bearertokenauthextension

package module
v0.99.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2024 License: Apache-2.0 Imports: 14 Imported by: 6

README

Authenticator - Bearer

Status
Stability beta
Distributions contrib
Issues Open issues Closed issues
Code Owners @jpkrohling, @frzifus
Emeritus @pavankrish123

This extension implements both configauth.ServerAuthenticator and configauth.ClientAuthenticator. It can be used in both http and gRPC exporters inside the auth settings, as a means to embed a static token for every RPC call that will be made.

The authenticator type has to be set to bearertokenauth.

Configuration

  • scheme: Specifies the auth scheme name. Defaults to "Bearer". Optional.

  • token: Static authorization token that needs to be sent on every gRPC client call as metadata.

  • filename: Name of file that contains a authorization token that needs to be sent in every client call.

Either one of token or filename field is required. If both are specified, then the token field value is ignored. In any case, the value of the token will be prepended by ${scheme} before being sent as a value of "authorization" key in the request header in case of HTTP and metadata in case of gRPC.

Note: bearertokenauth requires transport layer security enabled on the exporter.

extensions:
  bearertokenauth:
    token: "somerandomtoken"
    filename: "file-containing.token"
  bearertokenauth/withscheme:
    scheme: "Bearer"
    token: "randomtoken"

receivers:
  hostmetrics:
    scrapers:
      memory:
  otlp:
    protocols:
      grpc:

exporters:
  otlp/withauth:
    endpoint: 0.0.0.0:5000
    ca_file: /tmp/certs/ca.pem
    auth:
      authenticator: bearertokenauth

  otlphttp/withauth:
    endpoint: http://localhost:9000
    auth:
      authenticator: bearertokenauth/withscheme

service:
  extensions: [bearertokenauth, bearertokenauth/withscheme]
  pipelines:
    metrics:
      receivers: [hostmetrics]
      processors: []
      exporters: [otlp/withauth, otlphttp/withauth]

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewFactory 

func NewFactory() extension.Factory

NewFactory creates a factory for the static bearer token Authenticator extension.

Types

type BearerAuthRoundTripper added in v0.39.0 

type BearerAuthRoundTripper struct {
	// contains filtered or unexported fields
}

BearerAuthRoundTripper intercepts and adds Bearer token Authorization headers to each http request.

func (*BearerAuthRoundTripper) RoundTrip added in v0.39.0 

func (interceptor *BearerAuthRoundTripper) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip modifies the original request and adds Bearer token Authorization headers.

type BearerTokenAuth 

type BearerTokenAuth struct {
	// contains filtered or unexported fields
}

BearerTokenAuth is an implementation of auth.Client. It embeds a static authorization "bearer" token in every rpc call.

func (*BearerTokenAuth) Authenticate added in v0.80.0 

func (b *BearerTokenAuth) Authenticate(ctx context.Context, headers map[string][]string) (context.Context, error)

Authenticate checks whether the given context contains valid auth data.

func (*BearerTokenAuth) PerRPCCredentials 

func (b *BearerTokenAuth) PerRPCCredentials() (credentials.PerRPCCredentials, error)

PerRPCCredentials returns PerRPCAuth an implementation of credentials.PerRPCCredentials that

func (*BearerTokenAuth) RoundTripper added in v0.38.0 

func (b *BearerTokenAuth) RoundTripper(base http.RoundTripper) (http.RoundTripper, error)

RoundTripper is not implemented by BearerTokenAuth

func (*BearerTokenAuth) Shutdown 

func (b *BearerTokenAuth) Shutdown(_ context.Context) error

Shutdown of BearerTokenAuth does nothing and returns nil

func (*BearerTokenAuth) Start 

func (b *BearerTokenAuth) Start(ctx context.Context, _ component.Host) error

Start of BearerTokenAuth does nothing and returns nil if no filename is specified. Otherwise a routine is started to monitor the file containing the token to be transferred.

type Config 

type Config struct {

	// Scheme specifies the auth-scheme for the token. Defaults to "Bearer"
	Scheme string `mapstructure:"scheme,omitempty"`

	// BearerToken specifies the bearer token to use for every RPC.
	BearerToken configopaque.String `mapstructure:"token,omitempty"`

	// Filename points to a file that contains the bearer token to use for every RPC.
	Filename string `mapstructure:"filename,omitempty"`
}

Config specifies how the Per-RPC bearer token based authentication data should be obtained.

func (*Config) Validate 

func (cfg *Config) Validate() error

Validate checks if the extension configuration is valid

type PerRPCAuth 

type PerRPCAuth struct {
	// contains filtered or unexported fields
}

PerRPCAuth is a gRPC credentials.PerRPCCredentials implementation that returns an 'authorization' header.

func (*PerRPCAuth) GetRequestMetadata 

func (c *PerRPCAuth) GetRequestMetadata(context.Context, ...string) (map[string]string, error)

GetRequestMetadata returns the request metadata to be used with the RPC.

func (*PerRPCAuth) RequireTransportSecurity 

func (c *PerRPCAuth) RequireTransportSecurity() bool

RequireTransportSecurity always returns true for this implementation. Passing bearer tokens in plain-text connections is a bad idea.

Source Files

View all Source files

Directories

Path Synopsis
internal
metadata

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.