uaa_go_client

package module

v0.0.0-...-425e185 Latest Latest Go to latest Published: Oct 19, 2021 License: Apache-2.0 Imports: 18 Imported by: 45

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cloudfoundry-incubator/uaa-go-client

Links

Open Source Insights

README ¶

NOTICE

This library is no longer maintained.

Consider using the cloudfoundry-community/go-uaa client library instead.

uaa-go-client

A go library for Cloud Foundry UAA that provides the following:

fetch access tokens (including ability to cache tokens)
decode tokens
get token signing key

Setup

As dependecies for uaa-go-client are not vendored, you should clone the routing-release repo to get compatible versions of its dependencies.

git clone https://github.com/cloudfoundry-incubator/routing-release
cd routing-release
./scripts/update
cd src/code.cloudfoundry.org/uaa-go-client

If you are using this client as a dependency in your own go project, import it from code.cloudfoundry.org/uaa-go-client, then determine compatible versions of this projects dependencies by cloning routing-release.

Example

This example client connects to UAA using https and skips cert verification.

cfg := &config.Config{
  ClientName:       "client-name",
	ClientSecret:     "client-secret",
	UaaEndpoint:      "https://uaa.service.cf.internal:8443",
	SkipVerification: true,
}

uaaClient, err = client.NewClient(logger, cfg, clock)
if err != nil {
  log.Fatal(err)
  os.Exit(1)
}

fmt.Printf("Connecting to: %s ...\n", cfg.UaaEndpoint)

token, err = uaaClient.FetchToken(true)
if err != nil {
  log.Fatal(err)
  os.Exit(1)
}

fmt.Printf("Token: %#v\n", token)

Example command line clients

The following example clients can be used to fetch a token or verification key from UAA in a local BOSH Lite deployment.

Prerequisites for testing these example clients with BOSH Lite

Add IP of UAA your /etc/hosts (can be found using bosh vms)
```
  10.244.0.134 uaa.service.cf.internal
```

In your deployment manifest for cf-release configure UAA to listen on TLS by specifying the port, certificate, and key with the following properties:

  properties:
    uaa:
      ssl:
        port: 8443
      sslCertificate: |
        -----BEGIN CERTIFICATE-----
        { ... }
        -----END CERTIFICATE-----
      sslPrivateKey: |
        -----BEGIN RSA PRIVATE KEY-----
        { ... }
        -----END RSA PRIVATE KEY-----

Assuming the cert you've configured for UAA is self-signed, provide true for the skip-verification option

Fetch token

This client connects to UAA using https and fetches a token.

Usage: <client-name> <client-secret> <uaa-url> <skip-verification>

Example

$ go run examples/fetch_token.go gorouter gorouter-secret https://uaa.service.cf.internal:8443 true

Connecting to: https://uaa.service.cf.internal:8443 ...
Response:
	token: eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJlOGQ3NWJiNi1kMGMxLTRmMjEtYWMyMy05ZGRiNmY2MWI3ZjkiLCJzdWIiOiJnb3JvdXRlciIsImF1dGhvcml0aWVzIjpbInJvdXRpbmcucm91dGVzLnJlYWQiXSwic2NvcGUiOlsicm91dGluZy5yb3V0ZXMucmVhZCJdLCJjbGllbnRfaWQiOiJnb3JvdXRlciIsImNpZCI6Imdvcm91dGVyIiwiYXpwIjoiZ29yb3V0ZXIiLCJncmFudF90eXBlIjoiY2xpZW50X2NyZWRlbnRpYWxzIiwicmV2X3NpZyI6IjdmNTE1MmQyIiwiaWF0IjoxNDU0NzA5NTUxLCJleHAiOjE0NTQ3NTI3NTEsImlzcyI6Imh0dHBzOi8vdWFhLmJvc2gtbGl0ZS5jb20vb2F1dGgvdG9rZW4iLCJ6aWQiOiJ1YWEiLCJhdWQiOlsiZ29yb3V0ZXIiLCJyb3V0aW5nLnJvdXRlcyJdfQ.QSdLbdhDFWQXSJ3lPbTVUCj6zEH1DUPU3V-x8lX48qOPg99snalEEIBX5y5Ki6mZLWJ9p6UUIH1xANz4mGATcBIO282wcRBK0Pbc-r1OkjFNJTvwdV75kP9ovbGXGNbQZMksEvEtgOQ_icz7XsJrkTxtV29uPYDpKHbxtvqpPeU
	expires: 43199

Fetch key

This client connects to UAA using https and fetches the UAA verification key. An Oauth client is not required as the target API endpoint on UAA does not require authentication.

Usage: <uaa-url> <skip-verification>

Example

$ go run examples/fetch_key.go https://uaa.service.cf.internal:8443 true

Connecting to: https://uaa.service.cf.internal:8443 ...
Response:
	token: eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJlOGQ3NWJiNi1kMGMxLTRmMjEtYWMyMy05ZGRiNmY2MWI3ZjkiLCJzdWIiOiJnb3JvdXRlciIsImF1dGhvcml0aWVzIjpbInJvdXRpbmcucm91dGVzLnJlYWQiXSwic2NvcGUiOlsicm91dGluZy5yb3V0ZXMucmVhZCJdLCJjbGllbnRfaWQiOiJnb3JvdXRlciIsImNpZCI6Imdvcm91dGVyIiwiYXpwIjoiZ29yb3V0ZXIiLCJncmFudF90eXBlIjoiY2xpZW50X2NyZWRlbnRpYWxzIiwicmV2X3NpZyI6IjdmNTE1MmQyIiwiaWF0IjoxNDU0NzA5NTUxLCJleHAiOjE0NTQ3NTI3NTEsImlzcyI6Imh0dHBzOi8vdWFhLmJvc2gtbGl0ZS5jb20vb2F1dGgvdG9rZW4iLCJ6aWQiOiJ1YWEiLCJhdWQiOlsiZ29yb3V0ZXIiLCJyb3V0aW5nLnJvdXRlcyJdfQ.QSdLbdhDFWQXSJ3lPbTVUCj6zEH1DUPU3V-x8lX48qOPg99snalEEIBX5y5Ki6mZLWJ9p6UUIH1xANz4mGATcBIO282wcRBK0Pbc-r1OkjFNJTvwdV75kP9ovbGXGNbQZMksEvEtgOQ_icz7XsJrkTxtV29uPYDpKHbxtvqpPeU
	expires: 43199

Documentation ¶

Index ¶

Variables
type Client
- func NewClient(logger lager.Logger, cfg *config.Config, clock clock) (Client, error)
- func NewNoOpUaaClient() Client
type NoOpUaaClient
type OpenIDConfig
type UaaClient

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrClientAlreadyExists = errors.New("Client already exists")

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client interface {
	FetchToken(forceUpdate bool) (*schema.Token, error)
	FetchKey() (string, error)
	DecodeToken(uaaToken string, desiredPermissions ...string) error
	RegisterOauthClient(*schema.OauthClient) (*schema.OauthClient, error)
	FetchIssuer() (string, error)
}

func NewClient ¶

func NewClient(logger lager.Logger, cfg *config.Config, clock clock) (Client, error)

func NewNoOpUaaClient ¶

func NewNoOpUaaClient() Client

type NoOpUaaClient ¶

type NoOpUaaClient struct {
}

func (*NoOpUaaClient) DecodeToken ¶

func (c *NoOpUaaClient) DecodeToken(uaaToken string, desiredPermissions ...string) error

func (*NoOpUaaClient) FetchIssuer ¶

func (c *NoOpUaaClient) FetchIssuer() (string, error)

func (*NoOpUaaClient) FetchKey ¶

func (c *NoOpUaaClient) FetchKey() (string, error)

func (*NoOpUaaClient) FetchToken ¶

func (c *NoOpUaaClient) FetchToken(useCachedToken bool) (*schema.Token, error)

func (*NoOpUaaClient) RegisterOauthClient ¶

func (c *NoOpUaaClient) RegisterOauthClient(oauthClient *schema.OauthClient) (*schema.OauthClient, error)

type OpenIDConfig ¶

type OpenIDConfig struct {
	Issuer string `json:"issuer"`
}

type UaaClient ¶

type UaaClient struct {
	// contains filtered or unexported fields
}

func (*UaaClient) DecodeToken ¶

func (u *UaaClient) DecodeToken(uaaToken string, desiredPermissions ...string) error

func (*UaaClient) FetchIssuer ¶

func (u *UaaClient) FetchIssuer() (string, error)

func (*UaaClient) FetchKey ¶

func (u *UaaClient) FetchKey() (string, error)

func (*UaaClient) FetchToken ¶

func (u *UaaClient) FetchToken(forceUpdate bool) (*schema.Token, error)

func (*UaaClient) RegisterOauthClient ¶

func (u *UaaClient) RegisterOauthClient(oauthClient *schema.OauthClient) (*schema.OauthClient, error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
config
examples
fetch_key
fetch_token
register_client
fakes Code generated by counterfeiter.	Code generated by counterfeiter.
schema

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL