client

package
v1.2.0-main Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 29, 2026 License: Apache-2.0 Imports: 37 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AuthUrlKey               = "server"
	AuthCAFileKey            = "certificate-authority"
	AuthRefreshTokenKey      = "refresh-token"
	AuthAccessTokenExpiryKey = "access-token-expiry"
	AuthClientIdKey          = "client-id"
)
View Source 
const (
	// TestRootDirEnvKey is the environment variable key used to set the file system root when testing.
	TestRootDirEnvKey = "FLIGHTCTL_TEST_ROOT_DIR"
)

Variables

This section is empty.

Functions

func CreateAuthProvider added in v0.6.0 

func CreateAuthProvider(authInfo AuthInfo, insecure bool, apiServerURL string, callbackPort int) (login.AuthProvider, error)

func CreateAuthProviderWithCredentials added in v1.0.0 

func CreateAuthProviderWithCredentials(authInfo AuthInfo, insecure bool, apiServerURL string, callbackPort int, username, password string, web bool) (login.AuthProvider, error)

func CreateTLSConfigFromConfig added in v0.4.0 

func CreateTLSConfigFromConfig(config *Config) (*tls.Config, error)

func DefaultFlightctlClientConfigPath 

func DefaultFlightctlClientConfigPath() (string, error)

DefaultFlightctlClientConfigPath returns the default path to the Flight Control client config file.

func JoinServerURL 

func JoinServerURL(server, path string) string

JoinServerURL joins a server base URL with a path, handling trailing slashes.

func NewGRPCClientFromConfig 

func NewGRPCClientFromConfig(config *Config, endpoint string) (grpc_v1.RouterServiceClient, error)

NewGRPCClientFromConfig returns a new gRPC Client from the given config.

func NewGrpcClientFromConfigFile 

func NewGrpcClientFromConfigFile(filename string, endpoint string) (grpc_v1.RouterServiceClient, error)

NewFromConfigFile returns a new Flight Control API client using the config read from the given file.

func NewHTTPClientForServer 

func NewHTTPClientForServer(config *Config, serverURL string) (*http.Client, error)

NewHTTPClientForServer returns a new HTTP Client from the given config, using the specified server URL to derive the TLS ServerName for SNI. This is important for OpenShift routes which use SNI-based routing.

func NewHTTPClientFromConfig 

func NewHTTPClientFromConfig(config *Config) (*http.Client, error)

NewHTTPClientFromConfig returns a new HTTP Client from the given config. It uses the config's Service.Server to derive the TLS ServerName for SNI.

func WithDisableRedirectFollowing 

func WithDisableRedirectFollowing() imagebuilderclient.ClientOption

WithDisableRedirectFollowing returns a ClientOption that disables automatic redirect following

func WithHeader added in v1.0.0 

func WithHeader(key, value string) client.ClientOption

WithHeader returns a ClientOption that appends a request editor which sets the given HTTP header. If value is empty, the editor is a no-op so callers can pass it unconditionally.

func WithOrganization added in v0.10.0 

func WithOrganization(orgID string) client.ClientOption

WithOrganization sets the organization ID in the request query parameters.

func WithQueryParam added in v0.10.0 

func WithQueryParam(key, value string) client.ClientOption

WithQueryParam returns a ClientOption that appends a request editor which sets (or overrides) the given query parameter. If value is empty, the editor is a no-op so callers can pass it unconditionally.

func WithUserAgentHeader added in v1.0.0 

func WithUserAgentHeader(component string) client.ClientOption

WithUserAgentHeader returns a ClientOption that sets the User-Agent header. The component parameter specifies the component name (e.g., "flightctl-cli") to include in the User-Agent string.

func WriteConfig 

func WriteConfig(filename string, server string, tlsServerName string, caCertPEM []byte, client *crypto.TLSCertificateConfig) error

WriteConfig writes a client config file using the given parameters.

Types

type AccessTokenRefresher 

type AccessTokenRefresher struct {
	// contains filtered or unexported fields
}

AccessTokenRefresher manages OAuth2/OIDC token refresh for a client configuration

func NewAccessTokenRefresher 

func NewAccessTokenRefresher(config *Config, configFilePath string, callbackPort int) *AccessTokenRefresher

NewAccessTokenRefresher creates a new AccessTokenRefresher instance

func (*AccessTokenRefresher) GetAccessToken 

func (r *AccessTokenRefresher) GetAccessToken() string

GetAccessToken returns the current access token. Start() must be called before calling this method to initialize the refresh loop.

func (*AccessTokenRefresher) Start 

func (r *AccessTokenRefresher) Start(ctx context.Context)

Start initializes and starts the token refresh loop if not already started. The provided context is used as the parent context for the refresh loop. When the context is cancelled, the refresh loop will stop.

func (*AccessTokenRefresher) Stop 

func (r *AccessTokenRefresher) Stop()

Stop stops the token refresh loop gracefully

type AuthInfo 

type AuthInfo struct {
	// ClientCertificate is the path to a client cert file for TLS.
	// +optional
	ClientCertificate string `json:"client-certificate,omitempty"`
	// ClientCertificateData contains PEM-encoded data from a client cert file for TLS. Overrides ClientCertificate.
	// +optional
	ClientCertificateData []byte `json:"client-certificate-data,omitempty"`
	// ClientKey is the path to a client key file for TLS.
	// +optional
	ClientKey string `json:"client-key,omitempty"`
	// ClientKeyData contains PEM-encoded data from a client key file for TLS. Overrides ClientKey.
	// +optional
	ClientKeyData []byte `json:"client-key-data,omitempty" datapolicy:"security-key"`
	// AccessToken is the OAuth2/OIDC access token for API authentication
	// +optional
	AccessToken string `json:"access-token,omitempty"`
	// AccessTokenExpiry is the expiration time of the access token (RFC3339 format)
	// +optional
	AccessTokenExpiry string `json:"access-token-expiry,omitempty"`
	// RefreshToken is the OAuth2/OIDC refresh token for obtaining new access tokens
	// +optional
	RefreshToken string `json:"refresh-token,omitempty"`
	// IdToken is the OIDC ID token containing user identity information
	// +optional
	IdToken string `json:"id-token,omitempty"`
	// TokenToUse is the type of token to use for API authentication
	// +optional
	TokenToUse TokenToUseType `json:"token-to-use,omitempty"`
	// The authentication provider (i.e. OIDC, AAP, OAuth2, OpenShift)
	// +optional
	AuthProvider *AuthProviderConfig `json:"auth-provider,omitempty"`
	// Organizations indicates the configured IdP supports organizations.
	// +optional
	OrganizationsEnabled bool `json:"organizations-enabled,omitempty"`
}

AuthInfo contains information for authenticating Flight Control API clients.

func (*AuthInfo) DeepCopy 

func (a *AuthInfo) DeepCopy() *AuthInfo

func (*AuthInfo) Equal 

func (a *AuthInfo) Equal(a2 *AuthInfo) bool

type AuthProviderConfig added in v0.6.0 

type AuthProviderConfig struct {
	// AuthProvider is the authentication provider from the API
	AuthProvider api.AuthProvider `json:"auth-provider"`
	// CAFile is the path to a cert file for the certificate authority of the auth provider.
	CAFile string `json:"ca-file,omitempty"`
	// InsecureSkipVerify skips TLS verification when connecting to the auth provider
	InsecureSkipVerify bool `json:"insecureSkipVerify,omitempty"`
}

func (*AuthProviderConfig) DeepCopy added in v0.6.0 

func (a *AuthProviderConfig) DeepCopy() *AuthProviderConfig

func (*AuthProviderConfig) Equal added in v0.6.0 

func (a *AuthProviderConfig) Equal(a2 *AuthProviderConfig) bool

type Client 

type Client struct {
	*client.ClientWithResponses
	// contains filtered or unexported fields
}

Client wraps the Flight Control API client with token refresh capabilities. It embeds *client.ClientWithResponses so all API methods are available directly.

func NewFromConfig 

func NewFromConfig(config *Config, configFilePath string, opts ...client.ClientOption) (*Client, error)

NewFromConfig returns a new Flight Control API client from the given config. If the config has a refresh token, a token refresher will be created and included in the client. The refresher is not started automatically - call Start() to begin token refresh.

func NewFromConfigFile 

func NewFromConfigFile(filename string, opts ...client.ClientOption) (*Client, error)

NewFromConfigFile returns a new Flight Control API client using the config read from the given file. Additional client options may be supplied and will be appended after the defaults. If the config has a refresh token, a token refresher will be created and included in the client. The refresher is not started automatically - call Start() to begin token refresh.

func (*Client) Start 

func (c *Client) Start(ctx context.Context)

Start starts the token refresh loop if a refresher is configured. The provided context is used as the parent context for the refresh loop.

func (*Client) Stop 

func (c *Client) Stop()

Stop stops the token refresh loop if a refresher is configured.

type Config 

type Config struct {
	Service             Service  `json:"service"`
	ImageBuilderService *Service `json:"imageBuilderService,omitempty"`
	AuthInfo            AuthInfo `json:"authentication"`
	Organization        string   `json:"organization,omitempty"`

	// HTTPOptions contains HTTP client configuration options
	HTTPOptions []HTTPClientOption `json:"-"`
	// contains filtered or unexported fields
}

Config holds the information needed to connect to a Flight Control API server

func NewDefault 

func NewDefault() *Config

func ParseConfigFile 

func ParseConfigFile(filename string) (*Config, error)

func (*Config) AddHTTPOptions added in v0.10.0 

func (c *Config) AddHTTPOptions(opts ...HTTPClientOption)

AddHTTPOptions adds HTTP client options to the config

func (*Config) DeepCopy 

func (c *Config) DeepCopy() *Config

func (*Config) Equal 

func (c *Config) Equal(c2 *Config) bool

func (*Config) Flatten 

func (c *Config) Flatten() error

Reads the contents of all referenced files and embeds them in the config.

func (*Config) GetClientCertificatePath 

func (c *Config) GetClientCertificatePath() string

func (*Config) GetClientKeyPath 

func (c *Config) GetClientKeyPath() string

func (*Config) GetImageBuilderServer 

func (c *Config) GetImageBuilderServer() string

GetImageBuilderServer returns the imagebuilder server URL if configured, empty string otherwise.

func (*Config) HasCredentials 

func (c *Config) HasCredentials() bool

func (*Config) Persist 

func (c *Config) Persist(filename string) error

func (*Config) SetBaseDir 

func (c *Config) SetBaseDir(baseDir string)

func (*Config) Validate 

func (c *Config) Validate() error

type HTTPClientOption added in v0.10.0 

type HTTPClientOption func(*http.Client) error

HTTPClientOption is a functional option for configuring HTTP client behavior.

func WithCachedTransport added in v0.10.0 

func WithCachedTransport() HTTPClientOption

WithCachedTransport caches the first transport it sees and replaces all future invocations with this transport. The purpose of this option is to reuse connection pools across areas that may be hard to wire together.

func WithDialer added in v0.10.0 

func WithDialer(dialer *net.Dialer) HTTPClientOption

WithDialer configures the HTTP client to use the specified dialer.

func WithMaxIdleConnsPerHost added in v0.10.0 

func WithMaxIdleConnsPerHost(conns int) HTTPClientOption

WithMaxIdleConnsPerHost configures the HTTP client to use the specified number of IdleConnsPerHost Also increases the MaxIdleConns configuration if the current setting is less than new configuration for IdleConnsPerHost

type ImageBuilderClient 

type ImageBuilderClient struct {
	*imagebuilderclient.ClientWithResponses
	// contains filtered or unexported fields
}

ImageBuilderClient wraps the imagebuilder API client with token refresh capabilities.

func NewImageBuilderClientFromConfig 

func NewImageBuilderClientFromConfig(config *Config, configFilePath string, imageBuilderServer string, organization string, opts ...imagebuilderclient.ClientOption) (*ImageBuilderClient, error)

NewImageBuilderClientFromConfig returns a new ImageBuilder API client from the given config. If the config has a refresh token, a token refresher will be created and included in the client. The refresher is not started automatically - call Start() to begin token refresh.

func (*ImageBuilderClient) Start 

func (c *ImageBuilderClient) Start(ctx context.Context)

Start starts the token refresh loop if a refresher is configured. The provided context is used as the parent context for the refresh loop.

func (*ImageBuilderClient) Stop 

func (c *ImageBuilderClient) Stop()

Stop stops the token refresh loop if a refresher is configured.

type Service 

type Service struct {
	// Server is the URL of the Flight Control API server (the part before /api/v1/...).
	Server string `json:"server,omitempty"`
	// TLSServerName is passed to the server for SNI and is used in the client to check server certificates against.
	// If TLSServerName is empty, the hostname used to contact the server is used.
	// +optional
	TLSServerName string `json:"tls-server-name,omitempty"`
	// CertificateAuthority is the path to a cert file for the certificate authority.
	CertificateAuthority string `json:"certificate-authority,omitempty"`
	// CertificateAuthorityData contains PEM-encoded certificate authority certificates. Overrides CertificateAuthority
	CertificateAuthorityData []byte `json:"certificate-authority-data,omitempty"`
	InsecureSkipVerify       bool   `json:"insecureSkipVerify,omitempty"`
}

Service contains information how to connect to and authenticate the Flight Control API server.

func (*Service) DeepCopy 

func (s *Service) DeepCopy() *Service

func (*Service) Equal 

func (s *Service) Equal(s2 *Service) bool

type TokenToUseType added in v1.0.0 

type TokenToUseType string
const (
	TokenToUseAccessToken TokenToUseType = "access"
	TokenToUseIdToken     TokenToUseType = "id"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.