iap

package module

v0.0.0-...-c972852 Latest Latest Go to latest Published: Jun 16, 2020 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bakins/iap-token-source

Links

Open Source Insights

README ¶

Deprecated: use https://pkg.go.dev/google.golang.org/api/idtoken?tab=doc

iap-token-source

Go package that provides an oauth2 token source to use for authentication to services secured with Google Identity Aware Proxy.

Status

Under development. This has been tested with only a few IAP configurations.

Usage

Note: this package only works with Google Service Accounts

This package can be used to authenticate HTTP and gRPC clients with Google's Identity Aware Proxy (better known as "IAP").

By default, the package uses Application Default Credentials - it will use the service account key at the path specified in the environment variable GOOGLE_APPLICATION_CREDENTIALS.

See the gRPC and HTTP examples for more information.

References

Huge thanks to https://github.com/b4b4r07/iap_curl which provided great examples.
https://cloud.google.com/iap/docs/authentication-howto#authenticating_from_a_service_account

LICENSE

See LICENSE

Documentation ¶

Overview ¶

Package IAP provides an oauth2 token source for authenticating with Google Identity Aware Proxy.

Index ¶

Constants
type IAP
- func New(ctx context.Context, audience string, filename string) (*IAP, error)
- func (i *IAP) Token() (*oauth2.Token, error)
type Option
type PostFormer

Examples ¶

New

Constants ¶

View Source

const (
	// TokenURI is the base uri of google oauth API
	TokenURI = "https://www.googleapis.com/oauth2/v4/token"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type IAP ¶

type IAP struct {
	// contains filtered or unexported fields
}

IAP is an Oauth2 token source for using a Google service account to access services protected by Identity Aware Proxy

func New ¶

func New(ctx context.Context, audience string, filename string) (*IAP, error)

New creates an IAP token source. If filename is empty, then attempt to read from environment varible, then wellknown file, then from compute metadata

Example ¶

audience := os.Getenv("AUDIENCE")
t, err := New(context.Background(), audience, "")
if err != nil {
	log.Fatalf("failed to create token source: %v", err)
}

c := oauth2.NewClient(context.Background(), t)
_, _ = c.Get("https://my-iap.protected.service")

Output:

func (*IAP) Token ¶

func (i *IAP) Token() (*oauth2.Token, error)

Token returns a token to be used for authentication.

type Option ¶

type Option func(*IAP) error

Options is passed to New for setting creation options

type PostFormer ¶

type PostFormer interface {
	PostForm(url string, data url.Values) (resp *http.Response, err error)
}

PostFormer issues a POST to the specified URL, with data's keys and values URL-encoded as the request body. See https://golang.org/pkg/net/http/#Client.PostForm

Source Files ¶

View all Source files

iap.go

Directories ¶

Path	Synopsis
examples
grpc Package main implements a client for Greeter service.	Package main implements a client for Greeter service.
http

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL