The highest tagged major version is
Documentation
¶
Overview ¶
Get a token.
Create a bearer token for access without requiring basic authentication. The tokens are created by the Elasticsearch Token Service, which is automatically enabled when you configure TLS on the HTTP interface. Alternatively, you can explicitly enable the `xpack.security.authc.token.enabled` setting. When you are running in production mode, a bootstrap check prevents you from enabling the token service unless you also enable TLS on the HTTP interface.
The get token API takes the same parameters as a typical OAuth 2.0 token API except for the use of a JSON request body.
A successful get token API call returns a JSON structure that contains the access token, the amount of time (seconds) that the token expires in, the type, and the scope if available.
The tokens returned by the get token API have a finite period of time for which they are valid and after that time period, they can no longer be used. That time period is defined by the `xpack.security.authc.token.timeout` setting. If you want to invalidate a token immediately, you can do so by using the invalidate token API.
Index ¶
- Variables
- type GetToken
- func (r GetToken) Do(providedCtx context.Context) (*Response, error)
- func (r *GetToken) ErrorTrace(errortrace bool) *GetToken
- func (r *GetToken) FilterPath(filterpaths ...string) *GetToken
- func (r *GetToken) GrantType(granttype accesstokengranttype.AccessTokenGrantType) *GetToken
- func (r *GetToken) Header(key, value string) *GetToken
- func (r *GetToken) HttpRequest(ctx context.Context) (*http.Request, error)
- func (r *GetToken) Human(human bool) *GetToken
- func (r *GetToken) KerberosTicket(kerberosticket string) *GetToken
- func (r *GetToken) Password(password string) *GetToken
- func (r GetToken) Perform(providedCtx context.Context) (*http.Response, error)
- func (r *GetToken) Pretty(pretty bool) *GetToken
- func (r *GetToken) Raw(raw io.Reader) *GetToken
- func (r *GetToken) RefreshToken(refreshtoken string) *GetToken
- func (r *GetToken) Request(req *Request) *GetToken
- func (r *GetToken) Scope(scope string) *GetToken
- func (r *GetToken) Username(username string) *GetToken
- type NewGetToken
- type Request
- type Response
Constants ¶
This section is empty.
Variables ¶
var ErrBuildPath = errors.New("cannot build path, check for missing path parameters")
ErrBuildPath is returned in case of missing parameters within the build of the request.
Functions ¶
This section is empty.
Types ¶
type GetToken ¶
type GetToken struct {
// contains filtered or unexported fields
}
func New ¶
func New(tp elastictransport.Interface) *GetToken
Get a token.
Create a bearer token for access without requiring basic authentication. The tokens are created by the Elasticsearch Token Service, which is automatically enabled when you configure TLS on the HTTP interface. Alternatively, you can explicitly enable the `xpack.security.authc.token.enabled` setting. When you are running in production mode, a bootstrap check prevents you from enabling the token service unless you also enable TLS on the HTTP interface.
The get token API takes the same parameters as a typical OAuth 2.0 token API except for the use of a JSON request body.
A successful get token API call returns a JSON structure that contains the access token, the amount of time (seconds) that the token expires in, the type, and the scope if available.
The tokens returned by the get token API have a finite period of time for which they are valid and after that time period, they can no longer be used. That time period is defined by the `xpack.security.authc.token.timeout` setting. If you want to invalidate a token immediately, you can do so by using the invalidate token API.
https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-token.html
func (GetToken) Do ¶
Do runs the request through the transport, handle the response and returns a gettoken.Response
func (*GetToken) ErrorTrace ¶ added in v8.14.0
ErrorTrace When set to `true` Elasticsearch will include the full stack trace of errors when they occur. API name: error_trace
func (*GetToken) FilterPath ¶ added in v8.14.0
FilterPath Comma-separated list of filters in dot notation which reduce the response returned by Elasticsearch. API name: filter_path
func (*GetToken) GrantType ¶ added in v8.9.0
func (r *GetToken) GrantType(granttype accesstokengranttype.AccessTokenGrantType) *GetToken
The type of grant. Supported grant types are: `password`, `_kerberos`, `client_credentials`, and `refresh_token`. API name: grant_type
func (*GetToken) HttpRequest ¶
HttpRequest returns the http.Request object built from the given parameters.
