Documentation
¶
Index ¶
- Constants
- Variables
- func NewKeyringConfig(name, configDir string) (*keyring.Config, error)
- type CreateTokenResponse
- type JsonStore
- func (jc *JsonStore) DeleteCreateTokenResponse(key string) error
- func (jc *JsonStore) DeleteRegisterClientData(key string) error
- func (jc *JsonStore) DeleteRoleCredentials(arn string) error
- func (jc *JsonStore) GetCreateTokenResponse(key string, token *CreateTokenResponse) error
- func (jc *JsonStore) GetRegisterClientData(key string, client *RegisterClientData) error
- func (jc *JsonStore) GetRoleCredentials(arn string, token *RoleCredentials) error
- func (jc *JsonStore) SaveCreateTokenResponse(key string, token CreateTokenResponse) error
- func (jc *JsonStore) SaveRegisterClientData(key string, client RegisterClientData) error
- func (jc *JsonStore) SaveRoleCredentials(arn string, token RoleCredentials) error
- type KeyringStore
- func (kr *KeyringStore) CreateTokenResponseKey(key string) string
- func (kr *KeyringStore) DeleteCreateTokenResponse(key string) error
- func (kr *KeyringStore) DeleteRegisterClientData(region string) error
- func (kr *KeyringStore) DeleteRoleCredentials(arn string) error
- func (kr *KeyringStore) GetCreateTokenResponse(key string, token *CreateTokenResponse) error
- func (kr *KeyringStore) GetRegisterClientData(region string, client *RegisterClientData) error
- func (kr *KeyringStore) GetRoleCredentials(arn string, token *RoleCredentials) error
- func (kr *KeyringStore) RegisterClientKey(ssoRegion string) string
- func (kr *KeyringStore) SaveCreateTokenResponse(key string, token CreateTokenResponse) error
- func (kr *KeyringStore) SaveRegisterClientData(region string, client RegisterClientData) error
- func (kr *KeyringStore) SaveRoleCredentials(arn string, token RoleCredentials) error
- type RegisterClientData
- type RoleCredentials
- type SecureStorage
- type StartDeviceAuthData
- type StorageData
Constants ¶
View Source
const ( KEYRING_ID = "aws-sso-cli" RECORD_KEY = "aws-sso-cli-records" KEYRING_NAME = "awsssocli" REGISTER_CLIENT_DATA_PREFIX = "client-data" CREATE_TOKEN_RESPONSE_PREFIX = "token-response" ENV_SSO_FILE_PASSWORD = "AWS_SSO_FILE_PASSWORD" // #nosec )
Variables ¶
View Source
var NewPassword string = ""
Functions ¶
Types ¶
type CreateTokenResponse ¶
type CreateTokenResponse struct {
AccessToken string `json:"accessToken"` // should be cached to issue new creds
ExpiresIn int32 `json:"expiresIn"` // number of seconds it expires in (from AWS)
ExpiresAt int64 `json:"expiresAt"` // Unix time when it expires
IdToken string `json:"IdToken"`
RefreshToken string `json:"RefreshToken"`
TokenType string `json:"tokenType"`
}
func (*CreateTokenResponse) Expired ¶
func (t *CreateTokenResponse) Expired() bool
Expired returns true if it has expired or will in the next minute
type JsonStore ¶
type JsonStore struct {
RegisterClient map[string]RegisterClientData `json:"RegisterClient,omitempty"`
StartDeviceAuth map[string]StartDeviceAuthData `json:"StartDeviceAuth,omitempty"`
CreateTokenResponse map[string]CreateTokenResponse `json:"CreateTokenResponse,omitempty"`
RoleCredentials map[string]RoleCredentials `json:"RoleCredentials,omitempty"`
// contains filtered or unexported fields
}
JsonStore implements SecureStorage insecurely
func OpenJsonStore ¶
OpenJsonStore opens our insecure JSON storage backend
func (*JsonStore) DeleteCreateTokenResponse ¶
DeleteCreateTokenResponse deletes the token from the json file
func (*JsonStore) DeleteRegisterClientData ¶
DeleteRegisterClientData deletes the RegisterClientData from the JSON store
func (*JsonStore) DeleteRoleCredentials ¶
DeleteRoleCredentials deletes the token from the json file
func (*JsonStore) GetCreateTokenResponse ¶
func (jc *JsonStore) GetCreateTokenResponse(key string, token *CreateTokenResponse) error
GetCreateTokenResponse retrieves the CreateTokenResponse from the json file
func (*JsonStore) GetRegisterClientData ¶
func (jc *JsonStore) GetRegisterClientData(key string, client *RegisterClientData) error
GetRegisterClientData retrieves the RegisterClientData from our JSON store
func (*JsonStore) GetRoleCredentials ¶
func (jc *JsonStore) GetRoleCredentials(arn string, token *RoleCredentials) error
GetRoleCredentials retrieves the RoleCredentials from the json file
func (*JsonStore) SaveCreateTokenResponse ¶
func (jc *JsonStore) SaveCreateTokenResponse(key string, token CreateTokenResponse) error
SaveCreateTokenResponse stores the token in the json file
func (*JsonStore) SaveRegisterClientData ¶
func (jc *JsonStore) SaveRegisterClientData(key string, client RegisterClientData) error
SaveRegisterClientData saves the RegisterClientData in our JSON store
func (*JsonStore) SaveRoleCredentials ¶
func (jc *JsonStore) SaveRoleCredentials(arn string, token RoleCredentials) error
SaveRoleCredentials stores the token in the json file
type KeyringStore ¶
type KeyringStore struct {
// contains filtered or unexported fields
}
Implements SecureStorage
func OpenKeyring ¶
func OpenKeyring(cfg *keyring.Config) (*KeyringStore, error)
func (*KeyringStore) CreateTokenResponseKey ¶
func (kr *KeyringStore) CreateTokenResponseKey(key string) string
func (*KeyringStore) DeleteCreateTokenResponse ¶
func (kr *KeyringStore) DeleteCreateTokenResponse(key string) error
DeleteCreateTokenResponse deletes the CreateTokenResponse from the keyring
func (*KeyringStore) DeleteRegisterClientData ¶
func (kr *KeyringStore) DeleteRegisterClientData(region string) error
Delete the RegisterClientData from the keychain
func (*KeyringStore) DeleteRoleCredentials ¶
func (kr *KeyringStore) DeleteRoleCredentials(arn string) error
DeleteRoleCredentials deletes the RoleCredentials from the Keyring
func (*KeyringStore) GetCreateTokenResponse ¶
func (kr *KeyringStore) GetCreateTokenResponse(key string, token *CreateTokenResponse) error
GetCreateTokenResponse retrieves the CreateTokenResponse from the keyring
func (*KeyringStore) GetRegisterClientData ¶
func (kr *KeyringStore) GetRegisterClientData(region string, client *RegisterClientData) error
Get our RegisterClientData from the key chain
func (*KeyringStore) GetRoleCredentials ¶
func (kr *KeyringStore) GetRoleCredentials(arn string, token *RoleCredentials) error
GetRoleCredentials retrieves the RoleCredentials from the Keyring
func (*KeyringStore) RegisterClientKey ¶
func (kr *KeyringStore) RegisterClientKey(ssoRegion string) string
func (*KeyringStore) SaveCreateTokenResponse ¶
func (kr *KeyringStore) SaveCreateTokenResponse(key string, token CreateTokenResponse) error
SaveCreateTokenResponse stores the token in the keyring
func (*KeyringStore) SaveRegisterClientData ¶
func (kr *KeyringStore) SaveRegisterClientData(region string, client RegisterClientData) error
Save our RegisterClientData in the key chain
func (*KeyringStore) SaveRoleCredentials ¶
func (kr *KeyringStore) SaveRoleCredentials(arn string, token RoleCredentials) error
SaveRoleCredentials stores the token in the arnring
type RegisterClientData ¶
type RegisterClientData struct {
AuthorizationEndpoint string `json:"authorizationEndpoint,omitempty"`
ClientId string `json:"clientId"`
ClientIdIssuedAt int64 `json:"clientIdIssuedAt"`
ClientSecret string `json:"clientSecret"`
ClientSecretExpiresAt int64 `json:"clientSecretExpiresAt"`
TokenEndpoint string `json:"tokenEndpoint,omitempty"`
}
this struct should be cached for long term if possible
func (*RegisterClientData) Expired ¶
func (r *RegisterClientData) Expired() bool
Expired returns true if it has expired or will in the next hour
type RoleCredentials ¶
type RoleCredentials struct {
RoleName string `json:"roleName"`
AccountId int64 `json:"accountId"`
AccessKeyId string `json:"accessKeyId"`
SecretAccessKey string `json:"secretAccessKey"`
SessionToken string `json:"sessionToken"`
Expiration int64 `json:"expiration"` // not in seconds, but millisec
}
func (*RoleCredentials) AccountIdStr ¶
func (r *RoleCredentials) AccountIdStr() string
AccountIdStr returns our AccountId as a string
func (*RoleCredentials) ExpireEpoch ¶
func (r *RoleCredentials) ExpireEpoch() int64
ExpireEpoch return seconds since unix epoch when we expire
func (*RoleCredentials) ExpireISO8601 ¶ added in v1.7.0
func (r *RoleCredentials) ExpireISO8601() string
Return expire time in ISO8601 / RFC3339 format
func (*RoleCredentials) ExpireString ¶
func (r *RoleCredentials) ExpireString() string
ExpireString returns the time the creds expire in the format of "2006-01-02 15:04:05.999999999 -0700 MST"
func (*RoleCredentials) Expired ¶ added in v1.4.0
func (r *RoleCredentials) Expired() bool
Expired returns if these role creds have expired or will expire in the next minute
func (*RoleCredentials) RoleArn ¶
func (r *RoleCredentials) RoleArn() string
RoleArn returns the ARN for the role
type SecureStorage ¶
type SecureStorage interface {
SaveRegisterClientData(string, RegisterClientData) error
GetRegisterClientData(string, *RegisterClientData) error
DeleteRegisterClientData(string) error
SaveCreateTokenResponse(string, CreateTokenResponse) error
GetCreateTokenResponse(string, *CreateTokenResponse) error
DeleteCreateTokenResponse(string) error
SaveRoleCredentials(string, RoleCredentials) error
GetRoleCredentials(string, *RoleCredentials) error
DeleteRoleCredentials(string) error
}
Define the interface for storing our AWS SSO data
type StartDeviceAuthData ¶
type StorageData ¶ added in v1.5.0
type StorageData struct {
RegisterClientData map[string]RegisterClientData
CreateTokenResponse map[string]CreateTokenResponse
RoleCredentials map[string]RoleCredentials
}
func NewStorageData ¶ added in v1.5.0
func NewStorageData() StorageData
Source Files
Click to show internal directories.
Click to hide internal directories.