Documentation
¶
Overview ¶
sessioncache caches sessions (sts.Credentials)
sessioncache splits Stores (the way cache items are stored) from Keys (the way cache items are looked up/replaced)
Index ¶
Constants ¶
const KeyringItemKey = "session-cache"
TODO: make this configurable
const KeyringItemLabel = "aws-okta session cache"
Variables ¶
var ErrSessionExpired = errors.New("session expired")
Functions ¶
This section is empty.
Types ¶
type KeyWithProfileARN ¶
type KeyWithProfileARN struct {
ProfileName string
ProfileConf map[string]string
Duration time.Duration
ProfileARN string
}
func (KeyWithProfileARN) Key ¶
func (k KeyWithProfileARN) Key() string
Key returns a key for the keyring item. For all purposes it behaves the same way as OrigKey but also takes the ProfileARN into account when generating the key value.
type KeyringSessionCache ¶
type KeyringSessionCache struct {
// contains filtered or unexported fields
}
func New ¶
func New(kr keyring.Keyring) *KeyringSessionCache
type Session ¶
type Session struct {
Name string
sts.Credentials
}
Session adds a session name to sts.Credentials
type SingleKrItemStore ¶
SingleKrItemStore stores all sessions in a single keyring item
This is mostly for MacOS keychain, where because we don't sign aws-okta properly, the user needs to reauth the aws-okta binary for every item on every upgrade. By collapsing all sessions into a single item, we only need to reauth once per upgrade/build
func (*SingleKrItemStore) Get ¶
func (s *SingleKrItemStore) Get(k Key) (*Session, error)
Get loads the db from the keyring, and returns the session at k.Key()
If the keyring item is not found (the db hasn't been written) or the key is not found, returns wrapped keyring.ErrKeyNotFound
If the session is found, but is expired, returns wrapped ErrSessionExpired
Source Files