github.com/ydb-platform/ydb-go-sdk/v3@v3.89.2/credentials/credentials.go

github.com/ydb-platform/ydb-go-sdk/v3@v3.89.2/credentials/credentials.go (about)

     1  package credentials
     2  
     3  import (
     4  	"context"
     5  
     6  	"github.com/ydb-platform/ydb-go-sdk/v3/internal/credentials"
     7  )
     8  
     9  // Credentials is an interface of YDB credentials required for connect with YDB
    10  type Credentials interface {
    11  	// Token must return actual token or error
    12  	Token(ctx context.Context) (string, error)
    13  }
    14  
    15  // NewAccessTokenCredentials makes access token credentials object
    16  // Passed options redefines default values of credentials object internal fields
    17  func NewAccessTokenCredentials(
    18  	accessToken string, opts ...credentials.AccessTokenCredentialsOption,
    19  ) *credentials.AccessToken {
    20  	return credentials.NewAccessTokenCredentials(accessToken, opts...)
    21  }
    22  
    23  // NewAnonymousCredentials makes anonymous credentials object
    24  // Passed options redefines default values of credentials object internal fields
    25  func NewAnonymousCredentials(
    26  	opts ...credentials.AnonymousCredentialsOption,
    27  ) *credentials.Anonymous {
    28  	return credentials.NewAnonymousCredentials(opts...)
    29  }
    30  
    31  // NewStaticCredentials makes static credentials object
    32  func NewStaticCredentials(
    33  	user, password, authEndpoint string, opts ...credentials.StaticCredentialsOption,
    34  ) *credentials.Static {
    35  	return credentials.NewStaticCredentials(user, password, authEndpoint, opts...)
    36  }
    37  
    38  // NewOauth2TokenExchangeCredentials makes OAuth 2.0 token exchange protocol credentials object
    39  // https://www.rfc-editor.org/rfc/rfc8693
    40  func NewOauth2TokenExchangeCredentials(
    41  	opts ...credentials.Oauth2TokenExchangeCredentialsOption,
    42  ) (Credentials, error) {
    43  	return credentials.NewOauth2TokenExchangeCredentials(opts...)
    44  }
    45  
    46  /*
    47  NewOauth2TokenExchangeCredentialsFile makes OAuth 2.0 token exchange protocol credentials object from config file
    48  https://www.rfc-editor.org/rfc/rfc8693
    49  Config file must be a valid json file
    50  
    51  Fields of json file
    52  
    53  	grant-type:           [string] Grant type option (default: "urn:ietf:params:oauth:grant-type:token-exchange")
    54  	res:                  [string | list of strings] Resource option (optional)
    55  	aud:                  [string | list of strings] Audience option for token exchange request (optional)
    56  	scope:                [string | list of strings] Scope option (optional)
    57  	requested-token-type: [string] Requested token type option (default: "urn:ietf:params:oauth:token-type:access_token")
    58  	subject-credentials:  [creds_json] Subject credentials options (optional)
    59  	actor-credentials:    [creds_json] Actor credentials options (optional)
    60  	token-endpoint:       [string] Token endpoint
    61  
    62  Fields of creds_json (JWT):
    63  
    64  	type:                 [string] Token source type. Set JWT
    65  	alg:                  [string] Algorithm for JWT signature.
    66  								   Supported algorithms can be listed
    67  								   with GetSupportedOauth2TokenExchangeJwtAlgorithms()
    68  	private-key:          [string] (Private) key in PEM format (RSA, EC) or Base64 format (HMAC) for JWT signature
    69  	kid:                  [string] Key id JWT standard claim (optional)
    70  	iss:                  [string] Issuer JWT standard claim (optional)
    71  	sub:                  [string] Subject JWT standard claim (optional)
    72  	aud:                  [string | list of strings] Audience JWT standard claim (optional)
    73  	jti:                  [string] JWT ID JWT standard claim (optional)
    74  	ttl:                  [string] Token TTL (default: 1h)
    75  
    76  Fields of creds_json (FIXED):
    77  
    78  	type:                 [string] Token source type. Set FIXED
    79  	token:                [string] Token value
    80  	token-type:           [string] Token type value. It will become
    81  								   subject_token_type/actor_token_type parameter
    82  								   in token exchange request (https://www.rfc-editor.org/rfc/rfc8693)
    83  */
    84  func NewOauth2TokenExchangeCredentialsFile(
    85  	configFilePath string,
    86  	opts ...credentials.Oauth2TokenExchangeCredentialsOption,
    87  ) (Credentials, error) {
    88  	return credentials.NewOauth2TokenExchangeCredentialsFile(configFilePath, opts...)
    89  }
    90  
    91  // GetSupportedOauth2TokenExchangeJwtAlgorithms returns supported algorithms for
    92  // initializing OAuth 2.0 token exchange protocol credentials from config file
    93  func GetSupportedOauth2TokenExchangeJwtAlgorithms() []string {
    94  	return credentials.GetSupportedOauth2TokenExchangeJwtAlgorithms()
    95  }
    96  
    97  // NewJWTTokenSource makes JWT token source for OAuth 2.0 token exchange credentials
    98  func NewJWTTokenSource(opts ...credentials.JWTTokenSourceOption) (credentials.TokenSource, error) {
    99  	return credentials.NewJWTTokenSource(opts...)
   100  }
   101  
   102  // NewFixedTokenSource makes fixed token source for OAuth 2.0 token exchange credentials
   103  func NewFixedTokenSource(token, tokenType string) credentials.TokenSource {
   104  	return credentials.NewFixedTokenSource(token, tokenType)
   105  }