oidc

package

v0.74.0 Latest Latest Go to latest Published: Jul 3, 2025 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/databricks/databricks-sdk-go

Links

Open Source Insights

Documentation ¶

Overview ¶

Package oidc provides utilities for working with OIDC ID tokens.

This package is experimental and subject to change.

Index ¶

func NewDatabricksOIDCTokenSource(cfg DatabricksOIDCTokenSourceConfig) auth.TokenSource
type DatabricksOIDCTokenSourceConfig
type IDToken
type IDTokenSource
type IDTokenSourceFn
- func (fn IDTokenSourceFn) IDToken(ctx context.Context, audience string) (*IDToken, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewDatabricksOIDCTokenSource ¶ added in v0.69.0

func NewDatabricksOIDCTokenSource(cfg DatabricksOIDCTokenSourceConfig) auth.TokenSource

NewDatabricksOIDCTokenSource returns a new Databricks OIDC TokenSource.

Types ¶

type DatabricksOIDCTokenSourceConfig ¶ added in v0.69.0

type DatabricksOIDCTokenSourceConfig struct {
	// ClientID of the Databricks OIDC application. It corresponds to the
	// Application ID of the Databricks Service Principal.
	//
	// This field is only required for Workload Identity Federation and should
	// be empty for Account-wide token federation.
	ClientID string

	// AccountID is the account ID of the Databricks Account. This field is
	// only required for Account-wide token federation.
	AccountID string

	// Host is the host of the Databricks account or workspace.
	Host string

	// TokenEndpointProvider returns the token endpoint for the Databricks OIDC
	// application.
	TokenEndpointProvider func(ctx context.Context) (*u2m.OAuthAuthorizationServer, error)

	// Audience is the audience of the Databricks OIDC application.
	// This is only used for Workspace level tokens.
	Audience string

	// IDTokenSource returns the IDToken to be used for the token exchange.
	IDTokenSource IDTokenSource
}

DatabricksOIDCTokenSourceConfig is the configuration for a Databricks OIDC TokenSource.

type IDToken ¶

type IDToken struct {
	Value string
}

IDToken represents an OIDC ID token that can be exchanged for a Databricks access token.

type IDTokenSource ¶

type IDTokenSource interface {
	IDToken(ctx context.Context, audience string) (*IDToken, error)
}

IDTokenSource is anything that returns an IDToken given an audience.

func NewEnvIDTokenSource ¶

func NewEnvIDTokenSource(env string) IDTokenSource

NewEnvIDTokenSource returns an IDTokenSource that reads the IDtoken from environment variable env.

Note that the IDTokenSource does not cache the token and will read the token from environment variable env each time.

func NewFileTokenSource ¶

func NewFileTokenSource(path string) IDTokenSource

NewFileTokenSource returns an IDTokenSource that reads the ID token from a file. The file should contain a single line with the token.

func NewGithubIDTokenSource ¶ added in v0.69.0

func NewGithubIDTokenSource(client *httpclient.ApiClient, actionsIDTokenRequestURL, actionsIDTokenRequestToken string) IDTokenSource

NewGithubIDTokenSource returns a new IDTokenSource that retrieves an IDToken from the Github Actions environment. This IDTokenSource is only valid when running in Github Actions with OIDC enabled.

type IDTokenSourceFn ¶

type IDTokenSourceFn func(ctx context.Context, audience string) (*IDToken, error)

IDTokenSourceFn is an adapter to allow the use of ordinary functions as IDTokenSource.

Example:

   ts := IDTokenSourceFn(func(ctx context.Context, aud string) (*IDToken, error) {
		return &IDToken{}, nil
   })

func (IDTokenSourceFn) IDToken ¶

func (fn IDTokenSourceFn) IDToken(ctx context.Context, audience string) (*IDToken, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL