auth

package
v0.70.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 25, 2024 License: Apache-2.0 Imports: 24 Imported by: 8

Documentation

Index

Constants

View Source 
const ConnectionTimeoutDefault = 10 * time.Second
View Source 
const MaxReconnectsDefault = -1

Defaults

View Source 
const ReconnectJitterDefault = 5 * time.Second
View Source 
const ReconnectWaitDefault = 1 * time.Second
View Source 
const UserAgentVersion = "0.1"

Variables

View Source 
var ClosedHandlerDefault = func(c *nats.Conn) {
	fields := log.Fields{}

	if c != nil {
		fields["error"] = c.LastError()
	}

	log.WithFields(fields).Debug("NATS connection closed")
}
View Source 
var DisconnectErrHandlerDefault = func(c *nats.Conn, err error) {
	fields := log.Fields{}

	if c != nil {
		fields["address"] = c.ConnectedAddr()
	}

	if err != nil {
		log.WithError(err).WithFields(fields).Error("NATS disconnected")
	} else {
		log.WithFields(fields).Debug("NATS disconnected")
	}
}
View Source 
var ErrorHandlerDefault = func(c *nats.Conn, s *nats.Subscription, e error) {
	fields := log.Fields{
		"error": e,
	}

	if c != nil {
		fields["address"] = c.ConnectedAddr()
	}

	if s != nil {
		fields["subject"] = s.Subject
		fields["queue"] = s.Queue
	}

	log.WithFields(fields).Error("NATS error")
}
View Source 
var LameDuckModeHandlerDefault = func(c *nats.Conn) {
	fields := log.Fields{}

	if c != nil {
		fields["address"] = c.ConnectedAddr()

	}

	log.WithFields(fields).Debug("NATS server has entered lame duck mode")
}
View Source 
var ReconnectHandlerDefault = func(c *nats.Conn) {
	fields := log.Fields{}

	if c != nil {
		fields["reconnects"] = c.Reconnects
		fields["serverId"] = c.ConnectedServerId()
		fields["url"] = c.ConnectedUrl()
	}

	log.WithFields(fields).Debug("NATS reconnected")
}

Functions

func AuthenticatedAdminClient added in v0.69.0 

func AuthenticatedAdminClient(ctx context.Context, apiUrl string) sdpconnect.AdminServiceClient

AuthenticatedAdminClient Returns a bookmark client that uses the auth embedded in the context and otel instrumentation

func AuthenticatedApiKeyClient added in v0.69.0 

func AuthenticatedApiKeyClient(ctx context.Context, apiUrl string) sdpconnect.ApiKeyServiceClient

AuthenticatedApiKeyClient Returns an apikey client that uses the auth embedded in the context and otel instrumentation

func AuthenticatedBookmarkClient added in v0.69.0 

func AuthenticatedBookmarkClient(ctx context.Context, apiUrl string) sdpconnect.BookmarksServiceClient

AuthenticatedBookmarkClient Returns a bookmark client that uses the auth embedded in the context and otel instrumentation

func AuthenticatedChangesClient added in v0.69.0 

func AuthenticatedChangesClient(ctx context.Context, apiUrl string) sdpconnect.ChangesServiceClient

AuthenticatedChangesClient Returns a bookmark client that uses the auth embedded in the context and otel instrumentation

func AuthenticatedConfigClient added in v0.69.0 

func AuthenticatedConfigClient(ctx context.Context, apiUrl string) sdpconnect.ConfigServiceClient

AuthenticatedConfigClient Returns a bookmark client that uses the auth embedded in the context and otel instrumentation

func AuthenticatedInviteClient added in v0.69.0 

func AuthenticatedInviteClient(ctx context.Context, apiUrl string) sdpconnect.InviteServiceClient

AuthenticatedInviteClient Returns a Invite client that uses the auth embedded in the context and otel instrumentation

func AuthenticatedManagementClient added in v0.69.0 

func AuthenticatedManagementClient(ctx context.Context, apiUrl string) sdpconnect.ManagementServiceClient

AuthenticatedManagementClient Returns a bookmark client that uses the auth embedded in the context and otel instrumentation

func AuthenticatedSnapshotsClient added in v0.69.0 

func AuthenticatedSnapshotsClient(ctx context.Context, apiUrl string) sdpconnect.SnapshotsServiceClient

AuthenticatedSnapshotsClient Returns a Snapshots client that uses the auth embedded in the context and otel instrumentation

func NewAPIKeyClient added in v0.39.0 

func NewAPIKeyClient(overmindAPIURL string, apiKey string) (*natsTokenClient, error)

NewAPIKeyClient Creates a new token client that authenticates to Overmind using an API key. This is exchanged for an OAuth token, which is then used to get a NATS token.

The provided `overmindAPIURL` parameter should be the root URL of the Overmind API, without the /api suffix e.g. https://api.app.overmind.tech

func NewAuthenticatedClient added in v0.69.0 

func NewAuthenticatedClient(ctx context.Context, from *http.Client) *http.Client

NewAuthenticatedClient creates a new AuthenticatedClient from the given context and http.Client.

func NewOAuthTokenClient 

func NewOAuthTokenClient(overmindAPIURL string, account string, ts oauth2.TokenSource) *natsTokenClient

NewOAuthTokenClient creates a token client that uses the provided TokenSource to get a NATS token. `overmindAPIURL` is the root URL of the NATS token exchange API that will be used e.g. https://api.server.test/v1

Tokens will be minted under the specified account as long as the client has admin permissions, if not, the account that is attached to the client via Auth0 metadata will be used

func NewOAuthTokenClientWithContext added in v0.61.2 

func NewOAuthTokenClientWithContext(ctx context.Context, overmindAPIURL string, account string, ts oauth2.TokenSource) *natsTokenClient

NewOAuthTokenClientWithContext creates a token client that uses the provided TokenSource to get a NATS token. `overmindAPIURL` is the root URL of the NATS token exchange API that will be used e.g. https://api.server.test/v1

Tokens will be minted under the specified account as long as the client has admin permissions, if not, the account that is attached to the client via Auth0 metadata will be used

The provided context is used for cancellation and to lookup the HTTP client used by oauth2. See the oauth2.HTTPClient variable.

