Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type BindingMeta ¶
type BindingMeta struct {
ID string
WorkspaceID string
Kind string
DisplayName string
ServerURL string
PublicMeta map[string]any
AuthType string
IsDefault bool
}
BindingMeta contains non-secret fields of a credential binding.
type DecryptedBinding ¶
type DecryptedBinding struct {
BindingMeta
AuthSecret []byte // plaintext; provider interprets per its own format
}
DecryptedBinding is a binding with its auth secret decrypted.
type Provider ¶
type Provider interface {
// Kind returns the short identifier used in URL paths and DB rows.
Kind() string
// ParseUpload validates a user-uploaded config blob and returns the fields to persist.
// AuthSecret will be AES-GCM encrypted before storage.
ParseUpload(contentType string, raw []byte) (*UploadResult, error)
// BuildSandboxConfig produces config artifacts to mount into a sandbox at provisioning time.
// Pure function: no DB, no network.
BuildSandboxConfig(
bindings []*BindingMeta,
proxyToken string,
credproxyPublicURL string,
) ([]*SandboxConfigFile, error)
// ServeHTTP handles a proxied request from a sandbox.
// The caller has already authenticated and decrypted the binding.
ServeHTTP(w http.ResponseWriter, r *http.Request, b *DecryptedBinding)
}
Provider handles credential injection for a single external service kind.
type Registry ¶
type Registry struct {
// contains filtered or unexported fields
}
Registry holds registered credential providers.
Source Files
Click to show internal directories.
Click to hide internal directories.