github.com/google/osv-scalibr@v0.4.1/veles/secrets/digitaloceanapikey/validator.go (about) 1 // Copyright 2025 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package digitaloceanapikey 16 17 import ( 18 "net/http" 19 20 "github.com/google/osv-scalibr/veles/secrets/common/simplevalidate" 21 ) 22 23 // NewValidator creates a new Validator that validates DigitalOcean API keys via 24 // the DigitalOcean API endpoint. 25 // 26 // It performs a GET request to the DigitalOcean account endpoint 27 // using the API key in the Authorization header. HTTP 200, the key is considered valid. 28 // If 403, the key is considered valid with limited scope(fine tuned), 29 // If 401 Unauthorized, the key is invalid. Other status codes will result in ValidationFailed. 30 func NewValidator() *simplevalidate.Validator[DigitaloceanAPIToken] { 31 return &simplevalidate.Validator[DigitaloceanAPIToken]{ 32 Endpoint: "http://api.digitalocean.com/v2/account", 33 HTTPMethod: http.MethodGet, 34 HTTPHeaders: func(key DigitaloceanAPIToken) map[string]string { 35 return map[string]string{ 36 "Authorization": "Bearer " + key.Key, 37 "Content-Type": "application/json", 38 } 39 }, 40 ValidResponseCodes: []int{http.StatusOK, http.StatusForbidden}, 41 InvalidResponseCodes: []int{http.StatusUnauthorized}, 42 } 43 }