Documentation
¶
Overview ¶
* // Copyright (c) 2024 Bytedance Ltd. and/or its affiliates * // * // Licensed under the Apache License, Version 2.0 (the "License"); * // you may not use this file except in compliance with the License. * // You may obtain a copy of the License at * // * // http://www.apache.org/licenses/LICENSE-2.0 * // * // Unless required by applicable law or agreed to in writing, software * // distributed under the License is distributed on an "AS IS" BASIS, * // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * // See the License for the specific language governing permissions and * // limitations under the License.
Index ¶
- Constants
- func Execute()
- func GetServiceMapping(s string) (string, bool)
- func SetServiceMapping(s1, s2 string)
- func WriteConfigToFile(config *Configure) error
- type AccountInfo
- type ApiInfo
- type ApiMeta
- type ByteplusMeta
- type Configure
- type Context
- type CreateTokenRequest
- type CreateTokenResponse
- type DeviceCodeFetcher
- type Flag
- type FlagSet
- type GetRoleCredentialsRequest
- type GetRoleCredentialsResponse
- type ListAccountRolesRequest
- type ListAccountRolesResponse
- type ListAccountsRequest
- type ListAccountsResponse
- type Meta
- type MetaInfo
- type MetaType
- type OAuthAPIError
- type OAuthClient
- func (c *OAuthClient) CreateToken(ctx context.Context, req *CreateTokenRequest) (*CreateTokenResponse, error)
- func (c *OAuthClient) RegisterClient(ctx context.Context, req *RegisterClientRequest) (*RegisterClientResponse, error)
- func (c *OAuthClient) RevokeToken(ctx context.Context, req *RevokeTokenRequest) error
- func (c *OAuthClient) StartDeviceAuthorization(ctx context.Context, req *StartDeviceAuthorizationRequest) (*StartDeviceAuthorizationResponse, error)
- type OAuthClientAPI
- type OAuthClientConfig
- type Parser
- type PortalAPIError
- type PortalClient
- func (c *PortalClient) GetRoleCredentials(ctx context.Context, req *GetRoleCredentialsRequest) (*GetRoleCredentialsResponse, error)
- func (c *PortalClient) ListAccountRoles(ctx context.Context, req *ListAccountRolesRequest) (*ListAccountRolesResponse, error)
- func (c *PortalClient) ListAccounts(ctx context.Context, req *ListAccountsRequest) (*ListAccountsResponse, error)
- type PortalClientAPI
- type PortalClientConfig
- type Profile
- type RegisterClientRequest
- type RegisterClientResponse
- type ResponseMetadata
- type RevokeTokenRequest
- type RoleCredentials
- type RoleInfo
- type RootSupport
- func (r *RootSupport) GetAllAction(svc string) []string
- func (r *RootSupport) GetAllSvc() []string
- func (r *RootSupport) GetAllSvcCompatible() []string
- func (r *RootSupport) GetApiInfo(svc string, action string) *ApiInfo
- func (r *RootSupport) GetApiMeta(svc string, action string) *ApiMeta
- func (r *RootSupport) GetVersion(svc string) string
- func (r *RootSupport) IsValidAction(svc, action string) bool
- func (r *RootSupport) IsValidSvc(svc string) bool
- type SSOService
- type SdkClient
- type SdkClientInfo
- type Sso
- func (s *Sso) EnsureValidStsToken(ctx *Context) error
- func (s *Sso) GetAccessToken() (string, error)
- func (s *Sso) GetRoleCredentials() (*RoleCredentials, error)
- func (s *Sso) GetValidAccessToken() (string, error)
- func (s *Sso) Login() error
- func (s *Sso) Logout() error
- func (s *Sso) SetProfile() error
- type SsoSession
- type SsoTokenCache
- type StartDeviceAuthorizationRequest
- type StartDeviceAuthorizationResponse
- type StructInfo
Constants ¶
View Source
const ( ModeSSO = "sso" ModeAK = "ak" ConfigFile = "config.json" )
Variables ¶
This section is empty.
Functions ¶
func GetServiceMapping ¶
func SetServiceMapping ¶
func SetServiceMapping(s1, s2 string)
func WriteConfigToFile ¶
WriteConfigToFile store config
Types ¶
type AccountInfo ¶ added in v1.0.8
type AccountInfo struct {
AccountID string `json:"AccountId"`
AccountName string `json:"AccountName"`
}
AccountInfo 表示 ListAccounts 返回的账号信息。
type ByteplusMeta ¶
func (*ByteplusMeta) GetRequestParams ¶
func (meta *ByteplusMeta) GetRequestParams(apiMeta *ApiMeta) (params []param)
type Configure ¶
type Configure struct {
Current string `json:"current"`
Profiles map[string]*Profile `json:"profiles"`
EnableColor bool `json:"enableColor"`
SsoSession map[string]*SsoSession `json:"sso-session"`
}
func (*Configure) SetRandomCurrentProfile ¶
func (config *Configure) SetRandomCurrentProfile()
type Context ¶
type Context struct {
// contains filtered or unexported fields
}
func NewContext ¶
func NewContext() *Context
type CreateTokenRequest ¶ added in v1.0.8
type CreateTokenRequest struct {
GrantType string `json:"grant_type"`
ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"`
RefreshToken string `json:"refresh_token,omitempty"`
DeviceCode string `json:"device_code,omitempty"`
}
CreateTokenRequest 对应 CreateToken API 的请求参数。
type CreateTokenResponse ¶ added in v1.0.8
type CreateTokenResponse struct {
AccessToken string `json:"access_token"`
TokenType string `json:"token_type"`
RefreshToken string `json:"refresh_token,omitempty"`
ExpiresIn int `json:"expires_in"`
}
CreateTokenResponse 表示获取 Token 成功后的返回结构。
type DeviceCodeFetcher ¶ added in v1.0.8
type DeviceCodeFetcher struct {
// contains filtered or unexported fields
}
func (*DeviceCodeFetcher) GetFreshTokenForLogin ¶ added in v1.0.11
func (f *DeviceCodeFetcher) GetFreshTokenForLogin() (*SsoTokenCache, error)
GetFreshTokenForLogin 执行显式登录授权。 无论缓存 access token 是否有效,也不会用 refresh_token 静默完成登录。
func (*DeviceCodeFetcher) GetToken ¶ added in v1.0.8
func (f *DeviceCodeFetcher) GetToken() (*SsoTokenCache, error)
GetToken 协调设备码流程、refresh token 刷新及缓存复用。 该方法保留给 configure sso 等交互式流程使用:它可以复用缓存、尝试 refresh,并在必要时回退到设备码授权。
func (*DeviceCodeFetcher) GetValidTokenForBusiness ¶ added in v1.0.11
func (f *DeviceCodeFetcher) GetValidTokenForBusiness() (*SsoTokenCache, error)
GetValidTokenForBusiness 返回业务命令可用的 access token 缓存。 业务命令只允许静默 refresh,不允许回退到设备码授权,避免普通 API 调用突然打开浏览器或阻塞等待用户授权。
type FlagSet ¶
type FlagSet struct {
// contains filtered or unexported fields
}
func NewFlagSet ¶
func NewFlagSet() *FlagSet
type GetRoleCredentialsRequest ¶ added in v1.0.8
type GetRoleCredentialsRequest struct {
AccessToken string
AccountID string
RoleName string
PageSize int
PageNumber int
}
GetRoleCredentialsRequest 为 GetRoleCredentials 的请求参数封装。
type GetRoleCredentialsResponse ¶ added in v1.0.8
type GetRoleCredentialsResponse struct {
RoleCredentials RoleCredentials
RequestID string
}
GetRoleCredentialsResponse 返回临时凭证及请求 ID。
type ListAccountRolesRequest ¶ added in v1.0.8
type ListAccountRolesRequest struct {
AccessToken string
AccountID string
PageSize int
PageNumber int
NextToken string
}
ListAccountRolesRequest 为 ListAccountRoles 的请求参数封装。
type ListAccountRolesResponse ¶ added in v1.0.8
type ListAccountRolesResponse struct {
Total int
PageNumber int
PageSize int
RoleList []RoleInfo
NextToken string
RequestID string
}
ListAccountRolesResponse 返回角色列表及分页信息。
type ListAccountsRequest ¶ added in v1.0.8
ListAccountsRequest 为 ListAccounts 的请求参数封装。
type ListAccountsResponse ¶ added in v1.0.8
type ListAccountsResponse struct {
Total int
PageNumber int
PageSize int
AccountList []AccountInfo
NextToken string
RequestID string
}
ListAccountsResponse 返回账号列表及分页信息。
type Meta ¶
type Meta struct {
MetaTypes map[string]*MetaType `json:"MetaTypes,omitempty"`
ChildMetas map[string]*Meta `json:"ChildMetas,omitempty"`
}
func (*Meta) GetReqBody ¶
type OAuthAPIError ¶ added in v1.0.8
OAuthAPIError 用于承载 OAuth API 非 2xx 响应时的结构化错误信息。
func (*OAuthAPIError) Error ¶ added in v1.0.8
func (e *OAuthAPIError) Error() string
type OAuthClient ¶ added in v1.0.8
type OAuthClient struct {
// contains filtered or unexported fields
}
OAuthClient 缓存拼好的 URL 和 HTTP 客户端,避免每次调用重新计算。
func NewOAuthClient ¶ added in v1.0.8
func NewOAuthClient(cfg *OAuthClientConfig) *OAuthClient
NewOAuthClient 根据配置创建 OAuthClient,包含默认值和可选覆盖项。
func (*OAuthClient) CreateToken ¶ added in v1.0.8
func (c *OAuthClient) CreateToken(ctx context.Context, req *CreateTokenRequest) (*CreateTokenResponse, error)
CreateToken 调用 CreateToken API,获取 access/refresh token。
func (*OAuthClient) RegisterClient ¶ added in v1.0.8
func (c *OAuthClient) RegisterClient(ctx context.Context, req *RegisterClientRequest) (*RegisterClientResponse, error)
RegisterClient 调用 RegisterClient API,返回注册后的 client_id/client_secret。
func (*OAuthClient) RevokeToken ¶ added in v1.0.8
func (c *OAuthClient) RevokeToken(ctx context.Context, req *RevokeTokenRequest) error
RevokeToken 调用 RevokeToken API 撤销 access/refresh token。
func (*OAuthClient) StartDeviceAuthorization ¶ added in v1.0.8
func (c *OAuthClient) StartDeviceAuthorization(ctx context.Context, req *StartDeviceAuthorizationRequest) (*StartDeviceAuthorizationResponse, error)
StartDeviceAuthorization 发起设备码授权流程。
type OAuthClientAPI ¶ added in v1.0.8
type OAuthClientAPI interface {
RegisterClient(ctx context.Context, req *RegisterClientRequest) (*RegisterClientResponse, error)
CreateToken(ctx context.Context, req *CreateTokenRequest) (*CreateTokenResponse, error)
RevokeToken(ctx context.Context, req *RevokeTokenRequest) error
StartDeviceAuthorization(ctx context.Context, req *StartDeviceAuthorizationRequest) (*StartDeviceAuthorizationResponse, error)
}
OAuthClientAPI 定义 OAuth 客户端对外暴露的方法集合,便于测试或替换实现。
type OAuthClientConfig ¶ added in v1.0.8
type OAuthClientConfig struct {
// Region 控制使用的区域(默认:ap-southeast-1)。
Region string
// HTTPClient 允许注入自定义 HTTP 客户端(例如代理、超时)。
HTTPClient *http.Client
}
OAuthClientConfig 用于配置 OAuth 客户端的可选项。
type PortalAPIError ¶ added in v1.0.8
PortalAPIError 用于承载 Portal API 非 2xx 响应时的结构化错误信息。
func (*PortalAPIError) Error ¶ added in v1.0.8
func (e *PortalAPIError) Error() string
type PortalClient ¶ added in v1.0.8
type PortalClient struct {
// contains filtered or unexported fields
}
PortalClient 封装 CloudIdentity Portal API 调用,集中管理 URL、HTTP 客户端和默认分页参数。
func NewPortalClient ¶ added in v1.0.8
func NewPortalClient(cfg *PortalClientConfig) *PortalClient
NewPortalClient 根据配置创建 PortalClient,包含默认值和可选覆盖项。
func (*PortalClient) GetRoleCredentials ¶ added in v1.0.8
func (c *PortalClient) GetRoleCredentials(ctx context.Context, req *GetRoleCredentialsRequest) (*GetRoleCredentialsResponse, error)
GetRoleCredentials 使用 Portal 访问令牌换取指定账号和角色的临时凭证。
func (*PortalClient) ListAccountRoles ¶ added in v1.0.8
func (c *PortalClient) ListAccountRoles(ctx context.Context, req *ListAccountRolesRequest) (*ListAccountRolesResponse, error)
ListAccountRoles 调用 ListAccountRoles API,返回指定账号下当前令牌可用的角色列表。
func (*PortalClient) ListAccounts ¶ added in v1.0.8
func (c *PortalClient) ListAccounts(ctx context.Context, req *ListAccountsRequest) (*ListAccountsResponse, error)
ListAccounts 调用 ListAccounts API,返回当前访问令牌可见的账号列表。
type PortalClientAPI ¶ added in v1.0.8
type PortalClientAPI interface {
ListAccounts(ctx context.Context, req *ListAccountsRequest) (*ListAccountsResponse, error)
ListAccountRoles(ctx context.Context, req *ListAccountRolesRequest) (*ListAccountRolesResponse, error)
GetRoleCredentials(ctx context.Context, req *GetRoleCredentialsRequest) (*GetRoleCredentialsResponse, error)
}
PortalClientAPI 定义 Portal 客户端对外暴露的方法集合,便于测试或替换实现。
type PortalClientConfig ¶ added in v1.0.8
type PortalClientConfig struct {
Region string
BaseURL string
HTTPClient *http.Client
DefaultPageSize int
}
PortalClientConfig 用于配置 Portal 客户端的可选项,比如自定义 BaseURL、HTTPClient 或分页大小。
type Profile ¶
type Profile struct {
Name string `json:"name"`
Mode string `json:"mode"`
AccessKey string `json:"access-key"`
SecretKey string `json:"secret-key"`
Region string `json:"region"`
Endpoint string `json:"endpoint"`
EndpointResolver string `json:"endpoint-resolver,omitempty"`
UseDualStack *bool `json:"use-dual-stack,omitempty"`
SessionToken string `json:"session-token"`
DisableSSL *bool `json:"disable-ssl"`
SsoSessionName string `json:"sso-session-name,omitempty"`
AccountId string `json:"account-id,omitempty"`
RoleName string `json:"role-name,omitempty"`
StsExpiration int64 `json:"sts-expiration,omitempty"`
}
type RegisterClientRequest ¶ added in v1.0.8
type RegisterClientRequest struct {
ClientName string `json:"client_name"`
ClientType string `json:"client_type"`
GrantTypes []string `json:"grant_types,omitempty"`
Scopes []string `json:"scopes,omitempty"`
}
RegisterClientRequest 对应 RegisterClient API 的请求参数。
type RegisterClientResponse ¶ added in v1.0.8
type RegisterClientResponse struct {
ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"`
ClientIDIssuedAt int64 `json:"client_id_issued_at,omitempty"`
ClientSecretExpiresAt int64 `json:"client_secret_expires_at,omitempty"`
}
RegisterClientResponse 表示注册客户端成功后的返回结构。
type ResponseMetadata ¶ added in v1.0.8
type ResponseMetadata struct {
RequestID string `json:"RequestId"`
}
ResponseMetadata 表示 Portal API 返回的基础元信息。
type RevokeTokenRequest ¶ added in v1.0.8
type RevokeTokenRequest struct {
ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"`
Token string `json:"token"`
}
RevokeTokenRequest 为撤销 token 的请求参数。
type RoleCredentials ¶ added in v1.0.8
type RoleCredentials struct {
AccessKeyID string `json:"AccessKeyId"`
Expiration int64 `json:"Expiration"`
SecretAccessKey string `json:"SecretAccessKey"`
SessionToken string `json:"sessionToken"`
}
RoleCredentials 表示 GetRoleCredentials 返回的临时凭证信息。
type RootSupport ¶
type RootSupport struct {
SupportSvc []string
SupportAction map[string]map[string]*ByteplusMeta
Versions map[string]string
SupportTypes map[string]map[string]*ApiMeta
}
func NewRootSupport ¶
func NewRootSupport() *RootSupport
func (*RootSupport) GetAllAction ¶
func (r *RootSupport) GetAllAction(svc string) []string
func (*RootSupport) GetAllSvc ¶
func (r *RootSupport) GetAllSvc() []string
func (*RootSupport) GetAllSvcCompatible ¶
func (r *RootSupport) GetAllSvcCompatible() []string
func (*RootSupport) GetApiInfo ¶
func (r *RootSupport) GetApiInfo(svc string, action string) *ApiInfo
func (*RootSupport) GetApiMeta ¶ added in v1.0.9
func (r *RootSupport) GetApiMeta(svc string, action string) *ApiMeta
func (*RootSupport) GetVersion ¶
func (r *RootSupport) GetVersion(svc string) string
func (*RootSupport) IsValidAction ¶
func (r *RootSupport) IsValidAction(svc, action string) bool
func (*RootSupport) IsValidSvc ¶
func (r *RootSupport) IsValidSvc(svc string) bool
type SSOService ¶ added in v1.0.8
type SdkClient ¶
func NewSimpleClient ¶
type SdkClientInfo ¶
type Sso ¶ added in v1.0.8
type Sso struct {
Profile *Profile
SsoSessionName string
StartURL string
Region string
UseDeviceCode bool
NoBrowser bool
Scopes []string
}
func (*Sso) EnsureValidStsToken ¶ added in v1.0.8
func (*Sso) GetAccessToken ¶ added in v1.0.8
func (*Sso) GetRoleCredentials ¶ added in v1.0.8
func (s *Sso) GetRoleCredentials() (*RoleCredentials, error)
func (*Sso) GetValidAccessToken ¶ added in v1.0.11
GetValidAccessToken 获取业务命令可用的 access token。 access token 未进入刷新窗口时直接复用;过期或即将过期时仅尝试 refresh_token 静默续期。
func (*Sso) SetProfile ¶ added in v1.0.8
type SsoSession ¶ added in v1.0.8
type SsoTokenCache ¶ added in v1.0.8
type SsoTokenCache struct {
StartURL string `json:"start_url"`
SessionName string `json:"session_name"`
AccessToken string `json:"access_token"`
ExpiresAt string `json:"expires_at"`
ClientId string `json:"client_id"`
ClientSecret string `json:"client_secret"`
ClientIdIssuedAt int64 `json:"client_id_issued_at,omitempty"`
ClientSecretExpiresAt int64 `json:"client_secret_expires_at,omitempty"`
RefreshToken string `json:"refresh_token,omitempty"`
Region string `json:"region"`
}
type StartDeviceAuthorizationRequest ¶ added in v1.0.8
type StartDeviceAuthorizationRequest struct {
ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"`
Scopes []string `json:"scopes,omitempty"`
PortalUrl string `json:"portal_url,omitempty"`
}
StartDeviceAuthorizationRequest 为设备码授权的请求参数。
type StartDeviceAuthorizationResponse ¶ added in v1.0.8
type StartDeviceAuthorizationResponse struct {
DeviceCode string `json:"device_code"`
UserCode string `json:"user_code"`
VerificationURI string `json:"verification_uri"`
VerificationURIComplete string `json:"verification_uri_complete"`
ExpiresIn int `json:"expires_in"`
Interval int `json:"interval,omitempty"`
}
StartDeviceAuthorizationResponse 表示设备码授权成功后的返回结构。
type StructInfo ¶
Source Files
¶
Click to show internal directories.
Click to hide internal directories.