plugin

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 25, 2026 License: Apache-2.0 Imports: 27 Imported by: 0

README

Plugin System

The scafctl plugin system allows extending the provider framework with external plugins using hashicorp/go-plugin.

Architecture

  • hashicorp/go-plugin: Manages plugin lifecycle, process isolation, and crash recovery
  • gRPC: Communication protocol between scafctl and plugins
  • Protocol Buffers: Interface definitions

Plugin Interface

Plugins must implement the ProviderPlugin interface:

type ProviderPlugin interface {
    // GetProviders returns all provider names exposed by this plugin
    GetProviders(ctx context.Context) ([]string, error)

    // GetProviderDescriptor returns metadata for a specific provider
    GetProviderDescriptor(ctx context.Context, providerName string) (*provider.Descriptor, error)

    // ExecuteProvider executes a provider with the given input
    ExecuteProvider(ctx context.Context, providerName string, input map[string]any) (*provider.Output, error)
}

Creating a Plugin

  1. Import the plugin package:
import "github.com/oakwood-commons/scafctl/pkg/plugin"

  1. Implement the ProviderPlugin interface

  2. Call plugin.Serve() in your main function:

func main() {
    plugin.Serve(&YourPlugin{})
}
  1. Build your plugin as an executable:
go build -o my-plugin main.go

Plugin Discovery

Plugins are discovered by scanning configured plugin directories for executable files. The system:

  1. Searches for executable files in plugin directories
  2. Attempts to connect to each potential plugin
  3. Registers providers from successfully loaded plugins
  4. Skips plugins that fail to load

Example Plugin

See examples/plugins/echo/ for a complete example plugin implementation.

Security

  • Plugins run in isolated processes
  • Communication over gRPC provides clear security boundaries
  • Plugins are validated using handshake configuration
  • Failed plugins don't crash the main process

Testing

Use MockProviderPlugin for testing plugin implementations without running actual plugin processes.

Documentation

Index

Constants

View Source 
const (
	// AuthHandlerPluginName is the name used to identify the auth handler plugin.
	AuthHandlerPluginName = "auth-handler"
)
View Source 
const (
	// PluginName is the name used to identify the provider plugin
	PluginName = "provider"
)

Variables

View Source 
var AuthHandlerHandshakeConfig = &HandshakeConfigData{
	ProtocolVersion:  1,
	MagicCookieKey:   "SCAFCTL_AUTH_PLUGIN",
	MagicCookieValue: "scafctl_auth_handler_plugin",
}

AuthHandlerHandshakeConfig is used to verify auth handler plugin compatibility.

View Source 
var HandshakeConfig = &HandshakeConfigData{
	ProtocolVersion:  1,
	MagicCookieKey:   "SCAFCTL_PLUGIN",
	MagicCookieValue: "scafctl_provider_plugin",
}

HandshakeConfig is used to verify provider plugin compatibility.

Functions

func CurrentPlatform added in v0.5.0 

func CurrentPlatform() string

CurrentPlatform returns the current OS/architecture in OCI platform format (e.g., "linux/amd64", "darwin/arm64").

func ParsePlatform added in v0.5.0 

func ParsePlatform(platform string) (os, arch string, err error)

ParsePlatform splits an OCI platform string into OS and architecture. Returns an error if the format is invalid.

func Paths added in v0.5.0 

func Paths(results []FetchResult) []string

Paths returns just the binary paths from a slice of FetchResult.

func PlatformCacheKey added in v0.5.0 

func PlatformCacheKey(platform string) string

PlatformCacheKey returns a filesystem-safe key for the platform (e.g., "linux-amd64" from "linux/amd64").

func RegisterAuthHandlerPlugins added in v0.5.0 

func RegisterAuthHandlerPlugins(registry *auth.Registry, pluginDirs []string) error

RegisterAuthHandlerPlugins discovers auth handler plugins and registers them with the auth registry.

func RegisterPluginProviders 

func RegisterPluginProviders(registry *provider.Registry, pluginDirs []string) error

RegisterPluginProviders discovers plugins and registers them with the provider registry

func Serve 

func Serve(impl ProviderPlugin)

Serve is a helper function for plugin implementers to serve their provider plugins. This should be called from the plugin's main() function.

func ServeAuthHandler added in v0.5.0 

func ServeAuthHandler(impl AuthHandlerPlugin)

ServeAuthHandler is a helper function for plugin implementers to serve their auth handler plugins. This should be called from the plugin's main() function.

Types

type AuthHandlerClient added in v0.5.0 

type AuthHandlerClient struct {
	// contains filtered or unexported fields
}

AuthHandlerClient wraps a plugin client for auth handler plugins.

func DiscoverAuthHandlers added in v0.5.0 

func DiscoverAuthHandlers(pluginDirs []string) ([]*AuthHandlerClient, error)

DiscoverAuthHandlers discovers auth handler plugins from the given directories.

func NewAuthHandlerClient added in v0.5.0 

func NewAuthHandlerClient(pluginPath string) (*AuthHandlerClient, error)

NewAuthHandlerClient creates a new auth handler plugin client.

func RegisterFetchedAuthHandlerPlugins added in v0.5.0 

func RegisterFetchedAuthHandlerPlugins(ctx context.Context, registry *auth.Registry, results []FetchResult) ([]*AuthHandlerClient, error)

RegisterFetchedAuthHandlerPlugins loads and registers fetched auth handler plugin binaries into the auth registry. Returns the created clients (caller should Kill() them on cleanup).

func (*AuthHandlerClient) GetAuthHandlers added in v0.5.0 

func (c *AuthHandlerClient) GetAuthHandlers(ctx context.Context) ([]AuthHandlerInfo, error)

GetAuthHandlers returns all auth handler names exposed by this plugin.

func (*AuthHandlerClient) GetStatus added in v0.5.0 

func (c *AuthHandlerClient) GetStatus(ctx context.Context, handlerName string) (*auth.Status, error)

GetStatus delegates to the plugin's GetStatus.

func (*AuthHandlerClient) GetToken added in v0.5.0 

func (c *AuthHandlerClient) GetToken(ctx context.Context, handlerName string, req TokenRequest) (*TokenResponse, error)

GetToken delegates to the plugin's GetToken.

func (*AuthHandlerClient) Kill added in v0.5.0 

func (c *AuthHandlerClient) Kill()

Kill terminates the plugin process.

func (*AuthHandlerClient) Login added in v0.5.0 

func (c *AuthHandlerClient) Login(ctx context.Context, handlerName string, req LoginRequest, cb func(DeviceCodePrompt)) (*LoginResponse, error)

Login delegates to the plugin's Login.

func (*AuthHandlerClient) Logout added in v0.5.0 

func (c *AuthHandlerClient) Logout(ctx context.Context, handlerName string) error

Logout delegates to the plugin's Logout.

func (*AuthHandlerClient) Name added in v0.5.0 

func (c *AuthHandlerClient) Name() string

Name returns the plugin name.

func (*AuthHandlerClient) Path added in v0.5.0 

func (c *AuthHandlerClient) Path() string

Path returns the plugin path.

type AuthHandlerGRPCClient added in v0.5.0 

type AuthHandlerGRPCClient struct {
	// contains filtered or unexported fields
}

AuthHandlerGRPCClient implements AuthHandlerPlugin by calling the gRPC service.

func (*AuthHandlerGRPCClient) GetAuthHandlers added in v0.5.0 

func (c *AuthHandlerGRPCClient) GetAuthHandlers(ctx context.Context) ([]AuthHandlerInfo, error)

GetAuthHandlers implements AuthHandlerPlugin.GetAuthHandlers.

func (*AuthHandlerGRPCClient) GetStatus added in v0.5.0 

func (c *AuthHandlerGRPCClient) GetStatus(ctx context.Context, handlerName string) (*auth.Status, error)

GetStatus implements AuthHandlerPlugin.GetStatus.

func (*AuthHandlerGRPCClient) GetToken added in v0.5.0 

func (c *AuthHandlerGRPCClient) GetToken(ctx context.Context, handlerName string, req TokenRequest) (*TokenResponse, error)

GetToken implements AuthHandlerPlugin.GetToken.

