Documentation
¶
Index ¶
Constants ¶
const ( EnvKeyfactorAuthHostname = "KEYFACTOR_AUTH_HOSTNAME" EnvKeyfactorAuthPort = "KEYFACTOR_AUTH_PORT" EnvAuthCACert = "KEYFACTOR_AUTH_CA_CERT" )
const ( DefaultKeyfactorAuthPort = "8444" DefaultKeyfactorAuthRealm = "Keyfactor" EnvKeyfactorClientID = "KEYFACTOR_AUTH_CLIENT_ID" EnvKeyfactorClientSecret = "KEYFACTOR_AUTH_CLIENT_SECRET" EnvKeyfactorAuthRealm = "KEYFACTOR_AUTH_REALM" EnvKeyfactorAuthTokenURL = "KEYFACTOR_AUTH_TOKEN_URL" EnvKeyfactorAccessToken = "KEYFACTOR_ACCESS_TOKEN" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CommandAuthConfigKeyCloak ¶
type CommandAuthConfigKeyCloak struct {
// CommandAuthConfig is a reference to the base configuration needed for authentication to Keyfactor Command API
auth_providers.CommandAuthConfig
// AuthHostName is the hostname of the Keycloak server
AuthHostName string `json:"auth_host_name"`
// AuthPort is the port of the Keycloak server
AuthPort string `json:"auth_port"`
// AuthType is the type of Keycloak auth to use such as client_credentials, password, etc.
AuthType string `json:"auth_type"`
// Auth CA Cert is the CA certificate to be used for authentication to Keycloak for use with not widely trusted certificates. This can be a filepath or a string of the certificate in PEM format.
AuthCACert string `json:"auth_ca_cert"`
}
func (*CommandAuthConfigKeyCloak) ValidateAuthConfig ¶
func (c *CommandAuthConfigKeyCloak) ValidateAuthConfig() error
ValidateAuthConfig validates the authentication configuration for Keycloak.
type CommandAuthKeyCloakClientCredentials ¶
type CommandAuthKeyCloakClientCredentials struct {
// CommandAuthConfigKeyCloak is a reference to the base configuration needed for authentication to Keyfactor Command API
CommandAuthConfigKeyCloak
// ClientID is the client ID for Keycloak authentication
ClientID string `json:"client_id;omitempty"`
// ClientSecret is the client secret for Keycloak authentication
ClientSecret string `json:"client_secret;omitempty"`
// AccessToken is the access token for Keycloak authentication
AccessToken string `json:"access_token;omitempty"`
// RefreshToken is the refresh token for Keycloak authentication
RefreshToken string `json:"refresh_token;omitempty"`
// Expiry is the expiry time of the access token
Expiry time.Time `json:"expiry;omitempty"`
// Realm is the realm for Keycloak authentication
Realm string `json:"realm;omitempty"`
// TokenURL is the token URL for Keycloak authentication
TokenURL string `json:"token_url"`
}
CommandAuthKeyCloakClientCredentials represents the configuration needed for Keycloak authentication using client credentials. It embeds CommandAuthConfigKeyCloak and adds additional fields specific to Keycloak client credentials authentication.
func (*CommandAuthKeyCloakClientCredentials) Authenticate ¶
func (c *CommandAuthKeyCloakClientCredentials) Authenticate() error
Authenticate performs the authentication process for Keycloak using client credentials. It validates the authentication configuration, gets the token, and calls the base authentication method.
func (*CommandAuthKeyCloakClientCredentials) GetToken ¶
func (c *CommandAuthKeyCloakClientCredentials) GetToken() (string, error)
GetToken gets the access token for Keycloak authentication. It uses the refresh token if available and not expired, otherwise, it requests a new access token.
func (*CommandAuthKeyCloakClientCredentials) ValidateAuthConfig ¶
func (c *CommandAuthKeyCloakClientCredentials) ValidateAuthConfig() error
ValidateAuthConfig validates the authentication configuration for Keycloak using client credentials. It checks the client ID, client secret, realm, and token URL, and retrieves them from environment variables if they're not set.
Source Files