pgmultiauth

package module
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 23, 2025 License: MPL-2.0 Imports: 21 Imported by: 1

README

go-pgmultiauth

pgmultiauth is a Go module that simplifies and streamlines authentication with PostgreSQL databases using multiple authentication methods. It provides a unified interface for connecting to PostgreSQL databases using various authentication mechanisms.

Features

  • Multiple Authentication Methods: Support for AWS, GCP, and Azure authentication.
  • Connection Management: Handles token refresh and reconnection logic automatically
  • Multiple consumption mechanism: Supports various handlers like *sql.DB, driver.Connector, *pgxpool.Pool etc

Authentication Methods

The module currently supports:

Installation

go get github.com/hashicorp/go-pgmultiauth

Usage

Using with database/sql.DB

authConfig := NewConfig(
    connString,
    WithAWSConfig(awsConfig),
)

db, err := pgmultiauth.Open(ctx, authConfig)
if err != nil {
    // handle error
}
defer db.Close()

// Use db as a standard database/sql.DB
Using with pgx connection pool
pool, err := pgmultiauth.NewDBPool(ctx, authConfig)
if err != nil {
    // handle error
}
defer pool.Close()

// Use pool as a standard pgx.Pool
Using BeforeConnect function of pgxpool.Config
beforeConnect, err := pgmultiauth.BeforeConnectFn(ctx, authConfig)
if err != nil {
    // handle error
}

poolConfig := pgxpool.Config{
    ConnConfig: connConfig,
    BeforeConnect: beforeConnect,
    ..
    ..
}
Using driver.Connector
dbConnector, err := pgmultiauth.GetConnector(ctx, dbAuthConfig)
if err != nil {
    // handle error
}

db := sql.OpenDB(dbConnector)

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BeforeConnectFn 

func BeforeConnectFn(ctx context.Context, config Config) (func(context.Context, *pgx.ConnConfig) error, error)

BeforeConnectFn returns a function that can be used to set up the authentication before establishing a connection to the database.

func GetAuthenticatedConnString 

func GetAuthenticatedConnString(ctx context.Context, config Config) (string, error)

GetAuthenticatedConnString returns the database connection string based on the provided authentication configuration. It returns the original connection string if no authentication method is configured.

func GetConnector 

func GetConnector(ctx context.Context, config Config) (driver.Connector, error)

GetConnector initializes and returns a driver.Connector using the provided authentication configuration.

func NewDBPool 

func NewDBPool(ctx context.Context, config Config) (*pgxpool.Pool, error)

NewDBPool initializes and returns a *pgxpool.Pool database connection using the provided authentication configuration.

func Open 

func Open(ctx context.Context, config Config) (*sql.DB, error)

Open initializes and returns a *sql.DB database connection using the provided authentication configuration.

Types

type AuthMethod 

type AuthMethod int

AuthMethod represents the type of authentication method used for connecting to the database. 

const (
	StandardAuth AuthMethod = iota // Default value, standard authentication
	AWSAuth                        // AWS authentication
	GCPAuth                        // GCP authentication
	AzureAuth                      // Azure authentication
)

type Config 

type Config struct {
	// contains filtered or unexported fields
}

Config holds the configuration for the database.

func DefaultConfig 

func DefaultConfig(ctx context.Context, connString string, authOpts DefaultAuthConfigOptions, opts ...ConfigOpt) (Config, error)

DefaultConfig initializes Config with default behavior across the auth methods. For Cloud based auth it assumes that application is running in the cloud environment. For AWS, it uses AWS IAM authentication For GCP, it uses GCP default credentials For Azure, it uses Managed Identity (MSI) authentication For StandardAuth, it uses the default PostgreSQL authentication

func NewConfig added in v1.0.0 

func NewConfig(connString string, opts ...ConfigOpt) Config

NewConfig creates a new Config with the provided connection string and optional configuration options. It sets a null logger if no logger is provided.

type ConfigOpt added in v1.0.0 

type ConfigOpt func(r *Config)

ConfigOpt provides a method to customize a Config.

func WithAWSAuth added in v1.0.0 

func WithAWSAuth(cfg *aws.Config) ConfigOpt

WithawsConfig sets the AWS configuration for the database connection.

func WithAzureAuth added in v1.0.0 

func WithAzureAuth(creds azcore.TokenCredential) ConfigOpt

WithazureCreds sets the Azure credentials for the database connection.

func WithGoogleAuth added in v1.0.0 

func WithGoogleAuth(creds *google.Credentials) ConfigOpt

WithGoogleCreds sets the Google credentials for the database connection.

func WithLogger added in v1.0.0 

func WithLogger(l hclog.Logger) ConfigOpt

WithLogger sets the logger for the Config.

type DefaultAuthConfigOptions 

type DefaultAuthConfigOptions struct {
	AuthMethod AuthMethod

	// AWS IAM Auth
	AWSDBRegion string

	// Azure MSI Auth
	AzureClientID string
}

DefaultAuthConfigOptions holds the configuration options for various authentication methods.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.