vault

package

v0.21.1 Latest Latest Go to latest Published: Sep 25, 2025 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/gotd/contrib

Links

Open Source Insights

Documentation ¶

Overview ¶

Package vault contains gotd secret storage implementations using Hashicorp Vault.

Index ¶

type Credentials
- func NewCredentials(client *api.Client, path string) Credentials
type SessionStorage
- func NewSessionStorage(client *api.Client, path, key string) SessionStorage

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Credentials ¶

type Credentials struct {
	kv.Credentials
}

Credentials stores user credentials to Vault.

Example ¶

package main

import (
	"context"
	"fmt"
	"os"
	"os/signal"

	"github.com/go-faster/errors"
	"github.com/hashicorp/vault/api"

	"github.com/gotd/td/telegram"
	tgauth "github.com/gotd/td/telegram/auth"

	"github.com/gotd/contrib/auth"
	"github.com/gotd/contrib/auth/terminal"
	"github.com/gotd/contrib/vault"
)

func vaultAuth(ctx context.Context) error {
	vaultClient, err := api.NewClient(api.DefaultConfig())
	if err != nil {
		return errors.Errorf("create Vault client: %w", err)
	}
	cred := vault.NewCredentials(vaultClient, "cubbyhole/telegram/user").
		WithPhoneKey("phone").
		WithPasswordKey("password")

	client, err := telegram.ClientFromEnvironment(telegram.Options{})
	if err != nil {
		return errors.Errorf("create client: %w", err)
	}

	return client.Run(ctx, func(ctx context.Context) error {
		return client.Auth().IfNecessary(
			ctx,
			tgauth.NewFlow(auth.Build(cred, terminal.OS()), tgauth.SendCodeOptions{}),
		)
	})
}

func main() {
	ctx, cancel := signal.NotifyContext(context.Background(), os.Interrupt)
	defer cancel()

	if err := vaultAuth(ctx); err != nil {
		_, _ = fmt.Fprintf(os.Stderr, "%+v\n", err)
		os.Exit(1)
	}
}

func NewCredentials ¶

func NewCredentials(client *api.Client, path string) Credentials

NewCredentials creates new Credentials.

type SessionStorage ¶

type SessionStorage struct {
	kv.Session
}

SessionStorage is a MTProto session Vault storage.

Example ¶

package main

import (
	"context"
	"fmt"
	"os"
	"os/signal"

	"github.com/go-faster/errors"
	"github.com/hashicorp/vault/api"

	"github.com/gotd/td/telegram"

	"github.com/gotd/contrib/vault"
)

func vaultStorage(ctx context.Context) error {
	vaultClient, err := api.NewClient(api.DefaultConfig())
	if err != nil {
		return errors.Errorf("create Vault client: %w", err)
	}
	storage := vault.NewSessionStorage(vaultClient, "cubbyhole/telegram/user", "session")

	client, err := telegram.ClientFromEnvironment(telegram.Options{
		SessionStorage: storage,
	})
	if err != nil {
		return errors.Errorf("create client: %w", err)
	}

	return client.Run(ctx, func(ctx context.Context) error {
		_, err := client.Auth().Bot(ctx, os.Getenv("BOT_TOKEN"))
		return err
	})
}

func main() {
	ctx, cancel := signal.NotifyContext(context.Background(), os.Interrupt)
	defer cancel()

	if err := vaultStorage(ctx); err != nil {
		_, _ = fmt.Fprintf(os.Stderr, "%+v\n", err)
		os.Exit(1)
	}
}

func NewSessionStorage ¶

func NewSessionStorage(client *api.Client, path, key string) SessionStorage

NewSessionStorage creates new SessionStorage.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL