The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- func AllSourceStatus() []string
- func CredentialSource() string
- func GetAuthHeader(creds *Credentials) string
- func IsCommunity(creds *Credentials) bool
- func RemoveCredentials() error
- func SaveCredentials(creds *Credentials, store CredentialStore) error
- type AuthMethod
- type CredentialStore
- type Credentials
Constants ¶
const ( // CommunityOrgID is the organization UUID for unauthenticated community access. CommunityOrgID = "3674ddf9-67cc-4a2d-9b16-a591f6d4412d" // nosec G101 — intentional community access; not a secret // CommunityAPIKey is the API key for unauthenticated community access. CommunityAPIKey = "6e40f1c324576b65f85dc3c9ff93d31eb65298836b46b540fa18825b47174ce8" // nosec G101 — intentional community access; not a secret )
Variables ¶
This section is empty.
Functions ¶
func AllSourceStatus ¶ added in v0.2.0
func AllSourceStatus() []string
AllSourceStatus returns a compact summary of every credential source and whether it is set / found. Useful for diagnostics.
func CredentialSource ¶ added in v0.2.0
func CredentialSource() string
CredentialSource returns the name of the credential source that would win in the LoadCredentials precedence chain, or "none" if nothing is configured.
func GetAuthHeader ¶
func GetAuthHeader(creds *Credentials) string
GetAuthHeader returns the Authorization header value for the given credentials
func IsCommunity ¶ added in v1.15.0
func IsCommunity(creds *Credentials) bool
IsCommunity returns true when the given credentials match the embedded community fallback.
func RemoveCredentials ¶
func RemoveCredentials() error
RemoveCredentials removes stored credentials from all file-based stores
func SaveCredentials ¶
func SaveCredentials(creds *Credentials, store CredentialStore) error
SaveCredentials persists credentials to the specified store
Types ¶
type AuthMethod ¶
type AuthMethod string
AuthMethod represents the authentication method to use
const ( // DirectAPIKey uses a pre-computed API key hex digest sent as ApiKey header DirectAPIKey AuthMethod = "apikey" // SigV4 uses AWS Signature Version 4 for token exchange SigV4 AuthMethod = "sigv4" )
func ValidateMethod ¶
func ValidateMethod(method string) (AuthMethod, error)
ValidateMethod checks if the given string is a valid AuthMethod
type CredentialStore ¶
type CredentialStore string
CredentialStore represents where credentials are persisted
const ( StoreHome CredentialStore = "home" // ~/.vulnetix/credentials.json StoreProject CredentialStore = "project" // .vulnetix/credentials.json StoreKeyring CredentialStore = "keyring" // system keyring (stub) )
func ValidateStore ¶
func ValidateStore(store string) (CredentialStore, error)
ValidateStore checks if the given string is a valid CredentialStore
type Credentials ¶
type Credentials struct {
OrgID string `json:"org_id"`
APIKey string `json:"api_key,omitempty"` // hex digest for Direct API Key
Secret string `json:"secret,omitempty"` // secret key for SigV4
Method AuthMethod `json:"method"`
}
Credentials holds authentication credentials for the Vulnetix API
func CommunityCredentials ¶ added in v1.15.0
func CommunityCredentials() *Credentials
CommunityCredentials returns a Credentials struct for the embedded community fallback. The returned credentials use DirectAPIKey auth and go through the exact same auth pipeline as any registered user.
func CredentialStatus ¶
func CredentialStatus() (string, *Credentials)
CredentialStatus returns a human-readable description of the current auth state
func LoadCredentials ¶
func LoadCredentials() (*Credentials, error)
LoadCredentials loads credentials using the following precedence:
- Environment variables (VULNETIX_API_KEY + VULNETIX_ORG_ID for Direct, VVD_ORG + VVD_SECRET for SigV4)
- Project dotfile (.vulnetix/credentials.json)
- Home directory (~/.vulnetix/credentials.json)
Source Files