Documentation
¶
Index ¶
Constants ¶
View Source
const ( GCP_STS_MTLS_ENDPOINT = "https://sts.mtls.googleapis.com/v1/token" MTLS_SUBJECT_TOKEN_TYPE = "urn:ietf:params:oauth:token-type:mtls" REQUESTED_TOKEN_TYPE = "urn:ietf:params:oauth:token-type:access_token" GRANT_TYPE = "urn:ietf:params:oauth:grant-type:token-exchange" GCP_CLOUD_PLATFORM_SCOPE = "https://www.googleapis.com/auth/cloud-platform" )
Variables ¶
This section is empty.
Functions ¶
func SignerMTLSTokenSource ¶
func SignerMTLSTokenSource(tokenConfig *SignerMtlsTokenConfig) (oauth2.TokenSource, error)
SignerMTLSTokenSource returns a TokenSource or GCP workload federation using mTLS where the key is in a TPM
Signer (cypto.Signer): Anything that implements Signer Audience (string): The audience for mtls workload federation PublicCertFile (string): The client certificate file for mtls workload federation Scopes ([]string): The GCP Scopes for the GCP token. (default: cloud-platform)
Types ¶
type GenericSignerTLS ¶
type GenericSignerTLS struct {
crypto.Signer // https://golang.org/pkg/crypto/#Signer
MtlsCertificateFile string // mtls x509 client cert
SignatureAlgorithm x509.SignatureAlgorithm
// contains filtered or unexported fields
}
func NewGenericSignerTLS ¶
func NewGenericSignerTLS(conf *GenericSignerTLS) (GenericSignerTLS, error)
NewGenericSignerTLS constructs a singer which can be used for TLS session (eg, returns a supporting tls.Certificate)
Signer: (crypto.Signer): any crypto signer MtlsCertificateFile (string): The client certificate file for mtls workload federation
func (GenericSignerTLS) TLSCertificate ¶
func (t GenericSignerTLS) TLSCertificate() (tls.Certificate, error)
Source Files
Click to show internal directories.
Click to hide internal directories.