cfg

Documentation

Index

• Constants
• Variables
• type ConfigManager
  • func NewConfigManager(configFile string) (*ConfigManager, error)
  • func (cm *ConfigManager) LoadIDPAccount(idpAccountName string) (*IDPAccount, error)
  • func (cm *ConfigManager) SaveIDPAccount(idpAccountName string, account *IDPAccount) error
• type IDPAccount
  • func NewIDPAccount() *IDPAccount
  • func (ia IDPAccount) String() string
  • func (ia *IDPAccount) Validate() error

Constants

const (
	// DefaultConfigPath the default saml2aws configuration path
	DefaultConfigPath = "~/.saml2aws"

	// DefaultAmazonWebservicesURN URN used when authenticating to aws using SAML
	// NOTE: This only needs to be changed to log into GovCloud
	DefaultAmazonWebservicesURN = "urn:amazon:webservices"

	// DefaultSessionDuration this is the default session duration which can be overridden in the AWS console
	// see https://aws.amazon.com/blogs/security/enable-federated-api-access-to-your-aws-resources-for-up-to-12-hours-using-iam-roles/
	DefaultSessionDuration = 3600

	// DefaultProfile this is the default profile name used to save the credentials in the aws cli
	DefaultProfile = "saml"
)

Variables

var ErrIdpAccountNotFound = errors.New("IDP account not found, run configure to set it up")

ErrIdpAccountNotFound returned if the idp account is not found in the configuration file

Types

type ConfigManager

type ConfigManager struct {
	// contains filtered or unexported fields
}

ConfigManager manage the various IDP account settings

func NewConfigManager

func NewConfigManager(configFile string) (*ConfigManager, error)

NewConfigManager build a new config manager and optionally override the config path

func (*ConfigManager) LoadIDPAccount

func (cm *ConfigManager) LoadIDPAccount(idpAccountName string) (*IDPAccount, error)

LoadIDPAccount load the idp account and default to an empty one if it doesn't exist

func (*ConfigManager) SaveIDPAccount

func (cm *ConfigManager) SaveIDPAccount(idpAccountName string, account *IDPAccount) error

SaveIDPAccount save idp account

type IDPAccount

type IDPAccount struct {
	Name                 string `ini:"name"`
	AppID                string `ini:"app_id"` // used by OneLogin and AzureAD
	URL                  string `ini:"url"`
	Username             string `ini:"username"`
	Password             string `ini:"password"`
	Provider             string `ini:"provider"`
	MFA                  string `ini:"mfa"`
	SkipVerify           bool   `ini:"skip_verify"`
	Timeout              int    `ini:"timeout"`
	AmazonWebservicesURN string `ini:"aws_urn"`
	SessionDuration      int    `ini:"aws_session_duration"`
	Profile              string `ini:"aws_profile"`
	ResourceID           string `ini:"resource_id"` // used by F5APM
	Subdomain            string `ini:"subdomain"`   // used by OneLogin
	RoleARN              string `ini:"role_arn"`
	Region               string `ini:"region"`
	HttpAttemptsCount    string `ini:"http_attempts_count"`
	HttpRetryDelay       string `ini:"http_retry_delay"`
	CredentialsFile      string `ini:"credentials_file"`
	SAMLCache            bool   `ini:"saml_cache"`
	SAMLCacheFile        string `ini:"saml_cache_file"`
	TargetURL            string `ini:"target_url"`
	SilentOutput         bool
}

IDPAccount saml IDP account

func NewIDPAccount

func NewIDPAccount() *IDPAccount

NewIDPAccount Create an idp account and fill in any default fields with sane values

func (IDPAccount) String

func (ia IDPAccount) String() string

func (*IDPAccount) Validate

func (ia *IDPAccount) Validate() error

Validate validate the required / expected fields are set