func (*GetToken) Human ¶ added in v8.14.0
Human When set to `true` will return statistics in a format suitable for humans. For example `"exists_time": "1h"` for humans and `"eixsts_time_in_millis": 3600000` for computers. When disabled the human readable values will be omitted. This makes sense for responses being consumed only by machines. API name: human
func (*GetToken) KerberosTicket ¶ added in v8.9.0
The base64 encoded kerberos ticket. If you specify the `_kerberos` grant type, this parameter is required. This parameter is not valid with any other supported grant type. API name: kerberos_ticket
func (*GetToken) Password ¶ added in v8.9.0
The user's password. If you specify the `password` grant type, this parameter is required. This parameter is not valid with any other supported grant type. API name: password
func (GetToken) Perform ¶ added in v8.7.0
Perform runs the http.Request through the provided transport and returns an http.Response.
func (*GetToken) Pretty ¶ added in v8.14.0
Pretty If set to `true` the returned JSON will be "pretty-formatted". Only use this option for debugging only. API name: pretty
func (*GetToken) Raw ¶
Raw takes a json payload as input which is then passed to the http.Request If specified Raw takes precedence on Request method.
func (*GetToken) RefreshToken ¶ added in v8.9.0
The string that was returned when you created the token, which enables you to extend its life. If you specify the `refresh_token` grant type, this parameter is required. This parameter is not valid with any other supported grant type. API name: refresh_token
type NewGetToken ¶
type NewGetToken func() *GetToken
NewGetToken type alias for index.
func NewGetTokenFunc ¶
func NewGetTokenFunc(tp elastictransport.Interface) NewGetToken
NewGetTokenFunc returns a new instance of GetToken with the provided transport. Used in the index of the library this allows to retrieve every apis in once place.
type Request ¶
type Request struct {
// GrantType The type of grant.
// Supported grant types are: `password`, `_kerberos`, `client_credentials`, and
// `refresh_token`.
GrantType *accesstokengranttype.AccessTokenGrantType `json:"grant_type,omitempty"`
// KerberosTicket The base64 encoded kerberos ticket.
// If you specify the `_kerberos` grant type, this parameter is required.
// This parameter is not valid with any other supported grant type.
KerberosTicket *string `json:"kerberos_ticket,omitempty"`
// Password The user's password.
// If you specify the `password` grant type, this parameter is required.
// This parameter is not valid with any other supported grant type.
Password *string `json:"password,omitempty"`
// RefreshToken The string that was returned when you created the token, which enables you to
// extend its life.
// If you specify the `refresh_token` grant type, this parameter is required.
// This parameter is not valid with any other supported grant type.
RefreshToken *string `json:"refresh_token,omitempty"`
// Scope The scope of the token.
// Currently tokens are only issued for a scope of FULL regardless of the value
// sent with the request.
Scope *string `json:"scope,omitempty"`
// Username The username that identifies the user.
// If you specify the `password` grant type, this parameter is required.
// This parameter is not valid with any other supported grant type.
Username *string `json:"username,omitempty"`
}
Request holds the request body struct for the package gettoken
func (*Request) FromJSON ¶ added in v8.5.0
FromJSON allows to load an arbitrary json into the request structure
func (*Request) UnmarshalJSON ¶ added in v8.12.1
type Response ¶ added in v8.7.0
type Response struct {
AccessToken string `json:"access_token"`
Authentication types.AuthenticatedUser `json:"authentication"`
ExpiresIn int64 `json:"expires_in"`
KerberosAuthenticationResponseToken *string `json:"kerberos_authentication_response_token,omitempty"`
RefreshToken *string `json:"refresh_token,omitempty"`
Scope *string `json:"scope,omitempty"`
Type string `json:"type"`
}
Response holds the response body struct for the package gettoken
Source Files