Documentation
¶
Index ¶
- Constants
- func DefaultClient() *http.Client
- func DoRequest(client *http.Client, req *http.Request) (*http.Response, []byte, error)
- func FormatIAMServiceAccountResource(name string) string
- func GetProjectID(b []byte, override string) string
- func GetQuotaProject(b []byte, override string) string
- func ParseKey(key []byte) (crypto.Signer, error)
- func ReadAll(r io.Reader) ([]byte, error)
- type ComputeUniverseDomainProvider
- type StaticProperty
- type TrustBoundaryData
Constants ¶
const ( // TokenTypeBearer is the auth header prefix for bearer tokens. TokenTypeBearer = "Bearer" // QuotaProjectEnvVar is the environment variable for setting the quota // project. QuotaProjectEnvVar = "GOOGLE_CLOUD_QUOTA_PROJECT" // UniverseDomainEnvVar is the environment variable for setting the default // service domain for a given Cloud universe. UniverseDomainEnvVar = "GOOGLE_CLOUD_UNIVERSE_DOMAIN" // DefaultUniverseDomain is the default value for universe domain. // Universe domain is the default service domain for a given Cloud universe. DefaultUniverseDomain = "googleapis.com" // TrustBoundaryNoOp is a constant indicating no trust boundary is enforced. TrustBoundaryNoOp = "0x0" // TrustBoundaryDataKey is the key used to store trust boundary data in a token's metadata. TrustBoundaryDataKey = "google.auth.trust_boundary_data" )
const Version = "0.17.0"
Version is the current tagged release of the library.
Variables ¶
This section is empty.
Functions ¶
func DefaultClient ¶ added in v0.8.1
DefaultClient returns an http.Client with some defaults set. If the current http.DefaultTransport is a [clonableTransport], as is the case for an *http.Transport, the clone will be used. Otherwise the http.DefaultTransport is used directly.
func DoRequest ¶ added in v0.7.0
DoRequest executes the provided req with the client. It reads the response body, closes it, and returns it.
func FormatIAMServiceAccountResource ¶ added in v0.14.0
FormatIAMServiceAccountResource sets a service account name in an IAM resource name.
func GetProjectID ¶
GetProjectID retrieves project with precedence being: override, environment variable, creds json file.
func GetQuotaProject ¶
GetQuotaProject retrieves quota project with precedence being: override, environment variable, creds json file.
Types ¶
type ComputeUniverseDomainProvider ¶ added in v0.2.0
type ComputeUniverseDomainProvider struct {
MetadataClient *metadata.Client
// contains filtered or unexported fields
}
ComputeUniverseDomainProvider fetches the credentials universe domain from the google cloud metadata service.
func (*ComputeUniverseDomainProvider) GetProperty ¶ added in v0.2.0
func (c *ComputeUniverseDomainProvider) GetProperty(ctx context.Context) (string, error)
GetProperty fetches the credentials universe domain from the google cloud metadata service.
type StaticProperty ¶ added in v0.2.0
type StaticProperty string
StaticProperty always returns that value of the underlying string.
func StaticCredentialsProperty ¶ added in v0.2.0
func StaticCredentialsProperty(s string) StaticProperty
StaticCredentialsProperty is a helper for creating static credentials properties.
func (StaticProperty) GetProperty ¶ added in v0.2.0
func (p StaticProperty) GetProperty(context.Context) (string, error)
GetProperty loads the properly value provided the given context.
type TrustBoundaryData ¶ added in v0.17.0
type TrustBoundaryData struct {
// Locations is the list of locations that the token is allowed to be used in.
Locations []string
// EncodedLocations represents the locations in an encoded format.
EncodedLocations string
}
TrustBoundaryData represents the trust boundary data associated with a token. It contains information about the regions or environments where the token is valid.
func NewNoOpTrustBoundaryData ¶ added in v0.17.0
func NewNoOpTrustBoundaryData() *TrustBoundaryData
NewNoOpTrustBoundaryData returns a new TrustBoundaryData with no restrictions.
func NewTrustBoundaryData ¶ added in v0.17.0
func NewTrustBoundaryData(locations []string, encodedLocations string) *TrustBoundaryData
NewTrustBoundaryData returns a new TrustBoundaryData with the specified locations and encoded locations.
func (TrustBoundaryData) TrustBoundaryHeader ¶ added in v0.17.0
func (t TrustBoundaryData) TrustBoundaryHeader() (value string, present bool)
TrustBoundaryHeader returns the value for the x-allowed-locations header and a bool indicating if the header should be set. The return values are structured to handle three distinct states required by the backend: 1. Header not set: (value="", present=false) -> data is empty. 2. Header set to an empty string: (value="", present=true) -> data is a no-op. 3. Header set to a value: (value="...", present=true) -> data has locations.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package credsfile is meant to hide implementation details from the pubic surface of the detect package.
|
Package credsfile is meant to hide implementation details from the pubic surface of the detect package. |
|
testdns
Package testdns is a light DNS client used for testings to avoid pulling in dependencies.
|
Package testdns is a light DNS client used for testings to avoid pulling in dependencies. |
|
testgcs
Package testgcs is a light GCS client used for testings to avoid pulling in dependencies.
|
Package testgcs is a light GCS client used for testings to avoid pulling in dependencies. |
|
Package transport provided internal helpers for the two transport packages (grpctransport and httptransport).
|
Package transport provided internal helpers for the two transport packages (grpctransport and httptransport). |
|
cert/cmd
command
test_signer.go is a net/rpc server that listens on stdin/stdout, exposing mock methods for testing enterprise certificate proxy flow.
|
test_signer.go is a net/rpc server that listens on stdin/stdout, exposing mock methods for testing enterprise certificate proxy flow. |