() (*http.Client, error)
GetHttpClient returns an HTTP client for oAuth authentication.
func (*CommandConfigOauth) LoadConfig ¶
func (b *CommandConfigOauth) LoadConfig(profile, path string, silentLoad bool) (*authconfig.Server, error)
func (*CommandConfigOauth) ValidateAuthConfig ¶
func (b *CommandConfigOauth) ValidateAuthConfig() error
func (*CommandConfigOauth) WithAccessToken ¶
func (b *CommandConfigOauth) WithAccessToken(accessToken string) *CommandConfigOauth
WithAccessToken sets the access token for Keycloak authentication.
func (*CommandConfigOauth) WithAudience ¶
func (b *CommandConfigOauth) WithAudience(audience string) *CommandConfigOauth
WithAudience sets the audience for Keycloak authentication.
func (*CommandConfigOauth) WithCaCertificatePath ¶
func (b *CommandConfigOauth) WithCaCertificatePath(caCertificatePath string) *CommandConfigOauth
WithCaCertificatePath sets the CA certificate path for Keycloak authentication.
func (*CommandConfigOauth) WithCaCertificates ¶
func (b *CommandConfigOauth) WithCaCertificates(caCertificates []*x509.Certificate) *CommandConfigOauth
WithCaCertificates sets the CA certificates for Keycloak authentication.
func (*CommandConfigOauth) WithClientId ¶
func (b *CommandConfigOauth) WithClientId(clientId string) *CommandConfigOauth
WithClientId sets the Client ID for Keycloak authentication.
func (*CommandConfigOauth) WithClientSecret ¶
func (b *CommandConfigOauth) WithClientSecret(clientSecret string) *CommandConfigOauth
WithClientSecret sets the Client secret for Keycloak authentication.
func (*CommandConfigOauth) WithScopes ¶
func (b *CommandConfigOauth) WithScopes(scopes []string) *CommandConfigOauth
WithScopes sets the scopes for Keycloak authentication.
func (*CommandConfigOauth) WithTokenUrl ¶
func (b *CommandConfigOauth) WithTokenUrl(tokenUrl string) *CommandConfigOauth
WithTokenUrl sets the token URL for Keycloak authentication.
type OAuthAuthenticator ¶
OAuthAuthenticator is an Authenticator that uses OAuth2 for authentication.
func (*OAuthAuthenticator) GetHttpClient ¶
func (a *OAuthAuthenticator) GetHttpClient() (*http.Client, error)
Source Files
Click to show internal directories.
Click to hide internal directories.