auth

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 8, 2026 License: MIT Imports: 32 Imported by: 0

Documentation

Overview

Package auth provides authentication and authorization functionality for s9s.

Index

Constants

View Source 
const (
	// KeyringService is the service name for storing tokens in the system keyring
	KeyringService = "s9s"

	// TokenCacheFile is the filename for the cached tokens
	TokenCacheFile = "tokens.json"

	// DefaultTokenExpiry is the default token expiration time
	DefaultTokenExpiry = 24 * time.Hour
)

Variables

View Source 
var (
	ErrTokenExpired = fmt.Errorf("token has expired")
	ErrInvalidToken = fmt.Errorf("invalid token")
	ErrAuthFailed   = fmt.Errorf("authentication failed")
)

Common authentication errors

Functions

func ValidateJWT 

func ValidateJWT(tokenString string) (*jwt.RegisteredClaims, error)

ValidateJWT validates a JWT token and extracts claims

Types

type APIAuthenticator 

type APIAuthenticator struct {
	// contains filtered or unexported fields
}

APIAuthenticator implements authentication against a configurable API endpoint

func (*APIAuthenticator) Authenticate 

func (a *APIAuthenticator) Authenticate(ctx context.Context, config AuthConfig) (*Token, error)

Authenticate authenticates against the API endpoint

func (*APIAuthenticator) Cleanup 

func (a *APIAuthenticator) Cleanup() error

Cleanup performs any necessary cleanup

func (*APIAuthenticator) GetConfigSchema 

func (a *APIAuthenticator) GetConfigSchema() ConfigSchema

GetConfigSchema returns the configuration schema for this authenticator

func (*APIAuthenticator) GetInfo 

func (a *APIAuthenticator) GetInfo() AuthenticatorInfo

GetInfo returns information about this authenticator

func (*APIAuthenticator) Initialize 

func (a *APIAuthenticator) Initialize(_ context.Context, config AuthConfig) error

Initialize initializes the API authenticator

func (*APIAuthenticator) RefreshToken 

func (a *APIAuthenticator) RefreshToken(ctx context.Context, token *Token) (*Token, error)

RefreshToken refreshes an expired token using the refresh token

func (*APIAuthenticator) RevokeToken 

func (a *APIAuthenticator) RevokeToken(ctx context.Context, token *Token) error

RevokeToken revokes a token if the API supports it

func (*APIAuthenticator) ValidateToken 

func (a *APIAuthenticator) ValidateToken(ctx context.Context, token *Token) error

ValidateToken validates a token by checking its structure and expiration

type AdvancedLoadBalancer 

type AdvancedLoadBalancer struct {
	// contains filtered or unexported fields
}

AdvancedLoadBalancer provides sophisticated load balancing with health checking

func (*AdvancedLoadBalancer) DecrementActiveConnections 

func (a *AdvancedLoadBalancer) DecrementActiveConnections(endpoint *Endpoint)

DecrementActiveConnections decrements the active connection count

func (*AdvancedLoadBalancer) GetEndpointStats 

func (a *AdvancedLoadBalancer) GetEndpointStats() map[string]EndpointStats

GetEndpointStats returns statistics for all endpoints

func (*AdvancedLoadBalancer) GetStrategy 

func (a *AdvancedLoadBalancer) GetStrategy() string

GetStrategy returns the load balancing strategy name

func (*AdvancedLoadBalancer) IncrementActiveConnections 

func (a *AdvancedLoadBalancer) IncrementActiveConnections(endpoint *Endpoint)

IncrementActiveConnections increments the active connection count

func (*AdvancedLoadBalancer) RecordResponseTime 

func (a *AdvancedLoadBalancer) RecordResponseTime(endpoint *Endpoint, responseTime time.Duration)

RecordResponseTime records the response time for an endpoint

func (*AdvancedLoadBalancer) SelectEndpoint 

func (a *AdvancedLoadBalancer) SelectEndpoint(endpoints []Endpoint) (*Endpoint, error)

SelectEndpoint selects the best endpoint using the configured strategy

func (*AdvancedLoadBalancer) UpdateEndpointHealth 

func (a *AdvancedLoadBalancer) UpdateEndpointHealth(endpoint *Endpoint, healthy bool)

UpdateEndpointHealth updates the health status and metrics of an endpoint

type AuthConfig 

type AuthConfig = Config

type AuthManager 

type AuthManager = Manager

type AuthProvider 

type AuthProvider = Provider

type Authenticator 

type Authenticator interface {
	// Core authentication methods
	Authenticate(ctx context.Context, config Config) (*Token, error)
	RefreshToken(ctx context.Context, token *Token) (*Token, error)
	ValidateToken(ctx context.Context, token *Token) error
	RevokeToken(ctx context.Context, token *Token) error

	// Plugin metadata
	GetInfo() AuthenticatorInfo
	GetConfigSchema() ConfigSchema

	// Lifecycle management
	Initialize(ctx context.Context, config Config) error
	Cleanup() error
}

Authenticator defines the interface for all authentication plugins

func NewAPIAuthenticator 

func NewAPIAuthenticator() Authenticator

NewAPIAuthenticator creates a new API authenticator

func NewOAuth2Authenticator 

func NewOAuth2Authenticator() Authenticator

NewOAuth2Authenticator creates a new OAuth2 authenticator

func NewSlurmTokenAuthenticator 

func NewSlurmTokenAuthenticator() Authenticator

NewSlurmTokenAuthenticator creates a new SLURM token authenticator

type AuthenticatorInfo 

type AuthenticatorInfo struct {
	Name        string
	Version     string
	Description string
	Author      string
	Supported   []string // List of supported authentication methods
}

AuthenticatorInfo contains metadata about an authenticator

type ClusterAuthInfo 

type ClusterAuthInfo struct {
	ClusterID     string
	AuthType      string
	IsConfigured  bool
	HasValidToken bool
	TokenExpiry   *time.Time
	LastAuth      *time.Time
	Endpoints     []Endpoint
}

ClusterAuthInfo contains information about a cluster's authentication setup

type Config added in v0.3.0 

type Config map[string]interface{}

Config holds configuration for authenticators

func (Config) Get added in v0.3.0 

func (c Config) Get(key string) interface{}

Get retrieves a configuration value by key

func (Config) GetBool added in v0.3.0 

func (c Config) GetBool(key string) bool

GetBool retrieves a boolean configuration value

func (Config) GetInt added in v0.3.0 

func (c Config) GetInt(key string) int

GetInt retrieves an integer configuration value

func (Config) GetString added in v0.3.0 

func (c Config) GetString(key string) string

GetString retrieves a string configuration value

type ConfigSchema 

type ConfigSchema struct {
	Properties map[string]PropertySchema `json:"properties"`
	Required   []string                  `json:"required"`
}

ConfigSchema defines the configuration schema for an authenticator

type DNSEndpointDiscoverer 

type DNSEndpointDiscoverer struct {
	// contains filtered or unexported fields
}

DNSEndpointDiscoverer implements DNS-based service discovery

func (*DNSEndpointDiscoverer) Cleanup 

func (d *DNSEndpointDiscoverer) Cleanup() error

Cleanup performs any necessary cleanup

func (*DNSEndpointDiscoverer) DiscoverEndpoints 

func (d *DNSEndpointDiscoverer) DiscoverEndpoints(ctx context.Context, clusterID string) ([]Endpoint, error)

DiscoverEndpoints discovers endpoints using DNS resolution

func (*DNSEndpointDiscoverer) GetInfo 

func (d *DNSEndpointDiscoverer) GetInfo() DiscovererInfo

GetInfo returns information about this discoverer

func (*DNSEndpointDiscoverer) GetLoadBalancer 

func (d *DNSEndpointDiscoverer) GetLoadBalancer() LoadBalancer

GetLoadBalancer returns the load balancer for endpoint selection

func (*DNSEndpointDiscoverer) HealthCheck 

func (d *DNSEndpointDiscoverer) HealthCheck(ctx context.Context, endpoint *Endpoint) error

HealthCheck performs a health check on an endpoint

func (*DNSEndpointDiscoverer) Initialize 

func (d *DNSEndpointDiscoverer) Initialize(_ context.Context, config DiscoveryConfig) error

Initialize initializes the DNS endpoint discoverer

func (*DNSEndpointDiscoverer) StartPeriodicDiscovery 

func (d *DNSEndpointDiscoverer) StartPeriodicDiscovery(ctx context.Context)

StartPeriodicDiscovery starts periodic DNS discovery and cache cleanup

type DNSLoadBalancer 

type DNSLoadBalancer struct {
	*WeightedRoundRobinLoadBalancer
	// contains filtered or unexported fields
}

DNSLoadBalancer extends weighted round-robin with DNS-specific features

func (*DNSLoadBalancer) GetStrategy 

func (d *DNSLoadBalancer) GetStrategy() string

GetStrategy returns the load balancing strategy name

func (*DNSLoadBalancer) SelectEndpoint 

func (d *DNSLoadBalancer) SelectEndpoint(endpoints []Endpoint) (*Endpoint, error)

SelectEndpoint selects an endpoint with DNS-specific logic

type DiscoveredToken added in v0.3.0 

type DiscoveredToken struct {
	Token     string            // The JWT token value
	Username  string            // Username the token was generated for
	ExpiresAt time.Time         // Token expiration time
	Source    string            // How the token was obtained (scontrol, env, etc.)
	Metadata  map[string]string // Additional metadata
}

DiscoveredToken represents a discovered/generated SLURM JWT token

func (*DiscoveredToken) ToAuthToken added in v0.3.0 

func (dt *DiscoveredToken) ToAuthToken(clusterID string) *Token

ToAuthToken converts a DiscoveredToken to an auth.Token.

type DiscovererInfo 

type DiscovererInfo struct {
	Name        string
	Version     string
	Description string
	Author      string
	Supported   []string // List of supported discovery methods
}

DiscovererInfo contains metadata about an endpoint discoverer

type DiscoveryConfig 

type DiscoveryConfig map[string]interface{}

DiscoveryConfig holds configuration for endpoint discovery

func (DiscoveryConfig) Get 

func (c DiscoveryConfig) Get(key string) interface{}

Get retrieves a configuration value by key

func (DiscoveryConfig) GetInt 

func (c DiscoveryConfig) GetInt(key string) int

GetInt retrieves an integer configuration value

func (DiscoveryConfig) GetString 

func (c DiscoveryConfig) GetString(key string) string

GetString retrieves a string configuration value

type Endpoint 

type Endpoint struct {
	URL       string            `json:"url"`
	ClusterID string            `json:"cluster_id"`
	Weight    int               `json:"weight"`
	Metadata  map[string]string `json:"metadata"`
	Status    EndpointStatus    `json:"status"`
	LastCheck time.Time         `json:"last_check"`
}

Endpoint represents a slurmrestd API endpoint

type EndpointDiscoverer 

type EndpointDiscoverer interface {
	DiscoverEndpoints(ctx context.Context, clusterID string) ([]Endpoint, error)
	HealthCheck(ctx context.Context, endpoint *Endpoint) error
	GetLoadBalancer() LoadBalancer

	// Plugin metadata
	GetInfo() DiscovererInfo
	Initialize(ctx context.Context, config DiscoveryConfig) error
	Cleanup() error
}

EndpointDiscoverer defines the interface for endpoint discovery plugins

func NewDNSEndpointDiscoverer 

func NewDNSEndpointDiscoverer() EndpointDiscoverer

NewDNSEndpointDiscoverer creates a new DNS-based endpoint discoverer

func NewStaticEndpointDiscoverer 

func NewStaticEndpointDiscoverer() EndpointDiscoverer

NewStaticEndpointDiscoverer creates a new static endpoint discoverer

type EndpointManager 

type EndpointManager interface {
	// ConfigureCluster sets up endpoint discovery for a cluster
	ConfigureCluster(clusterID string, discoveryType string, config DiscoveryConfig) error

	// DiscoverEndpoints discovers available endpoints for a cluster
	DiscoverEndpoints(ctx context.Context, clusterID string) ([]Endpoint, error)

	// GetEndpoint selects the best endpoint for a cluster
	GetEndpoint(ctx context.Context, clusterID string) (*Endpoint, error)

	// UpdateEndpointHealth updates the health status of an endpoint
	UpdateEndpointHealth(ctx context.Context, endpoint *Endpoint, healthy bool) error

	// GetAllEndpoints returns all known endpoints for a cluster
	GetAllEndpoints(clusterID string) []Endpoint

	// StartHealthChecking starts background health checking
	StartHealthChecking(ctx context.Context, interval time.Duration)

	// StopHealthChecking stops background health checking
	StopHealthChecking()
}

EndpointManager manages endpoint discovery and selection

type EndpointStats 

type EndpointStats struct {
	URL                 string
	Status              string
	Weight              int
	ActiveConnections   int32
	ConsecutiveFailures int
	ResponseTime        time.Duration
	LastSuccess         time.Time
	LastFailure         time.Time
	CircuitBreakerOpen  bool
	CircuitBreakerUntil time.Time
}

EndpointStats contains statistics for an endpoint

type EndpointStatus 

type EndpointStatus int

EndpointStatus represents the health status of an endpoint 

const (
	// EndpointStatusUnknown is the unknown endpoint status.
	EndpointStatusUnknown EndpointStatus = iota
	// EndpointStatusHealthy is the healthy endpoint status.
	EndpointStatusHealthy
	// EndpointStatusUnhealthy is the unhealthy endpoint status.
	EndpointStatusUnhealthy
	// EndpointStatusMaintenance is the maintenance endpoint status.
	EndpointStatusMaintenance
)

func (EndpointStatus) String 

func (s EndpointStatus) String() string

String returns the string representation of the endpoint status

type FileSecureStore 

type FileSecureStore struct {
	// contains filtered or unexported fields
}

FileSecureStore implements secure storage using encrypted files

func (*FileSecureStore) Cleanup 

func (f *FileSecureStore) Cleanup() error

Cleanup performs any necessary cleanup

func (*FileSecureStore) Delete 

func (f *FileSecureStore) Delete(key string) error

Delete removes data securely

func (*FileSecureStore) Initialize 

func (f *FileSecureStore) Initialize() error

Initialize initializes the secure store

func (*FileSecureStore) List 

func (f *FileSecureStore) List() ([]string, error)

