iam

package
v2.12.15 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 9, 2022 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultAudience = "https://iam.api.cloud.yandex.net/iam/v1/tokens"
	DefaultEndpoint = "iam.api.cloud.yandex.net:443"
	DefaultTokenTTL = time.Hour
)

Default client parameters.

Variables

View Source 
var (
	ErrServiceFileInvalid = errors.New("service account file is not valid")
	ErrKeyCannotBeParsed  = errors.New("private key can not be parsed")
	ErrEndpointRequired   = errors.New("iam: endpoint required")
)

Functions

func InstanceServiceAccount 

func InstanceServiceAccount(ctx context.Context) ydb.Credentials

Credentials provider that uses instance metadata with default url to obtain token for service account attached to instance. Cancelling context will lead to credentials refresh halt. It should be used during application stop or credentials recreation.

func InstanceServiceAccountURL 

func InstanceServiceAccountURL(ctx context.Context, url string) ydb.Credentials

Credentials provider that uses instance metadata url to obtain token for service account attached to instance. Cancelling context will lead to credentials refresh halt. It should be used during application stop or credentials recreation.

func NewClient 

func NewClient(opts ...ClientOption) (ydb.Credentials, error)

NewClient creates IAM (jwt) authorized client from provided ClientOptions list.

To create successfully at least one of endpoint options must be provided.

Types

type ClientOption 

type ClientOption func(*client) error

func WithAudience 

func WithAudience(audience string) ClientOption

WithAudience set provided audience.

func WithCertPool 

func WithCertPool(certPool *x509.CertPool) ClientOption

WithCertPool set provided certPool.

func WithCertPoolFile 

func WithCertPoolFile(caFile string) ClientOption

WithCertPoolFile try set root certPool from provided cert file path.

func WithDefaultEndpoint 

func WithDefaultEndpoint() ClientOption

WithDefaultEndpoint set endpoint with default value.

func WithEndpoint 

func WithEndpoint(endpoint string) ClientOption

WithEndpoint set provided endpoint.

func WithInsecureSkipVerify 

func WithInsecureSkipVerify(insecure bool) ClientOption

WithInsecureSkipVerify set insecureSkipVerify to true which force client accepts any TLS certificate presented by the iam server and any host name in that certificate.

If InsecureSkipVerify is set, then certPool field is not used.

This should be used only for testing purposes.

func WithIssuer 

func WithIssuer(issuer string) ClientOption

WithIssuer set provided issuer.

func WithKeyID 

func WithKeyID(keyID string) ClientOption

WithKeyID set provided keyID.

func WithPrivateKey 

func WithPrivateKey(key *rsa.PrivateKey) ClientOption

WithPrivateKey set provided private key.

func WithPrivateKeyFile 

func WithPrivateKeyFile(path string) ClientOption

WithPrivateKeyFile try set key from provided private key file path

func WithServiceFile 

func WithServiceFile(path string) ClientOption

WithServiceFile try set key, keyID, issuer from provided service account file path.

Do not mix this option with WithKeyID, WithIssuer and key options (WithPrivateKey, WithPrivateKeyFile, etc).

func WithSourceInfo 

func WithSourceInfo(sourceInfo string) ClientOption

WithSourceInfo set sourceInfo

func WithSystemCertPool 

func WithSystemCertPool() ClientOption

WithSystemCertPool try set certPool with system root certificates.

func WithTokenTTL 

func WithTokenTTL(tokenTTL time.Duration) ClientOption

WithTokenTTL set provided tokenTTL duration.

type CreateTokenError 

type CreateTokenError struct {
	Cause  error
	Reason string
}

CreateTokenError contains reason of token creation failure.

func (*CreateTokenError) Error 

func (e *CreateTokenError) Error() string

Error implements error interface.

func (*CreateTokenError) Unwrap 

func (e *CreateTokenError) Unwrap() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.