github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/pkg/oauth/config.go (about)

     1  package oauth
     2  
     3  import (
     4  	"crypto/tls"
     5  	"time"
     6  
     7  	"github.com/kyma-incubator/compass/components/director/pkg/cert"
     8  )
     9  
    10  // AuthMode provides a way to select the auth mechanism for fetching an OAuth token
    11  type AuthMode string
    12  
    13  const (
    14  	// Standard is used for the standard client-credentials flow with clientId and secret
    15  	Standard AuthMode = "standard"
    16  	// Mtls is used for getting a token using clientId and client certificate
    17  	Mtls AuthMode = "oauth-mtls"
    18  )
    19  
    20  // Config is Oauth2 configuration
    21  type Config struct {
    22  	ClientID              string        `envconfig:"APP_OAUTH_CLIENT_ID"`
    23  	TokenBaseURL          string        `envconfig:"APP_OAUTH_TOKEN_BASE_URL"`
    24  	TokenPath             string        `envconfig:"APP_OAUTH_TOKEN_PATH"`
    25  	TokenEndpointProtocol string        `envconfig:"APP_OAUTH_TOKEN_ENDPOINT_PROTOCOL"`
    26  	TenantHeaderName      string        `envconfig:"APP_OAUTH_TENANT_HEADER_NAME"`
    27  	ScopesClaim           []string      `envconfig:"APP_OAUTH_SCOPES_CLAIM"`
    28  	TokenRequestTimeout   time.Duration `envconfig:"APP_OAUTH_TOKEN_REQUEST_TIMEOUT"`
    29  	SkipSSLValidation     bool          `envconfig:"APP_OAUTH_SKIP_SSL_VALIDATION"`
    30  }
    31  
    32  // X509Config is X509 configuration for getting an OAuth token via mtls
    33  type X509Config struct {
    34  	Cert string `envconfig:"APP_OAUTH_X509_CERT,optional"`
    35  	Key  string `envconfig:"APP_OAUTH_X509_KEY,optional"`
    36  }
    37  
    38  // ParseCertificate parses the TLS certificate contained in the X509Config
    39  func (c *X509Config) ParseCertificate() (*tls.Certificate, error) {
    40  	return cert.ParseCertificate(c.Cert, c.Key)
    41  }