token-refresher

command module

v0.0.0-...-f5e3403 Latest Latest Go to latest Published: Sep 20, 2023 License: Apache-2.0 Imports: 27 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/observatorium/token-refresher

Links

Open Source Insights

README ¶

Token-Refresher

token-refresher is a helper that fetches and refreshes OAuth2 access tokens via OIDC. It can do two things with these tokens:

write them to a file on disk; tokens are refreshed before expiration so that the file always holds a valid token; and
provide an HTTP proxy that adds an HTTP Authorization header containing the token to all outgoing requests.

token-refresher enables applications that only know how to read bearer tokens from a file or make HTTP requests to interface with APIs that are secured with OAuth2.

Note: the proxy should be used with care as any client that can access the API can impersonate the configured OAuth2 client.

Usage

Usage of ./token-refresher:
      --debug.name string            A name to add as a prefix to log lines. (default "token-refresher")
      --file string                  The path to the file in which to write the retrieved token.
      --log.format string            The log format to use. Options: 'logfmt', 'json'. (default "logfmt")
      --log.level string             The log filtering level. Options: 'error', 'warn', 'info', 'debug'. (default "info")
      --margin duration              The margin of time before a token expires to try to refresh it. (default 5m0s)
      --oidc.audience string         The audience for whom the access token is intended, see https://openid.net/specs/openid-connect-core-1_0.html#IDToken.
      --oidc.client-id string        The OIDC client ID, see https://tools.ietf.org/html/rfc6749#section-2.3.
      --oidc.client-secret string    The OIDC client secret, see https://tools.ietf.org/html/rfc6749#section-2.3.
      --oidc.issuer-url string       The OIDC issuer URL, see https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery.
      --url string                   The target URL to which to proxy requests. All requests will have the acces token in the Authorization HTTP header.
      --web.internal.listen string   The address on which the internal server listens. (default ":8081")
      --web.listen string            The address on which the proxy server listens. (default ":8080")

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL