Documentation
¶
Index ¶
Constants ¶
const TokenRefreshWindow = time.Hour
TokenRefreshWindow indicates how soon before actual expiration the STS token will be considered expired
Variables ¶
This section is empty.
Functions ¶
func CompareHashAndToken ¶
CompareHashAndPassword compares a hashed client token with its possible plain text equivalent. Returns nil on success, or an error on failure. Modeled after the crypto/bcrypt interface.
func GetDevHandlers ¶
func NewBackoffHandler ¶
func NewBackoffHandler(handler RequestHandler) *backoffHandler
NewBackoffHandler creates a backoff handler that will respond to PermissionDenied errors in other services by attempting to refresh the current JWT token
Types ¶
type Accessor ¶
type Accessor interface {
Credentials() (gc.PerRPCCredentials, error)
GetStsCredentials() (*ac.Credentials, error)
IdentityProvider() identity.Provider
UserID() string
}
func GetAccessor ¶
func GetAccessor(identityProvider identity.Provider, handler RequestHandler) Accessor
type Option ¶
type Option func(o *options)
Option defines an option that can be set on the token server
func WithServer ¶
func WithServer() Option
WithServer specifies that an IPC server should be started so other processes can request tokens from this process
func WithSocketNameSuffix ¶
WithSocketNameSuffix specifies the (optional) suffix of the socket name
type RequestHandler ¶
type RequestHandler interface {
// contains filtered or unexported methods
}
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server encapsulates the receiving and queueing of token requests by other robot processes
var TokenServer *Server
func (*Server) ErrorListener ¶
func (s *Server) ErrorListener() util.ErrorListener
Source Files
Directories