Provide an account name and an admin token to create a token client for a foreign account.

func UnauthenticatedApiKeyClient added in v0.69.0 

func UnauthenticatedApiKeyClient(ctx context.Context, apiUrl string) sdpconnect.ApiKeyServiceClient

UnauthenticatedApiKeyClient Returns an apikey client with otel instrumentation but no authentication. Can only be used for ExchangeKeyForToken

Types

type APIKeyTokenSource added in v0.39.0 

type APIKeyTokenSource struct {
	// The API Key to use to authenticate to the Overmind API
	ApiKey string
	// contains filtered or unexported fields
}

An OAuth2 token source which uses an Overmind API token as a source for OAuth tokens

func NewAPIKeyTokenSource added in v0.39.0 

func NewAPIKeyTokenSource(apiKey string, overmindAPIURL string) *APIKeyTokenSource

func (*APIKeyTokenSource) Token added in v0.39.0 

func (ats *APIKeyTokenSource) Token() (*oauth2.Token, error)

Exchange an API key for an OAuth token

type AuthenticatedTransport added in v0.69.0 

type AuthenticatedTransport struct {
	// contains filtered or unexported fields
}

AuthenticatedClient is a http.Client that will automatically add the required Authorization header to the request, which is taken from the context that it is created with. We also always set the X-overmind-interactive header to false to connect opentelemetry traces.

func (*AuthenticatedTransport) RoundTrip added in v0.69.0 

func (y *AuthenticatedTransport) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip Adds the Authorization header to the request then call the underlying roundTripper

type BasicTokenClient 

type BasicTokenClient struct {
	// contains filtered or unexported fields
}

BasicTokenClient stores a static token and returns it when called, ignoring any provided NKeys or context since it already has the token and doesn't need to make any requests

func NewBasicTokenClient 

func NewBasicTokenClient(token string, keys nkeys.KeyPair) *BasicTokenClient

NewBasicTokenClient Creates a new basic token client that simply returns a static token

func (*BasicTokenClient) GetJWT 

func (b *BasicTokenClient) GetJWT() (string, error)

func (*BasicTokenClient) Sign 

func (b *BasicTokenClient) Sign(in []byte) ([]byte, error)

type ClientCredentialsConfig 

type ClientCredentialsConfig struct {
	// The ClientID of the application that we'll be authenticating as
	ClientID string
	// ClientSecret that corresponds to the ClientID
	ClientSecret string
}

ClientCredentialsConfig Authenticates to Overmind using the Client Credentials flow https://auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow

func (ClientCredentialsConfig) TokenSource added in v0.62.0 

func (flowConfig ClientCredentialsConfig) TokenSource(oAuthTokenURL, oAuthAudience string) oauth2.TokenSource

TokenSource Returns a token source that can be used to get OAuth tokens. Cache this between invocations to avoid additional charges by Auth0 for M2M tokens.

type MaxRetriesError 

type MaxRetriesError struct{}

func (MaxRetriesError) Error 

func (m MaxRetriesError) Error() string

type NATSOptions 

type NATSOptions struct {
	Servers              []string            // List of server to connect to
	ConnectionName       string              // The client name
	MaxReconnects        int                 // The maximum number of reconnect attempts
	ConnectionTimeout    time.Duration       // The timeout for Dial on a connection
	ReconnectWait        time.Duration       // Wait time between reconnect attempts
	ReconnectJitter      time.Duration       // The upper bound of a random delay added ReconnectWait
	TokenClient          TokenClient         // The client to use to get NATS tokens
	DisconnectErrHandler nats.ConnErrHandler // Runs when NATS is diconnected
	ReconnectHandler     nats.ConnHandler    // Runs when NATS has reconnected
	ClosedHandler        nats.ConnHandler    // Runs when a connection has been closed
	LameDuckModeHandler  nats.ConnHandler    // Runs when the connction enters "lame duck mode"
	ErrorHandler         nats.ErrHandler     // Runs when there is a NATS error
	AdditionalOptions    []nats.Option       // Addition options to pass to the connection
	NumRetries           int                 // How many times to retry connecting initially, use -1 to retry indefinitely
	RetryDelay           time.Duration       // Delay between connection attempts
}

func (NATSOptions) Connect 

func (o NATSOptions) Connect() (sdp.EncodedConnection, error)

ConnectAs Connects to NATS using the supplied options, including retrying if unavailable

func (NATSOptions) Copy added in v0.42.0 

func (o NATSOptions) Copy() NATSOptions

Creates a copy of the NATS options, **excluding** the token client as these should not be re-used

func (NATSOptions) ToNatsOptions 

func (o NATSOptions) ToNatsOptions() (string, []nats.Option)

ToNatsOptions Converts the struct to connection string and a set of NATS options

type TokenClient 

type TokenClient interface {
	// Returns a NATS token that can be used to connect
	GetJWT() (string, error)

	// Uses the NKeys associated with the token to sign some binary data
	Sign([]byte) ([]byte, error)
}

TokenClient Represents something that is capable of getting NATS JWT tokens for a given set of NKeys

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.