func (*AuthHandlerGRPCClient) ListCachedTokens added in v0.5.0 

func (c *AuthHandlerGRPCClient) ListCachedTokens(ctx context.Context, handlerName string) ([]*auth.CachedTokenInfo, error)

ListCachedTokens implements AuthHandlerPlugin.ListCachedTokens.

func (*AuthHandlerGRPCClient) Login added in v0.5.0 

func (c *AuthHandlerGRPCClient) Login(ctx context.Context, handlerName string, req LoginRequest, deviceCodeCb func(DeviceCodePrompt)) (*LoginResponse, error)

Login implements AuthHandlerPlugin.Login with streaming device code support.

func (*AuthHandlerGRPCClient) Logout added in v0.5.0 

func (c *AuthHandlerGRPCClient) Logout(ctx context.Context, handlerName string) error

Logout implements AuthHandlerPlugin.Logout.

func (*AuthHandlerGRPCClient) PurgeExpiredTokens added in v0.5.0 

func (c *AuthHandlerGRPCClient) PurgeExpiredTokens(ctx context.Context, handlerName string) (int, error)

PurgeExpiredTokens implements AuthHandlerPlugin.PurgeExpiredTokens.

type AuthHandlerGRPCPlugin added in v0.5.0 

type AuthHandlerGRPCPlugin struct {
	plugin.Plugin
	Impl AuthHandlerPlugin
}

AuthHandlerGRPCPlugin implements plugin.GRPCPlugin from hashicorp/go-plugin for auth handler plugins.

func (*AuthHandlerGRPCPlugin) GRPCClient added in v0.5.0 

func (p *AuthHandlerGRPCPlugin) GRPCClient(ctx context.Context, broker *plugin.GRPCBroker, c *grpc.ClientConn) (any, error)

GRPCClient returns the auth handler gRPC client.

func (*AuthHandlerGRPCPlugin) GRPCServer added in v0.5.0 

func (p *AuthHandlerGRPCPlugin) GRPCServer(broker *plugin.GRPCBroker, s *grpc.Server) error

GRPCServer registers the auth handler gRPC server.

type AuthHandlerGRPCServer added in v0.5.0 

type AuthHandlerGRPCServer struct {
	proto.UnimplementedAuthHandlerServiceServer
	Impl AuthHandlerPlugin
}

AuthHandlerGRPCServer implements the gRPC server for auth handler plugins.

func (*AuthHandlerGRPCServer) GetAuthHandlers added in v0.5.0 

func (s *AuthHandlerGRPCServer) GetAuthHandlers(ctx context.Context, _ *proto.GetAuthHandlersRequest) (*proto.GetAuthHandlersResponse, error)

GetAuthHandlers implements the GetAuthHandlers RPC.

func (*AuthHandlerGRPCServer) GetStatus added in v0.5.0 

func (s *AuthHandlerGRPCServer) GetStatus(ctx context.Context, req *proto.GetStatusRequest) (*proto.GetStatusResponse, error)

GetStatus implements the GetStatus RPC.

func (*AuthHandlerGRPCServer) GetToken added in v0.5.0 

func (s *AuthHandlerGRPCServer) GetToken(ctx context.Context, req *proto.GetTokenRequest) (*proto.GetTokenResponse, error)

GetToken implements the GetToken RPC.

func (*AuthHandlerGRPCServer) ListCachedTokens added in v0.5.0 

func (s *AuthHandlerGRPCServer) ListCachedTokens(ctx context.Context, req *proto.ListCachedTokensRequest) (*proto.ListCachedTokensResponse, error)

ListCachedTokens implements the ListCachedTokens RPC.

func (*AuthHandlerGRPCServer) Login added in v0.5.0 

func (s *AuthHandlerGRPCServer) Login(req *proto.LoginRequest, stream grpc.ServerStreamingServer[proto.LoginStreamMessage]) error

Login implements the Login RPC with server-side streaming.

func (*AuthHandlerGRPCServer) Logout added in v0.5.0 

func (s *AuthHandlerGRPCServer) Logout(ctx context.Context, req *proto.LogoutRequest) (*proto.LogoutResponse, error)

Logout implements the Logout RPC.

func (*AuthHandlerGRPCServer) PurgeExpiredTokens added in v0.5.0 

func (s *AuthHandlerGRPCServer) PurgeExpiredTokens(ctx context.Context, req *proto.PurgeExpiredTokensRequest) (*proto.PurgeExpiredTokensResponse, error)

PurgeExpiredTokens implements the PurgeExpiredTokens RPC.

type AuthHandlerInfo added in v0.5.0 

type AuthHandlerInfo struct {
	Name         string
	DisplayName  string
	Flows        []auth.Flow
	Capabilities []auth.Capability
}

AuthHandlerInfo holds static metadata about an auth handler exposed by a plugin.

type AuthHandlerPlugin added in v0.5.0 

type AuthHandlerPlugin interface {
	// GetAuthHandlers returns metadata for all auth handlers exposed by this plugin.
	GetAuthHandlers(ctx context.Context) ([]AuthHandlerInfo, error)

	// Login initiates authentication for the named handler.
	// The callback, if non-nil, is invoked when the plugin sends a device-code prompt.
	Login(ctx context.Context, handlerName string, req LoginRequest, deviceCodeCb func(DeviceCodePrompt)) (*LoginResponse, error)

	// Logout clears stored credentials for the named handler.
	Logout(ctx context.Context, handlerName string) error

	// GetStatus returns the current authentication status for the named handler.
	GetStatus(ctx context.Context, handlerName string) (*auth.Status, error)

	// GetToken returns a valid access token for the named handler.
	GetToken(ctx context.Context, handlerName string, req TokenRequest) (*TokenResponse, error)

	// ListCachedTokens returns all cached tokens for the named handler.
	// Returns an empty slice if the handler does not support token listing.
	ListCachedTokens(ctx context.Context, handlerName string) ([]*auth.CachedTokenInfo, error)

	// PurgeExpiredTokens removes expired tokens for the named handler.
	// Returns the number of tokens removed and an error if the handler
	// does not support token purging.
	PurgeExpiredTokens(ctx context.Context, handlerName string) (int, error)
}

AuthHandlerPlugin is the interface that auth handler plugins must implement. This wraps the auth.Handler interface for plugin communication over gRPC.

type AuthHandlerWrapper added in v0.5.0 

type AuthHandlerWrapper struct {
	// contains filtered or unexported fields
}

AuthHandlerWrapper wraps a plugin auth handler to implement the auth.Handler (and optionally auth.TokenLister / auth.TokenPurger) interfaces.

func NewAuthHandlerWrapper added in v0.5.0 

func NewAuthHandlerWrapper(client *AuthHandlerClient, info AuthHandlerInfo) *AuthHandlerWrapper

NewAuthHandlerWrapper creates a new wrapper for a plugin auth handler.

func (*AuthHandlerWrapper) Capabilities added in v0.5.0 

func (w *AuthHandlerWrapper) Capabilities() []auth.Capability

Capabilities implements auth.Handler.

func (*AuthHandlerWrapper) Client added in v0.5.0 

func (w *AuthHandlerWrapper) Client() *AuthHandlerClient

Client returns the underlying plugin client.

func (*AuthHandlerWrapper) DisplayName added in v0.5.0 

func (w *AuthHandlerWrapper) DisplayName() string

DisplayName implements auth.Handler.

func (*AuthHandlerWrapper) GetToken added in v0.5.0 

func (w *AuthHandlerWrapper) GetToken(ctx context.Context, opts auth.TokenOptions) (*auth.Token, error)

GetToken implements auth.Handler.

func (*AuthHandlerWrapper) InjectAuth added in v0.5.0 

func (w *AuthHandlerWrapper) InjectAuth(ctx context.Context, req *http.Request, opts auth.TokenOptions) error

InjectAuth implements auth.Handler. Since http.Request cannot be serialized over gRPC, this method decomposes into GetToken (over gRPC) + local header injection.

func (*AuthHandlerWrapper) ListCachedTokens added in v0.5.0 

func (w *AuthHandlerWrapper) ListCachedTokens(ctx context.Context) ([]*auth.CachedTokenInfo, error)

ListCachedTokens implements auth.TokenLister.

func (*AuthHandlerWrapper) Login added in v0.5.0 

func (w *AuthHandlerWrapper) Login(ctx context.Context, opts auth.LoginOptions) (*auth.Result, error)

Login implements auth.Handler.

func (*AuthHandlerWrapper) Logout added in v0.5.0 

func (w *AuthHandlerWrapper) Logout(ctx context.Context) error

Logout implements auth.Handler.

func (*AuthHandlerWrapper) Name added in v0.5.0 

func (w *AuthHandlerWrapper) Name() string

Name implements auth.Handler.

func (*AuthHandlerWrapper) PurgeExpiredTokens added in v0.5.0 

func (w *AuthHandlerWrapper) PurgeExpiredTokens(ctx context.Context) (int, error)

PurgeExpiredTokens implements auth.TokenPurger.

func (*AuthHandlerWrapper) Status added in v0.5.0 

func (w *AuthHandlerWrapper) Status(ctx context.Context) (*auth.Status, error)

Status implements auth.Handler.

func (*AuthHandlerWrapper) SupportedFlows added in v0.5.0 

func (w *AuthHandlerWrapper) SupportedFlows() []auth.Flow

SupportedFlows implements auth.Handler.

type Cache added in v0.5.0 

type Cache struct {
	// contains filtered or unexported fields
}

PluginCache manages a local content-addressed cache of plugin binaries.

Cache layout: 

<cacheDir>/<name>/<version>/<os>-<arch>/<name>

Example: 

~/.cache/scafctl/plugins/aws-provider/1.5.3/darwin-arm64/aws-provider

func NewCache added in v0.5.0 

func NewCache(cacheDir string) *Cache

NewCache creates a new Cache. If cacheDir is empty, the default XDG cache directory (paths.PluginCacheDir()) is used.

func (*Cache) Digest added in v0.5.0 

func (c *Cache) Digest(name, version, platform string) (string, error)

Digest computes the sha256 digest of a cached plugin binary. Returns the digest in "sha256:<hex>" format.

func (*Cache) Dir added in v0.5.0 

func (c *Cache) Dir() string

Dir returns the root cache directory.

func (*Cache) Get added in v0.5.0 

func (c *Cache) Get(name, version, platform, expectedDigest string) (string, bool)

Get retrieves the path to a cached plugin binary. Returns the path and true if the binary exists and (optionally) matches the expected digest. If expectedDigest is empty, no digest verification is performed.

func (*Cache) List added in v0.5.0 

func (c *Cache) List() ([]CachedPlugin, error)

List returns all cached (name, version, platform) triples.

func (*Cache) Put added in v0.5.0 

func (c *Cache) Put(name, version, platform string, data []byte) (string, error)

Put writes a plugin binary to the cache. It creates the directory structure, writes the data, sets executable permissions, and returns the path to the cached binary.

func (*Cache) Remove added in v0.5.0 

func (c *Cache) Remove(name, version, platform string) error

Remove deletes a cached plugin binary.

type CachedPlugin added in v0.5.0 

type CachedPlugin struct {
	Name     string `json:"name" yaml:"name" doc:"Plugin name"`
	Version  string `json:"version" yaml:"version" doc:"Plugin version"`
	Platform string `json:"platform" yaml:"platform" doc:"Target platform (os/arch)"`
	Path     string `json:"path" yaml:"path" doc:"Absolute path to cached binary"`
	Size     int64  `json:"size" yaml:"size" doc:"Binary size in bytes"`
}

CachedPlugin describes a cached plugin binary.

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client wraps a plugin client and manages its lifecycle

func Discover 

func Discover(pluginDirs []string) ([]*Client, error)

Discover discovers plugins from the given directories

func NewClient 

func NewClient(pluginPath string) (*Client, error)

NewClient creates a new plugin client

func RegisterFetchedPlugins added in v0.5.0 

func RegisterFetchedPlugins(ctx context.Context, registry *provider.Registry, results []FetchResult) ([]*Client, error)

RegisterFetchedPlugins loads and registers fetched plugin binaries into the provider registry. Unlike RegisterPluginProviders (which discovers plugins from directories), this loads specific binaries by path. Returns the created clients (caller should Kill() them on cleanup).

func (*Client) ExecuteProvider 

func (c *Client) ExecuteProvider(ctx context.Context, providerName string, input map[string]any) (*provider.Output, error)

ExecuteProvider executes a provider with the given input

func (*Client) GetProviderDescriptor 

func (c *Client) GetProviderDescriptor(ctx context.Context, providerName string) (*provider.Descriptor, error)

GetProviderDescriptor returns metadata for a specific provider

func (*Client) GetProviders 

func (c *Client) GetProviders(ctx context.Context) ([]string, error)

GetProviders returns all provider names exposed by this plugin

func (*Client) Kill 

func (c *Client) Kill()

Kill terminates the plugin process

func (*Client) Name 

func (c *Client) Name() string

Name returns the plugin name

func (*Client) Path 

func (c *Client) Path() string

Path returns the plugin path

type DeviceCodePrompt added in v0.5.0 

type DeviceCodePrompt struct {
	UserCode        string
	VerificationURI string
	Message         string
}

DeviceCodePrompt is sent over streaming Login to relay device-code info to the host.

type FetchResult added in v0.5.0 

type FetchResult struct {
	// Name is the plugin name.
	Name string

	// Kind is the plugin kind.
	Kind solution.PluginKind

	// Version is the resolved version.
	Version string

	// Path is the local filesystem path to the binary.
	Path string

	// Digest is the content digest.
	Digest string

	// FromCache indicates whether the binary was served from cache.
	FromCache bool

	// Catalog is the catalog name the plugin was fetched from (empty if cached).
	Catalog string
}

FetchResult contains the result of fetching a single plugin.

type Fetcher added in v0.5.0 

type Fetcher struct {
	// contains filtered or unexported fields
}

Fetcher resolves, downloads, caches, and loads plugin binaries at runtime. It checks a local cache first, then falls back to fetching from catalogs.

func NewFetcher added in v0.5.0 

func NewFetcher(cfg FetcherConfig) *Fetcher

NewFetcher creates a new Fetcher.

func (*Fetcher) FetchPlugins added in v0.5.0 

func (f *Fetcher) FetchPlugins(ctx context.Context, plugins []solution.PluginDependency, lockPlugins []bundler.LockPlugin) ([]FetchResult, error)

FetchPlugins resolves and downloads plugin binaries for all declared dependencies. It checks the local cache first, uses lock file entries for pinned versions when available, and falls back to catalog resolution.

When a plugin is resolved without a lock file entry, a warning is logged about potential reproducibility issues.

Returns a list of FetchResult with local binary paths, suitable for passing to RegisterPluginProviders.

type FetcherConfig added in v0.5.0 

type FetcherConfig struct {
	// Catalog is the catalog (or chain) to fetch plugins from.
	Catalog catalog.Catalog

	// Cache is the local plugin binary cache. If nil, a default cache is created.
	Cache *Cache

	// Platform overrides the target platform. If empty, CurrentPlatform() is used.
	Platform string

	// Logger for logging operations.
	Logger logr.Logger
}

FetcherConfig configures a Fetcher.

type GRPCClient 

type GRPCClient struct {
	// contains filtered or unexported fields
}

GRPCClient implements the gRPC client for the plugin

func (*GRPCClient) ExecuteProvider 

func (c *GRPCClient) ExecuteProvider(ctx context.Context, providerName string, input map[string]any) (*provider.Output, error)

ExecuteProvider implements ProviderPlugin.ExecuteProvider

func (*GRPCClient) GetProviderDescriptor 

func (c *GRPCClient) GetProviderDescriptor(ctx context.Context, providerName string) (*provider.Descriptor, error)

GetProviderDescriptor implements ProviderPlugin.GetProviderDescriptor

func (*GRPCClient) GetProviders 

func (c *GRPCClient) GetProviders(ctx context.Context) ([]string, error)

GetProviders implements ProviderPlugin.GetProviders

type GRPCPlugin 

type GRPCPlugin struct {
	plugin.Plugin
	Impl ProviderPlugin
}

GRPCPlugin implements plugin.GRPCPlugin from hashicorp/go-plugin

func (*GRPCPlugin) GRPCClient 

func (p *GRPCPlugin) GRPCClient(ctx context.Context, broker *plugin.GRPCBroker, c *grpc.ClientConn) (any, error)

GRPCClient returns the gRPC client

func (*GRPCPlugin) GRPCServer 

func (p *GRPCPlugin) GRPCServer(broker *plugin.GRPCBroker, s *grpc.Server) error

GRPCServer registers the gRPC server

type GRPCServer 

type GRPCServer struct {
	proto.UnimplementedPluginServiceServer
	Impl ProviderPlugin
}

GRPCServer implements the gRPC server for the plugin

func (*GRPCServer) ExecuteProvider 

func (s *GRPCServer) ExecuteProvider(ctx context.Context, req *proto.ExecuteProviderRequest) (*proto.ExecuteProviderResponse, error)

ExecuteProvider implements the ExecuteProvider RPC

func (*GRPCServer) GetProviderDescriptor 

func (s *GRPCServer) GetProviderDescriptor(ctx context.Context, req *proto.GetProviderDescriptorRequest) (*proto.GetProviderDescriptorResponse, error)

GetProviderDescriptor implements the GetProviderDescriptor RPC

func (*GRPCServer) GetProviders 

func (s *GRPCServer) GetProviders(ctx context.Context, _ *proto.GetProvidersRequest) (*proto.GetProvidersResponse, error)

GetProviders implements the GetProviders RPC

type HandshakeConfigData 

type HandshakeConfigData struct {
	ProtocolVersion  uint
	MagicCookieKey   string
	MagicCookieValue string
}

HandshakeConfigData contains the handshake configuration

type LoginRequest added in v0.5.0 

type LoginRequest struct {
	TenantID string
	Scopes   []string
	Flow     auth.Flow
	Timeout  time.Duration
}

LoginRequest contains parameters for a plugin Login call.

type LoginResponse added in v0.5.0 

type LoginResponse struct {
	Claims    *auth.Claims
	ExpiresAt time.Time
}

LoginResponse contains the result of a plugin Login call.

type LoginStreamMessage added in v0.5.0 

type LoginStreamMessage struct {
	DeviceCodePrompt *DeviceCodePrompt
	Result           *LoginResponse
	Error            string
}

LoginStreamMessage represents a message in the Login server-stream. Exactly one field is non-nil.

type ProviderPlugin 

type ProviderPlugin interface {
	// GetProviders returns all provider names exposed by this plugin
	GetProviders(ctx context.Context) ([]string, error)

	// GetProviderDescriptor returns metadata for a specific provider
	GetProviderDescriptor(ctx context.Context, providerName string) (*provider.Descriptor, error)

	// ExecuteProvider executes a provider with the given input
	ExecuteProvider(ctx context.Context, providerName string, input map[string]any) (*provider.Output, error)
}

ProviderPlugin is the interface that plugins must implement This wraps the provider.Provider interface for plugin communication

type ProviderWrapper 

type ProviderWrapper struct {
	// contains filtered or unexported fields
}

ProviderWrapper wraps a plugin provider to implement the provider.Provider interface

func NewProviderWrapper 

func NewProviderWrapper(client *Client, providerName string) (*ProviderWrapper, error)

NewProviderWrapper creates a new provider wrapper for a plugin provider

func (*ProviderWrapper) Client 

func (w *ProviderWrapper) Client() *Client

Client returns the underlying plugin client

func (*ProviderWrapper) Descriptor 

func (w *ProviderWrapper) Descriptor() *provider.Descriptor

Descriptor returns the provider descriptor

func (*ProviderWrapper) Execute 

func (w *ProviderWrapper) Execute(ctx context.Context, input any) (*provider.Output, error)

Execute executes the provider

type TokenRequest added in v0.5.0 

type TokenRequest struct {
	Scope        string
	MinValidFor  time.Duration
	ForceRefresh bool
}

TokenRequest contains parameters for a plugin GetToken call.

type TokenResponse added in v0.5.0 

type TokenResponse struct {
	AccessToken string //nolint:gosec // G117: not a hardcoded credential, stores runtime token data
	TokenType   string
	ExpiresAt   time.Time
	Scope       string
	CachedAt    time.Time
	Flow        auth.Flow
	SessionID   string
}

TokenResponse contains the result of a plugin GetToken call.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.