credentials

package
v3.104.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 19, 2025 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

View Source
const (
	SubjectTokenSourceType = 1
	ActorTokenSourceType   = 2
)
View Source
const TokenRefreshDivisor = 10

Variables

This section is empty.

Functions

func AccessError added in v3.54.0

func AccessError(msg string, err error, opts ...authErrorOption) error

func GetSupportedOauth2TokenExchangeJwtAlgorithms added in v3.75.0

func GetSupportedOauth2TokenExchangeJwtAlgorithms() []string

func IsAccessError added in v3.54.0

func IsAccessError(err error) bool

func NewFixedTokenSource added in v3.65.0

func NewFixedTokenSource(token, tokenType string) *fixedTokenSource

func NewJWTTokenSource added in v3.65.0

func NewJWTTokenSource(opts ...JWTTokenSourceOption) (*jwtTokenSource, error)

func NewOauth2TokenExchangeCredentials added in v3.65.0

func NewOauth2TokenExchangeCredentials(
	opts ...Oauth2TokenExchangeCredentialsOption,
) (*oauth2TokenExchange, error)

func NewOauth2TokenExchangeCredentialsFile added in v3.75.0

func NewOauth2TokenExchangeCredentialsFile(
	configFilePath string,
	opts ...Oauth2TokenExchangeCredentialsOption,
) (*oauth2TokenExchange, error)

func WithActorToken added in v3.65.0

func WithActorToken(actorToken TokenSource) *tokenSourceOption

ActorTokenSource

func WithAddress added in v3.53.3

func WithAddress(address string) addressAuthErrorOption

func WithAudience added in v3.65.0

func WithAudience(audience string, audiences ...string) audienceOption

func WithCredentials added in v3.53.3

func WithCredentials(credentials Credentials) credentialsUnauthenticatedErrorOption

func WithDatabase added in v3.53.3

func WithDatabase(database string) databaseAuthErrorOption

func WithECPrivateKeyPEMContent added in v3.75.0

func WithECPrivateKeyPEMContent(key []byte) *ecPrivateKeyPemContentOption

func WithECPrivateKeyPEMFile added in v3.75.0

func WithECPrivateKeyPEMFile(path string) *ecPrivateKeyPemFileOption

func WithEndpoint added in v3.53.3

func WithEndpoint(endpoint string) endpointAuthErrorOption

func WithFixedActorToken added in v3.65.0

func WithFixedActorToken(token, tokenType string) *tokenSourceOption

func WithFixedSubjectToken added in v3.65.0

func WithFixedSubjectToken(token, tokenType string) *tokenSourceOption

func WithGrantType added in v3.65.0

func WithGrantType(grantType string) grantTypeOption

func WithGrpcDialOptions added in v3.53.3

func WithGrpcDialOptions(opts ...grpc.DialOption) grpcDialOptionsOption

func WithHMACSecretKey added in v3.75.0

func WithHMACSecretKey(key []byte) *hmacSecretKeyContentOption

func WithHMACSecretKeyBase64Content added in v3.75.0

func WithHMACSecretKeyBase64Content(base64KeyContent string) *hmacSecretKeyBase64ContentOption

func WithHMACSecretKeyBase64File added in v3.75.0

func WithHMACSecretKeyBase64File(path string) *hmacSecretKeyBase64FileOption

func WithHMACSecretKeyFile added in v3.75.0

func WithHMACSecretKeyFile(path string) *hmacSecretKeyFileOption

func WithID added in v3.65.0

func WithID(id string) idOption

func WithIssuer added in v3.65.0

func WithIssuer(issuer string) issuerOption

func WithJWTActorToken added in v3.65.0

func WithJWTActorToken(opts ...JWTTokenSourceOption) *tokenSourceOption

func WithJWTSubjectToken added in v3.65.0

func WithJWTSubjectToken(opts ...JWTTokenSourceOption) *tokenSourceOption

func WithKeyID added in v3.65.0

func WithKeyID(id string) keyIDOption

func WithNodeID added in v3.53.3

func WithNodeID(id uint32) authErrorOption

func WithPrivateKey added in v3.65.0

func WithPrivateKey(key interface{}) *privateKeyOption

func WithRSAPrivateKeyPEMContent added in v3.65.0

func WithRSAPrivateKeyPEMContent(key []byte) *rsaPrivateKeyPemContentOption

func WithRSAPrivateKeyPEMFile added in v3.65.0

func WithRSAPrivateKeyPEMFile(path string) *rsaPrivateKeyPemFileOption

func WithRequestTimeout added in v3.65.0

func WithRequestTimeout(timeout time.Duration) requestTimeoutOption

func WithRequestedTokenType added in v3.65.0

func WithRequestedTokenType(requestedTokenType string) requestedTokenTypeOption

func WithResource added in v3.65.0

func WithResource(resource string, resources ...string) resourceOption

func WithScope added in v3.65.0

func WithScope(scope string, scopes ...string) scopeOption

func WithSigningMethod added in v3.65.0

func WithSigningMethod(method jwt.SigningMethod) *signingMethodOption

func WithSigningMethodName added in v3.75.0

func WithSigningMethodName(method string) *signingMethodNameOption

func WithSubject added in v3.65.0

func WithSubject(subject string) subjectOption

func WithSubjectToken added in v3.65.0

func WithSubjectToken(subjectToken TokenSource) *tokenSourceOption

func WithSyncExchangeTimeout added in v3.75.0

func WithSyncExchangeTimeout(timeout time.Duration) syncExchangeTimeoutOption

func WithTokenEndpoint added in v3.65.0

func WithTokenEndpoint(endpoint string) tokenEndpointOption

func WithTokenTTL added in v3.65.0

func WithTokenTTL(ttl time.Duration) tokenTTLOption

Types

type AccessToken added in v3.48.5

type AccessToken struct {
	// contains filtered or unexported fields
}

AccessToken implements Credentials interface with static authorization parameters.

func NewAccessTokenCredentials

func NewAccessTokenCredentials(token string, opts ...AccessTokenCredentialsOption) *AccessToken

func (AccessToken) String added in v3.48.5

func (c AccessToken) String() string

Token implements Credentials.

func (AccessToken) Token added in v3.48.5

func (c AccessToken) Token(_ context.Context) (string, error)

Token implements Credentials.

type AccessTokenCredentialsOption added in v3.53.3

type AccessTokenCredentialsOption interface {
	ApplyAccessTokenCredentialsOption(c *AccessToken)
}

type Anonymous added in v3.48.5

type Anonymous struct {
	// contains filtered or unexported fields
}

Anonymous implements Credentials interface with Anonymous access

func NewAnonymousCredentials

func NewAnonymousCredentials(opts ...AnonymousCredentialsOption) *Anonymous

func (Anonymous) String added in v3.48.5

func (c Anonymous) String() string

Token implements Credentials.

func (Anonymous) Token added in v3.48.5

func (c Anonymous) Token(_ context.Context) (string, error)

Token implements Credentials.

type AnonymousCredentialsOption added in v3.53.3

type AnonymousCredentialsOption interface {
	ApplyAnonymousCredentialsOption(c *Anonymous)
}

type Credentials

type Credentials interface {
	// Token must return actual token or error
	Token(ctx context.Context) (string, error)
}

Credentials is an interface of YDB credentials required for connect with YDB

type JWTTokenSourceOption added in v3.65.0

type JWTTokenSourceOption interface {
	ApplyJWTTokenSourceOption(s *jwtTokenSource) error
}

type OAuth2Config added in v3.95.3

type OAuth2Config struct {
	GrantType          string               `json:"grant-type"`
	Resource           *StringOrArrayConfig `json:"res"`
	Audience           *StringOrArrayConfig `json:"aud"`
	Scope              *StringOrArrayConfig `json:"scope"`
	RequestedTokenType string               `json:"requested-token-type"`
	TokenEndpoint      string               `json:"token-endpoint"`

	SubjectCreds *OAuth2TokenSourceConfig `json:"subject-credentials"`
	ActorCreds   *OAuth2TokenSourceConfig `json:"actor-credentials"`
}

func (*OAuth2Config) AsOptions added in v3.95.3

type OAuth2TokenSourceConfig added in v3.95.3

type OAuth2TokenSourceConfig struct {
	Type string `json:"type"`

	// Fixed
	Token     string `json:"token"`
	TokenType string `json:"token-type"`

	// JWT
	Algorithm  string               `json:"alg"`
	PrivateKey string               `json:"private-key"`
	KeyID      string               `json:"kid"`
	Issuer     string               `json:"iss"`
	Subject    string               `json:"sub"`
	Audience   *StringOrArrayConfig `json:"aud"`
	ID         string               `json:"jti"`
	TTL        *prettyTTL           `json:"ttl"`
}

type Oauth2TokenExchangeCredentialsOption added in v3.65.0

type Oauth2TokenExchangeCredentialsOption interface {
	ApplyOauth2CredentialsOption(c *oauth2TokenExchange) error
}

type SourceInfoOption added in v3.53.3

type SourceInfoOption string

func WithSourceInfo added in v3.48.5

func WithSourceInfo(sourceInfo string) SourceInfoOption

WithSourceInfo option append to credentials object the source info for reporting source info details on error case

func (SourceInfoOption) ApplyAccessTokenCredentialsOption added in v3.53.3

func (sourceInfo SourceInfoOption) ApplyAccessTokenCredentialsOption(h *AccessToken)

func (SourceInfoOption) ApplyAnonymousCredentialsOption added in v3.53.3

func (sourceInfo SourceInfoOption) ApplyAnonymousCredentialsOption(h *Anonymous)

func (SourceInfoOption) ApplyOauth2CredentialsOption added in v3.65.0

func (sourceInfo SourceInfoOption) ApplyOauth2CredentialsOption(h *oauth2TokenExchange) error

func (SourceInfoOption) ApplyStaticCredentialsOption added in v3.53.3

func (sourceInfo SourceInfoOption) ApplyStaticCredentialsOption(h *Static)

type Static added in v3.48.5

type Static struct {
	// contains filtered or unexported fields
}

Static implements Credentials interface with static authorization parameters.

func NewStaticCredentials added in v3.34.0

func NewStaticCredentials(user, password, endpoint string, opts ...StaticCredentialsOption) *Static

func (*Static) String added in v3.48.5

func (c *Static) String() string

func (*Static) Token added in v3.48.5

func (c *Static) Token(ctx context.Context) (token string, err error)

type StaticCredentialsOption added in v3.53.3

type StaticCredentialsOption interface {
	ApplyStaticCredentialsOption(c *Static)
}

type StringOrArrayConfig added in v3.95.3

type StringOrArrayConfig struct {
	Values []string
}

func (*StringOrArrayConfig) UnmarshalJSON added in v3.95.3

func (a *StringOrArrayConfig) UnmarshalJSON(data []byte) error

type Token added in v3.65.0

type Token struct {
	Token string

	// token type according to OAuth 2.0 token exchange protocol
	// https://www.rfc-editor.org/rfc/rfc8693#TokenTypeIdentifiers
	// for example urn:ietf:params:oauth:token-type:jwt
	TokenType string
}

type TokenSource added in v3.65.0

type TokenSource interface {
	Token() (Token, error)
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL