auth

package
v0.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2022 License: MIT Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client 

type Client struct {
	API        api.API
	AuthMethod Method
	// contains filtered or unexported fields
}

Client is the gateway into the auth functionality provided by Vault.

See https://www.vaultproject.io/api-docs/auth for more information.

func (*Client) Automatic 

func (c *Client) Automatic(ctx context.Context) <-chan Event

Automatic handles login and renewal automatically for you in the background using the configured auth method.

Tokens are renewed 5 seconds before expiration if eligible. If a lease is less than 5 seconds long, the token will be replaced instead of attempting renewal.

All login and renewal events and any associated errors are sent to the returned events channel. This channel haas a buffer of 1 to help the event receiver keep up with the events. If the channel is ignored or events are not received quickly enough, events will be dropped and not sent to the channel to avoid impeding the authentication process.

In the event that the context is canceled, login and renewals will be halted and the events channel will be closed.

func (*Client) GetToken 

func (c *Client) GetToken() Token

GetToken returns the internal Vault auth token that the client uses to communicate with Vault.

func (*Client) Login 

func (c *Client) Login(ctx context.Context) error

Login authenticates against Vault using the configured auth method and sets the internal auth token that the client uses to communicate with Vault.

func (*Client) RenewSelf 

func (c *Client) RenewSelf(ctx context.Context) error

RenewSelf initiates a token renewal request for the internal Vault auth token that the client uses to communicate with Vault.

See https://www.vaultproject.io/api/auth/token#renew-a-token-self for more information.

func (*Client) SetToken 

func (c *Client) SetToken(token Token)

SetToken sets the internal Vault auth token that the client uses to communicate with Vault.

This should be called after authenticating with Vault so that the client may make requests.

type Event 

type Event struct {
	// Type indicates the type of the authentication event, either "login" or "renew".
	Type string
	// Err indicates when there was a problem authenticating with Vault.
	Err error
}

Event is used to communicate authentication happenings.

type Method 

type Method interface {
	Login(ctx context.Context, api api.API) (Token, error)
}

Method represents a way of authenticating against Vault using one of the officially supported techniques.

For more information, see https://www.vaultproject.io/docs/auth

type Token 

type Token struct {
	// Value is a string representation of the token, used when interacting with the Vault Client.
	Value string
	// Expiration indicates when the token expires and must be renewed or regenerated.
	Expiration time.Duration
	// Renewable indicates whether the token can be renewed or must be regenerated.
	Renewable bool
}

Token represents a Vault authentication token.

This is used throughout vaultx to authenticate with Vault.

type TokenManager 

type TokenManager interface {
	// SetToken sets the Vault auth token.
	SetToken(token Token)
	// GetToken returns the Vault auth token.
	GetToken() Token
}

TokenManager manages Vault auth tokens.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.