iapgo

package module

v0.0.0-...-6332dbc Latest Latest Go to latest Published: Jan 23, 2020 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bukalapak/iapgo

Links

Open Source Insights

README ¶

iapgo

iapgo is a Go library to help authenticating access to endpoints behind Google Cloud Identity-Aware Proxy.

This library is heavily using golang.org/x/oauth2/google to handle credentials parsing and authentication.

Usage

import (
    "log"
    "net/http"

    "github.com/bukalapak/iapgo"
)

func main() {
    // Initialize Transport to be used. Define iapClientID with the OAuth Client
    // ID of the IAP that protects the endpoint.
    iapClientID := "12345678901-abcdefghijklmnopqrstuvwxyz123456.apps.googleusercontent.com"

    // Upon Transport creation, the service account key will be searched using
    // Application Default Credentials (ADC) strategy described in
    // https://cloud.google.com/docs/authentication/production.
    transport, err := iapgo.NewTransport(iapClientID)
    if err != nil {
        log.Fatal(err)
    }

    // Pair Transport with an http.Client.
    client := &http.Client{
        Transport: transport,
    }

    // Access endpoints behind IAP.
    client.Get("...")
}

Documentation ¶

Overview ¶

Package iapgo helps authenticating access to endpoints behind Google Cloud Identity-Aware Proxy (IAP). It provides a Transport which implements http.RoundTripper.

Example ¶

package main

import (
	"log"
	"net/http"

	"github.com/bukalapak/iapgo"
)

func main() {
	// Initialize Transport to be used. Define iapClientID with the OAuth Client
	// ID of the IAP that protects the endpoint.
	iapClientID := "12345678901-abcdefghijklmnopqrstuvwxyz123456.apps.googleusercontent.com"

	// Upon Transport creation, the service account key will be searched using
	// Application Default Credentials (ADC) strategy described in
	// https://cloud.google.com/docs/authentication/production.
	transport, err := iapgo.NewTransport(iapClientID)
	if err != nil {
		log.Fatal(err)
	}

	// Pair Transport with an http.Client.
	client := &http.Client{
		Transport: transport,
	}

	// Access endpoints behind IAP.
	client.Get("...")
}

Output:

Index ¶

type Transport
- func NewTransport(iapClientID string) (*Transport, error)
- func (t *Transport) RoundTrip(r *http.Request) (*http.Response, error)

Examples ¶

Package

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Transport ¶

type Transport struct {
	// contains filtered or unexported fields
}

Transport implements http.RoundTripper that can be used to access endpoints behind Google Cloud Identity-Aware Proxy.

func NewTransport ¶

func NewTransport(iapClientID string) (*Transport, error)

NewTransport returns an initialized Transport. It requires OAuth Client ID of the IAP resource target of the Transport. It finds the service account key using Application Default Credentials (ADC) strategy described in https://cloud.google.com/docs/authentication/production.

func (*Transport) RoundTrip ¶

func (t *Transport) RoundTrip(r *http.Request) (*http.Response, error)

RoundTrip authenticates an HTTP request using an ID token. This ID token is retrieved using two-legged authentication with a Google endpoint defined in the service account key.

Source Files ¶

View all Source files

iap.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL