Documentation
¶
Index ¶
- func DefaultConfigDir() (string, error)
- func OAuthContext(ctx context.Context, base http.RoundTripper) context.Context
- type AuthFile
- type AuthType
- type HostEntry
- type OAuthCredential
- type Store
- func (s *Store) ActiveUser(host string) (label string, entry UserEntry, ok bool)
- func (s *Store) GetAPIKey(host, label string) (string, error)
- func (s *Store) GetOAuthCredential(host, label string) (*OAuthCredential, error)
- func (s *Store) Load() (*AuthFile, error)
- func (s *Store) RemoveUser(host, label string) error
- func (s *Store) Save(af *AuthFile) error
- func (s *Store) SetAPIKeyUser(host, label, apiKey string, warnWriter func(string)) error
- func (s *Store) SetOAuthUser(host, label string, cred OAuthCredential, warnWriter func(string)) error
- func (s *Store) SwitchUser(host, label string) error
- type StoreOptions
- type Transport
- type UserEntry
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DefaultConfigDir ¶
DefaultConfigDir returns the config directory: $BASETEN_CONFIG_DIR > os.UserConfigDir()/baseten
func OAuthContext ¶
OAuthContext returns a context that carries an oauth2 HTTP client which stamps the Baseten User-Agent on every request, layered over base.
Types ¶
type HostEntry ¶
type HostEntry struct {
ActiveUser string `json:"active_user"`
Users map[string]UserEntry `json:"users"`
}
HostEntry holds all users for a single host.
type OAuthCredential ¶
type OAuthCredential struct {
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token"`
Expiry time.Time `json:"expiry,omitempty"`
}
OAuthCredential holds an OAuth access and refresh token pair, along with the access token's absolute expiry. Expiry is what golang.org/x/oauth2 uses to decide whether to refresh; persisting it lets refresh work across CLI invocations.
type Store ¶
type Store struct {
// contains filtered or unexported fields
}
Store manages reading and writing auth.json and keyring secrets.
func NewStore ¶
func NewStore(opts StoreOptions) *Store
NewStore creates a Store from the given options.
func (*Store) ActiveUser ¶
ActiveUser returns the active user label and entry for a host.
func (*Store) GetAPIKey ¶
GetAPIKey retrieves the API key for a user, trying the keyring first, then falling back to the auth.json plaintext field.
func (*Store) GetOAuthCredential ¶
func (s *Store) GetOAuthCredential(host, label string) (*OAuthCredential, error)
GetOAuthCredential retrieves the OAuth credential for a user, trying the keyring first, then falling back to the auth.json plaintext field.
func (*Store) Load ¶
Load reads auth.json from disk. Returns an empty AuthFile if it does not exist.
func (*Store) RemoveUser ¶
RemoveUser removes a user from a host and deletes their keyring entry. If the removed user was active, active_user is cleared.
func (*Store) SetAPIKeyUser ¶
SetAPIKeyUser stores an API key credential for a user and sets them as active.
func (*Store) SetOAuthUser ¶
func (s *Store) SetOAuthUser(host, label string, cred OAuthCredential, warnWriter func(string)) error
SetOAuthUser stores an OAuth credential for a user and sets them as active. Tries the keyring first; falls back to plaintext in auth.json with a warning written to warnWriter (if non-nil).
func (*Store) SwitchUser ¶
SwitchUser sets the active user for a host. Returns an error if the user does not exist.
type StoreOptions ¶
type StoreOptions struct {
// Dir is the directory where auth.json is stored.
Dir string
// InsecureStorage, when true, stores secrets in auth.json instead of
// the system keyring.
InsecureStorage bool
}
StoreOptions configures a Store.
type Transport ¶
type Transport struct {
Store *Store
Host string
// OAuthConfig is the OAuth2 configuration used for token refresh.
OAuthConfig *oauth2.Config
// EnvAPIKey, if set, takes priority over all stored credentials.
EnvAPIKey string
Base http.RoundTripper
}
Transport is an HTTP client that injects the appropriate Authorization header based on the active credential. For OAuth credentials, it uses oauth2.TokenSource for transparent token refresh.
It implements the Do(*http.Request) (*http.Response, error) interface expected by the baseten-go SDK clients.
type UserEntry ¶
type UserEntry struct {
AuthType AuthType `json:"auth_type"`
// InsecureOAuthCredential and InsecureAPIKey are only populated when
// the keyring is unavailable or --insecure-storage was used.
InsecureOAuthCredential *OAuthCredential `json:"oauth_credential,omitempty"`
InsecureAPIKey string `json:"api_key,omitempty"`
}
UserEntry is a single stored credential in auth.json.