credscache

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 19, 2023 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

Package credscache provides credentials caching utilities for the AWS SDK for Go v2.

Inject the file cache provider

By default, the file cache provider outputs cache files to the current directory. 

cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) {
	options.TokenProvider = stscreds.StdinTokenProvider
}))
if err != nil {
	log.Fatal(err)
}

injected, err := credscache.InjectFileCacheProvider(&cfg)
if err != nil {
	log.Fatal(err)
}

if !injected {
	log.Print("unable to inject file cache provider")
}

You can share cache with the AWS CLI by specifying `$HOME/.aws/cli/cache` (experimental feature). 

cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) {
	options.TokenProvider = stscreds.StdinTokenProvider
}))
if err != nil {
	log.Fatal(err)
}

injected, err := credscache.InjectFileCacheProvider(&cfg, func(o *credscache.FileCacheOptions) {
	home, _ := os.UserHomeDir()
	o.FileCacheDir = filepath.Join(home, ".aws/cli/cache")
})
if err != nil {
	log.Fatal(err)
}

if !injected {
	log.Print("unable to inject file cache provider")
}

Index

Examples

Constants

View Source 
const (
	FileCacheProviderName = "FileCacheProvider"
)

Variables

View Source 
var (
	ErrNilPointer = credscache.ErrNilPointer
)

Functions

func AssumeRoleCacheKey 

func AssumeRoleCacheKey(provider *stscreds.AssumeRoleProvider) (string, error)
Example 
package main

import (
	"fmt"
	"log"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
	"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
	"github.com/aws/aws-sdk-go-v2/service/sts"
)

func main() {
	key, err := credscache.AssumeRoleCacheKey(stscreds.NewAssumeRoleProvider(&sts.Client{}, "role_arn"))
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(key)
}

Output:
de1969e7a880d858c9bef3ba110acf78869d4527
Example (WithRoleSessionNameAndMFASerial) 
package main

import (
	"fmt"
	"log"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
	"github.com/aws/aws-sdk-go-v2/service/sts"
)

func main() {
	key, err := credscache.AssumeRoleCacheKey(stscreds.NewAssumeRoleProvider(&sts.Client{}, "role_arn", func(o *stscreds.AssumeRoleOptions) {
		o.RoleSessionName = "role_session_name"
		o.SerialNumber = aws.String("mfa_serial")
	}))
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(key)
}

Output:
cda918cacd9e1d1c71d510d187e90c5817e04b97

func InjectFileCacheProvider 

func InjectFileCacheProvider(cfg *aws.Config, optFns ...func(o *FileCacheOptions)) (bool, error)
Example 
package main

import (
	"context"
	"log"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
	"github.com/aws/aws-sdk-go-v2/config"
	"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
)

func main() {
	cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) {
		options.TokenProvider = stscreds.StdinTokenProvider
	}))
	if err != nil {
		log.Fatal(err)
	}

	injected, err := credscache.InjectFileCacheProvider(&cfg)
	if err != nil {
		log.Fatal(err)
	}

	if !injected {
		log.Print("unable to inject file cache provider")
	}
}
Example (SpecifiedFileCacheDir) 
package main

import (
	"context"
	"log"
	"os"
	"path/filepath"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
	"github.com/aws/aws-sdk-go-v2/config"
	"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
)

func main() {
	cfg, err := config.LoadDefaultConfig(context.Background(), config.WithAssumeRoleCredentialOptions(func(options *stscreds.AssumeRoleOptions) {
		options.TokenProvider = stscreds.StdinTokenProvider
	}))
	if err != nil {
		log.Fatal(err)
	}

	injected, err := credscache.InjectFileCacheProvider(&cfg, func(o *credscache.FileCacheOptions) {
		home, _ := os.UserHomeDir()
		o.FileCacheDir = filepath.Join(home, ".aws/cli/cache")
	})
	if err != nil {
		log.Fatal(err)
	}

	if !injected {
		log.Print("unable to inject file cache provider")
	}
}

func LoadCredentials 

func LoadCredentials(path string) (*aws.Credentials, error)
Example 
package main

import (
	"fmt"
	"log"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
)

func main() {
	path := "/home/gopher/.aws/cli/cache/de1969e7a880d858c9bef3ba110acf78869d4527.json"
	creds, err := credscache.LoadCredentials(path)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println(creds)
	// &aws.Credentials{
	// 	AccessKeyID:     "AccessKeyID",
	// 	SecretAccessKey: "SecretAccessKey",
	// 	SessionToken:    "SessionToken",
	// 	Source:          "",
	// 	CanExpire:       true,
	// 	Expires:         time.Date(2006, 1, 2, 15, 4, 5, 0, time.UTC),
	// }
}

func StoreCredentials 

func StoreCredentials(path string, creds *aws.Credentials) error
Example 
package main

import (
	"log"
	"time"

	credscache "github.com/Aton-Kish/aws-credscache-go/sdkv2"
	"github.com/aws/aws-sdk-go-v2/aws"
)

func main() {
	path := "/home/gopher/.aws/cli/cache/de1969e7a880d858c9bef3ba110acf78869d4527.json"
	creds := &aws.Credentials{
		AccessKeyID:     "AccessKeyID",
		SecretAccessKey: "SecretAccessKey",
		SessionToken:    "SessionToken",
		Source:          "TestProvider",
		CanExpire:       true,
		Expires:         time.Date(2006, 1, 2, 15, 4, 5, 0, time.UTC),
	}
	if err := credscache.StoreCredentials(path, creds); err != nil {
		log.Fatal(err)
	}
}

Types

type AssumeRoleProviderUnsafeAccessor 

type AssumeRoleProviderUnsafeAccessor struct {
	// contains filtered or unexported fields
}

func NewAssumeRoleProviderUnsafeAccessor 

func NewAssumeRoleProviderUnsafeAccessor(ptr *stscreds.AssumeRoleProvider) (*AssumeRoleProviderUnsafeAccessor, error)

func (*AssumeRoleProviderUnsafeAccessor) Options 

func (a *AssumeRoleProviderUnsafeAccessor) Options() stscreds.AssumeRoleOptions

type CredentialsCacheUnsafeAccessor 

type CredentialsCacheUnsafeAccessor struct {
	// contains filtered or unexported fields
}

func NewCredentialsCacheUnsafeAccessor 

func NewCredentialsCacheUnsafeAccessor(ptr *aws.CredentialsCache) (*CredentialsCacheUnsafeAccessor, error)

func (*CredentialsCacheUnsafeAccessor) Provider 

func (a *CredentialsCacheUnsafeAccessor) Provider() aws.CredentialsProvider

func (*CredentialsCacheUnsafeAccessor) SetProvider 

func (a *CredentialsCacheUnsafeAccessor) SetProvider(provider aws.CredentialsProvider)

type FileCacheOptions 

type FileCacheOptions struct {
	FileCacheDir string
	ExpiryWindow time.Duration
}

type FileCacheProvider 

type FileCacheProvider struct {
	// contains filtered or unexported fields
}

func NewFileCacheProvider 

func NewFileCacheProvider(provider aws.CredentialsProvider, cacheKey string, optFns ...func(o *FileCacheOptions)) *FileCacheProvider

func (*FileCacheProvider) Retrieve 

func (p *FileCacheProvider) Retrieve(ctx context.Context) (aws.Credentials, error)

type FileCacheProviderError 

type FileCacheProviderError = credscache.FileCacheProviderError

type InjectionError 

type InjectionError = credscache.InjectionError

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.