List returns all keys in the store

func (*FileSecureStore) Retrieve 

func (f *FileSecureStore) Retrieve(key string) ([]byte, error)

Retrieve gets data securely

func (*FileSecureStore) Store 

func (f *FileSecureStore) Store(key string, data []byte) error

Store saves data securely

type FileTokenStore 

type FileTokenStore struct {
	// contains filtered or unexported fields
}

FileTokenStore implements TokenStore using FileSecureStore

func (*FileTokenStore) Clear 

func (f *FileTokenStore) Clear(_ context.Context) error

Clear removes all tokens from storage

func (*FileTokenStore) Delete 

func (f *FileTokenStore) Delete(_ context.Context, clusterID string) error

Delete removes a token from storage

func (*FileTokenStore) List 

func (f *FileTokenStore) List(_ context.Context) ([]string, error)

List returns all stored cluster IDs

func (*FileTokenStore) Retrieve 

func (f *FileTokenStore) Retrieve(_ context.Context, clusterID string) (*Token, error)

Retrieve gets a token from storage

func (*FileTokenStore) Store 

func (f *FileTokenStore) Store(_ context.Context, clusterID string, token *Token) error

Store saves a token securely

type HealthChecker 

type HealthChecker struct {
	// contains filtered or unexported fields
}

HealthChecker performs periodic health checks on endpoints

func (*HealthChecker) Start 

func (h *HealthChecker) Start(ctx context.Context)

Start starts periodic health checks for the health checker.

func (*HealthChecker) Stop 

func (h *HealthChecker) Stop()

Stop stops the health checker

type KeyringBackend 

type KeyringBackend interface {
	Set(service, user, password string) error
	Get(service, user string) (string, error)
	Delete(service, user string) error
	List(service string) ([]string, error)
}

KeyringBackend defines the interface for keyring implementations

func NewLinuxKeyringBackend 

func NewLinuxKeyringBackend() KeyringBackend

NewLinuxKeyringBackend creates a Linux keyring backend

func NewMacOSKeyringBackend 

func NewMacOSKeyringBackend() KeyringBackend

NewMacOSKeyringBackend creates a macOS keyring backend

type KeyringSecureStore 

type KeyringSecureStore struct {
	// contains filtered or unexported fields
}

KeyringSecureStore implements secure storage using the system keyring

func (*KeyringSecureStore) Cleanup 

func (k *KeyringSecureStore) Cleanup() error

Cleanup performs any necessary cleanup

func (*KeyringSecureStore) Delete 

func (k *KeyringSecureStore) Delete(key string) error

Delete removes data securely from the keyring

func (*KeyringSecureStore) Initialize 

func (k *KeyringSecureStore) Initialize() error

Initialize initializes the keyring secure store

func (*KeyringSecureStore) List 

func (k *KeyringSecureStore) List() ([]string, error)

List returns all keys in the keyring

func (*KeyringSecureStore) Retrieve 

func (k *KeyringSecureStore) Retrieve(key string) ([]byte, error)

Retrieve gets data securely from the keyring

func (*KeyringSecureStore) Store 

func (k *KeyringSecureStore) Store(key string, data []byte) error

Store saves data securely in the keyring

type KeyringTokenStore 

type KeyringTokenStore struct {
	// contains filtered or unexported fields
}

KeyringTokenStore implements TokenStore using KeyringSecureStore

func (*KeyringTokenStore) Clear 

func (k *KeyringTokenStore) Clear(_ context.Context) error

Clear removes all tokens from the keyring

func (*KeyringTokenStore) Delete 

func (k *KeyringTokenStore) Delete(_ context.Context, clusterID string) error

Delete removes a token from the keyring

func (*KeyringTokenStore) List 

func (k *KeyringTokenStore) List(_ context.Context) ([]string, error)

List returns all stored cluster IDs from the keyring

func (*KeyringTokenStore) Retrieve 

func (k *KeyringTokenStore) Retrieve(_ context.Context, clusterID string) (*Token, error)

Retrieve gets a token from the keyring

func (*KeyringTokenStore) Store 

func (k *KeyringTokenStore) Store(_ context.Context, clusterID string, token *Token) error

Store saves a token securely in the keyring

type LinuxKeyringBackend 

type LinuxKeyringBackend struct {
	// contains filtered or unexported fields
}

LinuxKeyringBackend implements KeyringBackend using the system's Secret Service API.

func (*LinuxKeyringBackend) Delete 

func (l *LinuxKeyringBackend) Delete(service, user string) error

Delete removes a password from the Linux keyring

func (*LinuxKeyringBackend) Get 

func (l *LinuxKeyringBackend) Get(service, user string) (string, error)

Get retrieves a password from the Linux keyring

func (*LinuxKeyringBackend) List 

func (l *LinuxKeyringBackend) List(service string) ([]string, error)

List returns all users for a service in the Linux keyring

func (*LinuxKeyringBackend) Set 

func (l *LinuxKeyringBackend) Set(service, user, password string) error

Set stores a password in the Linux keyring

type LoadBalancer 

type LoadBalancer interface {
	// SelectEndpoint selects the best endpoint from the available ones
	SelectEndpoint(endpoints []Endpoint) (*Endpoint, error)

	// UpdateEndpointHealth updates the health status of an endpoint
	UpdateEndpointHealth(endpoint *Endpoint, healthy bool)

	// GetStrategy returns the load balancing strategy
	GetStrategy() string
}

LoadBalancer defines the interface for load balancing across endpoints

func NewAdvancedLoadBalancer 

func NewAdvancedLoadBalancer(config *LoadBalancerConfig) LoadBalancer

NewAdvancedLoadBalancer creates a new advanced load balancer

func NewDNSLoadBalancer 

func NewDNSLoadBalancer() LoadBalancer

NewDNSLoadBalancer creates a DNS-aware load balancer

func NewRoundRobinLoadBalancer 

func NewRoundRobinLoadBalancer() LoadBalancer

NewRoundRobinLoadBalancer creates a new round-robin load balancer

func NewWeightedRoundRobinLoadBalancer 

func NewWeightedRoundRobinLoadBalancer() LoadBalancer

NewWeightedRoundRobinLoadBalancer creates a new weighted round-robin load balancer

type LoadBalancerConfig 

type LoadBalancerConfig struct {
	Strategy               string
	MaxConsecutiveFailures int
	CircuitBreakerTimeout  time.Duration
	HealthCheckInterval    time.Duration
	HealthCheckTimeout     time.Duration
	HealthCheckPath        string
	ResponseTimeWeight     float64
	WeightUpdateInterval   time.Duration
}

LoadBalancerConfig configures the load balancer behavior

type MacOSKeyringBackend 

type MacOSKeyringBackend struct {
	// contains filtered or unexported fields
}

MacOSKeyringBackend implements KeyringBackend using Keychain Services.

func (*MacOSKeyringBackend) Delete 

func (m *MacOSKeyringBackend) Delete(service, user string) error

Delete removes a password from the macOS Keychain

func (*MacOSKeyringBackend) Get 

func (m *MacOSKeyringBackend) Get(service, user string) (string, error)

Get retrieves a password from the macOS Keychain

func (*MacOSKeyringBackend) List 

func (m *MacOSKeyringBackend) List(service string) ([]string, error)

List returns all users for a service in the macOS Keychain

func (*MacOSKeyringBackend) Set 

func (m *MacOSKeyringBackend) Set(service, user, password string) error

Set stores a password in the macOS Keychain

type ManagedEndpoint 

type ManagedEndpoint struct {
	Endpoint
	// contains filtered or unexported fields
}

ManagedEndpoint wraps an Endpoint with additional load balancing metadata

type Manager added in v0.3.0 

type Manager interface {
	// ConfigureCluster sets up authentication for a cluster
	ConfigureCluster(clusterID string, authType string, config Config) error

	// Authenticate authenticates against a specific cluster
	Authenticate(ctx context.Context, clusterID string) (*Token, error)

	// GetToken retrieves a valid token for a cluster
	GetToken(ctx context.Context, clusterID string) (*Token, error)

	// RefreshToken refreshes an expired token
	RefreshToken(ctx context.Context, clusterID string) (*Token, error)

	// RevokeToken revokes a token
	RevokeToken(ctx context.Context, clusterID string) error

	// ListClusters returns all configured clusters
	ListClusters() []string

	// GetClusterInfo returns information about a cluster's auth configuration
	GetClusterInfo(clusterID string) (*ClusterAuthInfo, error)

	// ValidateConfiguration validates auth configuration
	ValidateConfiguration(authType string, config Config) error
}

Manager manages authentication across multiple clusters

type OAuth2Authenticator 

type OAuth2Authenticator struct {
	// contains filtered or unexported fields
}

OAuth2Authenticator implements OAuth2/OIDC authentication

func (*OAuth2Authenticator) Authenticate 

func (o *OAuth2Authenticator) Authenticate(ctx context.Context, config AuthConfig) (*Token, error)

Authenticate performs OAuth2 authentication flow

func (*OAuth2Authenticator) Cleanup 

func (o *OAuth2Authenticator) Cleanup() error

Cleanup performs any necessary cleanup

func (*OAuth2Authenticator) GetConfigSchema 

func (o *OAuth2Authenticator) GetConfigSchema() ConfigSchema

GetConfigSchema returns the configuration schema for this authenticator

func (*OAuth2Authenticator) GetInfo 

func (o *OAuth2Authenticator) GetInfo() AuthenticatorInfo

GetInfo returns information about this authenticator

func (*OAuth2Authenticator) Initialize 

func (o *OAuth2Authenticator) Initialize(_ context.Context, config AuthConfig) error

Initialize initializes the OAuth2 authenticator

func (*OAuth2Authenticator) RefreshToken 

func (o *OAuth2Authenticator) RefreshToken(ctx context.Context, token *Token) (*Token, error)

RefreshToken refreshes an expired token using the refresh token

func (*OAuth2Authenticator) RevokeToken 

func (o *OAuth2Authenticator) RevokeToken(_ context.Context, token *Token) error

RevokeToken revokes an OAuth2 token

func (*OAuth2Authenticator) ValidateToken 

func (o *OAuth2Authenticator) ValidateToken(_ context.Context, token *Token) error

ValidateToken validates an OAuth2 token

type PropertySchema 

type PropertySchema struct {
	Type        string      `json:"type"`
	Description string      `json:"description"`
	Required    bool        `json:"required"`
	Sensitive   bool        `json:"sensitive"`
	Default     interface{} `json:"default,omitempty"`
	Enum        []string    `json:"enum,omitempty"`
}

PropertySchema defines a single property in the configuration schema

type Provider added in v0.3.0 

type Provider interface {
	// Authenticate performs authentication and returns a token
	Authenticate(ctx context.Context, username, password string) (*Token, error)

	// RefreshToken refreshes an existing token
	RefreshToken(ctx context.Context, token *Token) (*Token, error)

	// ValidateToken validates if a token is still valid
	ValidateToken(ctx context.Context, token *Token) error

	// Logout invalidates a token
	Logout(ctx context.Context, token *Token) error
}

Provider defines the interface for authentication providers

type RoundRobinLoadBalancer 

type RoundRobinLoadBalancer struct {
	// contains filtered or unexported fields
}

RoundRobinLoadBalancer implements a simple round-robin load balancer

func (*RoundRobinLoadBalancer) GetStrategy 

func (r *RoundRobinLoadBalancer) GetStrategy() string

GetStrategy returns the load balancing strategy name

func (*RoundRobinLoadBalancer) SelectEndpoint 

func (r *RoundRobinLoadBalancer) SelectEndpoint(endpoints []Endpoint) (*Endpoint, error)

SelectEndpoint selects the next endpoint using round-robin

func (*RoundRobinLoadBalancer) UpdateEndpointHealth 

func (r *RoundRobinLoadBalancer) UpdateEndpointHealth(endpoint *Endpoint, healthy bool)

UpdateEndpointHealth updates the health status of an endpoint

type SecureStore 

type SecureStore interface {
	Store(key string, data []byte) error
	Retrieve(key string) ([]byte, error)
	Delete(key string) error
	List() ([]string, error)
	Initialize() error
	Cleanup() error
}

SecureStore defines the interface for platform-specific secure storage

func NewFileSecureStore 

func NewFileSecureStore(storePath string) SecureStore

NewFileSecureStore creates a new file-based secure store

func NewKeyringSecureStore 

func NewKeyringSecureStore(serviceName string) SecureStore

NewKeyringSecureStore creates a new keyring-based secure store

type SimpleToken 

type SimpleToken struct {
	Value      string    `json:"value"`
	ExpiresAt  time.Time `json:"expires_at"`
	ClusterURL string    `json:"cluster_url"`
	Username   string    `json:"username"`
}

SimpleToken represents a cached authentication token (for backward compatibility)

func (*SimpleToken) IsExpired 

func (t *SimpleToken) IsExpired() bool

IsExpired checks if the token has expired

type SlurmAuthProvider 

type SlurmAuthProvider struct {
	// contains filtered or unexported fields
}

SlurmAuthProvider implements authentication against SLURM REST API

func NewSlurmAuthProvider 

func NewSlurmAuthProvider(baseURL string, timeout time.Duration) *SlurmAuthProvider

NewSlurmAuthProvider creates a new SLURM authentication provider

func (*SlurmAuthProvider) Authenticate 

func (s *SlurmAuthProvider) Authenticate(_ context.Context, username, _ string) (*Token, error)

Authenticate performs authentication against SLURM REST API

func (*SlurmAuthProvider) Logout 

func (s *SlurmAuthProvider) Logout(_ context.Context, _ *Token) error

Logout invalidates a token

func (*SlurmAuthProvider) RefreshToken 

func (s *SlurmAuthProvider) RefreshToken(_ context.Context, token *Token) (*Token, error)

RefreshToken refreshes an existing token

func (*SlurmAuthProvider) ValidateToken 

func (s *SlurmAuthProvider) ValidateToken(_ context.Context, token *Token) error

ValidateToken validates if a token is still valid

type SlurmTokenAuthenticator 

type SlurmTokenAuthenticator struct {
	// contains filtered or unexported fields
}

SlurmTokenAuthenticator implements authentication using SLURM's native token system

func (*SlurmTokenAuthenticator) Authenticate 

func (s *SlurmTokenAuthenticator) Authenticate(ctx context.Context, config AuthConfig) (*Token, error)

Authenticate generates a new SLURM token

func (*SlurmTokenAuthenticator) Cleanup 

func (s *SlurmTokenAuthenticator) Cleanup() error

Cleanup performs any necessary cleanup

func (*SlurmTokenAuthenticator) GetConfigSchema 

func (s *SlurmTokenAuthenticator) GetConfigSchema() ConfigSchema

GetConfigSchema returns the configuration schema for this authenticator

func (*SlurmTokenAuthenticator) GetInfo 

func (s *SlurmTokenAuthenticator) GetInfo() AuthenticatorInfo

GetInfo returns information about this authenticator

func (*SlurmTokenAuthenticator) Initialize 

func (s *SlurmTokenAuthenticator) Initialize(_ context.Context, config AuthConfig) error

Initialize initializes the SLURM token authenticator

func (*SlurmTokenAuthenticator) RefreshToken 

func (s *SlurmTokenAuthenticator) RefreshToken(ctx context.Context, _ *Token) (*Token, error)

RefreshToken generates a new token (SLURM tokens cannot be refreshed, only regenerated)

func (*SlurmTokenAuthenticator) RevokeToken 

func (s *SlurmTokenAuthenticator) RevokeToken(_ context.Context, _ *Token) error

RevokeToken revokes a SLURM token (not supported by SLURM, token will expire naturally)

func (*SlurmTokenAuthenticator) ValidateToken 

func (s *SlurmTokenAuthenticator) ValidateToken(_ context.Context, token *Token) error

ValidateToken validates a SLURM token by checking expiration

type StaticEndpointDiscoverer 

type StaticEndpointDiscoverer struct {
	// contains filtered or unexported fields
}

StaticEndpointDiscoverer implements static endpoint discovery from configuration

func (*StaticEndpointDiscoverer) Cleanup 

func (s *StaticEndpointDiscoverer) Cleanup() error

Cleanup performs any necessary cleanup

func (*StaticEndpointDiscoverer) DiscoverEndpoints 

func (s *StaticEndpointDiscoverer) DiscoverEndpoints(_ context.Context, clusterID string) ([]Endpoint, error)

DiscoverEndpoints returns the statically configured endpoints for a cluster

func (*StaticEndpointDiscoverer) GetInfo 

func (s *StaticEndpointDiscoverer) GetInfo() DiscovererInfo

GetInfo returns information about this discoverer

func (*StaticEndpointDiscoverer) GetLoadBalancer 

func (s *StaticEndpointDiscoverer) GetLoadBalancer() LoadBalancer

GetLoadBalancer returns the load balancer for endpoint selection

func (*StaticEndpointDiscoverer) HealthCheck 

func (s *StaticEndpointDiscoverer) HealthCheck(ctx context.Context, endpoint *Endpoint) error

HealthCheck performs a health check on an endpoint

func (*StaticEndpointDiscoverer) Initialize 

func (s *StaticEndpointDiscoverer) Initialize(_ context.Context, config DiscoveryConfig) error

Initialize initializes the static endpoint discoverer

type Token 

type Token struct {
	AccessToken  string            `json:"access_token"`
	RefreshToken string            `json:"refresh_token,omitempty"`
	TokenType    string            `json:"token_type"`
	ExpiresAt    time.Time         `json:"expires_at"`
	Scopes       []string          `json:"scopes,omitempty"`
	Metadata     map[string]string `json:"metadata,omitempty"`
	ClusterID    string            `json:"cluster_id"`
}

Token represents an authentication token

func CreateToken 

func CreateToken(username, clusterURL string, expiry time.Duration) (*Token, error)

CreateToken creates a new token with the specified expiration

func (*Token) ExpiresIn 

func (t *Token) ExpiresIn() time.Duration

ExpiresIn returns the duration until the token expires

func (*Token) IsExpired 

func (t *Token) IsExpired() bool

IsExpired checks if the token is expired

func (*Token) IsValid 

func (t *Token) IsValid() bool

IsValid checks if the token is still valid

type TokenDiscovery added in v0.3.0 

type TokenDiscovery struct {
	// contains filtered or unexported fields
}

TokenDiscovery provides automatic discovery and generation of SLURM JWT tokens

func NewTokenDiscovery added in v0.3.0 

func NewTokenDiscovery() *TokenDiscovery

NewTokenDiscovery creates a new TokenDiscovery instance with default configuration

func NewTokenDiscoveryWithConfig added in v0.3.0 

func NewTokenDiscoveryWithConfig(cfg TokenDiscoveryConfig) *TokenDiscovery

NewTokenDiscoveryWithConfig creates a new TokenDiscovery instance with custom configuration

func (*TokenDiscovery) ClearCache added in v0.3.0 

func (td *TokenDiscovery) ClearCache()

ClearCache clears the cached token

func (*TokenDiscovery) DiscoverToken added in v0.3.0 

func (td *TokenDiscovery) DiscoverToken(ctx context.Context, clusterName string) (*DiscoveredToken, error)

DiscoverToken discovers or generates a SLURM JWT token It first checks for an existing SLURM_JWT environment variable, then tries to generate a new token using scontrol token

func (*TokenDiscovery) GetTokenExpiresIn added in v0.3.0 

func (td *TokenDiscovery) GetTokenExpiresIn() time.Duration

GetTokenExpiresIn returns the duration until the cached token expires

func (*TokenDiscovery) IsEnabled added in v0.3.0 

func (td *TokenDiscovery) IsEnabled() bool

IsEnabled returns whether token discovery is enabled

func (*TokenDiscovery) IsTokenExpired added in v0.3.0 

func (td *TokenDiscovery) IsTokenExpired() bool

IsTokenExpired checks if the cached token is expired

func (*TokenDiscovery) RefreshToken added in v0.3.0 

func (td *TokenDiscovery) RefreshToken(ctx context.Context) (*DiscoveredToken, error)

RefreshToken forces generation of a new token

func (*TokenDiscovery) SetEnabled added in v0.3.0 

func (td *TokenDiscovery) SetEnabled(enabled bool)

SetEnabled enables or disables token discovery

type TokenDiscoveryConfig added in v0.3.0 

type TokenDiscoveryConfig struct {
	Enabled       bool          `mapstructure:"enabled"`
	ScontrolPath  string        `mapstructure:"scontrolPath"`
	Timeout       time.Duration `mapstructure:"timeout"`
	TokenLifespan int           `mapstructure:"tokenLifespan"` // in seconds
}

TokenDiscoveryConfig holds configuration for token discovery

func DefaultTokenDiscoveryConfig added in v0.3.0 

func DefaultTokenDiscoveryConfig() TokenDiscoveryConfig

DefaultTokenDiscoveryConfig returns the default configuration

type TokenManager 

type TokenManager struct {
	// contains filtered or unexported fields
}

TokenManager manages authentication tokens for multiple clusters

func NewTokenManager 

func NewTokenManager(cacheDir string, useKeyring bool) *TokenManager

NewTokenManager creates a new token manager

func (*TokenManager) GetToken 

func (tm *TokenManager) GetToken(clusterName string) (*Token, error)

GetToken retrieves a token for the specified cluster

func (*TokenManager) ListClusters 

func (tm *TokenManager) ListClusters() []string

ListClusters returns a list of clusters with stored tokens

func (*TokenManager) RemoveToken 

func (tm *TokenManager) RemoveToken(clusterName string) error

RemoveToken removes a token for the specified cluster

func (*TokenManager) SetToken 

func (tm *TokenManager) SetToken(clusterName string, token *Token) error

SetToken stores a token for the specified cluster

type TokenStore 

type TokenStore interface {
	// Store saves a token securely
	Store(ctx context.Context, clusterID string, token *Token) error

	// Retrieve gets a token from storage
	Retrieve(ctx context.Context, clusterID string) (*Token, error)

	// Delete removes a token from storage
	Delete(ctx context.Context, clusterID string) error

	// List returns all stored cluster IDs
	List(ctx context.Context) ([]string, error)

	// Clear removes all tokens from storage
	Clear(ctx context.Context) error
}

TokenStore defines the interface for secure token storage

func NewFileTokenStore 

func NewFileTokenStore(storePath string) TokenStore

NewFileTokenStore creates a new file-based token store

func NewKeyringTokenStore 

func NewKeyringTokenStore(serviceName string) TokenStore

NewKeyringTokenStore creates a new keyring-based token store

type WeightedRoundRobinLoadBalancer 

type WeightedRoundRobinLoadBalancer struct {
	// contains filtered or unexported fields
}

WeightedRoundRobinLoadBalancer implements weighted round-robin load balancing

func (*WeightedRoundRobinLoadBalancer) GetStrategy 

func (w *WeightedRoundRobinLoadBalancer) GetStrategy() string

GetStrategy returns the load balancing strategy name

func (*WeightedRoundRobinLoadBalancer) SelectEndpoint 

func (w *WeightedRoundRobinLoadBalancer) SelectEndpoint(endpoints []Endpoint) (*Endpoint, error)

SelectEndpoint selects an endpoint using weighted round-robin

func (*WeightedRoundRobinLoadBalancer) UpdateEndpointHealth 

func (w *WeightedRoundRobinLoadBalancer) UpdateEndpointHealth(endpoint *Endpoint, healthy bool)

UpdateEndpointHealth updates the health status of an endpoint

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.