github.com/versent/saml2aws@v2.17.0+incompatible/helper/wincred/wincred_windows.go (about) 1 // Copyright (c) 2016 David Calavera 2 3 // Permission is hereby granted, free of charge, to any person obtaining 4 // a copy of this software and associated documentation files (the 5 // "Software"), to deal in the Software without restriction, including 6 // without limitation the rights to use, copy, modify, merge, publish, 7 // distribute, sublicense, and/or sell copies of the Software, and to 8 // permit persons to whom the Software is furnished to do so, subject to 9 // the following conditions: 10 11 // The above copyright notice and this permission notice shall be 12 // included in all copies or substantial portions of the Software. 13 14 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 15 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 16 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 17 // IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 18 // CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 19 // TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 20 // SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 // 22 // https://github.com/docker/docker-credential-helpers 23 package wincred 24 25 import ( 26 "bytes" 27 "strings" 28 29 winc "github.com/danieljoos/wincred" 30 "github.com/versent/saml2aws/helper/credentials" 31 ) 32 33 // Wincred handles secrets using the Windows credential service. 34 type Wincred struct{} 35 36 // Add adds new credentials to the windows credentials manager. 37 func (h Wincred) Add(creds *credentials.Credentials) error { 38 g := winc.NewGenericCredential(creds.ServerURL) 39 g.UserName = creds.Username 40 g.CredentialBlob = []byte(creds.Secret) 41 g.Persist = winc.PersistLocalMachine 42 g.Attributes = []winc.CredentialAttribute{{"label", []byte(credentials.CredsLabel)}} 43 44 return g.Write() 45 } 46 47 // Delete removes credentials from the windows credentials manager. 48 func (h Wincred) Delete(serverURL string) error { 49 g, err := winc.GetGenericCredential(serverURL) 50 if g == nil { 51 return nil 52 } 53 if err != nil { 54 return err 55 } 56 return g.Delete() 57 } 58 59 // Get retrieves credentials from the windows credentials manager. 60 func (h Wincred) Get(serverURL string) (string, string, error) { 61 g, _ := winc.GetGenericCredential(serverURL) 62 if g == nil { 63 return "", "", credentials.ErrCredentialsNotFound 64 } 65 for _, attr := range g.Attributes { 66 if strings.Compare(attr.Keyword, "label") == 0 && 67 bytes.Compare(attr.Value, []byte(credentials.CredsLabel)) == 0 { 68 69 return g.UserName, string(g.CredentialBlob), nil 70 } 71 } 72 return "", "", credentials.ErrCredentialsNotFound 73 } 74 75 // List returns the stored URLs and corresponding usernames for a given credentials label. 76 func (h Wincred) List() (map[string]string, error) { 77 creds, err := winc.List() 78 if err != nil { 79 return nil, err 80 } 81 82 resp := make(map[string]string) 83 for i := range creds { 84 attrs := creds[i].Attributes 85 for _, attr := range attrs { 86 if strings.Compare(attr.Keyword, "label") == 0 && 87 bytes.Compare(attr.Value, []byte(credentials.CredsLabel)) == 0 { 88 89 resp[creds[i].TargetName] = creds[i].UserName 90 } 91 } 92 93 } 94 95 return resp, nil 96 } 97 98 // SupportsCredentialsStorage returns true since storage is supported 99 func (Wincred) SupportsCredentialStorage() bool { 100 return true 101 }