bearertokenauthextension

package module
v0.150.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 13, 2026 License: Apache-2.0 Imports: 17 Imported by: 9

README

Bearer Token Authenticator Extension

Status
Stability beta
Distributions contrib, k8s
Issues Open issues Closed issues
Code coverage codecov
Code Owners @frzifus | Seeking more code owners!
Emeritus @jpkrohling, @pavankrish123

This extension implements both configauth.ServerAuthenticator and configauth.ClientAuthenticator. It can be used in both http and gRPC exporters inside the auth settings, as a means to embed a static token for every RPC call that will be made.

The authenticator type has to be set to bearertokenauth.

Configuration

  • header: Specifies the auth header name. Defaults to "Authorization". Optional.

  • scheme: Specifies the auth scheme name. Defaults to "Bearer". Optional.

  • token: Static authorization token that needs to be sent on every gRPC client call as metadata.

  • tokens: A list of static authorization tokens, one of which needs to be sent on every gRPC client call as metadata.

  • filename: Name of file that contains a authorization token that needs to be sent in every client call.

Either one of token or filename field is required. If both are specified, then the token field value is ignored. In any case, the value of the token will be prepended by ${scheme} before being sent as a value of "authorization" key in the request header in case of HTTP and metadata in case of gRPC.

Note: bearertokenauth requires transport layer security enabled on the exporter.

extensions:
  bearertokenauth:
    token: "somerandomtoken"
    filename: "file-containing.token"
  bearertokenauth/withscheme:
    scheme: "Bearer"
    token: "randomtoken"
  bearertokenauth/multipletokens:
    scheme: "Bearer"
    tokens:
      - "randomtoken"
      - "thistokenalsoworks"

receivers:
  hostmetrics:
    scrapers:
      memory:
  otlp:
    protocols:
      grpc:

exporters:
  otlp_grpc/withauth:
    endpoint: 0.0.0.0:5000
    ca_file: /tmp/certs/ca.pem
    auth:
      authenticator: bearertokenauth

  otlp_http/withauth:
    endpoint: http://localhost:9000
    auth:
      authenticator: bearertokenauth/withscheme

service:
  extensions: [bearertokenauth, bearertokenauth/withscheme]
  pipelines:
    metrics:
      receivers: [hostmetrics]
      processors: []
      exporters: [otlp_grpc/withauth, otlp_http/withauth]

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewFactory 

func NewFactory() extension.Factory

NewFactory creates a factory for the static bearer token Authenticator extension.

Types

type Config 

type Config struct {
	// Header specifies the auth-header for the token. Defaults to "Authorization"
	Header string `mapstructure:"header,omitempty"`

	// Scheme specifies the auth-scheme for the token. Defaults to "Bearer"
	Scheme string `mapstructure:"scheme,omitempty"`

	// BearerToken specifies the bearer token to use for every RPC.
	BearerToken configopaque.String `mapstructure:"token,omitempty"`

	// Tokens specifies multiple bearer tokens to use for every RPC.
	Tokens []configopaque.String `mapstructure:"tokens,omitempty"`

	// Filename points to a file that contains the bearer token(s) to use for every RPC.
	Filename string `mapstructure:"filename,omitempty"`
	// contains filtered or unexported fields
}

Config specifies how the Per-RPC bearer token based authentication data should be obtained.

func (*Config) Validate 

func (cfg *Config) Validate() error

Validate checks if the extension configuration is valid

Source Files

View all Source files

Directories

Path Synopsis
internal
metadata

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.